From 61b52609bc0859947e08bb6e050dcfd59d36a2db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz=20=28admin=29?= Date: Sat, 22 Apr 2023 22:13:20 +0200 Subject: [PATCH] fix TURN/STURN * remove docker-compose-coturn.yml and replace it with and example-file, because there are user-data inside, which should not be on git * add a whole rtc_config_example-coturn.json to be copied to rtc_config.json and only the domain should be changed. * modified the documentation * modified the .gitignore to ignore the files with user-data --- .dockerignore | 2 +- .gitignore | 6 ++++++ docker-compose-coturn.yml | 19 ------------------- docker-compose-coturn_example.yml | 27 +++++++++++++++++++++++++++ docs/host-your-own.md | 19 ++++++++++++++++++- rtc_config_example-coturn.json | 21 +++++++++++++++++++++ turnserver_example.conf | 3 +++ 7 files changed, 76 insertions(+), 21 deletions(-) delete mode 100644 docker-compose-coturn.yml create mode 100644 docker-compose-coturn_example.yml create mode 100644 rtc_config_example-coturn.json diff --git a/.dockerignore b/.dockerignore index 1b73304..a2fb487 100644 --- a/.dockerignore +++ b/.dockerignore @@ -2,4 +2,4 @@ node_modules .github .git* -*.md \ No newline at end of file +*.md diff --git a/.gitignore b/.gitignore index bd15e97..7bde16f 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,9 @@ node_modules fqdn.env /docker/certs qrcode-svg/ +docker-compose-coturn.yml +rtc_config.json +turnserver.conf +logs/* +*.orig +*.log diff --git a/docker-compose-coturn.yml b/docker-compose-coturn.yml deleted file mode 100644 index e9a05b4..0000000 --- a/docker-compose-coturn.yml +++ /dev/null @@ -1,19 +0,0 @@ -version: "3" -services: - node: - image: "node:lts-alpine" - user: "node" - working_dir: /home/node/app - volumes: - - ./:/home/node/app - command: ash -c "npm i && npm run start:prod" - restart: unless-stopped - ports: - - "3000:3000" - coturn_server: - image: "coturn/coturn" - restart: always - network_mode: "host" - volumes: - - ./turnserver.conf:/etc/coturn/turnserver.conf - #you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password diff --git a/docker-compose-coturn_example.yml b/docker-compose-coturn_example.yml new file mode 100644 index 0000000..16e70b2 --- /dev/null +++ b/docker-compose-coturn_example.yml @@ -0,0 +1,27 @@ +version: "3" +services: + node: + image: "node:lts-alpine" + user: "node" + working_dir: /home/node/app + volumes: + - ./:/home/node/app + command: ash -c "npm i && npm run start:prod" + restart: unless-stopped + ports: + - "3000:3000" + environment: + - RTC_CONFIG=/home/node/app/rtc_config.json + - WS_FALLBACK=false # Set to true to enable websocket fallback if the peer to peer WebRTC connection is not available to the client. + - RATE_LIMIT=false # Set to true to limit clients to 1000 requests per 5 min. + - TZ=Europa/Vienna # Time Zone + #you need to copy rtc_config_example.json to rtc_config.json and specify domain, IP address, user and password + coturn_server: + image: "coturn/coturn" + restart: always + network_mode: "host" + volumes: + - ./turnserver.conf:/etc/coturn/turnserver.conf + - ./logs/:/var/log/ + - /etc/letsencrypt/live//:/etc/letsencrypt/live// + #you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password diff --git a/docs/host-your-own.md b/docs/host-your-own.md index f9e5b4d..3e4cba6 100644 --- a/docs/host-your-own.md +++ b/docs/host-your-own.md @@ -397,9 +397,26 @@ Now point your browser to `http://localhost:8080`. - To stop the containers run `docker-compose stop`. - To debug the NodeJS server run `docker logs pairdrop_node_1`. -
+# Coturn +## docker-compose + +- copy `docker-compose-coturn_example.yml` to `docker-compose-coturn.yml` +- copy `rtc_config_example-coturn.json` to `rtc_config.json` +- copy `turnserver_example.conf` to `turnserver.conf` +- change in all three files to the domain, where your pairdrop is running +- change user and password for turn-server in `turnserver.conf` and `rtc-config.json` +- To start the container including coturn run `docker-compose -f docker-compose-coturn.yml up -d` +- To restart the container including coturn run `docker-compose -f docker-compose-coturn.yml restart` +- To stop the container including coturn run `docker-compose -f docker-compose-coturn.yml stop` + +## Firewall +To run PairDrop including its own coturn-server you need to punch holes in the firewall. This ports must be opened additionally: +- 3478 tcp/udp +- 5349 tcp/udp +- 10000:20000 tcp/udp + ## Testing PWA related features PWAs require that the app is served under a correctly set up and trusted TLS endpoint. diff --git a/rtc_config_example-coturn.json b/rtc_config_example-coturn.json new file mode 100644 index 0000000..82fc648 --- /dev/null +++ b/rtc_config_example-coturn.json @@ -0,0 +1,21 @@ +{ + "sdpSemantics": "unified-plan", + "iceServers": [ + { + "urls": "stun::3478" + }, + { + "urls": "stuns::5349" + }, + { + "urls": "turn::3478", + "username": "user", + "credential": "password" + }, + { + "urls": "turns::5349", + "username": "user", + "credential": "password" + } + ] +} diff --git a/turnserver_example.conf b/turnserver_example.conf index 09e7986..74b3e79 100644 --- a/turnserver_example.conf +++ b/turnserver_example.conf @@ -6,6 +6,8 @@ server-name=pairdrop listening-ip=0.0.0.0 # External IP-Address of the TURN server +# if you have a VPN for example on your Server... +#external-ip=/ external-ip= # Main listening port @@ -35,4 +37,5 @@ cert=/etc/letsencrypt/live//cert.pem pkey=/etc/letsencrypt/live//privkey.pem # 443 for TURN over TLS, which can bypass firewalls +# the standard-port is 5349 tls-listening-port=443