1 { config, name, lib, pkgs, ... }:
3 config = lib.mkIf (name == "eldiron") {
4 myServices.chatonsProperties.services.coturn = {
5 file.datetime = "2022-08-27T19:00:00";
8 description = "coturn TURN server";
10 status.description = "OK";
11 registration."" = ["MEMBER" "CLIENT"];
12 registration.load = "FULL";
13 install.type = "PACKAGE";
17 website = "https://github.com/coturn/coturn";
18 license.url = "https://github.com/coturn/coturn/blob/master/LICENSE";
19 license.name = "3-Clause BSD License";
20 version = pkgs.coturn.version;
21 source.url = "https://github.com/coturn/coturn";
24 networking.firewall.allowedTCPPorts = [
25 config.services.coturn.alt-listening-port
26 config.services.coturn.alt-tls-listening-port
27 config.services.coturn.listening-port
28 config.services.coturn.tls-listening-port
30 networking.firewall.allowedTCPPortRanges = [
31 { from = config.services.coturn.min-port; to = config.services.coturn.max-port; }
33 networking.firewall.allowedUDPPortRanges = [
34 { from = config.services.coturn.min-port; to = config.services.coturn.max-port; }
36 networking.firewall.allowedUDPPorts = [
37 config.services.coturn.alt-listening-port
38 config.services.coturn.alt-tls-listening-port
39 config.services.coturn.listening-port
40 config.services.coturn.tls-listening-port
42 #users.users.turnserver.extraGroups = [ "keys" ];
48 use-auth-secret = true;
50 realm = "eldiron.immae.eu";
58 static-auth-secret = config.myEnv.coturn.auth_access_key;
59 #cert = "/var/lib/acme/eldiron/fullchain.pem";
60 #pkey = "/var/lib/acme/eldiron/key.pem";
64 ] ++ config.myEnv.servers.eldiron.ips.main.ip4
65 ++ config.myEnv.servers.eldiron.ips.main.ip6;
69 ] ++ config.myEnv.servers.eldiron.ips.main.ip4
70 ++ config.myEnv.servers.eldiron.ips.main.ip6;