mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-12-24 18:08:28 +01:00
Enable some recommended Coturn options in an effort to lower DDoS amplification factor
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2592
This commit is contained in:
parent
c222391e77
commit
69b2df629b
@ -112,11 +112,25 @@ matrix_coturn_user_quota: null
|
|||||||
matrix_coturn_total_quota: null
|
matrix_coturn_total_quota: null
|
||||||
|
|
||||||
# Controls whether `no-tcp-relay` is added to the configuration
|
# Controls whether `no-tcp-relay` is added to the configuration
|
||||||
|
# Learn more here: https://github.com/coturn/coturn/blob/242eb78227f66442ba1573c00ec4552faae23eed/examples/etc/turnserver.conf#L419-L422
|
||||||
matrix_coturn_no_tcp_relay_enabled: true
|
matrix_coturn_no_tcp_relay_enabled: true
|
||||||
|
|
||||||
# Controls whether `no-multicast-peers` is added to the configuration
|
# Controls whether `no-multicast-peers` is added to the configuration
|
||||||
|
# Learn more here: https://github.com/coturn/coturn/blob/242eb78227f66442ba1573c00ec4552faae23eed/examples/etc/turnserver.conf#L629-L632
|
||||||
matrix_coturn_no_multicast_peers_enabled: true
|
matrix_coturn_no_multicast_peers_enabled: true
|
||||||
|
|
||||||
|
# Controls whether `no-rfc5780` is added to the configuration
|
||||||
|
# Learn more here: https://github.com/coturn/coturn/blob/242eb78227f66442ba1573c00ec4552faae23eed/examples/etc/turnserver.conf#L770-L781
|
||||||
|
matrix_coturn_no_rfc5780_enabled: true
|
||||||
|
|
||||||
|
# Controls whether `no-stun-backward-compatibility` is added to the configuration
|
||||||
|
# Learn more here: https://github.com/coturn/coturn/blob/242eb78227f66442ba1573c00ec4552faae23eed/examples/etc/turnserver.conf#L783-L789
|
||||||
|
matrix_coturn_no_stun_backward_compatibility_enabled: true
|
||||||
|
|
||||||
|
# Controls whether `response-origin-only-with-rfc5780` is added to the configuration
|
||||||
|
# Learn more here: https://github.com/coturn/coturn/blob/242eb78227f66442ba1573c00ec4552faae23eed/examples/etc/turnserver.conf#L791-L796
|
||||||
|
matrix_coturn_response_origin_only_with_rfc5780_enabled: true
|
||||||
|
|
||||||
# Additional configuration to be passed to turnserver.conf
|
# Additional configuration to be passed to turnserver.conf
|
||||||
# Example:
|
# Example:
|
||||||
# matrix_coturn_additional_configuration: |
|
# matrix_coturn_additional_configuration: |
|
||||||
|
@ -35,6 +35,18 @@ prod
|
|||||||
no-tcp-relay
|
no-tcp-relay
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
{% if matrix_coturn_no_rfc5780_enabled %}
|
||||||
|
no-rfc5780
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if matrix_coturn_no_stun_backward_compatibility_enabled %}
|
||||||
|
no-stun-backward-compatibility
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if matrix_coturn_response_origin_only_with_rfc5780_enabled %}
|
||||||
|
response-origin-only-with-rfc5780
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
{% if matrix_coturn_user_quota != None %}
|
{% if matrix_coturn_user_quota != None %}
|
||||||
user-quota={{ matrix_coturn_user_quota }}
|
user-quota={{ matrix_coturn_user_quota }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
Loading…
Reference in New Issue
Block a user