29 lines
1.2 KiB
YAML
29 lines
1.2 KiB
YAML
# coturn host_vars (collocated layout: same host runs HPB)
|
|
# Place secrets at:
|
|
# playbooks/secrets/turn/coturn_static_auth_secret (mode 0600)
|
|
# playbooks/secrets/turn/nsupdate.key (mode 0600)
|
|
|
|
coturn_realm: "stun.digitalboard.ch"
|
|
coturn_internal_realm: "stun.int.digitalboard.ch"
|
|
|
|
# Ports use IANA defaults (3478/5349) so the local backend Traefik can
|
|
# keep using 443 for the signaling routes on the same host.
|
|
# Override to 443/443 if this host is dedicated to TURN and you need
|
|
# to punch through restrictive firewalls.
|
|
# coturn_listening_port: 443
|
|
# coturn_tls_listening_port: 443
|
|
|
|
# Public IP that media is reached on. Format: PUBLIC[/PRIVATE]
|
|
coturn_external_ip: "193.43.183.74/172.18.0.2" # adjust per environment
|
|
|
|
# Let's Encrypt via RFC2136 / nsupdate (acme.sh sidecar)
|
|
coturn_cert_mode: "acme"
|
|
coturn_acme_email: "admin@digitalboard.ch"
|
|
coturn_acme_nsupdate_server: "ns1.digitalboard.ch"
|
|
coturn_acme_nsupdate_server_ip: "172.16.9.169"
|
|
coturn_acme_nsupdate_zone: "digitalboard._acme.digitalboard.ch"
|
|
coturn_acme_challenge_aliases:
|
|
- name: stun.digitalboard.ch
|
|
alias: stun.digitalboard._acme.digitalboard.ch
|
|
- name: stun.int.digitalboard.ch
|
|
alias: stun.int.digitalboard._acme.digitalboard.ch
|