varia
/
homebrewserver.club
12
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
Browse Source

Update 'content/instant-messaging/server-support-for-audio-video-calls.md'

master
rra 4 years ago
parent
b863b4a8a1
commit
38d3f0da33
1 changed files with 78 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 80
      content/instant-messaging/server-support-for-audio-video-calls.md

80
content/instant-messaging/server-support-for-audio-video-calls.md
View File

@ -11,11 +11,11 @@ Status: draft
Introduction
---
This is a guide to set up server-side support for audio/video calls over XMPP. To do this we will install and configure `coturn`, a libre STUN/TURN server that helps establish peer connections across firewalls for media streams such as calls. Additionally we will configure `prosody` to talk to `coturn`.
This is a guide to set up server-side support for audio/video calls over XMPP. To do this we will first install and configure [coturn](https://github.com/coturn/coturn). It is a libre STUN/TURN server that helps establish peer connections across firewalls for media streams such as calls. Additionally we will configure Prosody to talk to `coturn`.
Like the other guides, this one assumes Debian stable running on the server, the fact that you will end up hosting a few of your friends and that you have some basic skills working on a linux command line.
Furthermore it assumes you have already installed and configured Prosody, if you haven't have a look [at how to do so as well!]({filename}instant-messaging/configuring_an_xmpp_server_prosody_0.11.md)
Furthermore it assumes you have already installed and configured Prosody. If you haven't, take a look at our guide ['Configuring an XMPP server for secure, mobile instant messaging']({filename}instant-messaging/configuring_an_xmpp_server_prosody_0.11.md) first.
Set up firewall
@ -36,4 +36,80 @@ First install `coturn`
:::console
sudo apt-get update && sudo apt-get install coturn
After installing first make a backup of the existing configuration:
:::console
sudo mv /etc/turnserver.conf /etc/turnserver.conf.bak
Then download the configuration by [the homebrewserver.club](https://homebrewserver.club/downloads/turnserver.conf).
:::console
cd ~
wget https://homebrewserver.club/downloads/turnserver.conf -O turnserver.conf
The file looks like this:
:::console
## Minimal version of /etc/tunserver.conf
## For more options and info see the original /etc/turnserver.conf.bak
# Which porst to listen on, make sure the corresponding ports are accepting UDP connections on your firewall
listening-port=3478
tls-listening-port=5349
# Your external IP, needed for some connections
listening-ip=CUSTOMIZE THIS
# Ports that client can connect to. Again make sure they are open for UDP connections on your firewall
min-port=49152
max-port=65535
# For the connection with Prosody. Generate a long passphrase for the secret.
use-auth-secret
static-auth-secret=CUSTOMIZE THIS
#Paths to Let's Encrypt certificates
cert=/etc/letsencrypt/live/myserver.org/cert.pem
pkey=/etc/letsencrypt/live/myserver.org/privkey.pem
# Log to syslog
syslog
# For security:
prod # disallow server fingerprinting
no-loopback-peers #dissalow connections on lo interface
no-cli # disable command-line access
Now time for some config. Edit file in a few places:
Add your external IP-address to `listening-ip`. If you don't know it, you can find out using `curl https://ifconfig.co`.
Set `static-auth-secret` to a decently long passphrase. You can also generate one with: `openssl rand -base64 30`. Take note of it because we will need this secret later.
Finally, edit the paths to the Let's Encrypt certificates to whatever you've set in ['Configuring an XMPP server for secure, mobile instant messaging']({filename}instant-messaging/configuring_an_xmpp_server_prosody_0.11.md#enabling-https)
Update & set up Prosody
---
First update your prosody modules:
:::console
apt-get install mercurial
cd /usr/src/prosody-modules
hg pull
hg update
Then edit your prosody config in `/etc/prosody/prosody.cfg.lua`:
First add `turncredentials` to the `modules_enabled` section.
Then, before the 'Virtual Hosts' section add:
:::console
turncredentials_host = "localhost"
turncredentials_secret="mydecentlylongpassphrase"
And replace the value of `turncredentials_secret` with the value of `static-auth-secret` in `/etc/turnserver.conf`

Write Preview
Loading…
Cancel
Save