From 025cf6e6dddb72a46e5b743bf4ff7644d32cf983 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Krist=C3=B3f=20Torma?= <tormakristof@tormakristof.eu>
Date: Fri, 30 Dec 2022 16:09:47 +0100
Subject: [PATCH] add turn stuff

---
 host_vars/neko.yaml        | 9 +++++++++
 roles/neko/files/certbot   | 1 +
 roles/neko/tasks/main.yaml | 6 +++++-
 3 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/host_vars/neko.yaml b/host_vars/neko.yaml
index 1ff9c35..4542999 100644
--- a/host_vars/neko.yaml
+++ b/host_vars/neko.yaml
@@ -13,6 +13,15 @@ firewall:
   - port: "59000:59049"
     proto: udp
     interface: "eth1"
+  - port: "3478"
+    proto: tcp
+    interface: "eth1"
+  - port: "3478"
+    proto: any
+    interface: "eth1"
+  - port: "5349"
+    proto: any
+    interface: "eth1"
   - port: "9101"
     proto: tcp
     interface: "eth0"
diff --git a/roles/neko/files/certbot b/roles/neko/files/certbot
index f9321b3..59364b2 100644
--- a/roles/neko/files/certbot
+++ b/roles/neko/files/certbot
@@ -1,4 +1,5 @@
 #! /bin/bash
 systemctl stop haproxy
 certbot renew --standalone --cert-name neko.tormakristof.eu
+certbot renew --standalone --cert-name turn.tormakristof.eu
 systemctl start haproxy
diff --git a/roles/neko/tasks/main.yaml b/roles/neko/tasks/main.yaml
index 59bfa7a..e5971c4 100644
--- a/roles/neko/tasks/main.yaml
+++ b/roles/neko/tasks/main.yaml
@@ -27,10 +27,14 @@
     name:
      - python3-certbot
 
-- name: Generate certificate for all proxied domains
+- name: Generate certificate for Neko domain
   command:
     cmd: certbot certonly --non-interactive --agree-tos -m tormakristof@tormakristof.eu --standalone -d neko.tormakristof.eu
 
+- name: Generate certificate for TURN domain
+  command:
+    cmd: certbot certonly --non-interactive --agree-tos -m tormakristof@tormakristof.eu --standalone -d turn.tormakristof.eu
+
 - name: Enable and start haproxy
   service:
     name: haproxy