Antoine Ouvrard
50 lines
1.1 KiB
YAML
50 lines
1.1 KiB
YAML
---
|
|
- name: vérification des variables obligatoire
|
|
fail:
|
|
msg: |
|
|
il faut définir la variable `coturn_secret` pour utiliser ce role
|
|
when: coturn_secret is not defined
|
|
|
|
- name: Installation de coturn
|
|
apt:
|
|
name:
|
|
- coturn
|
|
update_cache: true
|
|
|
|
- name: Y-a-t un certificat SSL dans l'avion?
|
|
stat:
|
|
path: /etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem
|
|
register: ssl_file
|
|
|
|
- include_tasks: letsencrypt.yml
|
|
when: not ssl_file.stat.exists
|
|
|
|
|
|
- name: Donne les droits a coturn de lire les certificats SSL
|
|
file:
|
|
path: "{{ item }}"
|
|
owner: turnserver
|
|
group: turnserver
|
|
state: directory
|
|
recurse: yes
|
|
loop:
|
|
- /etc/letsencrypt/live
|
|
- /etc/letsencrypt/archive
|
|
|
|
- name: set la config coturn
|
|
template:
|
|
src: ../templates/turnserver.conf.j2
|
|
dest: /etc/turnserver.conf
|
|
notify: restart coturn
|
|
|
|
- name: Ajout des capabilities à coturn
|
|
lineinfile:
|
|
path: /etc/systemd/system/coturn.service.d/override.conf
|
|
create: yes
|
|
line: |
|
|
[Service]
|
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
|
notify: restart coturn
|
|
|
|
|