mirrors/PairDrop
1
0
Fork 0
mirror of https://github.com/schlagmichdoch/PairDrop.git synced 2025-04-20 23:16:13 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge 61872c9804 into b2f4582196

Browse source
This commit is contained in:
xundeenergie 2023-12-05 06:47:41 -07:00 committed by GitHub
commit f50b9d9584
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 67 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -3,3 +3,6 @@ node_modules
fqdn.env fqdn.env
/docker/certs /docker/certs
qrcode-svg/ qrcode-svg/
rtc_config.json
turnserver.conf
ssl/*

10
docker-compose-coturn.yml
View file

@ -10,10 +10,18 @@ services:
restart: unless-stopped restart: unless-stopped
ports: ports:
- "3000:3000" - "3000:3000"
environment:
- RTC_CONFIG=/home/node/app/rtc_config.json
- WS_FALLBACK=false # Set to true to enable websocket fallback if the peer to peer WebRTC connection is not available to the client.
- RATE_LIMIT=false # Set to true to limit clients to 1000 requests per 5 min.
- TZ=Europa/Vienna # Time Zone
# you need to copy rtc_config_example.json to rtc_config.json and specify domain, IP address, user and password
coturn_server: coturn_server:
image: "coturn/coturn" image: "coturn/coturn"
restart: always restart: always
network_mode: "host" network_mode: "host"
volumes: volumes:
- ./turnserver.conf:/etc/coturn/turnserver.conf - ./turnserver.conf:/etc/coturn/turnserver.conf
#you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password - ./ssl/:/etc/coturn/ssl/
# you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password
# create dhparams.pem with `openssl dhparam -out ssl/dhparams.pem 4096` it takes a very long time!!!

21
docs/host-your-own.md
View file

@ -514,9 +514,28 @@ Now point your web browser to `http://localhost:8080`.
- To stop the containers, run `docker-compose stop`. - To stop the containers, run `docker-compose stop`.
- To debug the NodeJS server, run `docker logs pairdrop_node_1`. - To debug the NodeJS server, run `docker logs pairdrop_node_1`.
<br> <br>
# Coturn
## docker-compose
- generate or retrieve certificates for your <DOMAIN> (f.e. letsencrypt)
- copy your ssl-certificates and privkey to `./ssl` and `chown -R nobody:nogroup ./ssl`
- create a dh-params file with `openssl dhparam -out ./ssl/dhparams.pem 4096`
- copy `rtc_config_example-coturn.json` to `rtc_config.json`
- copy `turnserver_example.conf` to `turnserver.conf`
- change <DOMAIN> in all 2 files to the domain, where your pairdrop is running
- change user and password for turn-server in `turnserver.conf` and `rtc-config.json`
- To start the container including coturn run `docker-compose -f docker-compose-coturn.yml up -d`
- To restart the container including coturn run `docker-compose -f docker-compose-coturn.yml restart`
- To stop the container including coturn run `docker-compose -f docker-compose-coturn.yml stop`
## Firewall
To run PairDrop including its own coturn-server you need to punch holes in the firewall. These ports must be opened additionally:
- 3478 tcp/udp
- 5349 tcp/udp
- 10000:20000 tcp/udp
## Testing PWA related features ## Testing PWA related features
PWAs requires the app to be served under a correctly set up and trusted TLS endpoint. PWAs requires the app to be served under a correctly set up and trusted TLS endpoint.

13
rtc_config_example-coturn.json Normal file
View file

@ -0,0 +1,13 @@
{
"sdpSemantics": "unified-plan",
"iceServers": [
{
"urls": "stuns:<DOMAIN>:5349"
},
{
"urls": "turns:<DOMAIN>:5349",
"username": "user",
"credential": "password"
}
]
}

27
turnserver_example.conf
View file

@ -1,4 +1,5 @@
# TURN server name and realm # TURN server name and realm
# realm can be domain or <IP-ADDRESS>
realm=<DOMAIN> realm=<DOMAIN>
server-name=pairdrop server-name=pairdrop
@ -6,11 +7,19 @@ server-name=pairdrop
listening-ip=0.0.0.0 listening-ip=0.0.0.0
# External IP-Address of the TURN server # External IP-Address of the TURN server
external-ip=<IP_ADDRESS> # only needed, if coturn is behind a NAT
#external-ip=<IP_ADDRESS>
# relay-ip is needed for tls turns connections
# it can be set multiple times. A local IP is sufficient (not 127.0.0.1!!)
relay-ip=<SOME_LOCAL_IP_ADDRESS>
# Main listening port # Main listening port
listening-port=3478 listening-port=3478
# 443 for TURN over TLS, which can bypass firewalls
tls-listening-port=5349
# Further ports that are open for communication # Further ports that are open for communication
min-port=10000 min-port=10000
max-port=20000 max-port=20000
@ -19,7 +28,8 @@ max-port=20000
fingerprint fingerprint
# Log file path # Log file path
log-file=/var/log/turnserver.log # - is logging to STDOUT, so it's visible in docker-compose logs
log-file=-
# Enable verbose logging # Enable verbose logging
verbose verbose
@ -31,8 +41,13 @@ user=user:password
lt-cred-mech lt-cred-mech
# SSL certificates # SSL certificates
cert=/etc/letsencrypt/live/<DOMAIN>/cert.pem cert=/etc/letsencrypt/fullchain.pem
pkey=/etc/letsencrypt/live/<DOMAIN>/privkey.pem pkey=/etc/letsencrypt/privkey.pem
dh-file=/etc/dhparam.pem
# 443 for TURN over TLS, which can bypass firewalls # For security-reasons disable old ssl and tls-protocols
tls-listening-port=443 no-sslv3
no-tlsv1
no-tlsv1_1
stale-nonce=600