diff --git a/hosts b/hosts index 8d3a65a..eab717d 100644 --- a/hosts +++ b/hosts @@ -1189,6 +1189,7 @@ gw-replacement2.local.netz gw-replacement3.local.netz gw-replacement.wf.netz + [gateway_server_rw] gw-ah.oopen.de diff --git a/scripts/modify-ipt-server.yml b/scripts/modify-ipt-server.yml index 8752ff6..24b3538 100644 --- a/scripts/modify-ipt-server.yml +++ b/scripts/modify-ipt-server.yml @@ -14,6 +14,68 @@ path: /etc/ipt-firewall/main_ipv4.conf register: main_ipv6_exists + - name: addjust line 'jitsi_tcp_ports' (IPv4) + lineinfile: + path: /etc/ipt-firewall/main_ipv4.conf + regexp: '^jitsi_tcp_ports=' + line: 'jitsi_tcp_ports="$standard_jitsi_tcp_ports"' + + - name: addjust line 'jitsi_tcp_ports' (IPv6) + lineinfile: + path: /etc/ipt-firewall/main_ipv6.conf + regexp: '^jitsi_tcp_ports=' + line: 'jitsi_tcp_ports="$standard_jitsi_tcp_ports"' + when: + - main_ipv6_exists.stat.exists + + - name: addjust line 'jitsi_udp_ports' (IPv4) + lineinfile: + path: /etc/ipt-firewall/main_ipv4.conf + regexp: '^jitsi_udp_port_range=' + line: 'jitsi_udp_port_range="$standard_jitsi_udp_port_range"' + + - name: addjust line 'jitsi_udp_ports' (IPv6) + lineinfile: + path: /etc/ipt-firewall/main_ipv6.conf + regexp: '^jitsi_udp_port_range=' + line: 'jitsi_udp_port_range="$standard_jitsi_udp_port_range"' + when: + - main_ipv6_exists.stat.exists + + - name: addjust line 'nc_turn_ports' (IPv4) + lineinfile: + path: /etc/ipt-firewall/main_ipv4.conf + regexp: '^nc_turn_ports=' + line: 'nc_turn_ports="$standard_turn_service_ports"' + + - name: addjust line 'nc_turn_ports' (IPv6) + lineinfile: + path: /etc/ipt-firewall/main_ipv6.conf + regexp: '^nc_turn_ports=' + line: 'nc_turn_ports="$standard_turn_service_ports"' + when: + - main_ipv6_exists.stat.exists + + - name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (nc_turn_udp_ports) + lineinfile: + dest: /etc/ipt-firewall/main_ipv4.conf + state: present + regexp: '^nc_turn_udp_ports' + line: 'nc_turn_udp_ports="$standard_turn_service_udp_ports"' + insertafter: '^#?\s*nc_turn_ports' + when: + - main_ipv4_exists.stat.exists + + - name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (nc_turn_udp_ports) + lineinfile: + dest: /etc/ipt-firewall/main_ipv6.conf + state: present + regexp: '^nc_turn_udp_ports' + line: 'nc_turn_udp_ports="$standard_turn_service_udp_ports"' + insertafter: '^#?\s*nc_turn_ports' + when: + - main_ipv4_exists.stat.exists + # --- # vpn_ports # --- @@ -440,8 +502,8 @@ # - # - comma separated list of ports/port ranges) # - - jitsi_tcp_ports="$standard_http_ports" - jitsi_udp_port_range="10000:20000" + jitsi_tcp_ports="$standard_jitsi_tcp_ports" + jitsi_udp_port_range="$standard_jitsi_udp_port_range" marker: "# Marker set by modify-ipt-server.yml (jitsi service)" when: - main_ipv4_exists.stat.exists @@ -469,8 +531,8 @@ # - # - comma separated list of ports/port ranges) # - - jitsi_tcp_ports="$standard_http_ports" - jitsi_udp_port_range="10000:20000" + jitsi_tcp_ports="$standard_jitsi_tcp_ports" + jitsi_udp_port_range="$standard_jitsi_udp_port_range" marker: "# Marker set by modify-ipt-server.yml (jitsi service)" when: - main_ipv6_exists.stat.exists @@ -503,7 +565,8 @@ # - # - comma separated list # - - nc_turn_ports="3478:3479,5349:5350" + nc_turn_ports="$standard_turn_service_ports" + nc_turn_udp_ports="$standard_turn_service_udp_ports" marker: "# Marker set by modify-ipt-server.yml (nc's turn service)" when: @@ -532,7 +595,8 @@ # - # - comma separated list # - - nc_turn_ports="3478:3479,5349:5350" + nc_turn_ports="$standard_turn_service_ports" + nc_turn_udp_ports="$standard_turn_service_udp_ports" marker: "# Marker set by modify-ipt-server.yml (jitsi service)" when: - main_ipv6_exists.stat.exists