From 17403d816b33577dfc783b742187ec1d6ca1cfa8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Tron=C3=AD=C4=8Dek?= Date: Mon, 8 Feb 2021 10:38:08 +0100 Subject: [PATCH 1/2] Add comments to the commands Add some explanations for the commands so that the user is better aware of what he is currently running. --- turnserver.md | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/turnserver.md b/turnserver.md index 5908b09..b310273 100644 --- a/turnserver.md +++ b/turnserver.md @@ -5,22 +5,25 @@ This install script and config file was used with a standard virtual machine server loaded with Ubuntu 20. GCP/AWS servers might need slightly different settings. ``` -sudo apt-get update +sudo apt-get update # update package lists -sudo apt-get install coturn -y -sudo add-apt-repository ppa:certbot/certbot -sudo apt-get install certbot -y +sudo apt-get install coturn -y # install coturn, the implementation of the TURN server +sudo add-apt-repository ppa:certbot/certbot # Add the certbot repository +sudo apt-get install certbot -y # Install certbot required for the HTTPS certificate -sudo vi /etc/default/coturn +sudo vi /etc/default/coturn # open the coturn configuration in Vim (you can also use nano or any other editor) ``` ...and we uncomment the line: +``` #TURNSERVER_ENABLED=1 +``` ….leaving it like this: +``` TURNSERVER_ENABLED=1 - +``` Next make sure you have the DNS pointing to your IP address for this next step (ipv4, and ipv6 if possible). You will need to validate that in the next step. ``` -sudo certbot certonly --standalone +sudo certbot certonly --standalone # only generate the HTTPS certificate without actually changing any configs sudo apt install net-tools ``` note: If you run into error 701 issues with your TURN server, check that the coturn service has access to your new SSL certificates: @@ -37,10 +40,10 @@ sudo systemctl daemon-reload Next, we are going to open up some ports... just in case they are blocked by default. Which exactly? well, these are default ports. TCP may not be needed? ``` -sudo ufw allow 3478/tcp -sudo ufw allow 3478/udp -sudo ufw allow 443/tcp -sudo ufw allow 443/udp +sudo ufw allow 3478/tcp # The default coturn TCP port +sudo ufw allow 3478/udp # The default coturn UDP port +sudo ufw allow 443/tcp # The HTTPS UDP port +sudo ufw allow 443/udp # The HTTPS TCP port sudo ufw allow 49152:65535/tcp sudo ufw allow 49152:65535/udp ``` From 4e922c13aa459ce280c75a98adb432c3d96463b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Tron=C3=AD=C4=8Dek?= Date: Mon, 8 Feb 2021 10:55:27 +0100 Subject: [PATCH 2/2] Fix the incorrect placement of UDP and TCP --- turnserver.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/turnserver.md b/turnserver.md index b310273..18b4815 100644 --- a/turnserver.md +++ b/turnserver.md @@ -42,8 +42,8 @@ Next, we are going to open up some ports... just in case they are blocked by def ``` sudo ufw allow 3478/tcp # The default coturn TCP port sudo ufw allow 3478/udp # The default coturn UDP port -sudo ufw allow 443/tcp # The HTTPS UDP port -sudo ufw allow 443/udp # The HTTPS TCP port +sudo ufw allow 443/tcp # The HTTPS TCP port +sudo ufw allow 443/udp # The HTTPS UDP port sudo ufw allow 49152:65535/tcp sudo ufw allow 49152:65535/udp ```