Last active
July 20, 2020 00:41
-
-
Save mikehelland/2a31cf13be4c031ab7acb42811badadb to your computer and use it in GitHub Desktop.
Setup a coturn server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo apt-get install coturn | |
| sudo systemctl stop coturn | |
| sudo nano /etc/default/coturn | |
| #TURNSERVER_ENABLED=1 | |
| sudo mv /etc/turnserver.conf /etc/turnserver.conf.original | |
| sudo nano /etc/turnserver.conf | |
| # see contents below | |
| # create stun and turn DNS records | |
| sudo turnadmin -a -u omgrtc -r openmedia.gallery -p 12345 | |
| sudo systemctl start coturn | |
| # test here https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/ | |
| # Be sure that your server has the ports 5349 and 3478 open. | |
| sudo ufw allow 3478 | |
| sudo ufw enable | |
| ################################## | |
| # /etc/turnserver.conf | |
| # STUN server port is 3478 for UDP and TCP, and 5349 for TLS. | |
| # Allow connection on the UDP port 3478 | |
| listening-port=3478 | |
| # and 5349 for TLS (secure) | |
| tls-listening-port=5349 | |
| # Require authentication | |
| fingerprint | |
| lt-cred-mech | |
| # We will use the longterm authentication mechanism, but if | |
| # you want to use the auth-secret mechanism, comment lt-cred-mech and | |
| # uncomment use-auth-secret | |
| # Check: https://github.com/coturn/coturn/issues/180#issuecomment-364363272 | |
| #The static auth secret needs to be changed, in this tutorial | |
| # we'll generate a token using OpenSSL | |
| # use-auth-secret | |
| # static-auth-secret=replace-this-secret | |
| # ---- | |
| # If you decide to use use-auth-secret, After saving the changes, change the auth-secret using the following command: | |
| # sed -i "s/replace-this-secret/$(openssl rand -hex 32)/" /etc/turnserver.conf | |
| # This will replace the replace-this-secret text on the file with the generated token using openssl. | |
| # Specify the server name and the realm that will be used | |
| # if is your first time configuring, just use the domain as name | |
| server-name=ourcodeworld.com | |
| realm=ourcodeworld.com | |
| # Important: | |
| # Create a test user if you want | |
| # You can remove this user after testing | |
| user=guest:somepassword | |
| total-quota=100 | |
| stale-nonce=600 | |
| # Path to the SSL certificate and private key. In this example we will use | |
| # the letsencrypt generated certificate files. | |
| cert=/usr/local/psa/var/modules/letsencrypt/etc/live/ourcodeworld.com/cert.pem | |
| pkey=/usr/local/psa/var/modules/letsencrypt/etc/live/ourcodeworld.com/privkey.pem | |
| # Specify the allowed OpenSSL cipher list for TLS/DTLS connections | |
| cipher-list="ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384" | |
| # Specify the process user and group | |
| proc-user=turnserver | |
| proc-group=turnserver | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Used from :
https://ourcodeworld.com/articles/read/1175/how-to-create-and-configure-your-own-stun-turn-server-with-coturn-in-ubuntu-18-04