106 lines
3.7 KiB
Plaintext
106 lines
3.7 KiB
Plaintext
# Coturn TURN SERVER configuration file
|
|
#
|
|
# Boolean values note: where boolean value is supposed to be used,
|
|
# you can use '0', 'off', 'no', 'false', 'f' as 'false,
|
|
# and you can use '1', 'on', 'yes', 'true', 't' as 'true'
|
|
# If the value is missed, then it means 'true'.
|
|
#
|
|
|
|
# TURN listener port for UDP and TCP (Default: 3478).
|
|
# Note: actually, TLS & DTLS sessions can connect to the
|
|
# "plain" TCP & UDP port(s), too - if allowed by configuration.
|
|
#
|
|
listening-port=3478
|
|
|
|
# TURN listener port for TLS (Default: 5349).
|
|
# Note: actually, "plain" TCP & UDP sessions can connect to the TLS & DTLS
|
|
# port(s), too - if allowed by configuration. The TURN server
|
|
# "automatically" recognizes the type of traffic. Actually, two listening
|
|
# endpoints (the "plain" one and the "tls" one) are equivalent in terms of
|
|
# functionality; but we keep both endpoints to satisfy the RFC 5766 specs.
|
|
# For secure TCP connections, we currently support SSL version 3 and
|
|
# TLS version 1.0, 1.1 and 1.2.
|
|
# For secure UDP connections, we support DTLS version 1.
|
|
#
|
|
tls-listening-port=5349
|
|
|
|
# Alternative listening port for UDP and TCP listeners;
|
|
# default (or zero) value means "listening port plus one".
|
|
# This is needed for RFC 5780 support
|
|
# (STUN extension specs, NAT behavior discovery). The TURN Server
|
|
# supports RFC 5780 only if it is started with more than one
|
|
# listening IP address of the same family (IPv4 or IPv6).
|
|
# RFC 5780 is supported only by UDP protocol, other protocols
|
|
# are listening to that endpoint only for "symmetry".
|
|
#
|
|
alt-listening-port=0
|
|
|
|
# Alternative listening port for TLS and DTLS protocols.
|
|
# Default (or zero) value means "TLS listening port plus one".
|
|
#
|
|
alt-tls-listening-port=0
|
|
|
|
# Lower and upper bounds of the UDP relay endpoints:
|
|
# (default values are 49152 and 65535)
|
|
#
|
|
# THESE ARE OVERRIDDEN BY start-turn.sh!
|
|
#min-port=49152
|
|
#max-port=65535
|
|
|
|
# TURN REST API flag.
|
|
# Flag that sets a special authorization option that is based upon authentication secret.
|
|
# This feature can be used with the long-term authentication mechanism, only.
|
|
# This feature purpose is to support "TURN Server REST API", see
|
|
# "TURN REST API" link in the project's page
|
|
# https://github.com/coturn/coturn/
|
|
#
|
|
# This option is used with timestamp:
|
|
#
|
|
# usercombo -> "timestamp:userid"
|
|
# turn user -> usercombo
|
|
# turn password -> base64(hmac(secret key, usercombo))
|
|
#
|
|
# This allows TURN credentials to be accounted for a specific user id.
|
|
# If you don't have a suitable id, the timestamp alone can be used.
|
|
# This option is just turning on secret-based authentication.
|
|
# The actual value of the secret is defined either by option static-auth-secret,
|
|
# or can be found in the turn_secret table in the database (see below).
|
|
#
|
|
use-auth-secret
|
|
|
|
# Option to set the log file name.
|
|
# By default, the turnserver tries to open a log file in
|
|
# /var/log, /var/tmp, /tmp and current directories directories
|
|
# (which open operation succeeds first that file will be used).
|
|
# With this option you can set the definite log file name.
|
|
# The special names are "stdout" and "-" - they will force everything
|
|
# to the stdout. Also, the "syslog" name will force everything to
|
|
# the system log (syslog).
|
|
# In the runtime, the logfile can be reset with the SIGHUP signal
|
|
# to the turnserver process.
|
|
#
|
|
log-file=stdout
|
|
|
|
# Flag that can be used to disallow peers on well-known broadcast addresses (224.0.0.0 and above, and FFXX:*).
|
|
# This is an extra security measure.
|
|
#
|
|
no-multicast-peers
|
|
|
|
# Disable relaying TCP traffic, this is not
|
|
# used for A/V calls in XMPP
|
|
#
|
|
no-tcp-relay
|
|
|
|
# Turn OFF the CLI support.
|
|
# By default it is always ON.
|
|
# See also options cli-ip and cli-port.
|
|
#
|
|
no-cli
|
|
|
|
# SQLite database file name.
|
|
#
|
|
# Default file name is /var/db/turndb or /usr/local/var/db/turndb or
|
|
# /var/lib/turn/turndb.
|
|
#
|
|
userdb=/snikket/prosody/turndb
|