Add TCP port rules for WebRTC traffic on port 7881 and 50000-60000 across multiple deployment configurations

2025-07-11 21:33:05 +02:00 · 2025-07-11 21:33:05 +02:00 · 61fbf9850b
parent ba1df4660c
commit 61fbf9850b
10 changed files with 115 additions and 43 deletions
--- a/openvidu-deployment/community/singlenode/aws/cf-openvidu-singlenode.yaml
+++ b/openvidu-deployment/community/singlenode/aws/cf-openvidu-singlenode.yaml
@ -936,6 +936,14 @@ Resources:
          FromPort: 1935
          ToPort: 1935
          CidrIpv6: ::/0
        - IpProtocol: tcp
          FromPort: 7881
          ToPort: 7881
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 7881
          ToPort: 7881
          CidrIpv6: ::/0
        - IpProtocol: udp
          FromPort: 7885
          ToPort: 7885
@ -952,14 +960,6 @@ Resources:
          FromPort: 50000
          ToPort: 60000
          CidrIpv6: ::/0
        - IpProtocol: tcp
          FromPort: 50000
          ToPort: 60000
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 50000
          ToPort: 60000
          CidrIpv6: ::/0
 Outputs:
  ServicesAndCredentials:
--- a/openvidu-deployment/community/singlenode/azure/cf-openvidu-singlenode.bicep
+++ b/openvidu-deployment/community/singlenode/azure/cf-openvidu-singlenode.bicep
@ -1080,22 +1080,6 @@ resource webServerSecurityGroup 'Microsoft.Network/networkSecurityGroups@2023-11
          direction: 'Inbound'
        }
      }
      {
        name: 'WebRTC_traffic_TCP'
        properties: {
          protocol: 'Tcp'
          sourceAddressPrefix: '*'
          sourcePortRange: '*'
          destinationAddressPrefix: '*'
          destinationPortRanges: [
            '50000'
            '60000'
          ]
          access: 'Allow'
          priority: 190
          direction: 'Inbound'
        }
      }
    ]
  }
 }
--- a/openvidu-deployment/community/singlenode/azure/cf-openvidu-singlenode.json
+++ b/openvidu-deployment/community/singlenode/azure/cf-openvidu-singlenode.json
@ -5,7 +5,7 @@
    "_generator": {
      "name": "bicep",
      "version": "0.36.1.42791",
-      "templateHash": "12381993962421618724"
+      "templateHash": "12302733880284242788"
    }
  },
  "parameters": {
@ -595,22 +595,6 @@
              "priority": 180,
              "direction": "Inbound"
            }
          },
          {
            "name": "WebRTC_traffic_TCP",
            "properties": {
              "protocol": "Tcp",
              "sourceAddressPrefix": "*",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "*",
              "destinationPortRanges": [
                "50000",
                "60000"
              ],
              "access": "Allow",
              "priority": 190,
              "direction": "Inbound"
            }
          }
        ]
      }
--- a/openvidu-deployment/pro/elastic/aws/cf-openvidu-elastic.yaml
+++ b/openvidu-deployment/pro/elastic/aws/cf-openvidu-elastic.yaml
@ -1728,6 +1728,14 @@ Resources:
          FromPort: 443
          ToPort: 443
          CidrIpv6: ::/0
        - IpProtocol: tcp
          FromPort: 7881
          ToPort: 7881
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 7881
          ToPort: 7881
          CidrIpv6: ::/0
        - IpProtocol: udp
          FromPort: 7885
          ToPort: 7885
@ -1744,6 +1752,14 @@ Resources:
          FromPort: 50000
          ToPort: 60000
          CidrIpv6: ::/0
        - IpProtocol: tcp
          FromPort: 50000
          ToPort: 60000
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 50000
          ToPort: 60000
          CidrIpv6: ::/0
  OpenViduMasterNodeToMediaNodeRTMPIngress:
    Type: AWS::EC2::SecurityGroupIngress
--- a/openvidu-deployment/pro/elastic/azure/cf-openvidu-elastic.bicep
+++ b/openvidu-deployment/pro/elastic/azure/cf-openvidu-elastic.bicep
@ -1959,6 +1959,22 @@ resource openviduMediaNodeNSG 'Microsoft.Network/networkSecurityGroups@2023-11-0
          direction: 'Inbound'
        }
      }
      {
        name: 'WebRTC_traffic_TCP'
        properties: {
          protocol: 'Tcp'
          sourceAddressPrefix: '*'
          sourcePortRange: '*'
          destinationAddressPrefix: '*'
          destinationPortRanges: [
            '50000'
            '60000'
          ]
          access: 'Allow'
          priority: 150
          direction: 'Inbound'
        }
      }
    ]
  }
 }
--- a/openvidu-deployment/pro/elastic/azure/cf-openvidu-elastic.json
+++ b/openvidu-deployment/pro/elastic/azure/cf-openvidu-elastic.json
@ -5,7 +5,7 @@
    "_generator": {
      "name": "bicep",
      "version": "0.36.1.42791",
-      "templateHash": "6186739981001271048"
+      "templateHash": "3674868881840486374"
    }
  },
  "parameters": {
@ -1292,6 +1292,22 @@
              "priority": 140,
              "direction": "Inbound"
            }
          },
          {
            "name": "WebRTC_traffic_TCP",
            "properties": {
              "protocol": "Tcp",
              "sourceAddressPrefix": "*",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "*",
              "destinationPortRanges": [
                "50000",
                "60000"
              ],
              "access": "Allow",
              "priority": 150,
              "direction": "Inbound"
            }
          }
        ]
      }
--- a/openvidu-deployment/pro/ha/aws/cf-openvidu-ha.yaml
+++ b/openvidu-deployment/pro/ha/aws/cf-openvidu-ha.yaml
@ -2087,6 +2087,14 @@ Resources:
          FromPort: 443
          ToPort: 443
          CidrIpv6: ::/0
        - IpProtocol: tcp
          FromPort: 7881
          ToPort: 7881
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 7881
          ToPort: 7881
          CidrIpv6: ::/0
        - IpProtocol: udp
          FromPort: 7885
          ToPort: 7885
@ -2103,6 +2111,14 @@ Resources:
          FromPort: 50000
          ToPort: 60000
          CidrIpv6: ::/0
        - IpProtocol: tcp
          FromPort: 50000
          ToPort: 60000
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 50000
          ToPort: 60000
          CidrIpv6: ::/0
  OpenViduLoadBalancerToMediaNodeRTMPIngressSG:
    Type: AWS::EC2::SecurityGroupIngress
--- a/openvidu-deployment/pro/ha/azure/cf-openvidu-ha.bicep
+++ b/openvidu-deployment/pro/ha/azure/cf-openvidu-ha.bicep
@ -2847,6 +2847,22 @@ resource openviduMediaNodeNSG 'Microsoft.Network/networkSecurityGroups@2023-11-0
          direction: 'Inbound'
        }
      }
      {
        name: 'WebRTC_traffic_TCP'
        properties: {
          protocol: 'Tcp'
          sourceAddressPrefix: '*'
          sourcePortRange: '*'
          destinationAddressPrefix: '*'
          destinationPortRanges: [
            '50000'
            '60000'
          ]
          access: 'Allow'
          priority: 150
          direction: 'Inbound'
        }
      }
    ]
  }
 }
--- a/openvidu-deployment/pro/ha/azure/cf-openvidu-ha.json
+++ b/openvidu-deployment/pro/ha/azure/cf-openvidu-ha.json
@ -5,7 +5,7 @@
    "_generator": {
      "name": "bicep",
      "version": "0.36.1.42791",
-      "templateHash": "11388703170829775157"
+      "templateHash": "5237566819187308269"
    }
  },
  "parameters": {
@ -2193,6 +2193,22 @@
              "priority": 140,
              "direction": "Inbound"
            }
          },
          {
            "name": "WebRTC_traffic_TCP",
            "properties": {
              "protocol": "Tcp",
              "sourceAddressPrefix": "*",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "*",
              "destinationPortRanges": [
                "50000",
                "60000"
              ],
              "access": "Allow",
              "priority": 150,
              "direction": "Inbound"
            }
          }
        ]
      }
--- a/openvidu-deployment/pro/singlenode/aws/cf-openvidu-singlenode.yaml
+++ b/openvidu-deployment/pro/singlenode/aws/cf-openvidu-singlenode.yaml
@ -974,6 +974,14 @@ Resources:
          FromPort: 7885
          ToPort: 7885
          CidrIpv6: ::/0
        - IpProtocol: tcp
          FromPort: 7881
          ToPort: 7881
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 7881
          ToPort: 7881
          CidrIpv6: ::/0
        - IpProtocol: udp
          FromPort: 50000
          ToPort: 60000