Create turnserver.conf

This commit is contained in:
Tommy 2022-01-15 09:08:56 -05:00 committed by GitHub
parent ad06fdc34d
commit ca352ffc4d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

28
coturn/turnserver.conf Normal file
View File

@ -0,0 +1,28 @@
use-auth-secret
static-auth-secret=changeme
realm=turn.yourdomain.tld
syslog
# VoIP traffic is all UDP. There is no reason to let users connect to arbitrary TCP endpoints via the relay.
no-tcp-relay
# don't let the relay ever try to connect to private IP address ranges within your network (if any)
# given the turn server is likely behind your firewall, remember to include any privileged public IPs too.
denied-peer-ip=10.0.0.0-10.255.255.255
denied-peer-ip=192.168.0.0-192.168.255.255
denied-peer-ip=172.16.0.0-172.31.255.255
# special case the turn server itself so that client->TURN->TURN->client flows work
allowed-peer-ip=10.0.0.1
# consider whether you want to limit the quota of relayed streams per user (or total) to avoid risk of DoS.
user-quota=12 # 4 streams per video call, so 12 streams = 3 simultaneous relayed calls per user.
total-quota=1200
# TLS certificates, including intermediate certs.
# For Let's Encrypt certificates, use `fullchain.pem` here.
cert=/keys/fullchain.pem
# TLS private key file
pkey=/keys/privkey.pem