mirrors/coturn
1
0
Fork 0
mirror of https://github.com/coturn/coturn.git synced 2025-10-24 04:20:59 +02:00
Code Issues Projects Releases Wiki Activity

Update turnserver.conf (#1009)

Browse Source 
Made some text proofreading
This commit is contained in:
Hyorin Choi 2022-10-27 05:53:32 +09:00 committed by GitHub
parent 8c15f4bf23
commit ab1292059f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 87 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
docker/coturn/turnserver.conf
View File

@ -1,7 +1,7 @@
# Coturn TURN SERVER configuration file
#
# Boolean values note: where a boolean value is supposed to be used,
# you can use '0', 'off', 'no', 'false', or 'f' as 'false,
# you can use '0', 'off', 'no', 'false', or 'f' as 'false',
# and you can use '1', 'on', 'yes', 'true', or 't' as 'true'
# If the value is missing, then it means 'true' by default.
#
@ -125,7 +125,7 @@ tls-listening-port=5349
#
# By default, this value is empty, and no address mapping is used.
#
external-ip=193.224.22.37
#external-ip=60.70.80.91
#
#OR:
#
@ -186,6 +186,18 @@ lt-cred-mech
#
#no-auth
# Enable prometheus exporter
# If enabled the turnserver will expose an endpoint with stats on a prometheus format
# this endpoint is listening on a different port to not conflict with other configurations.
#
# You can simply run the turnserver and access the port 9641 and path /metrics
#
# For more info on the prometheus exporter and metrics
# https://prometheus.io/docs/introduction/overview/
# https://prometheus.io/docs/concepts/data_model/
#
#prometheus
# TURN REST API flag.
# (Time Limited Long Term Credential)
# Flag that sets a special authorization option that is based upon authentication secret.
@ -377,7 +389,7 @@ realm=example.org
# Total bytes-per-second bandwidth the TURN server is allowed to allocate
# for the sessions, combined (input and output network streams are treated separately).
#
# bps-capacity=0
#bps-capacity=0
# Uncomment if no UDP client listener is desired.
# By default UDP client listener is always started.
@ -516,12 +528,27 @@ pkey=/etc/ssl/private/privkey.pem
#
syslog
# Set syslog facility for syslog messages
# Default values is ''.
#
#syslog-facility="LOG_LOCAL1"
# This flag means that no log file rollover will be used, and the log file
# name will be constructed as-is, without PID and date appendage.
# This option can be used, for example, together with the logrotate tool.
#
#simple-log
# Enable full ISO-8601 timestamp in all logs.
#new-log-timestamp
# Set timestamp format (in strftime(1) format). Depends on new-log-timestamp to be enabled.
#new-log-timestamp-format "%FT%T%z"
# Disabled by default binding logging in verbose log mode to avoid DoS attacks.
# Enable binding logging and UDP endpoint logs in verbose log mode.
#log-binding
# Option to set the "redirection" mode. The value of this option
# will be the address of the alternate server for UDP & TCP service in the form of
# <ip>[:<port>]. The server will send this value in the attribute
@ -584,7 +611,8 @@ syslog
# This is the timestamp/username separator symbol (character) in TURN REST API.
# The default value is ':'.
# rest-api-separator=:
#
#rest-api-separator=:
# Flag that can be used to allow peers on the loopback addresses (127.x.x.x and ::1).
# This is an extra security measure.
@ -636,7 +664,7 @@ syslog
#
#mobility
# Allocate Address Family according
# Allocate Address Family according (DEPRECATED and will be removed in favor of allocation-default-address-family)
# If enabled then TURN server allocates address family according the TURN
# Client <=> Server communication address family.
# (By default Coturn works according RFC 6156.)
@ -644,6 +672,16 @@ syslog
#
#keep-address-family
# TURN server allocates address family according TURN client requested address family.
# If address family not requested explicitly by the client, then it falls back to this default.
# The standard RFC explicitly define that this default must be IPv4,
# so use other option values with care!
# Possible values: "ipv4" or "ipv6" or "keep"
# "keep" sets the allocation default address family according to
# the TURN client allocation request connection address family.
#
#allocation-default-address-family="ipv4"
#allocation-default-address-family="ipv4"
# User name to run the process. After the initialization, the turnserver process
# will attempt to change the current user ID to that user.
@ -697,10 +735,15 @@ cli-password=CHANGE_ME
#web-admin-port=8080
# Web-admin server listen on STUN/TURN worker threads
# By default it is disabled for security resons! (Not recommended in any production environment!)
# By default it is disabled for security reasons! (Not recommended in any production environment!)
#
#web-admin-listen-on-workers
# Redirect ACME, i.e. HTTP GET requests matching '^/.well-known/acme-challenge/(.*)' to '<URL>$1'.
# Default is '', i.e. no special handling for such requests.
#
#acme-redirect=http://redirectserver/.well-known/acme-challenge/
# Server relay. NON-STANDARD AND DANGEROUS OPTION.
# Only for those applications when you want to run
# server applications on the relay endpoints.
@ -723,3 +766,31 @@ cli-password=CHANGE_ME
#no-tlsv1
#no-tlsv1_1
#no-tlsv1_2
# Disable RFC5780 (NAT behavior discovery).
#
# Originally, if there are more than one listener address from the same
# address family, then by default the NAT behavior discovery feature enabled.
# This option disables the original behavior, because the NAT behavior
# discovery adds extra attributes to response, and this increase the
# possibility of an amplification attack.
#
# Strongly encouraged to use this option to decrease gain factor in STUN
# binding responses.
#
no-rfc5780
# Disable handling old STUN Binding requests and disable MAPPED-ADDRESS
# attribute in binding response (use only the XOR-MAPPED-ADDRESS).
#
# Strongly encouraged to use this option to decrease gain factor in STUN
# binding responses.
#
no-stun-backward-compatibility
# Only send RESPONSE-ORIGIN attribute in binding response if RFC5780 is enabled.
#
# Strongly encouraged to use this option to decrease gain factor in STUN
# binding responses.
#
response-origin-only-with-rfc5780

18
examples/etc/turnserver.conf
View File

@ -1,7 +1,7 @@
# Coturn TURN SERVER configuration file
#
# Boolean values note: where a boolean value is supposed to be used,
# you can use '0', 'off', 'no', 'false', or 'f' as 'false,
# you can use '0', 'off', 'no', 'false', or 'f' as 'false',
# and you can use '1', 'on', 'yes', 'true', or 't' as 'true'
# If the value is missing, then it means 'true' by default.
#
@ -23,7 +23,7 @@
# "automatically" recognizes the type of traffic. Actually, two listening
# endpoints (the "plain" one and the "tls" one) are equivalent in terms of
# functionality; but Coturn keeps both endpoints to satisfy the RFC 5766 specs.
# For secure TCP connections, Coturn currently supports
# For secure TCP connections, Coturn currently supports SSL version 3 and
# TLS version 1.0, 1.1 and 1.2.
# For secure UDP connections, Coturn supports DTLS version 1.
#
@ -389,7 +389,7 @@
# Total bytes-per-second bandwidth the TURN server is allowed to allocate
# for the sessions, combined (input and output network streams are treated separately).
#
# bps-capacity=0
#bps-capacity=0
# Uncomment if no UDP client listener is desired.
# By default UDP client listener is always started.
@ -611,7 +611,8 @@
# This is the timestamp/username separator symbol (character) in TURN REST API.
# The default value is ':'.
# rest-api-separator=:
#
#rest-api-separator=:
# Flag that can be used to allow peers on the loopback addresses (127.x.x.x and ::1).
# This is an extra security measure.
@ -663,7 +664,7 @@
#
#mobility
# Allocate Address Family according (DEPRECATED and will be removed in favour of allocation-default-address-family)
# Allocate Address Family according (DEPRECATED and will be removed in favor of allocation-default-address-family)
# If enabled then TURN server allocates address family according the TURN
# Client <=> Server communication address family.
# (By default Coturn works according RFC 6156.)
@ -678,10 +679,10 @@
# Possible values: "ipv4" or "ipv6" or "keep"
# "keep" sets the allocation default address family according to
# the TURN client allocation request connection address family.
#
#allocation-default-address-family="ipv4"
#allocation-default-address-family="ipv4"
# User name to run the process. After the initialization, the turnserver process
# will attempt to change the current user ID to that user.
#
@ -734,13 +735,14 @@
#web-admin-port=8080
# Web-admin server listen on STUN/TURN worker threads
# By default it is disabled for security resons! (Not recommended in any production environment!)
# By default it is disabled for security reasons! (Not recommended in any production environment!)
#
#web-admin-listen-on-workers
#acme-redirect=http://redirectserver/.well-known/acme-challenge/
# Redirect ACME, i.e. HTTP GET requests matching '^/.well-known/acme-challenge/(.*)' to '<URL>$1'.
# Default is '', i.e. no special handling for such requests.
#
#acme-redirect=http://redirectserver/.well-known/acme-challenge/
# Server relay. NON-STANDARD AND DANGEROUS OPTION.
# Only for those applications when you want to run