fix TURN/STURN
* remove docker-compose-coturn.yml and replace it with and example-file, because there are user-data inside, which should not be on git * add a whole rtc_config_example-coturn.json to be copied to rtc_config.json and only the domain <DOMAIN> should be changed. * modified the documentation * modified the .gitignore to ignore the files with user-data
This commit is contained in:
parent
8f4ce63a0c
commit
61b52609bc
7 changed files with 76 additions and 21 deletions
6
.gitignore
vendored
6
.gitignore
vendored
|
@ -3,3 +3,9 @@ node_modules
|
|||
fqdn.env
|
||||
/docker/certs
|
||||
qrcode-svg/
|
||||
docker-compose-coturn.yml
|
||||
rtc_config.json
|
||||
turnserver.conf
|
||||
logs/*
|
||||
*.orig
|
||||
*.log
|
||||
|
|
|
@ -1,19 +0,0 @@
|
|||
version: "3"
|
||||
services:
|
||||
node:
|
||||
image: "node:lts-alpine"
|
||||
user: "node"
|
||||
working_dir: /home/node/app
|
||||
volumes:
|
||||
- ./:/home/node/app
|
||||
command: ash -c "npm i && npm run start:prod"
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "3000:3000"
|
||||
coturn_server:
|
||||
image: "coturn/coturn"
|
||||
restart: always
|
||||
network_mode: "host"
|
||||
volumes:
|
||||
- ./turnserver.conf:/etc/coturn/turnserver.conf
|
||||
#you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password
|
27
docker-compose-coturn_example.yml
Normal file
27
docker-compose-coturn_example.yml
Normal file
|
@ -0,0 +1,27 @@
|
|||
version: "3"
|
||||
services:
|
||||
node:
|
||||
image: "node:lts-alpine"
|
||||
user: "node"
|
||||
working_dir: /home/node/app
|
||||
volumes:
|
||||
- ./:/home/node/app
|
||||
command: ash -c "npm i && npm run start:prod"
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "3000:3000"
|
||||
environment:
|
||||
- RTC_CONFIG=/home/node/app/rtc_config.json
|
||||
- WS_FALLBACK=false # Set to true to enable websocket fallback if the peer to peer WebRTC connection is not available to the client.
|
||||
- RATE_LIMIT=false # Set to true to limit clients to 1000 requests per 5 min.
|
||||
- TZ=Europa/Vienna # Time Zone
|
||||
#you need to copy rtc_config_example.json to rtc_config.json and specify domain, IP address, user and password
|
||||
coturn_server:
|
||||
image: "coturn/coturn"
|
||||
restart: always
|
||||
network_mode: "host"
|
||||
volumes:
|
||||
- ./turnserver.conf:/etc/coturn/turnserver.conf
|
||||
- ./logs/:/var/log/
|
||||
- /etc/letsencrypt/live/<DOMAIN>/:/etc/letsencrypt/live/<DOMAIN>/
|
||||
#you need to copy turnserver_example.conf to turnserver.conf and specify domain, IP address, user and password
|
|
@ -397,9 +397,26 @@ Now point your browser to `http://localhost:8080`.
|
|||
- To stop the containers run `docker-compose stop`.
|
||||
- To debug the NodeJS server run `docker logs pairdrop_node_1`.
|
||||
|
||||
|
||||
<br>
|
||||
|
||||
# Coturn
|
||||
## docker-compose
|
||||
|
||||
- copy `docker-compose-coturn_example.yml` to `docker-compose-coturn.yml`
|
||||
- copy `rtc_config_example-coturn.json` to `rtc_config.json`
|
||||
- copy `turnserver_example.conf` to `turnserver.conf`
|
||||
- change <DOMAIN> in all three files to the domain, where your pairdrop is running
|
||||
- change user and password for turn-server in `turnserver.conf` and `rtc-config.json`
|
||||
- To start the container including coturn run `docker-compose -f docker-compose-coturn.yml up -d`
|
||||
- To restart the container including coturn run `docker-compose -f docker-compose-coturn.yml restart`
|
||||
- To stop the container including coturn run `docker-compose -f docker-compose-coturn.yml stop`
|
||||
|
||||
## Firewall
|
||||
To run PairDrop including its own coturn-server you need to punch holes in the firewall. This ports must be opened additionally:
|
||||
- 3478 tcp/udp
|
||||
- 5349 tcp/udp
|
||||
- 10000:20000 tcp/udp
|
||||
|
||||
## Testing PWA related features
|
||||
PWAs require that the app is served under a correctly set up and trusted TLS endpoint.
|
||||
|
||||
|
|
21
rtc_config_example-coturn.json
Normal file
21
rtc_config_example-coturn.json
Normal file
|
@ -0,0 +1,21 @@
|
|||
{
|
||||
"sdpSemantics": "unified-plan",
|
||||
"iceServers": [
|
||||
{
|
||||
"urls": "stun:<DOMAIN>:3478"
|
||||
},
|
||||
{
|
||||
"urls": "stuns:<DOMAIN>:5349"
|
||||
},
|
||||
{
|
||||
"urls": "turn:<DOMAIN>:3478",
|
||||
"username": "user",
|
||||
"credential": "password"
|
||||
},
|
||||
{
|
||||
"urls": "turns:<DOMAIN>:5349",
|
||||
"username": "user",
|
||||
"credential": "password"
|
||||
}
|
||||
]
|
||||
}
|
|
@ -6,6 +6,8 @@ server-name=pairdrop
|
|||
listening-ip=0.0.0.0
|
||||
|
||||
# External IP-Address of the TURN server
|
||||
# if you have a VPN for example on your Server...
|
||||
#external-ip=<IP_ADDRESS>/<OTHER_IP_ADDRESS>
|
||||
external-ip=<IP_ADDRESS>
|
||||
|
||||
# Main listening port
|
||||
|
@ -35,4 +37,5 @@ cert=/etc/letsencrypt/live/<DOMAIN>/cert.pem
|
|||
pkey=/etc/letsencrypt/live/<DOMAIN>/privkey.pem
|
||||
|
||||
# 443 for TURN over TLS, which can bypass firewalls
|
||||
# the standard-port is 5349
|
||||
tls-listening-port=443
|
||||
|
|
Loading…
Reference in a new issue