From ef35b4b5e161b786e9728a6b4b5c5c1c188096b3 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sun, 21 Mar 2021 03:26:29 +0100
Subject: update info about coturn privileged ports as non-root hack

---
 roles/apps/coturn/tasks/privileged-ports-hack.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/apps/coturn/tasks/privileged-ports-hack.yml b/roles/apps/coturn/tasks/privileged-ports-hack.yml
index bafff0aa..6025b7e7 100644
--- a/roles/apps/coturn/tasks/privileged-ports-hack.yml
+++ b/roles/apps/coturn/tasks/privileged-ports-hack.yml
@@ -1,10 +1,10 @@
 ---
-### This hack is necessary becasue: https://github.com/kubernetes/kubernetes/issues/56374 and https://github.com/moby/moby/issues/8460
-### at the moment there are two possible workarounds:
+### This hack is necessary because: https://github.com/kubernetes/kubernetes/issues/56374 and https://github.com/moby/moby/issues/8460.
+### AFAIK there are two possible workarounds at the moment:
 ##  - Setting sysctl net.ipv4.ip_unprivileged_port_start=0.
 ##    This does not work because kubelet would not allow this for containers using host networking (and actually this would be a bad idea anyway).
 ##  - Adding the CAP_NET_BIND_SERVICE capability on the turnserver binary file inside the container.
-##    This what we are doning here.
+##    This is what we are doing here - at least until the upstream container includes this: https://github.com/instrumentisto/coturn-docker-image/issues/40
 
 - name: create build directory for custom image
   file:
-- 
cgit v1.2.3