From 59655fd1b0383fd09898dccd059eb9e21a71883d Mon Sep 17 00:00:00 2001 From: Simon Bruder Date: Sun, 26 Sep 2021 22:22:31 +0200 Subject: [PATCH] vueko/coturn: Enable plain connections MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit (D)TLS connections are obviously better, but they stopped working some time ago and I can’t figure out why. --- machines/fuuko/services/matrix/synapse.nix | 2 ++ machines/vueko/services/coturn.nix | 9 ++++----- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/machines/fuuko/services/matrix/synapse.nix b/machines/fuuko/services/matrix/synapse.nix index ff98ff4..d8a05d5 100644 --- a/machines/fuuko/services/matrix/synapse.nix +++ b/machines/fuuko/services/matrix/synapse.nix @@ -40,6 +40,8 @@ in turn_uris = [ "turns:turn.sbruder.de:5349?transport=udp" "turns:turn.sbruder.de:5349?transport=tcp" + "turn:turn.sbruder.de:3478?transport=udp" + "turn:turn.sbruder.de:3478?transport=tcp" ]; turn_user_lifetime = "3600000"; # 1h diff --git a/machines/vueko/services/coturn.nix b/machines/vueko/services/coturn.nix index 9cd37d6..720c5ee 100644 --- a/machines/vueko/services/coturn.nix +++ b/machines/vueko/services/coturn.nix @@ -14,10 +14,9 @@ let # not needed for VoIP no-tcp-relay = true; - # only tls no-cli = true; - no-tcp = true; - no-udp = true; + + listening-port = 3478; tls-listening-port = 5349; cert = "/run/turnserver/fullchain.pem"; @@ -117,8 +116,8 @@ in }; networking.firewall = { - allowedTCPPorts = [ cfg.tls-listening-port ]; - allowedUDPPorts = [ cfg.tls-listening-port ]; + allowedTCPPorts = [ cfg.listening-port cfg.tls-listening-port ]; + allowedUDPPorts = [ cfg.listening-port cfg.tls-listening-port ]; allowedUDPPortRanges = lib.singleton { from = cfg.min-port;