From da1688eaff2804d4a3e56af02a3fa0008951c915 Mon Sep 17 00:00:00 2001 From: Miroslav Pejic Date: Fri, 7 Apr 2023 20:34:37 +0200 Subject: [PATCH] [mirotalk] - add coturn installation doc --- docs/coturn.md | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100644 docs/coturn.md diff --git a/docs/coturn.md b/docs/coturn.md new file mode 100644 index 00000000..3118f178 --- /dev/null +++ b/docs/coturn.md @@ -0,0 +1,80 @@ +# Install Coturn STUN/TURN server + +## Requirements + +- Recommended: [Hetzner](https://www.hetzner.com/cloud) (`CPX11` it's enough, OS: `Ubuntu 20.04 LTS / 22.04.1 LTS`). +- Use [my personal link](https://hetzner.cloud/?ref=XdRifCzCK3bn) to receive `€⁠20 in cloud credits`. +- Your domain name, example: `your.domain.name` + - Set a DNS A record for that domain that point to Your Server public IPv4 + > DNS A Record: The Address Mapping record (or DNS host record) stores a hostname and its corresponding IPv4 address. When users search for your website, the A record redirects this traffic from the web address (xxxxx.com – human-readable domain) to the IPv4 address. +- `your.username` and `your.password` to set in the `/etc/turnserver.conf`. +- [Certbot](https://certbot.eff.org/) to generate `cert` & `pkey`. + +## Quick start + +1. Download [coturn](https://github.com/coturn/coturn) + +```bash +$ sudo apt-get -y update +$ sudo apt-get -y install coturn +``` + +2. Uncomment the following line to run Coturn as an automatic system service daemon in `/etc/default/coturn` + +```ini +TURNSERVER_ENABLED=1 +``` + +3. Set `/etc/turnserver.conf` to the following: + +```ini +listening-port=3478 +tls-listening-port=5349 + +min-port=10000 +max-port=20000 + +fingerprint +lt-cred-mech + +user=your.username:your.password + +server_name=your.domain.name +realm=your.domain.name + +total-quota=100 +stale-nonce=600 + +cert=/etc/letsencrypt/live/your.domain.name/fullchain.pem +pkey=/etc/letsencrypt/live/your.domain.name/privkey.pem +cipher-list="ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384" + +no-stdout-log +``` + +4. If you can't reach coturn on `tls-listening-port`, try to edit `/etc/systemd/system/multi-user.target.wants/coturn.service` + +```ini +[Service] +User=root +Group=root +``` + +5. Reload daemon: + +```bash +$ sudo systemctl daemon-reload +``` + +# Test + +Test if it's working: + +- https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/ +- https://icetest.info/ + +Or use the built in MiroTalk P2P service, just change `your.domain.name`, `your.username` and `your.password` with your own, in the following urls: + +- https://p2p.mirotalk.com/test?iceServers=[{"urls":"stun:your.domain.name:3478"},{"urls":"turn:your.domain.name:3478","username":"your.username","credential":"your.password"}] + +- https://p2p.mirotalk.com/test?iceServers=[{"urls":"stun:your.domain.name:5349"},{"urls":"turn:your.domain.name:5349","username":"your.username","credential":"your.password"}]