coturn

25th Nov 2019

OS : Debian10

Objectif : Installer un serveur TURN.

1) Installation

apt install coturn

2) Configuration

vi /etc/turnserver.conf

#PERSO
external-ip=turn.underworld.fr
server-name=turn.underworld.fr
realm=turn.underworld.fr
#lt-cred-mech
#no-tcp-relay
#no-tcp
#no-udp
# denied-peer-ip=192.168.0.0-192.168.255.255
# allowed-peer-ip=192.168.0.99
fingerprint
mobility
keep-address-family
use-auth-secret
static-auth-secret=monsecretsecretsecret
cert=/usr/local/etc/turn_server_cert.pem
pkey=/usr/local/etc/turn_server_pkey.pem
dh-file=/usr/local/etc/turn_server_dhparam.pem
#user-quota=4
#verbose

3) Génération des certificats

openssl req -new -x509 -newkey rsa:4096 -days 3650 -keyout privkey.pem -out server.pem

openssl rsa -in privkey.pem -out privkey.pem

openssl dhparam -out dhparam.pem 4096

mv privkey.pem /usr/local/etc/turn_server_pkey.pem

mv server.pem /usr/local/etc/turn_server_cert.pem

mv dhparam.pem /usr/local/etc/turn_server_dhparam.pem

chown turnserver:turnserver -R /usr/local/etc/turn*

4) Activation au démarrage

vi /etc/default/coturn

TURNSERVER_ENABLED=1

5) Prise en compte des modifications

service coturn restart

6) Vérification dans la log

tail -f /var/log/syslog | grep turnserver

8) Firewall

Ouvrir le port 5349 sur le firewall

Ressources:
https://dev.glicer.com/section/probleme-solution/webrtc-stun-turn.html

Previous Post Next Post