mirror of
https://github.com/coturn/coturn.git
synced 2025-10-24 04:20:59 +02:00
Hyorin Choi
GitHub
parent
8c15f4bf23
commit
ab1292059f
@ -1,7 +1,7 @@
|
||||
# Coturn TURN SERVER configuration file
|
||||
#
|
||||
# Boolean values note: where a boolean value is supposed to be used,
|
||||
# you can use '0', 'off', 'no', 'false', or 'f' as 'false,
|
||||
# you can use '0', 'off', 'no', 'false', or 'f' as 'false',
|
||||
# and you can use '1', 'on', 'yes', 'true', or 't' as 'true'
|
||||
# If the value is missing, then it means 'true' by default.
|
||||
#
|
||||
@ -125,7 +125,7 @@ tls-listening-port=5349
|
||||
#
|
||||
# By default, this value is empty, and no address mapping is used.
|
||||
#
|
||||
external-ip=193.224.22.37
|
||||
#external-ip=60.70.80.91
|
||||
#
|
||||
#OR:
|
||||
#
|
||||
@ -186,6 +186,18 @@ lt-cred-mech
|
||||
#
|
||||
#no-auth
|
||||
|
||||
# Enable prometheus exporter
|
||||
# If enabled the turnserver will expose an endpoint with stats on a prometheus format
|
||||
# this endpoint is listening on a different port to not conflict with other configurations.
|
||||
#
|
||||
# You can simply run the turnserver and access the port 9641 and path /metrics
|
||||
#
|
||||
# For more info on the prometheus exporter and metrics
|
||||
# https://prometheus.io/docs/introduction/overview/
|
||||
# https://prometheus.io/docs/concepts/data_model/
|
||||
#
|
||||
#prometheus
|
||||
|
||||
# TURN REST API flag.
|
||||
# (Time Limited Long Term Credential)
|
||||
# Flag that sets a special authorization option that is based upon authentication secret.
|
||||
@ -516,12 +528,27 @@ pkey=/etc/ssl/private/privkey.pem
|
||||
#
|
||||
syslog
|
||||
|
||||
# Set syslog facility for syslog messages
|
||||
# Default values is ''.
|
||||
#
|
||||
#syslog-facility="LOG_LOCAL1"
|
||||
|
||||
# This flag means that no log file rollover will be used, and the log file
|
||||
# name will be constructed as-is, without PID and date appendage.
|
||||
# This option can be used, for example, together with the logrotate tool.
|
||||
#
|
||||
#simple-log
|
||||
|
||||
# Enable full ISO-8601 timestamp in all logs.
|
||||
#new-log-timestamp
|
||||
|
||||
# Set timestamp format (in strftime(1) format). Depends on new-log-timestamp to be enabled.
|
||||
#new-log-timestamp-format "%FT%T%z"
|
||||
|
||||
# Disabled by default binding logging in verbose log mode to avoid DoS attacks.
|
||||
# Enable binding logging and UDP endpoint logs in verbose log mode.
|
||||
#log-binding
|
||||
|
||||
# Option to set the "redirection" mode. The value of this option
|
||||
# will be the address of the alternate server for UDP & TCP service in the form of
|
||||
# <ip>[:<port>]. The server will send this value in the attribute
|
||||
@ -584,6 +611,7 @@ syslog
|
||||
|
||||
# This is the timestamp/username separator symbol (character) in TURN REST API.
|
||||
# The default value is ':'.
|
||||
#
|
||||
#rest-api-separator=:
|
||||
|
||||
# Flag that can be used to allow peers on the loopback addresses (127.x.x.x and ::1).
|
||||
@ -636,7 +664,7 @@ syslog
|
||||
#
|
||||
#mobility
|
||||
|
||||
# Allocate Address Family according
|
||||
# Allocate Address Family according (DEPRECATED and will be removed in favor of allocation-default-address-family)
|
||||
# If enabled then TURN server allocates address family according the TURN
|
||||
# Client <=> Server communication address family.
|
||||
# (By default Coturn works according RFC 6156.)
|
||||
@ -644,6 +672,16 @@ syslog
|
||||
#
|
||||
#keep-address-family
|
||||
|
||||
# TURN server allocates address family according TURN client requested address family.
|
||||
# If address family not requested explicitly by the client, then it falls back to this default.
|
||||
# The standard RFC explicitly define that this default must be IPv4,
|
||||
# so use other option values with care!
|
||||
# Possible values: "ipv4" or "ipv6" or "keep"
|
||||
# "keep" sets the allocation default address family according to
|
||||
# the TURN client allocation request connection address family.
|
||||
#
|
||||
#allocation-default-address-family="ipv4"
|
||||
#allocation-default-address-family="ipv4"
|
||||
|
||||
# User name to run the process. After the initialization, the turnserver process
|
||||
# will attempt to change the current user ID to that user.
|
||||
@ -697,10 +735,15 @@ cli-password=CHANGE_ME
|
||||
#web-admin-port=8080
|
||||
|
||||
# Web-admin server listen on STUN/TURN worker threads
|
||||
# By default it is disabled for security resons! (Not recommended in any production environment!)
|
||||
# By default it is disabled for security reasons! (Not recommended in any production environment!)
|
||||
#
|
||||
#web-admin-listen-on-workers
|
||||
|
||||
# Redirect ACME, i.e. HTTP GET requests matching '^/.well-known/acme-challenge/(.*)' to '<URL>$1'.
|
||||
# Default is '', i.e. no special handling for such requests.
|
||||
#
|
||||
#acme-redirect=http://redirectserver/.well-known/acme-challenge/
|
||||
|
||||
# Server relay. NON-STANDARD AND DANGEROUS OPTION.
|
||||
# Only for those applications when you want to run
|
||||
# server applications on the relay endpoints.
|
||||
@ -723,3 +766,31 @@ cli-password=CHANGE_ME
|
||||
#no-tlsv1
|
||||
#no-tlsv1_1
|
||||
#no-tlsv1_2
|
||||
|
||||
# Disable RFC5780 (NAT behavior discovery).
|
||||
#
|
||||
# Originally, if there are more than one listener address from the same
|
||||
# address family, then by default the NAT behavior discovery feature enabled.
|
||||
# This option disables the original behavior, because the NAT behavior
|
||||
# discovery adds extra attributes to response, and this increase the
|
||||
# possibility of an amplification attack.
|
||||
#
|
||||
# Strongly encouraged to use this option to decrease gain factor in STUN
|
||||
# binding responses.
|
||||
#
|
||||
no-rfc5780
|
||||
|
||||
# Disable handling old STUN Binding requests and disable MAPPED-ADDRESS
|
||||
# attribute in binding response (use only the XOR-MAPPED-ADDRESS).
|
||||
#
|
||||
# Strongly encouraged to use this option to decrease gain factor in STUN
|
||||
# binding responses.
|
||||
#
|
||||
no-stun-backward-compatibility
|
||||
|
||||
# Only send RESPONSE-ORIGIN attribute in binding response if RFC5780 is enabled.
|
||||
#
|
||||
# Strongly encouraged to use this option to decrease gain factor in STUN
|
||||
# binding responses.
|
||||
#
|
||||
response-origin-only-with-rfc5780
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
# Coturn TURN SERVER configuration file
|
||||
#
|
||||
# Boolean values note: where a boolean value is supposed to be used,
|
||||
# you can use '0', 'off', 'no', 'false', or 'f' as 'false,
|
||||
# you can use '0', 'off', 'no', 'false', or 'f' as 'false',
|
||||
# and you can use '1', 'on', 'yes', 'true', or 't' as 'true'
|
||||
# If the value is missing, then it means 'true' by default.
|
||||
#
|
||||
@ -23,7 +23,7 @@
|
||||
# "automatically" recognizes the type of traffic. Actually, two listening
|
||||
# endpoints (the "plain" one and the "tls" one) are equivalent in terms of
|
||||
# functionality; but Coturn keeps both endpoints to satisfy the RFC 5766 specs.
|
||||
# For secure TCP connections, Coturn currently supports
|
||||
# For secure TCP connections, Coturn currently supports SSL version 3 and
|
||||
# TLS version 1.0, 1.1 and 1.2.
|
||||
# For secure UDP connections, Coturn supports DTLS version 1.
|
||||
#
|
||||
@ -611,6 +611,7 @@
|
||||
|
||||
# This is the timestamp/username separator symbol (character) in TURN REST API.
|
||||
# The default value is ':'.
|
||||
#
|
||||
#rest-api-separator=:
|
||||
|
||||
# Flag that can be used to allow peers on the loopback addresses (127.x.x.x and ::1).
|
||||
@ -663,7 +664,7 @@
|
||||
#
|
||||
#mobility
|
||||
|
||||
# Allocate Address Family according (DEPRECATED and will be removed in favour of allocation-default-address-family)
|
||||
# Allocate Address Family according (DEPRECATED and will be removed in favor of allocation-default-address-family)
|
||||
# If enabled then TURN server allocates address family according the TURN
|
||||
# Client <=> Server communication address family.
|
||||
# (By default Coturn works according RFC 6156.)
|
||||
@ -678,10 +679,10 @@
|
||||
# Possible values: "ipv4" or "ipv6" or "keep"
|
||||
# "keep" sets the allocation default address family according to
|
||||
# the TURN client allocation request connection address family.
|
||||
#
|
||||
#allocation-default-address-family="ipv4"
|
||||
#allocation-default-address-family="ipv4"
|
||||
|
||||
|
||||
# User name to run the process. After the initialization, the turnserver process
|
||||
# will attempt to change the current user ID to that user.
|
||||
#
|
||||
@ -734,13 +735,14 @@
|
||||
#web-admin-port=8080
|
||||
|
||||
# Web-admin server listen on STUN/TURN worker threads
|
||||
# By default it is disabled for security resons! (Not recommended in any production environment!)
|
||||
# By default it is disabled for security reasons! (Not recommended in any production environment!)
|
||||
#
|
||||
#web-admin-listen-on-workers
|
||||
|
||||
#acme-redirect=http://redirectserver/.well-known/acme-challenge/
|
||||
# Redirect ACME, i.e. HTTP GET requests matching '^/.well-known/acme-challenge/(.*)' to '<URL>$1'.
|
||||
# Default is '', i.e. no special handling for such requests.
|
||||
#
|
||||
#acme-redirect=http://redirectserver/.well-known/acme-challenge/
|
||||
|
||||
# Server relay. NON-STANDARD AND DANGEROUS OPTION.
|
||||
# Only for those applications when you want to run
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user