summaryrefslogtreecommitdiff
path: root/roles/apps/coturn/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'roles/apps/coturn/tasks')
-rw-r--r--roles/apps/coturn/tasks/main.yml20
1 files changed, 17 insertions, 3 deletions
diff --git a/roles/apps/coturn/tasks/main.yml b/roles/apps/coturn/tasks/main.yml
index 29a87d6f..132e4847 100644
--- a/roles/apps/coturn/tasks/main.yml
+++ b/roles/apps/coturn/tasks/main.yml
@@ -27,16 +27,17 @@
file:
path: "{{ coturn_base_path }}/{{ coturn_realm }}/config/ssl"
state: directory
- owner: coturn
+ owner: root
group: coturn
- mode: 0700
+ mode: 0750
- name: generate Diffie-Hellman parameters
openssl_dhparam:
path: "{{ coturn_base_path }}/{{ coturn_realm }}/config/ssl/dhparams.pem"
size: "{{ coturn_dhparam_size }}"
- owner: coturn
+ owner: root
group: coturn
+ mode: 0644
- name: install acmetool hook script
template:
@@ -44,6 +45,19 @@
dest: "/etc/acme/hooks/coturn-{{ coturn_realm }}"
mode: 0755
+- name: install acmetool systemd unit snippet
+ copy:
+ dest: "/etc/systemd/system/acmetool.service.d/coturn-{{ coturn_realm }}.conf"
+ content: |
+ [Service]
+ ReadWritePaths={{ coturn_base_path }}/{{ coturn_realm }}/config/ssl
+ register: coturn_acmetool_snippet
+
+- name: reload systemd
+ when: coturn_acmetool_snippet is changed
+ systemd:
+ daemon_reload: yes
+
- name: configure nginx vhost
vars:
nginx_vhost:
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 22:38:39 +0000