coturn: Enable and startup on health-checks
This commit is contained in:
parent
fcf9175060
commit
36e1e3039e
|
@ -18,3 +18,5 @@ systemd:
|
|||
units:
|
||||
- name: coreos-home-server-update.timer
|
||||
enabled: true
|
||||
- name: podman-auto-update.timer
|
||||
enabled: true
|
||||
|
|
|
@ -51,6 +51,8 @@ systemd:
|
|||
mask: true
|
||||
- name: coreos-home-server-update.timer
|
||||
mask: true
|
||||
- name: podman-auto-update.timer
|
||||
mask: true
|
||||
|
||||
# Enable default web services.
|
||||
- name: container-build@static.localhost.service
|
||||
|
|
|
@ -6,6 +6,7 @@ RUN apt-get update -y && apt-get upgrade -y && \
|
|||
|
||||
COPY container/config /etc/coturn
|
||||
COPY container/run-coturn /run-coturn
|
||||
COPY container/run-healthcheck /run-healthcheck
|
||||
|
||||
# STUN/TURN ports.
|
||||
EXPOSE 3478 3478/udp 5349 5349/udp
|
||||
|
|
|
@ -628,6 +628,7 @@ denied-peer-ip=240.0.0.0-255.255.255.255
|
|||
# Examples:
|
||||
# denied-peer-ip=83.166.64.0-83.166.95.255
|
||||
# allowed-peer-ip=83.166.68.45
|
||||
allowed-peer-ip=${COTURN_EXTERNAL_IP}
|
||||
|
||||
# File name to store the pid of the process.
|
||||
# Default is /var/run/turnserver.pid (if superuser account is used) or
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
|
||||
# Prepare configuration files for environment variable substitution.
|
||||
ENV_NAMES="$(env | awk -F= '{printf "$%s ", $1}')"
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
|
||||
external_ip="$1"
|
||||
auth_secret="$2"
|
||||
auth_expiry=86400
|
||||
|
||||
username="$(( $(date +%s) + $auth_expiry ))"
|
||||
password="$(echo -n $username | openssl dgst -binary -sha1 -hmac "$auth_secret" | openssl base64)"
|
||||
|
||||
if ! turnutils_uclient -T "$external_ip" -u "$username" -w "$password" 2>&1 > /dev/null; then
|
||||
exit 1
|
||||
fi
|
|
@ -4,8 +4,10 @@ Wants=container-build@%N.service container-volume@%N.service
|
|||
After=container-build@%N.service container-volume@%N.service
|
||||
|
||||
[Container]
|
||||
AutoUpdate=local
|
||||
ContainerName=%N
|
||||
EnvironmentFile=%E/coreos-home-server/%N/%N.env
|
||||
HealthCmd=/run-healthcheck $COTURN_EXTERNAL_IP $COTURN_AUTH_SECRET
|
||||
Image=localhost/%N:latest
|
||||
PublishPort=3478:3478
|
||||
PublishPort=3478:3478/udp
|
||||
|
@ -15,7 +17,7 @@ PublishPort=5349:5349
|
|||
PublishPort=5349:5349/udp
|
||||
PublishPort=5350:5350
|
||||
PublishPort=5350:5350/udp
|
||||
PodmanArgs=--publish ${COTURN_RELAY_PORT_MIN}-${COTURN_RELAY_PORT_MAX}:${COTURN_RELAY_PORT_MIN}-${COTURN_RELAY_PORT_MAX}/udp
|
||||
PodmanArgs=--publish ${COTURN_RELAY_PORT_MIN}-${COTURN_RELAY_PORT_MAX}:${COTURN_RELAY_PORT_MIN}-${COTURN_RELAY_PORT_MAX}/udp --sdnotify=healthy
|
||||
Volume=%N:/var/lib/%N:z
|
||||
Volume=letsencrypt:/etc/ssl/private:z,ro
|
||||
|
||||
|
|
Loading…
Reference in New Issue