Last active
June 8, 2018 11:00
-
-
Save penzoiders/8a5b0d998bcdad2064a4f69a1d02e8c5 to your computer and use it in GitHub Desktop.
TURN server (coturn) configuration template for Nextcloud VM with Let's Encrypt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# this will make your Talk WebRTC videocalls work well across NAT firewalls | |
# tested on Nextcloud VM 13.0.3 with Let's Encrypt certificate already in place | |
# install coturn (apt-get install coturn) | |
# set TURNSERVER_ENABLED=1 in /etc/default/coturn | |
# edit this file /etc/turnserver.conf using this template (change "your.nextcloud.fqdn" string to your actual domain) | |
# then start coturn (systemctl start coturn) | |
# define in https://your.nextcloud.fqdn/settings/admin/talk: | |
# Server STUN = your.nextcloud.fqdn:587 (port used in this example = 587, you can set it to another, but this is generally open outbound on most networks) | |
# Server TURN = your.nextcloud.fqdn:587 | |
# TURN Shared Secret = your_ultra_freaking_strong_secret | |
# TURN Listen to = TCP and UDP | |
# of course you need to open the listening port on your firewall, enjoy | |
tls-listening-port=587 | |
fingerprint | |
lt-cred-mech | |
use-auth-secret | |
static-auth-secret=your_ultra_freaking_strong_secret | |
realm=your.nextcloud.fqdn | |
total-quota=100 | |
bps-capacity=0 | |
stale-nonce | |
cert=/etc/letsencrypt/live/your.nextcloud.fqdn/fullchain.pem | |
pkey=/etc/letsencrypt/live/your.nextcloud.fqdn/privkey.pem | |
dh-file=/etc/letsencrypt/live/your.nextcloud.fqdn/dhparam.pem | |
cipher-list="ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5" | |
no-loopback-peers | |
no-multicast-peers | |
no-tlsv1 | |
no-tlsv1_1 | |
no-stdout-log | |
simple-log | |
log-file=/var/log/turnserver.log |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment