Using Prosody with coturn
coturn is a TURN and STUN server.
Installation
This assumes a Debian system. Commands for installation and config file paths may vary with operating system.
Install coturn
sudo apt install coturn
Check whether it was started automatically,
sudo systemctl status coturn
If not, do so (or wait until after configuring).
sudo systemctl enable --now coturn
Firewall
If you have a firewall enabled, make sure to allow coturn through.
sudo ufw allow Turnserver
Install mod_external_services
This step can be skipped after version 0.12 (trunk) because mod_turn_external and mod_external_services are included with Prosody.
See page about installing modules.
Configuration
Enable the module in the modules_enabled
list:
= {
modules_enabled -- other modules ...
"turn_external"
}
Generate a suitably strong shared secret and put it both as static-auth-secret
in /etc/turnserver.conf
and as turn_external_secret
in Prosodys configuration. A realm
is also needed.
realm=turn.example.com
use-auth-secret
static-auth-secret=s1kr3t
In Prosodys configuration, /etc/prosody/prosody.cfg.lua
, add:
= {
modules_enabled -- other modules ...
"turn_external"
}
= "turn.example.com"
turn_external_host = "s1kr3t" turn_external_secret
That should be it! Don’t forget to check out coturns own documentation and skim through the rest of the default configuration file.
Test
By using a client with an XML console, manually request temporary credentials as per XEP-0215. These can be tested using https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/