This configuration is provided AS-IS and as an example/reference for those who do not find a working configuration for themselves. It is not always kept up to date and no support is provided.
Assuming:
- Your Matrix domain:
example.org
- Your TURN domain (arbitrary):
turn.example.org
- Your Public IP:
1.2.3.4
- Your Private IP for the box hosing the services:
10.11.12.13
- A shared secret between synapse and coturn:
ThisIsASharedSecret-ChangeMe
- You want Firefox compatiblity (TURNS only is not supported)
homeserver.yaml
:
## Turn ##
# The public URIs of the TURN server to give to clients
turn_uris:
- "turns:turn.example.org?transport=udp"
- "turns:turn.example.org?transport=tcp"
- "turn:turn.example.org?transport=udp"
- "turn:turn.example.org?transport=tcp"
# The shared secret used to compute passwords for the TURN server
turn_shared_secret: "ThisIsASharedSecret-ChangeMe"
# How long generated TURN credentials last
turn_user_lifetime: "1h"
turnserver.conf
:
syslog
lt-cred-mech
use-auth-secret
static-auth-secret=ThisIsASharedSecret-ChangeMe
realm=example.org
cert=/etc/letsencrypt/live/turn.example.org/fullchain.pem
pkey=/etc/letsencrypt/live/turn.example.org/privkey.pem
no-udp
external-ip=1.2.3.4
min-port=64000
max-port=65535
Allow ports:
- TCP 3478
- UDP 3478
- TCP 3479
- UDP 3479
- TCP 5349
- UDP 5349
- UDP 64000 to 65535
thanks for the post! Unfortunately I cant get it to work and have no idea why.
Even with setting "fallback-assistant" to switch to turn.matrix.org if nescessary in Riot (F-Droid) any calls/videocalls are stuck in "establishing connection".
When typing: https://myserver.com:8448, I get the: "It works! Synapse is running.". When just typing https://myserver.com, I only get "Welcome to nginx". Chatting with text and media is possible, though!
The only errors i found where in nginx error.log but after setting a .well-known-location as mentioned here: matrix-org/synapse#7077
i still get this:
2020/06/08 01:11:25 [error] 23515#23515: *7 open() "/usr/share/nginx/html/.well-known/matrix/client" failed (2: No such file or directory), client: [IP-removed], server: [domain-removed], request: "GET /.well-known/matrix/client HTTP/2.0", host: "[domain-removed]" 2020/06/08 01:11:45 [error] 23515#23515: *30 open() "/usr/share/nginx/html/.well-known/matrix/client" failed (2: No such file or directory), client: [IP-removed], server: [domain-removed], request: "GET /.well-known/matrix/client HTTP/2.0", host: "[domain-removed]" 2020/06/08 01:11:45 [error] 23515#23515: *47 open() "/usr/share/nginx/html/.well-known/matrix/client" failed (2: No such file or directory), client: [IP-removed], server: [domain-removed], request: "GET /.well-known/matrix/client HTTP/2.0", host: "[domain-removed]" 2020/06/08 01:35:02 [error] 23887#23887: *1 upstream prematurely closed connection while reading response header from upstream, client: [IP-removed], server: [domain-removed], request: "GET /_matrix/client/r0/sync?filter=0&timeout=30000&since=s631_945_0_469_11_20_664_98_1 HTTP/2.0", upstream: "http://[::1]:8008/_matrix/client/r0/sync?filter=0&timeout=30000&since=s631_945_0_469_11_20_664_98_1", host: "[domain-removed]" 2020/06/08 01:35:02 [error] 23887#23887: *70 upstream prematurely closed connection while reading response header from upstream, client: [IP-removed], server: [domain-removed], request: "GET /_matrix/client/r0/sync?filter=2&set_presence=offline&timeout=30000&since=s631_945_0_469_11_20_664_98_1 HTTP/2.0", upstream: "http://127.0.0.1:8008/_matrix/client/r0/sync?filter=2&set_presence=offline&timeout=30000&since=s631_945_0_469_11_20_664_98_1", host: "[domain-removed]" 2020/06/08 01:35:02 [error] 23887#23887: *70 no live upstreams while connecting to upstream, client: [IP-removed], server: [domain-removed], request: "GET /_matrix/client/r0/sync?filter=2&set_presence=offline&timeout=30000&since=s631_945_0_469_11_20_664_98_1 HTTP/2.0", upstream: "http://localhost/_matrix/client/r0/sync?filter=2&set_presence=offline&timeout=30000&since=s631_945_0_469_11_20_664_98_1", host: "[domain-removed]" 2020/06/08 01:35:02 [error] 23887#23887: *14 upstream prematurely closed connection while reading response header from upstream, client: [IP-removed], server: [domain-removed], request: "GET /_matrix/client/r0/sync?filter=0&timeout=30000&since=s631_945_0_469_11_20_664_98_1 HTTP/2.0", upstream: "http://[::1]:8008/_matrix/client/r0/sync?filter=0&timeout=30000&since=s631_945_0_469_11_20_664_98_1", host: "[domain-removed]" 2020/06/08 01:35:02 [error] 23887#23887: *14 no live upstreams while connecting to upstream, client: [IP-removed], server: [domain-removed], request: "GET /_matrix/client/r0/sync?filter=0&timeout=30000&since=s631_945_0_469_11_20_664_98_1 HTTP/2.0", upstream: "http://localhost/_matrix/client/r0/sync?filter=0&timeout=30000&since=s631_945_0_469_11_20_664_98_1", host: "[domain-removed]" 2020/06/08 01:35:02 [error] 23887#23887: *1 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: [IP-removed], server: [domain-removed], request: "GET /_matrix/client/r0/sync?filter=0&timeout=30000&since=s631_945_0_469_11_20_664_98_1 HTTP/2.0", upstream: "http://127.0.0.1:8008/_matrix/client/r0/sync?filter=0&timeout=30000&since=s631_945_0_469_11_20_664_98_1", host: "[domain-removed]" 2020/06/08 01:35:02 [error] 23887#23887: *1 no live upstreams while connecting to upstream, client: [IP-removed], server: [domain-removed], request: "OPTIONS /_matrix/client/r0/joined_groups HTTP/2.0", upstream: "http://localhost/_matrix/client/r0/joined_groups", host: "[domain-removed]" 2020/06/08 01:35:08 [error] 23887#23887: *1 no live upstreams while connecting to upstream, client: [IP-removed], server: [domain-removed], request: "GET /_matrix/client/versions HTTP/2.0", upstream: "http://localhost/_matrix/client/versions", host: "[domain-removed]" 2020/06/08 01:35:12 [error] 23887#23887: *245 no live upstreams while connecting to upstream, client: [IP-removed], server: [domain-removed], request: "POST /_matrix/client/r0/rooms/[room-removed]:[domain-removed]/read_markers HTTP/2.0", upstream: "http://localhost/_matrix/client/r0/rooms/[room-removed]:[domain-removed]/read_markers", host: "[domain-removed]" 2020/06/08 01:35:12 [error] 23887#23887: *14 no live upstreams while connecting to upstream, client: [IP-removed], server: [domain-removed], request: "GET /_matrix/client/r0/sync?filter=0&timeout=30000&since=s631_945_0_469_11_20_664_98_1 HTTP/2.0", upstream: "http://localhost/_matrix/client/r0/sync?filter=0&timeout=30000&since=s631_945_0_469_11_20_664_98_1", host: "[domain-removed]" 2020/06/08 01:42:01 [alert] 23887#23887: *1 open socket #3 left in connection 9 2020/06/08 01:42:01 [alert] 23887#23887: *14 open socket #24 left in connection 14 2020/06/08 01:42:01 [alert] 23887#23887: *418 open socket #23 left in connection 40 2020/06/08 01:42:01 [alert] 23887#23887: *416 open socket #21 left in connection 41 2020/06/08 01:42:01 [alert] 23887#23887: aborting