diff options
Diffstat (limited to 'roles/apps/coturn/templates')
-rw-r--r-- | roles/apps/coturn/templates/pod-spec.yml.j2 | 11 | ||||
-rw-r--r-- | roles/apps/coturn/templates/turnserver.conf.j2 | 4 |
2 files changed, 13 insertions, 2 deletions
diff --git a/roles/apps/coturn/templates/pod-spec.yml.j2 b/roles/apps/coturn/templates/pod-spec.yml.j2 index d157af37..a0842784 100644 --- a/roles/apps/coturn/templates/pod-spec.yml.j2 +++ b/roles/apps/coturn/templates/pod-spec.yml.j2 @@ -2,10 +2,21 @@ securityContext: allowPrivilegeEscalation: false runAsUser: {{ coturn_uid }} runAsGroup: {{ coturn_gid }} +{# this does not work: https://github.com/kubernetes/kubernetes/issues/56374, https://github.com/moby/moby/issues/8460 +{% if (coturn_listening_port < 1024) or (coturn_tls_listening_port < 1024) %} + capabilities: + add: ["NET_BIND_SERVICE"] +{% endif %} +#} +terminationGracePeriodSeconds: 0 hostNetwork: true containers: - name: coturn +{% if (coturn_listening_port < 1024) or (coturn_tls_listening_port < 1024) %} + image: "instrumentisto/coturn/{{ coturn_realm }}:{{ coturn_version }}" +{% else %} image: "instrumentisto/coturn:{{ coturn_version }}" +{% endif %} args: - --log-file=stdout resources: diff --git a/roles/apps/coturn/templates/turnserver.conf.j2 b/roles/apps/coturn/templates/turnserver.conf.j2 index d61cdad3..9a587951 100644 --- a/roles/apps/coturn/templates/turnserver.conf.j2 +++ b/roles/apps/coturn/templates/turnserver.conf.j2 @@ -1,8 +1,8 @@ realm={{ coturn_realm }} fingerprint -listening-port=3478 -tls-listening-port=5349 +listening-port={{ coturn_listening_port }} +tls-listening-port={{ coturn_tls_listening_port }} cert=/etc/coturn/ssl/cert.pem pkey=/etc/coturn/ssl/privkey.pem |