diff --git a/modules/coturn.nix b/modules/coturn.nix index 68bbf66..0a81f93 100644 --- a/modules/coturn.nix +++ b/modules/coturn.nix @@ -2,22 +2,50 @@ let personalization = import ./personalization.nix; + in { - services.coturn = { - enable = true; - use-auth-secret = true; - static-auth-secret = "${personalization.age.secrets.turn.file}"; - realm = personalization.matrix_url; - cert = "/var/lib/coturn/${personalization.matrix_url}.crt.pem"; - pkey = "/var/lib/coturn/${personalization.matrix_url}.key.pem"; - min-port = 49152; - max-port = 65535; - no-cli = true; - #listening-ips = [ "127.0.0.1" ]; - extraConfig = '' - verbose - external-ip=${personalization.external_ip_secret} - ''; + + systemd.services.sslcoturn = { + + script = '' + + systemctl restart coturn + + ''; + + unitConfig = { + Type = "simple"; + After = "NetworkManager.service"; + Requires = "network-online.target"; + }; + + serviceConfig = { + emainAfterExit = "yes"; + Type = "oneshot"; + }; + + wantedBy = [ "multi-user.target" ]; + }; + + + services.coturn = { + + enable = true; + use-auth-secret = true; + static-auth-secret = "${personalization.age.secrets.turn.file}"; + realm = personalization.matrix_url; + cert = "/var/lib/coturn/${personalization.matrix_url}.crt.pem"; + pkey = "/var/lib/coturn/${personalization.matrix_url}.key.pem"; + min-port = 49152; + max-port = 65535; + no-cli = true; + extraConfig = '' + verbose + external-ip=${personalization.external_ip_secret} + ''; + + }; + }