conduit: Disable turns, remove the user limits and add all relay IPs
This commit is contained in:
parent
ea06138a9b
commit
598c439002
|
@ -1,4 +1,10 @@
|
|||
{config, ...}: let
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit (lib.strings) concatMapStringsSep;
|
||||
|
||||
cfg = config.services.matrix-conduit;
|
||||
domain = "matrix.${config.services.nginx.domain}";
|
||||
turn-realm = "turn.${config.services.nginx.domain}";
|
||||
|
@ -16,8 +22,6 @@ in {
|
|||
in [
|
||||
"turn:${address}?transport=udp"
|
||||
"turn:${address}?transport=tcp"
|
||||
"turns:${tls-address}?transport=udp"
|
||||
"turns:${tls-address}?transport=tcp"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
@ -68,11 +72,9 @@ in {
|
|||
denied-peer-ip=2002::-2002:ffff:ffff:ffff:ffff:ffff:ffff:ffff
|
||||
denied-peer-ip=fc00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
|
||||
denied-peer-ip=fe80::-febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff
|
||||
allowed-peer-ip=178.79.137.55
|
||||
|
||||
# Limit number of rooms
|
||||
user-quota=12
|
||||
total-quota=36
|
||||
# *Allow* any IP addresses that we explicitly set as relay IPs
|
||||
${concatMapStringsSep "\n" (ip: "allowed-peer-ip=${ip}") config.services.coturn.relay-ips}
|
||||
|
||||
# Various other security settings
|
||||
no-tlsv1
|
||||
|
|
Loading…
Reference in a new issue