nix-deploy/unstable/config/hosts/wind/services/coturn.nix

27 lines
606 B
Nix
Raw Normal View History

2021-09-22 15:31:20 +02:00
{ config, ... }:
2021-09-22 10:16:11 +02:00
{
services.coturn = {
enable = true;
lt-cred-mech = true;
use-auth-secret = true;
2021-09-23 16:45:06 +02:00
static-auth-secret = builtins.toString config.secrets.files.turn_shared_secret.file;
2021-09-22 10:16:11 +02:00
realm = "turn.graven.dev";
relay-ips = [
"65.21.58.38"
"2a01:4f9:c010:34cb::1"
];
no-tcp-relay = true;
extraConfig = "
cipher-list=\"HIGH\"
no-loopback-peers
no-multicast-peers
";
secure-stun = true;
2021-09-23 09:08:09 +02:00
cert = "/var/lib/acme/graven.dev/fullchain.pem";
pkey = "/var/lib/acme/graven.dev/key.pem";
2021-09-22 10:16:11 +02:00
min-port = 49152;
max-port = 49999;
};
}