Antoine Ouvrard
36 lines
1.4 KiB
Django/Jinja
36 lines
1.4 KiB
Django/Jinja
# jitsi-meet coturn config. Do not modify this line
|
|
use-auth-secret
|
|
keep-address-family
|
|
static-auth-secret={{ coturn_secret }}
|
|
realm={{ inventory_hostname }}
|
|
server-name={{ inventory_hostname }}
|
|
cert=/etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem
|
|
pkey=/etc/letsencrypt/live/{{ inventory_hostname }}/privkey.pem
|
|
no-multicast-peers
|
|
no-cli
|
|
no-loopback-peers
|
|
no-tcp-relay
|
|
no-tcp
|
|
listening-port=3478
|
|
tls-listening-port=443
|
|
no-tlsv1
|
|
no-tlsv1_1
|
|
# https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4
|
|
cipher-list=ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
|
# jitsi-meet coturn relay disable config. Do not modify this line
|
|
denied-peer-ip=0.0.0.0-0.255.255.255
|
|
denied-peer-ip=10.0.0.0-10.255.255.255
|
|
denied-peer-ip=100.64.0.0-100.127.255.255
|
|
denied-peer-ip=127.0.0.0-127.255.255.255
|
|
denied-peer-ip=169.254.0.0-169.254.255.255
|
|
denied-peer-ip=127.0.0.0-127.255.255.255
|
|
denied-peer-ip=172.16.0.0-172.31.255.255
|
|
denied-peer-ip=192.0.0.0-192.0.0.255
|
|
denied-peer-ip=192.0.2.0-192.0.2.255
|
|
denied-peer-ip=192.88.99.0-192.88.99.255
|
|
denied-peer-ip=192.168.0.0-192.168.255.255
|
|
denied-peer-ip=198.18.0.0-198.19.255.255
|
|
denied-peer-ip=198.51.100.0-198.51.100.255
|
|
denied-peer-ip=203.0.113.0-203.0.113.255
|
|
denied-peer-ip=240.0.0.0-255.255.255.255
|
|
syslog |