mirror of
https://github.com/schlagmichdoch/PairDrop.git
synced 2025-04-21 15:26:17 -04:00
1c79290ad6
- enable TURN over TLS - modified the .gitignore to ignore files with user-data - should fix #105 - partly cherry-picked from #106 Co-authored-by: xundeenergie <xundeenergie@users.noreply.github.com>
56 lines
No EOL
1.2 KiB
Text
56 lines
No EOL
1.2 KiB
Text
# TURN server name and realm
|
|
realm=<DOMAIN>
|
|
server-name=pairdrop
|
|
|
|
# IPs the TURN server listens to
|
|
listening-ip=0.0.0.0
|
|
|
|
# External IP-Address of the TURN server
|
|
# only needed, if coturn is behind a NAT
|
|
# external-ip=<IP_ADDRESS>
|
|
|
|
# Main listening port for STUN and TURN
|
|
listening-port=3478
|
|
|
|
# Main listening port for TURN over TLS (TURNS)
|
|
# Use port 443 to bypass some firewalls
|
|
tls-listening-port=5349
|
|
|
|
# Further ports that are open for communication
|
|
min-port=10000
|
|
max-port=20000
|
|
|
|
# Use fingerprint in TURN message
|
|
fingerprint
|
|
|
|
# Enable verbose logging
|
|
# verbose
|
|
|
|
# Log file path
|
|
# - is logging to STDOUT, so it's visible in docker-compose logs
|
|
log-file=-
|
|
|
|
# Specify the user for the TURN authentification
|
|
user=username:password
|
|
|
|
# Enable long-term credential mechanism
|
|
lt-cred-mech
|
|
|
|
# SSL certificates
|
|
cert=/etc/coturn/ssl/cert.crt
|
|
pkey=/etc/coturn/ssl/pkey.pem
|
|
dh-file=/etc/coturn/ssl/dhparam.pem
|
|
|
|
# For security-reasons disable old ssl and tls-protocols
|
|
# and other recommended options: see https://github.com/coturn/coturn/blob/master/examples/etc/turnserver.conf
|
|
no-sslv3
|
|
no-tlsv1
|
|
no-tlsv1_1
|
|
no-tlsv1_2
|
|
no-rfc5780
|
|
no-stun-backward-compatibility
|
|
response-origin-only-with-rfc5780
|
|
no-cli
|
|
no-multicast-peers
|
|
no-software-attribute
|
|
check-origin-consistency |