Skip to content

Deploy: TurnServer

Jump to bottom
Quentin Tardivon edited this page Jul 10, 2017 · 4 revisions

Deploy your own TurnServer

This guide present a basic configuration for coturn. It allow us to deploy our own Stun/Turn server in order to connect users behind NAT.

For more informations or options, see coturn documentation.

On most Linux Distribution, the package is in the repo: apt-get install coturn

You must have SQLite installed: sudo apt-get install sqlite3 libsqlite3-dev

Config file can be found at: /etc/turnserver.conf

Simple config file should look like this:

# you can listen ports 3478 and 5349 instead of 80/443
listening-port=80
tls-listening-port=443

listening-ip=your-ip-address

relay-ip=your-ip-address
external-ip=your-ip-address

realm=yourdomain.com
server-name=yourdomain.com

# webRTC authentication method
lt-cred-mech

# Database location
userdb=/var/lib/turn/turndb

# Add ssl certificate for your server
cert=/etc/ssl/certificate.pem
pkey=/etc/ssl/private.key

no-stdout-log

If you don't have any SSL certificate, you could use Let's Encrypt to generate some.

You have to create a user in order to access your Turn server: turnadmin -a -u userName -p password -r yourdomain.com

You can launch your server with: turnserver or in daemon: turnserver -o

You can verify that your server is up and running with Trickle ICE.

You could add your Turn/Stun server in your environment.ts file:

iceServers: [
  {
    urls: 'stun:example.turn.com:80'
  },
  {
    urls: ['turn:example.turn.com:80?transport=udp', 'turn:example.turn.com:80?transport=tcp'],
    username: 'user',
    credential: 'password'
  }]

Known issue with Mute:

Sometimes, using Coturn as Turn and Stun server could create connection problems for your peers. You could launch two different instance of turnserver, one for each service. To do so, you could create a stunserver.conf file:

listening-port=3479
tls-listening-port=5350

listening-ip=your-ip-address

relay-ip=your-ip-address
external-ip=your-ip-address

realm=yourdomain.com
server-name=yourdomain.com

# Database location
userdb=/var/lib/turn/turndb

# Add ssl certificate for your server
cert=/etc/ssl/certificate.pem
pkey=/etc/ssl/private.key

no-stdout-log

And launch your instances with:

turnserver -S -c stunserver.conf -o

turnserver --no-stun -c turnserver.conf -o

On LTE network, try to join a document is not working. However, if you create a document on LTE network and that other peers on Wifi join you, it should work.

Clone this wiki locally