Coturn is an open source TURN and STUN server for VoIP and WebRTC.
Update the system and install Coturn
apt-get update && apt-get install coturn
Edit turnserver config
vi /etc/turnserver.conf
listening-port=3478
cli-port=5766
listening-ip=172.17.19.101
Create a turn secret
- either
xxd -ps -l 32 -c 32 /dev/random
- or
openssl rand -hex 32
583bAAAAAAAAAABBBBBBBBBBCCCCCCCCCCDDDDDDDDDDEEEEEEEEEEFFFFFFFFFF
Add it to TURN REST API flag section
# This allows TURN credentials to be accounted for a specific user id.
# If you don't have a suitable id, the timestamp alone can be used.
# This option is just turning on secret-based authentication.
# The actual value of the secret is defined either by option static-auth-secret,
# or can be found in the turn_secret table in the database (see below).
#
use-auth-secret
# 'Static' authentication secret value (a string) for TURN REST API only.
# If not set, then the turn server
# will try to use the 'dynamic' value in turn_secret table
# in user database (if present). The database-stored value can be changed on-the-fly
# by a separate program, so this is why that other mode is 'dynamic'.
#
static-auth-secret=583bAAAAAAAAAABBBBBBBBBBCCCCCCCCCCDDDDDDDDDDEEEEEEEEEEFFFFFFFFFF
Add Coturn ports to services
vi /etc/services
stun-turn 3478/tcp # Coturn
stun-turn 3478/udp # Coturn
stun-turn-tls 5349/tcp # Coturn
stun-turn-tls 5349/udp # Coturn
turnserver-cli 5766/tcp # Coturn
Open ports 3478 and 5349 in the firewall.
Start Coturn server as daemon
vi /etc/default/coturn
# Uncomment it if you want to have the turnserver running as
# an automatic system service daemon
#
TURNSERVER_ENABLED=1
turnserver -o -v
==== Show him the instruments, Practical Frost: ====
0: TLS supported
0: DTLS supported
0: DTLS 1.2 supported
0: TURN/STUN ALPN supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.0.2g-fips 1 Mar 2016
0:
0: SQLite supported, default database location is /var/lib/turn/turndb
0: Redis supported
0: PostgreSQL supported
0: MySQL supported
0: MongoDB is not supported
0:
0: Default Net Engine version: 3 (UDP thread per CPU core)
=====================================================
netstat -npta | grep turnserver
tcp 0 0 127.0.0.1:5766 0.0.0.0:* LISTEN 19039/turnserver
tcp 0 0 172.17.19.101:3478 0.0.0.0:* LISTEN 19039/turnserver
turnserver -h
turnadmin -h
service coturn stop
service coturn start
service coturn restart
service coturn status
● coturn.service - LSB: coturn TURN Server
Loaded: loaded (/etc/init.d/coturn; bad; vendor preset: enabled)
Active: active (running) since Mon 2018-05-07 01:26:56 CEST; 3s ago
Docs: man:systemd-sysv-generator(8)
Process: 14464 ExecStop=/etc/init.d/coturn stop (code=exited, status=0/SUCCESS)
Process: 14516 ExecStart=/etc/init.d/coturn start (code=exited, status=0/SUCCESS)
Tasks: 7
Memory: 4.4M
CPU: 52ms
CGroup: /system.slice/coturn.service
└─14526 /usr/bin/turnserver -c /etc/turnserver.conf -o -v
Add to DNS
turn.domain.xx → domain.xx
stun.domain.xx → domain.xx
Coturn CLI
telnet localhost 5766
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
TURN Server
Coturn-4.5.0.3 'dan Eider'
Type '?' for help
>
Coturn webadmin interface
Create admin user
turnadmin -A -u admin -p verysecretpassword
Login to
https://domain.xx:3478