bicep/matrix/coturn: disable ipv6 to fix the service running at all

coturn is just fundamentally broken, look at trying eturnal instead
This commit is contained in:
Daniel Olsen 2024-09-27 07:30:48 +02:00
parent cd23e35aac
commit a7fe2aabc5
1 changed files with 5 additions and 3 deletions

View File

@ -1,4 +1,4 @@
{ config, lib, pkgs, secrets, ... }: { config, lib, pkgs, secrets, values, ... }:
{ {
sops.secrets."matrix/synapse/turnconfig" = { sops.secrets."matrix/synapse/turnconfig" = {
@ -60,12 +60,14 @@
pkey = "${config.security.acme.certs.${realm}.directory}/key.pem"; pkey = "${config.security.acme.certs.${realm}.directory}/key.pem";
use-auth-secret = true; use-auth-secret = true;
# World readable but I dont think it's that bad
static-auth-secret-file = config.sops.secrets."matrix/coturn/static-auth-secret".path; static-auth-secret-file = config.sops.secrets."matrix/coturn/static-auth-secret".path;
secure-stun = true; secure-stun = true;
listening-ips = [ "129.241.210.213" "2001:700:300:1900::213" ]; listening-ips = [
values.services.turn.ipv4
# values.services.turn.ipv6
];
tls-listening-port = 443; tls-listening-port = 443;
alt-tls-listening-port = 5349; alt-tls-listening-port = 5349;