fix(WPB-15487): fix coturn port range in all the documentation

ansible/files/hetzner_server_nftables.conf.j2

@@ -47,7 +47,7 @@ table ip nat {
     iifname { $INF_WAN, virbr0 } tcp dport 3478 fib daddr type local dnat to $COTURNIP comment "COTURN control TCP"
     iifname { $INF_WAN, virbr0 } udp dport 3478 fib daddr type local dnat to $COTURNIP comment "COTURN control UDP"
 
-    iifname { $INF_WAN, virbr0 } udp dport 32768-61000 fib daddr type local dnat to $COTURNIP comment "COTURN UDP range"
+    iifname { $INF_WAN, virbr0 } udp dport 49152-65535 fib daddr type local dnat to $COTURNIP comment "COTURN UDP range"
 
     fib daddr type local counter jump DOCKER
   }

offline/coturn.md

@@ -250,7 +250,7 @@ Calling and TURN services (Coturn, SFT) require being reachable on a range of po
 
 Here we have decided the following distribution of ports:
 
-* Coturn will operate between ports 32768 and 61000.
+* Coturn will operate between ports 49152 and 65535.
 
 We will configure the port redirection in Nftables to allow traffic to reach Coturn.
 
@@ -293,7 +293,7 @@ table ip nat {
     iifname { $INF_WAN, virbr0 } tcp dport 3478 fib daddr type local dnat to $COTURNIP comment "COTURN control TCP"
     iifname { $INF_WAN, virbr0 } udp dport 3478 fib daddr type local dnat to $COTURNIP comment "COTURN control UDP"
 
-    iifname { $INF_WAN, virbr0 } udp dport 32768-61000 fib daddr type local dnat to $COTURNIP comment "COTURN UDP range"
+    iifname { $INF_WAN, virbr0 } udp dport 49152-65535 fib daddr type local dnat to $COTURNIP comment "COTURN UDP range"
 
     fib daddr type local counter jump DOCKER
   }
@@ -312,7 +312,7 @@ This is used for the HTTP(S) ingress:
 This is the part that routes the UDP packets (media/calling traffic) to the calling services:
 
 ```nft
-    iifname { $INF_WAN, virbr0 } udp dport 32768-61000 fib daddr type local dnat to $COTURNIP comment "COTURN UDP range"
+    iifname { $INF_WAN, virbr0 } udp dport 49152-65535 fib daddr type local dnat to $COTURNIP comment "COTURN UDP range"
 ``` 
 
 This is the part that redirects the control traffic to the Coturn port:

offline/stackIT-wiab.md

@@ -24,7 +24,9 @@ This guide outlines the steps to set up and deploy Wire in a StackIT environment
 | tcp      | ingress   | 80         | 80       | IPv4       | 0.0.0.0/0  | Allow HTTP traffic                          |
 | tcp      | ingress   | 3478       | 3478     | IPv4       | 0.0.0.0/0  | Allow alternative STUN/TURN traffic over TCP|
 | udp      | ingress   | 3478       | 3478     | IPv4       | Any        | Allow STUN/TURN traffic for Coturn          |
-| udp      | ingress   | 32768      | 61000    | IPv4       | 0.0.0.0/0  | Allow calling traffic for Coturn over UDP   |
+| udp      | ingress   | 49152      | 65535    | IPv4       | 0.0.0.0/0  | Allow calling traffic for Coturn over UDP   |
+
+- Note: If outbound traffic is restricted, port range mentioned [here](https://docs.wire.com/understand/notes/port-ranges.html) should be followed.
 
 ## Steps to Deploy WIAB from local environment (or on stackIT node)
 
@@ -80,14 +82,19 @@ This guide outlines the steps to set up and deploy Wire in a StackIT environment
 
    1. **Generate secrets:**
       ```bash
-      d bash -x bin/offline-secrets.sh
+      bash -x bin/offline-secrets.sh
       ```
 
    2. **Set up and configure the environment:**
       Run the following to set up the AssetHost, loading containers for k8s cluster, sync time, cassandra, elasticsearch and minio:
       ```bash
       d bash -x bin/offline-cluster.sh
       ```
+      *Confirm whether Cassandra, Elasticsearch, and MinIO are set up, or if any previous playbook caused subsequent playbooks to be skipped:*
+      ```
+      cat ~/wire-server-deploy/values/cassandra-external/values.yaml
+      ```
+      If the above file exists with the correct values, we can assume that the tasks ran successfully. If not, run the playbooks again by commenting out the already executed Ansible playbooks in `~/wire-server-deploy/bin/offline-cluster.sh`.
 
    3. **Deploy Helm charts:**
       Use the following script to set up Helm chart values and deploy them:

stackIT/stackit-vm-setup.yml

@@ -32,7 +32,7 @@
     target_domain: "example.com"
 
     # artifact_hash
-    artifact_hash: "3a18fae3106968b48b5a3b35f1bd0817ca4e5569"
+    artifact_hash: "812ae6bdf3c159f6a03059b7d779c20d6599e01b"
 
     # networking iptables dnat rules
     # This should be the ip address of k8s node where ngnix-ingress-controller is running
@@ -579,7 +579,7 @@
         protocol: udp
         jump: DNAT
         destination: "{{ default_interface_ip.stdout }}"
-        destination_ports: "32768:61000"
+        destination_ports: "49152:65535"
         in_interface: "{{ default_interface.stdout }}"
         to_destination: "{{ coturn_k8s_node_ip.stdout }}"
         state: present