Coturn (STUN / TURN Server für Jitsi Meet)
https://hub.docker.com/r/coturn/coturn
https://doganbros.com/blog/turn-server-setup-for-jitsi-on-ubuntu-20-04-tls
jits meet .env
JVB_STUN_SERVERS=turn.DOMAIN.de:443
TURN_CREDENTIALS=rqj........GhY
TURN_HOST=turn.DOMAIN.de
TURN_PORT=443
#TURNS_HOST=turn.DOMAIN.de
#TURNS_PORT=443
TURN_TRANSPORT=tcp, udp
ENABLE_TURN=1
ENABLE_P2P=1
certbot installieren
sudo apt update
sudo apt install certbot
sudo certbot certonly --standalone --preferred-challenges http -d turn.DOMAIN.de
sudo ufw allow 443
coturn docker-compose.yml
services:
coturn:
network_mode: host
#networks:
# - jitsi_meet.jitsi
container_name: coturn
image: coturn/coturn
restart: unless-stopped
volumes:
- /etc/letsencrypt/live/turn.DOMAIN.de/fullchain.pem:/etc/letsencrypt/live/turn.DOMAIN.de/fullchain.pem
- /etc/letsencrypt/live/turn.DOMAIN.de/privkey.pem:/etc/letsencrypt/live/turn.DOMAIN.de/privkey.pem
tmpfs:
- /var/lib/coturn
#ports:
#- 80:3478
#- 80:3478/udp
#- 443:5349
#- 443:5349/udp
#- 5349:5349
#- 5349:5349/udp
#- 3478:3478
#- 3478:3478/udp
#- 80:80
#- 80:80/udp
#- 443:443
#- 443:443/udp
command:
- --log-file=stdout
- --verbose
- --cert=/etc/letsencrypt/live/turn.DOMAIN.de/fullchain.pem
- --pkey=/etc/letsencrypt/live/turn.DOMAIN.de/privkey.pem
- --min-port=49160
- --max-port=49200
- --listening-port=443
- --tls-listening-port=443
- --fingerprint
- --no-multicast-peers
#- --no-tcp-relay
#- --no-tcp
- --no-cli
- --no-tlsv1
- --no-tlsv1_1
- --external-ip=116.203.93.143
- --static-auth-secret=rqj...........[openssl rand -base64 32]...............cGhY
#- --use-auth-secret
- --realm=turn.DOMAIN.de
#networks:
# jitsi_meet.jitsi:
# name: jitsi_meet.jitsi
# external: true
# driver: bridgeconfig testen:
secret=rqjw...........cGhY && time=$(date +%s) && expiry=8400 && username=$(( $time + $expiry )) &&echo username:$username && echo password : $(echo -n $username | openssl dgst -binary -sha1 -hmac $secret | openssl base64)
und bei trickle-ice angeben:
https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/