Working(?) TURN server
This commit is contained in:
parent
2d78fff08f
commit
cfbd809761
|
@ -4,3 +4,5 @@ export STACK_NAME=matrix
|
|||
export LETS_ENCRYPT_ENV=production
|
||||
|
||||
export ENTRYPOINT_CONF_VERSION=v1
|
||||
export TURNSERVER_CONF_VERSION=v1
|
||||
export COTURN_SHARED_SECRET_VERSION=v1
|
||||
|
|
|
@ -9,6 +9,7 @@ image][synapse-docker].
|
|||
3. Edit `.envrc` - be sure to change `$DOMAIN` to something that resolves to
|
||||
your Docker swarm box
|
||||
4. `direnv allow` (or `. .envrc`)
|
||||
4. `abra secret_generate coturn_shared_secret`
|
||||
5. `abra deploy`
|
||||
6. `abra service_run synapse` to open a shell
|
||||
7. `register_new_matrix_user -c /data/homeserver.yaml http://localhost:8008`
|
||||
|
|
18
compose.yml
18
compose.yml
|
@ -12,6 +12,8 @@ services:
|
|||
- LETSENCRYPT_HOST=${DOMAIN}
|
||||
- SYNAPSE_SERVER_NAME=${DOMAIN}
|
||||
- SYNAPSE_REPORT_STATS=no
|
||||
- TURN_SERVER=${DOMAIN}
|
||||
- TURN_PORT=3478
|
||||
networks:
|
||||
- proxy
|
||||
deploy:
|
||||
|
@ -31,11 +33,18 @@ services:
|
|||
- source: entrypoint_conf
|
||||
target: /docker-entrypoint.sh
|
||||
mode: 0555
|
||||
secrets:
|
||||
- coturn_shared_secret
|
||||
|
||||
coturn:
|
||||
image: instrumentisto/coturn:latest
|
||||
networks:
|
||||
- swarm_host
|
||||
secrets:
|
||||
- coturn_shared_secret
|
||||
configs:
|
||||
- source: turnserver_conf
|
||||
target: /etc/coturn/turnserver.conf
|
||||
|
||||
volumes:
|
||||
synapse:
|
||||
|
@ -57,3 +66,12 @@ configs:
|
|||
name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_CONF_VERSION}
|
||||
file: entrypoint.sh.tmpl
|
||||
template_driver: golang
|
||||
turnserver_conf:
|
||||
name: ${STACK_NAME}_turnserver_conf_${TURNSERVER_CONF_VERSION}
|
||||
file: turnserver.conf.tmpl
|
||||
template_driver: golang
|
||||
|
||||
secrets:
|
||||
coturn_shared_secret:
|
||||
external: true
|
||||
name: ${STACK_NAME}_coturn_shared_secret_${COTURN_SHARED_SECRET_VERSION}
|
||||
|
|
|
@ -2,6 +2,17 @@
|
|||
|
||||
if [[ ! -f /data/homeserver.yaml ]]; then
|
||||
/start.py generate
|
||||
|
||||
apt update && apt install -y wget
|
||||
wget https://github.com/mikefarah/yq/releases/download/3.3.2/yq_linux_amd64 && \
|
||||
chmod +x yq_linux_amd64 && \
|
||||
mv yq_linux_amd64 /bin/yq
|
||||
|
||||
# turn (https://github.com/matrix-org/synapse/blob/master/docs/turn-howto.md#synapse-setup)
|
||||
yq w -i /data/homeserver.yaml turn_uris "[]"
|
||||
yq w -i /data/homeserver.yaml turn_uris\[0\] "turn:${TURN_SERVER}:${TURN_PORT}?transport=udp"
|
||||
yq w -i /data/homeserver.yaml turn_uris\[1\] "turn:${TURN_SERVER}:${TURN_PORT}?transport=tcp"
|
||||
yq w -i /data/homeserver.yaml coturn_shared_secret "$(tr -d \"\n\" < /run/secrets/coturn_shared_secret)"
|
||||
fi
|
||||
|
||||
/start.py
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
use-auth-secret
|
||||
static-auth-secret={{ secret "coturn_shared_secret" }}
|
||||
realm=turn.{{ env "DOMAIN" }}
|
||||
|
||||
log-file=stdout
|
||||
pidfile=/var/tmp/turnserver.pid
|
||||
userdb=/var/tmp/turnserver.db
|
||||
|
||||
no-cli
|
||||
|
||||
no-tls
|
||||
no-dtls
|
||||
|
||||
prod
|
||||
no-tcp-relay
|
Loading…
Reference in New Issue