remove backported coturn module
This commit is contained in:
parent
c47ce59efe
commit
0cb29cf277
2 changed files with 0 additions and 79 deletions
|
@ -1,8 +1,5 @@
|
||||||
{ config, tools, ... }:
|
{ config, tools, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
|
||||||
../../../../modules/backports/coturn-static-auth-secret-file.nix
|
|
||||||
];
|
|
||||||
age.secrets = {
|
age.secrets = {
|
||||||
coturn-static-auth = {
|
coturn-static-auth = {
|
||||||
file = ../../../../secrets/coturn-static-auth.age;
|
file = ../../../../secrets/coturn-static-auth.age;
|
||||||
|
|
|
@ -1,76 +0,0 @@
|
||||||
# based on https://github.com/NixOS/nixpkgs/pull/129059
|
|
||||||
# FIXME: this module does not verify duplicate settings
|
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
with lib;
|
|
||||||
let
|
|
||||||
cfg = config.services.coturn;
|
|
||||||
pidfile = "/run/turnserver/turnserver.pid";
|
|
||||||
# unfortunately, we need to re-render the entire config file ourselves
|
|
||||||
configFile = pkgs.writeText "turnserver.conf" ''
|
|
||||||
listening-port=${toString cfg.listening-port}
|
|
||||||
tls-listening-port=${toString cfg.tls-listening-port}
|
|
||||||
alt-listening-port=${toString cfg.alt-listening-port}
|
|
||||||
alt-tls-listening-port=${toString cfg.alt-tls-listening-port}
|
|
||||||
${concatStringsSep "\n" (map (x: "listening-ip=${x}") cfg.listening-ips)}
|
|
||||||
${concatStringsSep "\n" (map (x: "relay-ip=${x}") cfg.relay-ips)}
|
|
||||||
min-port=${toString cfg.min-port}
|
|
||||||
max-port=${toString cfg.max-port}
|
|
||||||
${lib.optionalString cfg.lt-cred-mech "lt-cred-mech"}
|
|
||||||
${lib.optionalString cfg.no-auth "no-auth"}
|
|
||||||
${lib.optionalString cfg.use-auth-secret "use-auth-secret"}
|
|
||||||
${lib.optionalString (cfg.static-auth-secret != null) ("static-auth-secret=${cfg.static-auth-secret}")}
|
|
||||||
realm=${cfg.realm}
|
|
||||||
${lib.optionalString cfg.no-udp "no-udp"}
|
|
||||||
${lib.optionalString cfg.no-tcp "no-tcp"}
|
|
||||||
${lib.optionalString cfg.no-tls "no-tls"}
|
|
||||||
${lib.optionalString cfg.no-dtls "no-dtls"}
|
|
||||||
${lib.optionalString cfg.no-udp-relay "no-udp-relay"}
|
|
||||||
${lib.optionalString cfg.no-tcp-relay "no-tcp-relay"}
|
|
||||||
${lib.optionalString (cfg.cert != null) "cert=${cfg.cert}"}
|
|
||||||
${lib.optionalString (cfg.pkey != null) "pkey=${cfg.pkey}"}
|
|
||||||
${lib.optionalString (cfg.dh-file != null) ("dh-file=${cfg.dh-file}")}
|
|
||||||
no-stdout-log
|
|
||||||
syslog
|
|
||||||
pidfile=${pidfile}
|
|
||||||
${lib.optionalString cfg.secure-stun "secure-stun"}
|
|
||||||
${lib.optionalString cfg.no-cli "no-cli"}
|
|
||||||
cli-ip=${cfg.cli-ip}
|
|
||||||
cli-port=${toString cfg.cli-port}
|
|
||||||
${lib.optionalString (cfg.cli-password != null) ("cli-password=${cfg.cli-password}")}
|
|
||||||
${cfg.extraConfig}
|
|
||||||
'';
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options = {
|
|
||||||
services.coturn = {
|
|
||||||
static-auth-secret-file = mkOption {
|
|
||||||
type = types.nullOr types.str;
|
|
||||||
default = null;
|
|
||||||
description = ''
|
|
||||||
Path to the file containing the static authentication secret.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
config = mkIf cfg.enable {
|
|
||||||
systemd.services.coturn = let
|
|
||||||
runConfig = "/run/coturn/turnserver.cfg";
|
|
||||||
in {
|
|
||||||
preStart = ''
|
|
||||||
cat ${configFile} > ${runConfig}
|
|
||||||
${optionalString (cfg.static-auth-secret-file != null) ''
|
|
||||||
STATIC_AUTH_SECRET="$(head -n1 ${cfg.static-auth-secret-file} || :)"
|
|
||||||
echo "static-auth-secret=$STATIC_AUTH_SECRET" >> ${runConfig}
|
|
||||||
'' }
|
|
||||||
chmod 640 ${runConfig}
|
|
||||||
'';
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = mkForce "${pkgs.coturn}/bin/turnserver -c ${runConfig}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
systemd.tmpfiles.rules = [
|
|
||||||
"d /run/coturn 0700 turnserver turnserver - -"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
Loading…
Reference in a new issue