From 61b52609bc0859947e08bb6e050dcfd59d36a2db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Sat, 22 Apr 2023 22:13:20 +0200 Subject: [PATCH 01/15] fix TURN/STURN * remove docker-compose-coturn.yml and replace it with and example-file, because there are user-data inside, which should not be on git * add a whole rtc_config_example-coturn.json to be copied to rtc_config.json and only the domain should be changed. * modified the documentation * modified the .gitignore to ignore the files with user-data --- .dockerignore | 2 +- .gitignore | 6 ++++++ docker-compose-coturn.yml | 19 ------------------- docker-compose-coturn_example.yml | 27 +++++++++++++++++++++++++++ docs/host-your-own.md | 19 ++++++++++++++++++- rtc_config_example-coturn.json | 21 +++++++++++++++++++++ turnserver_example.conf | 3 +++ 7 files changed, 76 insertions(+), 21 deletions(-) delete mode 100644 docker-compose-coturn.yml create mode 100644 docker-compose-coturn_example.yml create mode 100644 rtc_config_example-coturn.json diff --git a/.dockerignore b/.dockerignore index 1b73304..a2fb487 100644 --- a/.dockerignore +++ b/.dockerignore @@ -2,4 +2,4 @@ node_modules .github .git* -*.md \ No newline at end of file +*.md diff --git a/.gitignore b/.gitignore index bd15e97..7bde16f 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,9 @@ node_modules fqdn.env /docker/certs qrcode-svg/ +docker-compose-coturn.yml +rtc_config.json +turnserver.conf +logs/* +*.orig +*.log diff --git a/docker-compose-coturn.yml b/docker-compose-coturn.yml deleted file mode 100644 index e9a05b4..0000000 --- a/docker-compose-coturn.yml +++ /dev/null @@ -1,19 +0,0 @@ -version: "3" -services: - node: - image: "node:lts-alpine" - user: "node" - working_dir: /home/node/app - volumes: - - ./:/home/node/app - command: ash -c "npm i && npm run start:prod" - restart: unless-stopped - ports: - - "3000:3000" - coturn_server: - image: "coturn/coturn" - restart: always - network_mode: "host" - volumes: - - ./turnserver.conf:/etc/coturn/turnserver.conf - #you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password diff --git a/docker-compose-coturn_example.yml b/docker-compose-coturn_example.yml new file mode 100644 index 0000000..16e70b2 --- /dev/null +++ b/docker-compose-coturn_example.yml @@ -0,0 +1,27 @@ +version: "3" +services: + node: + image: "node:lts-alpine" + user: "node" + working_dir: /home/node/app + volumes: + - ./:/home/node/app + command: ash -c "npm i && npm run start:prod" + restart: unless-stopped + ports: + - "3000:3000" + environment: + - RTC_CONFIG=/home/node/app/rtc_config.json + - WS_FALLBACK=false # Set to true to enable websocket fallback if the peer to peer WebRTC connection is not available to the client. + - RATE_LIMIT=false # Set to true to limit clients to 1000 requests per 5 min. + - TZ=Europa/Vienna # Time Zone + #you need to copy rtc_config_example.json to rtc_config.json and specify domain, IP address, user and password + coturn_server: + image: "coturn/coturn" + restart: always + network_mode: "host" + volumes: + - ./turnserver.conf:/etc/coturn/turnserver.conf + - ./logs/:/var/log/ + - /etc/letsencrypt/live//:/etc/letsencrypt/live// + #you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password diff --git a/docs/host-your-own.md b/docs/host-your-own.md index f9e5b4d..3e4cba6 100644 --- a/docs/host-your-own.md +++ b/docs/host-your-own.md @@ -397,9 +397,26 @@ Now point your browser to `http://localhost:8080`. - To stop the containers run `docker-compose stop`. - To debug the NodeJS server run `docker logs pairdrop_node_1`. -
+# Coturn +## docker-compose + +- copy `docker-compose-coturn_example.yml` to `docker-compose-coturn.yml` +- copy `rtc_config_example-coturn.json` to `rtc_config.json` +- copy `turnserver_example.conf` to `turnserver.conf` +- change in all three files to the domain, where your pairdrop is running +- change user and password for turn-server in `turnserver.conf` and `rtc-config.json` +- To start the container including coturn run `docker-compose -f docker-compose-coturn.yml up -d` +- To restart the container including coturn run `docker-compose -f docker-compose-coturn.yml restart` +- To stop the container including coturn run `docker-compose -f docker-compose-coturn.yml stop` + +## Firewall +To run PairDrop including its own coturn-server you need to punch holes in the firewall. This ports must be opened additionally: +- 3478 tcp/udp +- 5349 tcp/udp +- 10000:20000 tcp/udp + ## Testing PWA related features PWAs require that the app is served under a correctly set up and trusted TLS endpoint. diff --git a/rtc_config_example-coturn.json b/rtc_config_example-coturn.json new file mode 100644 index 0000000..82fc648 --- /dev/null +++ b/rtc_config_example-coturn.json @@ -0,0 +1,21 @@ +{ + "sdpSemantics": "unified-plan", + "iceServers": [ + { + "urls": "stun::3478" + }, + { + "urls": "stuns::5349" + }, + { + "urls": "turn::3478", + "username": "user", + "credential": "password" + }, + { + "urls": "turns::5349", + "username": "user", + "credential": "password" + } + ] +} diff --git a/turnserver_example.conf b/turnserver_example.conf index 09e7986..74b3e79 100644 --- a/turnserver_example.conf +++ b/turnserver_example.conf @@ -6,6 +6,8 @@ server-name=pairdrop listening-ip=0.0.0.0 # External IP-Address of the TURN server +# if you have a VPN for example on your Server... +#external-ip=/ external-ip= # Main listening port @@ -35,4 +37,5 @@ cert=/etc/letsencrypt/live//cert.pem pkey=/etc/letsencrypt/live//privkey.pem # 443 for TURN over TLS, which can bypass firewalls +# the standard-port is 5349 tls-listening-port=443 From ec928b2be0794d440d8c6c2d420be530143ed2d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Sun, 23 Apr 2023 00:49:59 +0200 Subject: [PATCH 02/15] use again docker-compose-coturn.yml i found a way, to not use personal data --- docker-compose-coturn_example.yml => docker-compose-coturn.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename docker-compose-coturn_example.yml => docker-compose-coturn.yml (93%) diff --git a/docker-compose-coturn_example.yml b/docker-compose-coturn.yml similarity index 93% rename from docker-compose-coturn_example.yml rename to docker-compose-coturn.yml index 16e70b2..069bac6 100644 --- a/docker-compose-coturn_example.yml +++ b/docker-compose-coturn.yml @@ -23,5 +23,5 @@ services: volumes: - ./turnserver.conf:/etc/coturn/turnserver.conf - ./logs/:/var/log/ - - /etc/letsencrypt/live//:/etc/letsencrypt/live// + - ./letsencrypt/:/etc/letsencrypt/ #you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password From d44ae46a16ab1c9894ccdc0831c2a7a7caa32b0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Sun, 23 Apr 2023 00:52:27 +0200 Subject: [PATCH 03/15] remove docker-compose-coturn.yml from .gitignore --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 7bde16f..7b75859 100644 --- a/.gitignore +++ b/.gitignore @@ -3,9 +3,9 @@ node_modules fqdn.env /docker/certs qrcode-svg/ -docker-compose-coturn.yml rtc_config.json turnserver.conf logs/* *.orig *.log +letsencrypt/* From 05110af05630f8e5339375f3032363f70a159ec2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Sun, 23 Apr 2023 00:58:46 +0200 Subject: [PATCH 04/15] change log-output to stdout --- turnserver_example.conf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/turnserver_example.conf b/turnserver_example.conf index 74b3e79..00063d4 100644 --- a/turnserver_example.conf +++ b/turnserver_example.conf @@ -21,7 +21,8 @@ max-port=20000 fingerprint # Log file path -log-file=/var/log/turnserver.log +# - is logging to STDOUT, so it's visible in docker-compose logs +log-file=- # Enable verbose logging verbose From be6cc004c5b0e21915b30bbf11e10a02d613531f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Mon, 24 Apr 2023 00:37:17 +0200 Subject: [PATCH 05/15] remove logs-dir and add dhparam --- docker-compose-coturn.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docker-compose-coturn.yml b/docker-compose-coturn.yml index 069bac6..4b80f3e 100644 --- a/docker-compose-coturn.yml +++ b/docker-compose-coturn.yml @@ -22,6 +22,8 @@ services: network_mode: "host" volumes: - ./turnserver.conf:/etc/coturn/turnserver.conf - - ./logs/:/var/log/ - ./letsencrypt/:/etc/letsencrypt/ + - ./dhparams.pem:/etc/dhparam.pem #you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password + # create dhparams.pem with `openssl dhparam -out dhparams.pem 4096` it + # takes a very long time!!! From 7dbc06b75a6576690fb3d20bbbdfc8f8241b7825 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Mon, 24 Apr 2023 00:38:01 +0200 Subject: [PATCH 06/15] use only turns and stuns (ssl-secured) --- rtc_config_example-coturn.json | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/rtc_config_example-coturn.json b/rtc_config_example-coturn.json index 82fc648..c64ba92 100644 --- a/rtc_config_example-coturn.json +++ b/rtc_config_example-coturn.json @@ -2,18 +2,10 @@ "sdpSemantics": "unified-plan", "iceServers": [ { - "urls": "stun::3478" + "urls": "stuns::443" }, { - "urls": "stuns::5349" - }, - { - "urls": "turn::3478", - "username": "user", - "credential": "password" - }, - { - "urls": "turns::5349", + "urls": "turns::443", "username": "user", "credential": "password" } From 8a236244b576fa07b082d16b998ef672d72af6b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Mon, 24 Apr 2023 00:39:20 +0200 Subject: [PATCH 07/15] make changes for working turns --- turnserver_example.conf | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/turnserver_example.conf b/turnserver_example.conf index 00063d4..fea03e8 100644 --- a/turnserver_example.conf +++ b/turnserver_example.conf @@ -1,4 +1,5 @@ # TURN server name and realm +# realm can be domain or realm= server-name=pairdrop @@ -6,13 +7,18 @@ server-name=pairdrop listening-ip=0.0.0.0 # External IP-Address of the TURN server -# if you have a VPN for example on your Server... -#external-ip=/ external-ip= +# relay-ip is needed for tls turns connections +relay-ip= + # Main listening port listening-port=3478 +# 443 for TURN over TLS, which can bypass firewalls +# the standard-port is 5349 +tls-listening-port=443 + # Further ports that are open for communication min-port=10000 max-port=20000 @@ -34,9 +40,13 @@ user=user:password lt-cred-mech # SSL certificates -cert=/etc/letsencrypt/live//cert.pem -pkey=/etc/letsencrypt/live//privkey.pem +cert=/etc/letsencrypt/fullchain.pem +pkey=/etc/letsencrypt/privkey.pem +dh-file=/etc/dhparam.pem -# 443 for TURN over TLS, which can bypass firewalls -# the standard-port is 5349 -tls-listening-port=443 +# For security-reasons disable old ssl and tls-protocols +no-sslv3 +no-tlsv1 +no-tlsv1_1 + +stale-nonce=600 From bcfe5b711da3deb3024b86123e1be6e749164c03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Mon, 24 Apr 2023 00:40:15 +0200 Subject: [PATCH 08/15] remove unused lines --- .gitignore | 3 --- 1 file changed, 3 deletions(-) diff --git a/.gitignore b/.gitignore index 7b75859..aa460ee 100644 --- a/.gitignore +++ b/.gitignore @@ -5,7 +5,4 @@ fqdn.env qrcode-svg/ rtc_config.json turnserver.conf -logs/* -*.orig -*.log letsencrypt/* From 7d355092a0a36542e48491f09c8c9fc3cd4e667d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Mon, 24 Apr 2023 00:40:36 +0200 Subject: [PATCH 09/15] add infos about nginx to stream also coturn turns --- docs/host-your-own.md | 44 +++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 42 insertions(+), 2 deletions(-) diff --git a/docs/host-your-own.md b/docs/host-your-own.md index 3e4cba6..603c132 100644 --- a/docs/host-your-own.md +++ b/docs/host-your-own.md @@ -402,10 +402,12 @@ Now point your browser to `http://localhost:8080`. # Coturn ## docker-compose -- copy `docker-compose-coturn_example.yml` to `docker-compose-coturn.yml` +- copy your ssl-certificates and privkey to `./letsencrypt` and `chown -R nobody:nogroup ./letsencrypt` +- create a dh-params file with `openssl dhparam -out coturn-dhparams.pem 4096` - copy `rtc_config_example-coturn.json` to `rtc_config.json` - copy `turnserver_example.conf` to `turnserver.conf` -- change in all three files to the domain, where your pairdrop is running +- change in all 2 files to the domain, where your pairdrop is running +- setup another domain for the turn-server if you want coturn listening on port 443 too. (Only then, it is needed) - change user and password for turn-server in `turnserver.conf` and `rtc-config.json` - To start the container including coturn run `docker-compose -f docker-compose-coturn.yml up -d` - To restart the container including coturn run `docker-compose -f docker-compose-coturn.yml restart` @@ -417,6 +419,44 @@ To run PairDrop including its own coturn-server you need to punch holes in the f - 5349 tcp/udp - 10000:20000 tcp/udp +## Coturn listens also on port 443 +### nginx +If you want coturn listening von port 443, to avoid firewall-problems, you have to create a ssl-stream-redirection. Because nginx is +listening on port 443 to serve pairdrop (and all other websites on this host) ssl-secured. + +Create a file `/etc/nginx/modules-available/coturn-stream.conf` and link it to `/etc/nginx/modules-enabled/90-coturn-stream.conf` +Content: +``` +stream { + map $ssl_preread_server_name $name { + turn_server; + default url_backend; + } + + upstream url_backend { + server 127.0.0.1:4444; + } + + upstream turn_server { + server :5349; + } + + server { + listen 443; + listen 443 udp; + listen [::]:443; + listen [::]:443 udp; + ssl_preread on; + proxy_pass $name; + proxy_buffer_size 10m; + } +} +``` +And then you have to change in EVERY site-config EVERY https-listening port from 443 to 4444. +Test and reload nginx `nginx -t && nginx -s reload` + +Now your websites should be availeable again, and coturn also listens on :443. The stream for coturn is redirected to :5349. + ## Testing PWA related features PWAs require that the app is served under a correctly set up and trusted TLS endpoint. From ca568fa12a09f0bbd80ba1cd02bafd251cfc0c50 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Mon, 24 Apr 2023 00:44:01 +0200 Subject: [PATCH 10/15] add step to generate or retrieve ssl-certificates --- docs/host-your-own.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/host-your-own.md b/docs/host-your-own.md index 603c132..07a12d3 100644 --- a/docs/host-your-own.md +++ b/docs/host-your-own.md @@ -409,6 +409,7 @@ Now point your browser to `http://localhost:8080`. - change in all 2 files to the domain, where your pairdrop is running - setup another domain for the turn-server if you want coturn listening on port 443 too. (Only then, it is needed) - change user and password for turn-server in `turnserver.conf` and `rtc-config.json` +- generate or retrieve certificates for your and (f.e. letsencrypt maybe with wildcard-certs) - To start the container including coturn run `docker-compose -f docker-compose-coturn.yml up -d` - To restart the container including coturn run `docker-compose -f docker-compose-coturn.yml restart` - To stop the container including coturn run `docker-compose -f docker-compose-coturn.yml stop` From 10f3816cf42d078d1ff2c64e1e09f84a76b3e6ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Mon, 24 Apr 2023 00:58:15 +0200 Subject: [PATCH 11/15] fix typo --- docs/host-your-own.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/host-your-own.md b/docs/host-your-own.md index 07a12d3..222e000 100644 --- a/docs/host-your-own.md +++ b/docs/host-your-own.md @@ -415,7 +415,7 @@ Now point your browser to `http://localhost:8080`. - To stop the container including coturn run `docker-compose -f docker-compose-coturn.yml stop` ## Firewall -To run PairDrop including its own coturn-server you need to punch holes in the firewall. This ports must be opened additionally: +To run PairDrop including its own coturn-server you need to punch holes in the firewall. These ports must be opened additionally: - 3478 tcp/udp - 5349 tcp/udp - 10000:20000 tcp/udp From 5fcbcaa8c8731228e293d41b240aad2cad719774 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Mon, 24 Apr 2023 23:27:20 +0200 Subject: [PATCH 12/15] remove nginx stream configuration documentation --- docs/host-your-own.md | 45 +++---------------------------------------- 1 file changed, 3 insertions(+), 42 deletions(-) diff --git a/docs/host-your-own.md b/docs/host-your-own.md index 222e000..e58f95c 100644 --- a/docs/host-your-own.md +++ b/docs/host-your-own.md @@ -402,14 +402,13 @@ Now point your browser to `http://localhost:8080`. # Coturn ## docker-compose -- copy your ssl-certificates and privkey to `./letsencrypt` and `chown -R nobody:nogroup ./letsencrypt` -- create a dh-params file with `openssl dhparam -out coturn-dhparams.pem 4096` +- generate or retrieve certificates for your (f.e. letsencrypt) +- copy your ssl-certificates and privkey to `./ssl` and `chown -R nobody:nogroup ./ssl` +- create a dh-params file with `openssl dhparam -out ./ssl/dhparams.pem 4096` - copy `rtc_config_example-coturn.json` to `rtc_config.json` - copy `turnserver_example.conf` to `turnserver.conf` - change in all 2 files to the domain, where your pairdrop is running -- setup another domain for the turn-server if you want coturn listening on port 443 too. (Only then, it is needed) - change user and password for turn-server in `turnserver.conf` and `rtc-config.json` -- generate or retrieve certificates for your and (f.e. letsencrypt maybe with wildcard-certs) - To start the container including coturn run `docker-compose -f docker-compose-coturn.yml up -d` - To restart the container including coturn run `docker-compose -f docker-compose-coturn.yml restart` - To stop the container including coturn run `docker-compose -f docker-compose-coturn.yml stop` @@ -420,44 +419,6 @@ To run PairDrop including its own coturn-server you need to punch holes in the f - 5349 tcp/udp - 10000:20000 tcp/udp -## Coturn listens also on port 443 -### nginx -If you want coturn listening von port 443, to avoid firewall-problems, you have to create a ssl-stream-redirection. Because nginx is -listening on port 443 to serve pairdrop (and all other websites on this host) ssl-secured. - -Create a file `/etc/nginx/modules-available/coturn-stream.conf` and link it to `/etc/nginx/modules-enabled/90-coturn-stream.conf` -Content: -``` -stream { - map $ssl_preread_server_name $name { - turn_server; - default url_backend; - } - - upstream url_backend { - server 127.0.0.1:4444; - } - - upstream turn_server { - server :5349; - } - - server { - listen 443; - listen 443 udp; - listen [::]:443; - listen [::]:443 udp; - ssl_preread on; - proxy_pass $name; - proxy_buffer_size 10m; - } -} -``` -And then you have to change in EVERY site-config EVERY https-listening port from 443 to 4444. -Test and reload nginx `nginx -t && nginx -s reload` - -Now your websites should be availeable again, and coturn also listens on :443. The stream for coturn is redirected to :5349. - ## Testing PWA related features PWAs require that the app is served under a correctly set up and trusted TLS endpoint. From 5c77cdd34c4010ef6ee49b5905de6fdfbc28002d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Mon, 24 Apr 2023 23:28:49 +0200 Subject: [PATCH 13/15] change domains, ports and ip-addresses --- rtc_config_example-coturn.json | 4 ++-- turnserver_example.conf | 9 +++++---- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/rtc_config_example-coturn.json b/rtc_config_example-coturn.json index c64ba92..02ffc1a 100644 --- a/rtc_config_example-coturn.json +++ b/rtc_config_example-coturn.json @@ -2,10 +2,10 @@ "sdpSemantics": "unified-plan", "iceServers": [ { - "urls": "stuns::443" + "urls": "stuns::5349" }, { - "urls": "turns::443", + "urls": "turns::5349", "username": "user", "credential": "password" } diff --git a/turnserver_example.conf b/turnserver_example.conf index fea03e8..8e63eb4 100644 --- a/turnserver_example.conf +++ b/turnserver_example.conf @@ -7,17 +7,18 @@ server-name=pairdrop listening-ip=0.0.0.0 # External IP-Address of the TURN server -external-ip= +# only needed, if coturn is behind a NAT +#external-ip= # relay-ip is needed for tls turns connections -relay-ip= +# it can be set multiple times. A local IP is sufficient (not 127.0.0.1!!) +relay-ip= # Main listening port listening-port=3478 # 443 for TURN over TLS, which can bypass firewalls -# the standard-port is 5349 -tls-listening-port=443 +tls-listening-port=5349 # Further ports that are open for communication min-port=10000 From 0df23941d79fd0c5b87ffdb1fdb117cd08419275 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Mon, 24 Apr 2023 23:30:09 +0200 Subject: [PATCH 14/15] change mounted volumes --- docker-compose-coturn.yml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/docker-compose-coturn.yml b/docker-compose-coturn.yml index 4b80f3e..5036cc9 100644 --- a/docker-compose-coturn.yml +++ b/docker-compose-coturn.yml @@ -15,15 +15,13 @@ services: - WS_FALLBACK=false # Set to true to enable websocket fallback if the peer to peer WebRTC connection is not available to the client. - RATE_LIMIT=false # Set to true to limit clients to 1000 requests per 5 min. - TZ=Europa/Vienna # Time Zone - #you need to copy rtc_config_example.json to rtc_config.json and specify domain, IP address, user and password + # you need to copy rtc_config_example.json to rtc_config.json and specify domain, IP address, user and password coturn_server: image: "coturn/coturn" restart: always network_mode: "host" volumes: - ./turnserver.conf:/etc/coturn/turnserver.conf - - ./letsencrypt/:/etc/letsencrypt/ - - ./dhparams.pem:/etc/dhparam.pem - #you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password - # create dhparams.pem with `openssl dhparam -out dhparams.pem 4096` it - # takes a very long time!!! + - ./ssl/:/etc/coturn/ssl/ + # you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password + # create dhparams.pem with `openssl dhparam -out ssl/dhparams.pem 4096` it takes a very long time!!! From 61872c9804d008d819361c37ec7e3ff7f0b425ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Mon, 24 Apr 2023 23:31:40 +0200 Subject: [PATCH 15/15] change path to ignore --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index aa460ee..a65dbf6 100644 --- a/.gitignore +++ b/.gitignore @@ -5,4 +5,4 @@ fqdn.env qrcode-svg/ rtc_config.json turnserver.conf -letsencrypt/* +ssl/*