added COTURN server to Synapse

deployer/roles/build/tasks/synapse.yml

@@ -73,7 +73,11 @@
         direction: in 
         from_ip: any 
         to_port: "{{ item }}"
-      loop: "{{ range({{ site.coturn.min_port }}, {{ site.coturn.max_port }} + 1)|list }}"
+        proto: udp 
+        rule: allow
+        comment: "coturn UDP"
+      with_sequence: start="{{ site.coturn.min_port }}" end="{{ site.coturn.max_port }}"
+      #loop: "{{ range({{ site.coturn.min_port }}, {{ site.coturn.max_port }} + 1)|list }}"
       become: true
 
 

deployer/roles/build/templates/synapse/docker-compose.yml.j2

@@ -1,4 +1,4 @@
-version: '3'
+version: '3.4'
 
 # Generated by ansible for site {{ site.url }} 
 # On network {{ site.subnet_cidr_address }}:
@@ -15,25 +15,25 @@ services:
       - UID={{ site.user_uid }}
       - GID={{ site.user_gid }}
     volumes: 
-      - "{{ site_data_path }}:/data"
+      - {{ site_data_path }}:/data
     networks:
       net:
-        ipv4_address: "{{ site.subnet_site_ip }}"
+        ipv4_address: {{ site.subnet_site_ip }}
 
   turn: 
     # We use: https://github.com/instrumentisto/coturn-docker-image
-    image: instrumentisto/coturn-docker-image:latest
+    image: instrumentisto/coturn:latest
     restart: unless-stopped
-    # We bind directly to host (no proxying the NAT piercer)
-    # TCP/UDP: {{ site.coturn.listening_port }}
-    # UDP: {{ site.coturn.min_port }} - {{ site.coturn.max_port }}
-    network: host
     volumes:
       - type: tmpfs
         target: /var/lib/coturn
-      - type: volume
+      - type: bind
-        source: "{{ sites_path }}/{{ site.slug }}/coturn/turnserver.conf"
+        source: {{ sites_path }}/{{ site.slug }}/coturn/turnserver.conf
-        destination: /etc/coturn/turnserver.conf
+        target: /etc/coturn/turnserver.conf
+    # We bind directly to host (no proxying the NAT piercer)
+    # TCP/UDP: {{ site.coturn.listening_port }}
+    # UDP: {{ site.coturn.min_port }} - {{ site.coturn.max_port }}
+    network_mode: host
 
 networks:
   net:

deployer/roles/build/templates/synapse/homeserver.yaml.j2

@@ -926,7 +926,7 @@ enable_registration_captcha: false
 
 # Enable registration for new users.
 #
-#enable_registration: false
+enable_registration: true
 
 # Optional account validity configuration. This allows for accounts to be denied
 # any request after a given period.
@@ -1026,7 +1026,7 @@ account_validity:
 
 # Enable 3PIDs lookup requests to identity servers from this server.
 #
-#enable_3pid_lookup: true
+enable_3pid_lookup: true
 
 # If set, allows registration of standard or admin accounts by anyone who
 # has the shared secret, even if registration is otherwise disabled.
@@ -1112,8 +1112,8 @@ account_threepid_delegates:
 # as a publicly joinable room when the first user registers for the
 # homeserver. This behaviour can be customised with the settings below.
 #
-#auto_join_rooms:
+auto_join_rooms:
-#  - "#example:example.com"
+  - "#general:zinz.dev"
 
 # Where auto_join_rooms are specified, setting this flag ensures that the
 # the rooms exist by creating them when the first user on the
@@ -1129,7 +1129,7 @@ account_threepid_delegates:
 # Defaults to true. Uncomment the following line to disable automatically
 # creating auto-join rooms.
 #
-#autocreate_auto_join_rooms: false
+autocreate_auto_join_rooms: true
 
 # Whether the auto_join_rooms that are auto-created are available via
 # federation. Only has an effect if autocreate_auto_join_rooms is true.