English English

How to configure the turn server "coturn" from source

Coturn is a turn and stun server that can be used for e.g.: VoIP. It allows you to create a connection between clients that are behind a NAT or in different networks.

Data can then be sent through this created connection by your "turn" server.
Coturn can also be used with "NextCloud" or "Matrix server".

Download and compile "coturn"

Go to the folder "/usr/local/":

cd /usr/local


Download the latest release (Recommended)
https://github.com/coturn/coturn/releases

Alternative: You can instead also create "coturn" from the development version, if you want to test the software. 

git clone https://github.com/coturn/coturn.git

 

Extract the "coturn" folder (if you did download "coturn" release as a zip file).

Please go to your "coturn" folder and compile the application.

cd coturn
./configure
make && make install

 

Please create a folder for the log files

mkdir /var/log/turn

 

Configure the file "/etc/turnserver.conf"

You can use the turnserver.conf config file, that is available in your downloaded github repository folder ("coturn/examples/etc").
This tutorial however uses a customized config file turnserver.conf, which can be download from this Github repository:
https://github.com/a-dridi/Linux_config-files/blob/master/turnserver/turnserver.conf

 

vim /etc/turnserver.conf

Edit the settings and adjust the important settings section to your server environment.
Please define also a "static-auth-secret" which is the password to access the turn server and it can be used for e.g. by Matrix server.

Configure your turnserver through the file "/etc/turnserver.conf"
A template version (turnserver.conf.default) is available in the folder where your installation folder is.

An example configuration:

listening-port=3478
tls-listening-port=5349

proc-user=turnserver
proc-group=turnserver

use-auth-secret
static-auth-secret=MY_PASSWORD_SECRET
realm=matrix.myserver.tld

#for debugging:
#verbose

fingerprint

# special case the turn server itself so that client->TURN->TURN->client flows work
allowed-peer-ip=10.0.0.1

#Security
#to avoid risk of DoS
# 200 Simultaneous relayed calls
total-quota=200

# consider whether you want to limit the quota of relayed streams per user (or total) to avoid risk of DoS.
user-quota=12 # 4 streams per video call, so 12 streams = 3 simultaneous relayed calls per user.

#Relay Ports: Opened Port range in accord with UFW Firewall
min-port=49152
max-port=49157

cert=/etc/turnserver-ssl/fullchain.pem
pkey=/etc/turnserver-ssl/privkey.pem

# Flag that can be used to disallow peers on the loopback addresses (127.x.x.x and ::1).
# This is an extra security measure.
#
no-loopback-peers

# Flag that can be used to disallow peers on well-known broadcast addresses (224.0.0.0 and above, and FFXX:*).
# This is an extra security measure.
#
no-multicast-peers

 

Activate "coturn"

vim /etc/default/coturn
TURNSERVER_ENABLED=1

 

Please also setup a "coturn" service

vim /etc/systemd/system/coturn.service
[Unit]
Description=coturn
Documentation=man:coturn(1) man:turnadmin(1) man:turnserver(1)
After=syslog.target network.target

[Service]
Type=forking
User=turnserver
Group=turnserver
RuntimeDirectory=turnserver
RuntimeDirectoryMode=0750
EnvironmentFile=/etc/default/coturn
PIDFile=/run/turnserver/turnserver.pid
ExecStart=/usr/local/coturn/bin/turnserver --daemon --pidfile /run/turnserver/turnserver.pid --syslog -c /etc/turnserver.conf $EXTRA_OPTIONS
Restart=on-abort
LimitCORE=infinity
LimitNOFILE=1000000
LimitNPROC=60000
LimitRTPRIO=infinity
LimitRTTIME=7000000
CPUSchedulingPolicy=other
UMask=0007

[Install]
WantedBy=multi-user.target

 

Now enable the created service

systemctl enable coturn

 

Create the user "turnserver" for this program

useradd -d /usr/local/coturn/bin/turnserver -s /bin/false turnserver
chown turnserver:turnserver -R /usr/local/coturn

 

Restart "coturn"

service coturn restart

Now you can use the "coturn" server. You can access it through the defined ports and public server ip. In this example it is the port "3478".

 

Coturn
https://github.com/coturn/coturn

We use cookies on our website. They are essential for the operation of the site
Ok