coturn: expand port range + synapse uses turns now

2023-12-08 13:44:53 +01:00 · 2023-12-08 13:44:53 +01:00 · 99b544491e
commit 99b544491e
parent 226700ea0a
4 changed files with 4 additions and 4 deletions
--- a/nftables.conf
+++ b/nftables.conf
@ -20,7 +20,7 @@ table inet filter {

 		# TURN
 		tcp dport { 3478, 5349 } limit rate 5/second accept
-		udp dport { 3478, 5349, 49152-49200 } limit rate 5/second accept
+		udp dport { 3478, 5349, 49152-49252 } limit rate 5/second accept

 		# Allow ICMP
 		meta l4proto icmp limit rate 1/second accept
--- a/synapse/docker-compose.yaml
+++ b/synapse/docker-compose.yaml
@ -18,7 +18,7 @@ services:
      - 3478:3478/udp
      - 5349:5349
      - 5349:5349/udp
-      - 49152-49200:49152-49200/udp
+      - 49152-49252:49152-49252/udp
    tmpfs:
      - /var/lib/coturn
    volumes:
--- a/synapse/homeserver.yaml
+++ b/synapse/homeserver.yaml
@ -65,7 +65,7 @@ url_preview_ip_range_blacklist:
  - 'ff00::/8'
  - 'fec0::/10'

-turn_uris: [ "turn:turn.viyurz.fr?transport=udp", "turn:turn.viyurz.fr?transport=tcp" ]
+turn_uris: [ "turn:turns.viyurz.fr?transport=udp", "turn:turns.viyurz.fr?transport=tcp" ]
 turn_user_lifetime: 86400000
 turn_allow_guests: true
 # vim:ft=yaml
--- a/synapse/turnserver.conf
+++ b/synapse/turnserver.conf
@ -11,7 +11,7 @@ realm=turn.viyurz.fr
 # (default values are 49152 and 65535)
 #
 min-port=49152
-max-port=49200
+max-port=49252

 # TLS certificates, including intermediate certs.
 # For Let's Encrypt certificates, use `fullchain.pem` here.