diff --git a/turnserver.md b/turnserver.md index 5908b09..18b4815 100644 --- a/turnserver.md +++ b/turnserver.md @@ -5,22 +5,25 @@ This install script and config file was used with a standard virtual machine server loaded with Ubuntu 20. GCP/AWS servers might need slightly different settings. ``` -sudo apt-get update +sudo apt-get update # update package lists -sudo apt-get install coturn -y -sudo add-apt-repository ppa:certbot/certbot -sudo apt-get install certbot -y +sudo apt-get install coturn -y # install coturn, the implementation of the TURN server +sudo add-apt-repository ppa:certbot/certbot # Add the certbot repository +sudo apt-get install certbot -y # Install certbot required for the HTTPS certificate -sudo vi /etc/default/coturn +sudo vi /etc/default/coturn # open the coturn configuration in Vim (you can also use nano or any other editor) ``` ...and we uncomment the line: +``` #TURNSERVER_ENABLED=1 +``` ….leaving it like this: +``` TURNSERVER_ENABLED=1 - +``` Next make sure you have the DNS pointing to your IP address for this next step (ipv4, and ipv6 if possible). You will need to validate that in the next step. ``` -sudo certbot certonly --standalone +sudo certbot certonly --standalone # only generate the HTTPS certificate without actually changing any configs sudo apt install net-tools ``` note: If you run into error 701 issues with your TURN server, check that the coturn service has access to your new SSL certificates: @@ -37,10 +40,10 @@ sudo systemctl daemon-reload Next, we are going to open up some ports... just in case they are blocked by default. Which exactly? well, these are default ports. TCP may not be needed? ``` -sudo ufw allow 3478/tcp -sudo ufw allow 3478/udp -sudo ufw allow 443/tcp -sudo ufw allow 443/udp +sudo ufw allow 3478/tcp # The default coturn TCP port +sudo ufw allow 3478/udp # The default coturn UDP port +sudo ufw allow 443/tcp # The HTTPS TCP port +sudo ufw allow 443/udp # The HTTPS UDP port sudo ufw allow 49152:65535/tcp sudo ufw allow 49152:65535/udp ```