Resolve "installation d'un coturn externe"

roles/coturn-install/tasks/letsencrypt.yml

@@ -0,0 +1,15 @@
+- name: Installation de snapd
+  apt:
+    name:
+      - snapd
+    state: present
+
+- name: Initialisation de snap et installtion de certbot (prendre bien 5min, soyez patient)
+  command: "{{ item }}"
+  loop:
+    - snap install core
+    - snap refresh core
+    - snap install --classic certbot
+
+- name: Création du certificat SSL
+  command: /snap/bin/certbot certonly --standalone -d  {{ inventory_hostname }} -m supervision@nereide.fr --agree-tos --non-interactive

roles/coturn-install/tasks/main.yml

@@ -0,0 +1,49 @@
+---
+- name: vérification des variables obligatoire
+  fail:
+    msg: |
+      il faut définir la variable `coturn_secret` pour utiliser ce role
+  when: coturn_secret is not defined
+
+- name: Installation de coturn
+  apt:
+    name:
+      - coturn
+    update_cache: true
+
+- name: Y-a-t un certificat SSL dans l'avion?
+  stat:
+    path: /etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem
+  register: ssl_file
+
+- include_tasks: letsencrypt.yml
+  when: not ssl_file.stat.exists
+
+
+- name: Donne les droits a coturn de lire les certificats SSL
+  file:
+    path: "{{ item }}"
+    owner: turnserver
+    group: turnserver
+    state: directory
+    recurse: yes
+  loop:
+    - /etc/letsencrypt/live
+    - /etc/letsencrypt/archive
+
+- name: set la config coturn
+  template:
+    src: ../templates/turnserver.conf.j2
+    dest: /etc/turnserver.conf
+  notify: restart coturn
+
+- name: Ajout des capabilities à coturn
+  lineinfile:
+    path: /etc/systemd/system/coturn.service.d/override.conf
+    create: yes
+    line: |
+      [Service]
+      AmbientCapabilities=CAP_NET_BIND_SERVICE
+  notify: restart coturn
+
+