added COTURN server to Synapse

2021-01-19 14:25:15 +01:00 · 2021-01-19 14:25:15 +01:00 · e3a21fce4e
parent 8d5784f5fd
commit e3a21fce4e
3 changed files with 21 additions and 17 deletions
--- a/deployer/roles/build/tasks/synapse.yml
+++ b/deployer/roles/build/tasks/synapse.yml
@ -73,7 +73,11 @@
        direction: in 
        from_ip: any 
        to_port: "{{ item }}"
-      loop: "{{ range({{ site.coturn.min_port }}, {{ site.coturn.max_port }} + 1)|list }}"
+        proto: udp 
+        rule: allow
+        comment: "coturn UDP"
+      with_sequence: start="{{ site.coturn.min_port }}" end="{{ site.coturn.max_port }}"
+      #loop: "{{ range({{ site.coturn.min_port }}, {{ site.coturn.max_port }} + 1)|list }}"
      become: true


--- a/deployer/roles/build/templates/synapse/docker-compose.yml.j2
+++ b/deployer/roles/build/templates/synapse/docker-compose.yml.j2
@ -1,4 +1,4 @@
-version: '3'
+version: '3.4'

 # Generated by ansible for site {{ site.url }} 
 # On network {{ site.subnet_cidr_address }}:
@ -15,25 +15,25 @@ services:
      - UID={{ site.user_uid }}
      - GID={{ site.user_gid }}
    volumes: 
-      - "{{ site_data_path }}:/data"
+      - {{ site_data_path }}:/data
    networks:
      net:
-        ipv4_address: "{{ site.subnet_site_ip }}"
+        ipv4_address: {{ site.subnet_site_ip }}

  turn: 
    # We use: https://github.com/instrumentisto/coturn-docker-image
-    image: instrumentisto/coturn-docker-image:latest
+    image: instrumentisto/coturn:latest
    restart: unless-stopped
-    # We bind directly to host (no proxying the NAT piercer)
-    # TCP/UDP: {{ site.coturn.listening_port }}
-    # UDP: {{ site.coturn.min_port }} - {{ site.coturn.max_port }}
-    network: host
    volumes:
      - type: tmpfs
        target: /var/lib/coturn
-      - type: volume
-        source: "{{ sites_path }}/{{ site.slug }}/coturn/turnserver.conf"
-        destination: /etc/coturn/turnserver.conf
+      - type: bind
+        source: {{ sites_path }}/{{ site.slug }}/coturn/turnserver.conf
+        target: /etc/coturn/turnserver.conf
+    # We bind directly to host (no proxying the NAT piercer)
+    # TCP/UDP: {{ site.coturn.listening_port }}
+    # UDP: {{ site.coturn.min_port }} - {{ site.coturn.max_port }}
+    network_mode: host

 networks:
  net:
--- a/deployer/roles/build/templates/synapse/homeserver.yaml.j2
+++ b/deployer/roles/build/templates/synapse/homeserver.yaml.j2
@ -926,7 +926,7 @@ enable_registration_captcha: false

 # Enable registration for new users.
 #
-#enable_registration: false
+enable_registration: true

 # Optional account validity configuration. This allows for accounts to be denied
 # any request after a given period.
@ -1026,7 +1026,7 @@ account_validity:

 # Enable 3PIDs lookup requests to identity servers from this server.
 #
-#enable_3pid_lookup: true
+enable_3pid_lookup: true

 # If set, allows registration of standard or admin accounts by anyone who
 # has the shared secret, even if registration is otherwise disabled.
@ -1112,8 +1112,8 @@ account_threepid_delegates:
 # as a publicly joinable room when the first user registers for the
 # homeserver. This behaviour can be customised with the settings below.
 #
-#auto_join_rooms:
-#  - "#example:example.com"
+auto_join_rooms:
+  - "#general:zinz.dev"

 # Where auto_join_rooms are specified, setting this flag ensures that the
 # the rooms exist by creating them when the first user on the
@ -1129,7 +1129,7 @@ account_threepid_delegates:
 # Defaults to true. Uncomment the following line to disable automatically
 # creating auto-join rooms.
 #
-#autocreate_auto_join_rooms: false
+autocreate_auto_join_rooms: true

 # Whether the auto_join_rooms that are auto-created are available via
 # federation. Only has an effect if autocreate_auto_join_rooms is true.