titaniumtown/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ports refactor

Browse Source
This commit is contained in:
Simon Gardling
2026-03-21 11:54:40 -04:00
parent 5ced648bd6
commit a5f3af5ff3
32 changed files with 264 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
services/coturn.nix
View File

@@ -10,8 +10,8 @@
realm = service_configs.https.domain;
use-auth-secret = true;
static-auth-secret = lib.strings.trim (builtins.readFile ../secrets/coturn_static_auth_secret);
listening-port = service_configs.ports.coturn;
tls-listening-port = service_configs.ports.coturn_tls;
listening-port = service_configs.ports.public.coturn.port;
tls-listening-port = service_configs.ports.public.coturn_tls.port;
no-cli = true;
# recommended security settings from Synapse's coturn docs
@@ -41,12 +41,12 @@
# coturn needs these ports open
networking.firewall = {
allowedTCPPorts = [
service_configs.ports.coturn
service_configs.ports.coturn_tls
service_configs.ports.public.coturn.port
service_configs.ports.public.coturn_tls.port
];
allowedUDPPorts = [
service_configs.ports.coturn
service_configs.ports.coturn_tls
service_configs.ports.public.coturn.port
service_configs.ports.public.coturn_tls.port
];
# relay port range
allowedUDPPortRanges = [