From 34bda2319bc3e5826f7eddc0e75276353ee1c2df Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Fri, 13 Mar 2015 17:57:52 +0100 Subject: [PATCH] Add some docs about turnserver --- templates/default/documentation.html.ep | 120 ++++++++++++++++++++++++++++++++ 1 file changed, 120 insertions(+) diff --git a/templates/default/documentation.html.ep b/templates/default/documentation.html.ep index 3795c6a..0a01ace 100644 --- a/templates/default/documentation.html.ep +++ b/templates/default/documentation.html.ep @@ -393,6 +393,126 @@ cp /opt/vroom/conf/settings.ini.dist /opt/vroom/conf/settings.ini

+ +

+ Setup rfc5766-turn-server +

+

+ You can run any TURN server you want, but VROOM integrates well with rfc5766-turn-server. + To make use of it, follow those steps +

+ + +

+ Download turnserver +

+

+ Download the latest version from here and extract the archive +

+

+ Only the 3.x branch is supported +

+ + +

+ Install the RPMS +

+

+ You can now install the extracted RPMS +

+yum localinstall turnserver-*/*.rpm
+ +

+ + +

+ Configure turnserver +

+

+ Here's a sample configuration: +

+mv /etc/turnserver/turnserver.conf /etc/turnserver/turnserver.conf.default
+cat <<'EOF' > /etc/turnserver/turnserver.conf
+mysql-userdb "host=localhost dbname=vroom user=vroom password=MySuperPassw0rd connect_timeout=5"
+verbose
+syslog
+fingerprint
+lt-cred-mech
+no-sslv2
+no-sslv3
+no-tcp
+no-udp
+tls-listening-port 5349
+alt-tls-listening-port 3478
+no-loopback-peers
+no-multicast-peers
+realm vroom
+cert /etc/turnserver/cert.pem
+pkey /etc/turnserver/key.pem
+proc-user turnserver
+proc-group turnserver
+EOF
+

+
+ +
+ + +

+ Enable and start turnserver +

+

+ You can now start and enable turnserver +

+systemctl enable turnserver
+systemctl start turnserver
+

+

+ You can check it's working with +

+journalctl -fl -u turnserver.service
+

+
+ Configuration of your firewall is out of scope for this doc, but you have to ensure the following ports are open: + + If you use firewalld you can open the correct ports with the following commands +
+firewall-cmd --add-port 80/tcp \\
+             --add-port 443/tcp \\
+             --add-port 3478/tcp \\
+             --add-port 3479/tcp \\
+             --add-port 5349/tcp \\
+             --add-port 5350/tcp \\
+             --add-port 49152-65535/tcp
+firewall-cmd --add-port 3478/udp \\
+             --add-port 3479/udp \\
+             --add-port 5349/udp \\
+             --add-port 5350/udp \\
+             --add-port 49152-65535/udp
+firewall-cmd --permanent \\
+             --add-port 80/tcp \\
+             --add-port 443/tcp \\
+             --add-port 3478/tcp \\
+             --add-port 3479/tcp \\
+             --add-port 5349/tcp \\
+             --add-port 5350/tcp \\
+             --add-port 49152-65535/tcp
+firewall-cmd --permanent \\
+             --add-port 3478/udp \\
+             --add-port 3479/udp \\
+             --add-port 5349/udp \\
+             --add-port 5350/udp \\
+             --add-port 49152-65535/udp
+
+

Customize