coturn mostly done

author: Christian Pointner <equinox@spreadspace.org> 2020-03-26 03:07:10 +0100
committer: Christian Pointner <equinox@spreadspace.org> 2020-03-26 03:07:10 +0100
commit: edf5603dfadb9aded010412ca1751e1e61cfe642 (patch)
tree: ca129ca8ea64c6391ea5e1071678ac045d3c54dd /roles/apps/coturn/tasks
parent: add app coturn (WIP) (diff)
1 files changed, 31 insertions, 0 deletions
diff --git a/roles/apps/coturn/tasks/main.yml b/roles/apps/coturn/tasks/main.yml
index 4631d1b7..29a87d6f 100644
--- a/roles/apps/coturn/tasks/main.yml
+++ b/roles/apps/coturn/tasks/main.yml
@@ -23,6 +23,37 @@
     group: coturn
     mode: 0640
 
+- name: create coturn ssl subdirectory
+  file:
+    path: "{{ coturn_base_path }}/{{ coturn_realm }}/config/ssl"
+    state: directory
+    owner: coturn
+    group: coturn
+    mode: 0700
+
+- name: generate Diffie-Hellman parameters
+  openssl_dhparam:
+    path: "{{ coturn_base_path }}/{{ coturn_realm }}/config/ssl/dhparams.pem"
+    size: "{{ coturn_dhparam_size }}"
+    owner: coturn
+    group: coturn
+
+- name: install acmetool hook script
+  template:
+    src: acmetool-reload.sh.j2
+    dest: "/etc/acme/hooks/coturn-{{ coturn_realm }}"
+    mode: 0755
+
+- name: configure nginx vhost
+  vars:
+    nginx_vhost:
+      name: "coturn-{{ coturn_realm }}"
+      content: "{{ lookup('template', 'nginx-vhost.conf.j2') }}"
+      acme: true
+      hostnames: "{{ coturn_hostnames }}"
+  include_role:
+    name: nginx/vhost
+
 - name: generate pod manifests
   template:
     src: "pod.yml.j2"
author	Christian Pointner <equinox@spreadspace.org>	2020-03-26 03:07:10 +0100
committer	Christian Pointner <equinox@spreadspace.org>	2020-03-26 03:07:10 +0100
commit	edf5603dfadb9aded010412ca1751e1e61cfe642 (patch)
tree	ca129ca8ea64c6391ea5e1071678ac045d3c54dd /roles/apps/coturn/tasks
parent	add app coturn (WIP) (diff)