## How to setup a TURN server for free (or near free)
## This file is a bit out of day now; see turnserver.md for a newer one.
## You can still reference this file/settings when deploying onto Google Cloud or AWS servers.

# Create a VM instance on Google Cloud (Free Tier available)
# Use Ubuntu and Open all PORTS for ingress/egress for TCP/UDP
#>> sudo apt-get update
#>> sudo apt-get install coturn
# Set a domain name to point to the server you setup. I use https://namecheap.com to buy a $1 .xyz domain
#>> sudo add-apt-repository ppa:certbot/certbot
#>> sudo apt-get install certbot
#>> sudo certbot certonly --standalone  ## do the wizard , which will setup a SSH key for you
# edit /etc/default/coturn and set TURNSERVER_ENABLED=1
# edit THIS file with required changes; CHANGE ME.
# put the edited file @ /etc/turnserver.conf
#>> systemctl start coturn
# Use with obs.ninja by adding: https://obs.ninja/?streamid=XXXXXXXXXXX&turn=steve;justtesting;turn:turn.obs.ninja:443  
# Obviously update the TURN settings with your domain, username, and password -- keep the password private.


listening-port=80
tls-listening-port=443
#alt-listening-port=0
#alt-tls-listening-port=0

listening-ip = {10.168.0.2, 0.0.0.0, 127.0.0.1}   ## CHANGE ME (internal IP)

relay-ip = {10.168.0.2, 0.0.0.0, 127.0.0.1}   ## CHANGE ME (internal IP)

external-ip = 34.94.203.138/10.168.0.2   ## CHANGE ME ( external + internal IP)

realm=turn2.obs.ninja  ## CHANGE ME
server-name=turn2.obs.ninja   ## CHANGE ME

#lt-cred-mech
#userdb=/etc/turnuserdb.conf
fingerprint
stale-nonce
no-multicast-peers

min-port=10000
max-port=20000

#oauth
lt-cred-mech
user=steve:justtesting   ## CHANGE ME

# use real-valid certificate/privatekey files
cert=/etc/letsencrypt/live/turn2.obs.ninja/fullchain.pem   ## CHANGE ME
pkey=/etc/letsencrypt/live/turn2.obs.ninja/privkey.pem   ## CHANGE ME

# verbose
no-stdout-log