Nothing serious that will prevent Turn from working. That is it, this is the configuration that is working for me, it is not perfect, there are errors when you start Turn config sometimes (I get ERROR set_ctx and ERROR cannot set DH), other times there are some weird glitches, like errors saying that I cannot combine auth-secret with classic login, although I only have auth-secret enabled, and few other minor details. You can also define ports you would like to turnserver listen to, then this command would be like sudo turnserver -L 60.60.80.91:5349 -o -a -b nf -f -r :5349Ĭombine the start command the way you see best fit. Turn_user_lifetime: "1h" Start Turn ServerĪfter all is done, reboot server, run first Synapse server and then start Turn server with following command sudo turnserver -L 60.60.80.91 -o -a -b nf -f -r # How long generated TURN credentials last Turn_shared_secret: "ThisIsYorSecretCHANGEME" # The shared secret used to compute passwords for the TURN server # The public URIs of the TURN server to give to clients Remember, it has to be the same secret you entered into turn config file. We need to also edit homeserver.yaml file in Synapse configuration and enter Turn configuration so that Synapse knows it is there.īest to add Turn configuration to end of the homeserver.yaml file.Ĭhange to your turn domain/subdomain, and enter shared_secret you created under turn_shared_secret. Sudo firewall-cmd -reload Synapse/Matrix Configuration Sudo firewall-cmd -permanent -add-port=63000-64535/udp Sudo firewall-cmd -permanent -add-port=5349/udp sudo firewall-cmd -permanent -add-port=5349/tcp Ports for 63000-64545 are optional and not needed in this scenario, but they are here for reference. We will also need to open few firewall ports. I don’t need cli, so I will disable it by uncommenting no-cli option. cert=/etc/pki/coturn/public/turn_server_cert.pem pkey=/etc/pki/coturn/private/turn_server_pkey.pem I renamed my certs to the names written below to match names in turn config files. “cert=” is for public part and “pkey=” for private part of the cert. You will also need to define public and private cert locations for your tls connection to work. You need to enter domain on which your synapse/matrix installation resides. One way to generate more complex secret is by running pwgen.First we will install this util. static-auth-secret=ThisIsYorSecretCHANGEME Also, remember this secret, you will need to enter exact same secret to your syanpse configuration later on. You need to change it to something more complex. We will also need to create static-auth-secret. We will also enable use-auth-secret use-auth-secret We will also need to enable range of UDP ports. Under external-ip you will enter your public/internet facing ip. Enter IP on which port 5349 will wait for connections. We will go from the beginning to the end of file and enable necessary and secure things for out Turn server.įirst, Turn listener port for TLS. In that directory there is nf file which we will need to edit sudo vi /etc/coturn/nf Run following command to install Turn on your CentOS server sudo yum install coturn Turn Configuration Matrix/Synapse server is installed on Installation My turn has own subdomain defined in DNS and we will call it I’m using only public IP (no NAT) for Turn in this tutorial and it will be – 60.60.80.91 Little guide on the IPs and names for tutorial: I’m using server that is not behind NAT and has public IP, so have that in mind. If you are enjoying using Synapse as your own private chat server you will probably at some point want to use it also as voip/video service.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |