From dbf2f2c10f6d43dbd28a2d06e9a0d11ade95d560 Mon Sep 17 00:00:00 2001
From: lhahn <lhahn@huehner-cloud.de>
Date: Sat, 26 Aug 2023 22:04:46 +0200
Subject: [PATCH] fix ssl cert handling

---
 defaults/main.yml |  6 ++++--
 tasks/coturn.yml  | 13 +++++++++++++
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 46633d7..c8640af 100755
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -15,8 +15,10 @@ coturn_parallel_connection: 0 #0 is unlimited
 coturn_bandwitdh: 0 #0 B/s is unlimited
 coturn_session_lifetime: 600
 
-coturn_cert: "/etc/letsencrypt/live/{{ coturn_domain }}/fullchain.pem"
-coturn_pkey: "/etc/letsencrypt/live/{{ coturn_domain }}/privkey.pem"
+
+coturn_cert_folder: "{{ cloud_apps }}/coturn/"
+coturn_cert: "{{ coturn_cert_folder }}/{{ coturn_domain }}.cert"
+coturn_pkey: "{{ coturn_cert_folder }}/{{ coturn_domain }}.key"
 coturn_dhparam: "/etc/letsencrypt/ssl-dhparams.pem"
 
 coturn_configs:
diff --git a/tasks/coturn.yml b/tasks/coturn.yml
index eb4d732..3db7231 100755
--- a/tasks/coturn.yml
+++ b/tasks/coturn.yml
@@ -7,6 +7,19 @@
     pkg:
       - "coturn"
 
+- name: setup coturn cert folder
+  file:
+    state: directory
+    owner: turnserver
+    group: root
+    mode: 0770
+    path: "{{ cloud_apps }}/coturn/"
+
+    path: "{{ ncloud_data_location }}"
+    state: directory
+
+    mode: "o="
+
 - name: enable coturn server
   lineinfile:
     path: "/etc/default/coturn"