mirror of
				https://github.com/coturn/coturn.git
				synced 2025-10-25 04:51:04 +02:00 
			
		
		
		
	
		
			
				
	
	
		
			275 lines
		
	
	
		
			7.1 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			275 lines
		
	
	
		
			7.1 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| GENERAL INFORMATION
 | |
| 
 | |
| turnadmin is a TURN administration tool. This tool can be used to manage 
 | |
| the user accounts (add/remove users, generate 
 | |
| TURN keys for the users). For security reasons, we do not recommend 
 | |
| storing passwords openly. The better option is to use pre-processed "keys" 
 | |
| which are then used for authentication. These keys are generated by turnadmin. 
 | |
| Turnadmin is a link to turnserver binary, but turnadmin performs different 
 | |
| functions.
 | |
| 
 | |
| Options note: turnadmin has long and short option names, for most options.
 | |
| Some options have only long form, some options have only short form. Their syntax 
 | |
| somewhat different, if an argument is required:
 | |
| 
 | |
| The short form must be used as this (for example):
 | |
| 
 | |
|   $ turnadmin -u <username> ...
 | |
|   
 | |
| The long form equivalent must use the "=" character:
 | |
| 
 | |
|   $ turnadmin --user=<username> ...
 | |
|   
 | |
| If this is a flag option (no argument required) then their usage are the same, for example:
 | |
| 
 | |
|  $ turnadmin -k ...
 | |
|  
 | |
| is equivalent to:
 | |
| 
 | |
|  $ turnadmin --key ...
 | |
| 
 | |
| You have always the use the -r <realm> option with commands for long term credentials - 
 | |
| because data for multiple realms can be stored in the same database.
 | |
|  
 | |
| =====================================
 | |
| 
 | |
|   NAME
 | |
| 
 | |
| turnadmin - a TURN relay administration tool. 
 | |
|   
 | |
|   SYNOPSIS  
 | |
| 
 | |
| $ turnadmin [command] [options]
 | |
| 
 | |
| $ turnadmin [ -h | --help]
 | |
| 
 | |
|   DESCRIPTION
 | |
|   
 | |
| Commands:  
 | |
| 
 | |
| -P, --generate-encrypted-password	Generate and print to the standard
 | |
| output an encrypted form of a password (for web admin user or CLI).
 | |
| The value then can be used as a safe key for the password
 | |
| storage on disk or in the database. Every invocation for the same password
 | |
| produces a different result. The for mat of the encrypted password is:
 | |
| $5$<...salt...>$<...sha256(salt+password)...>. Salt is 16 characters,
 | |
| the sha256 output is 64 characters. Character 5 is the algorithm id (sha256).
 | |
| Only sha256 is supported as the hash function.
 | |
| 
 | |
| -k, --key		Generate key for a long-term credentials mechanism user.
 | |
| 
 | |
| -a, --add       	Add or update a long-term user.
 | |
| 
 | |
| -A, --add-admin    	Add or update an admin user.
 | |
| 
 | |
| -d, --delete		Delete a long-term user.
 | |
| 
 | |
| -D, --delete-admin		Delete an admin user.
 | |
| 
 | |
| -l, --list		List long-term users in the database.
 | |
| 
 | |
| -L, --list-admin		List admin users in the database.
 | |
| 
 | |
| -s, --set-secret=<value> Add shared secret for TURN RESP API
 | |
| 
 | |
| -S, --show-secret	Show stored shared secrets for TURN REST API
 | |
| 
 | |
| -X, --delete-secret=<value> Delete a shared secret.
 | |
| 	--delete-all_secrets	Delete all shared secrets for REST API.
 | |
| 	
 | |
| -O, --add-origin		Add origin-to-realm relation.
 | |
| 
 | |
| -R, --del-origin		Delete origin-to-realm relation.
 | |
| 
 | |
| -I, --list-origins		List origin-to-realm relations.
 | |
| 
 | |
| -g, --set-realm-option		Set realm params: max-bps, total-quota, user-quota.
 | |
| 
 | |
| -G, --list-realm-options	List realm params.
 | |
| -E, --generate-encrypted-password-aes	Generate and print to the standard output 
 | |
| 					an encrypted form of password with AES-128
 | |
|   
 | |
| Options with required values:  
 | |
| 
 | |
| -b, --db, --userdb	SQLite user database file name (default - /var/db/turndb or
 | |
| 			/usr/local/var/db/turndb or /var/lib/turn/turndb).
 | |
| 			See the same option in the turnserver section.
 | |
| -e, --psql-userdb	PostgreSQL user database connection string.
 | |
| 			See the --psql-userdb option in the turnserver section.
 | |
| -M, --mysql-userdb	MySQL user database connection string.
 | |
| 			See the --mysql-userdb option in the turnserver section.
 | |
| -J, --mongo-userdb	MongoDB user database connection string.
 | |
| 			See the --mysql-mongo option in the turnserver section.
 | |
| -N, --redis-userdb	Redis user database connection string.
 | |
| 			See the --redis-userdb option in the turnserver section.
 | |
| -u, --user		User name.
 | |
| -r, --realm		Realm.
 | |
| -p, --password		Password.
 | |
| -x, --key-path		Generates a 128 bit key into the given path.
 | |
| -f, --file-key-path	Contains a 128 bit key in the given path.
 | |
| -v, --verify		Verify a given base64 encrypted type password.
 | |
| -o, --origin		Origin
 | |
| --max-bps		Set value of realm's max-bps parameter.
 | |
| --total-quota	Set value of realm's total-quota parameter.
 | |
| --user-quota	Set value of realm's user-quota parameter. 
 | |
| -h, --help		Help.
 | |
| 
 | |
| Command examples:  
 | |
| 
 | |
| Generate an encrypted form of a password:
 | |
| 
 | |
| $ turnadmin -P -p <password>
 | |
| 
 | |
| Generate a key:
 | |
| 
 | |
| $ turnadmin -k -u <username> -r <realm> -p <password>
 | |
|   
 | |
| Add/update a user in the in the database:
 | |
| 
 | |
| $ turnadmin -a [-b <userdb-file> | -e <db-connection-string> | -M <db-connection-string> | -N <db-connection-string> ] -u <username> -r <realm> -p <password>
 | |
|   
 | |
| Delete a user from the database:
 | |
| 
 | |
| $ turnadmin -d [-b <userdb-file> | -e <db-connection-string> | -M <db-connection-string> | -N <db-connection-string> ] -u <username> -r <realm>
 | |
| 
 | |
| List all long-term users in MySQL database:
 | |
| 
 | |
| $ turnadmin -l --mysql-userdb="<db-connection-string>" -r <realm>
 | |
| 
 | |
| List all admin users in Redis database:
 | |
| 
 | |
| $ turnadmin -L --redis-userdb="<db-connection-string>"
 | |
| 
 | |
| Set secret in MySQL database:
 | |
| 
 | |
| $ turnadmin -s <secret> --mysql-userdb="<db-connection-string>" -r <realm>
 | |
| 
 | |
| Show secret stored in PostgreSQL database:
 | |
| 
 | |
| $ turnadmin -S --psql-userdb="<db-connection-string>" -r <realm>
 | |
| 
 | |
| Set origin-to-realm relation in MySQL database:
 | |
| 
 | |
| $ turnadmin --mysql-userdb="<db-connection-string>" -r <realm> -o <origin>
 | |
| 
 | |
| Delete origin-to-realm relation from Redis DB:
 | |
| 
 | |
| $ turnadmin --redis-userdb="<db-connection-string>" -o <origin>
 | |
| 
 | |
| List all origin-to-realm relations in Redis DB:
 | |
| 
 | |
| $ turnadmin --redis-userdb="<db-connection-string>" -I
 | |
| 
 | |
| List the origin-to-realm relations in PostgreSQL DB for a single realm:
 | |
| 
 | |
| $ turnadmin --psql-userdb="<db-connection-string>" -I -r <realm>
 | |
| 
 | |
| Create new key file for mysql password encryption:
 | |
| 
 | |
| $ turnadmin -E --key-path <key-file>
 | |
| 
 | |
| Create encrypted mysql password:
 | |
| 
 | |
| $ turnadmin -E --file-key-path <key-file> -p <secret>
 | |
| 
 | |
| Verify/decrypt encrypted password:
 | |
| 
 | |
| $ turnadmin --file-key-path <key-file> -v <encrypted>
 | |
| 
 | |
|    
 | |
| Help:  
 | |
| 
 | |
| $ turnadmin -h
 | |
| 
 | |
| =======================================
 | |
|  
 | |
|   DOCS
 | |
| 
 | |
| After installation, run the command:
 | |
| 
 | |
| $ man turnadmin
 | |
| 
 | |
| or in the project root directory:
 | |
| 
 | |
| $ man -M man turnadmin
 | |
| 
 | |
| to see the man page.
 | |
| 
 | |
| =====================================
 | |
| 
 | |
|   FILES
 | |
| 
 | |
| /etc/turnserver.conf
 | |
| 
 | |
| /var/db/turndb
 | |
| 
 | |
| /usr/local/var/db/turndb
 | |
| 
 | |
| /var/lib/turn/turndb
 | |
| 
 | |
| /usr/local/etc/turnserver.conf
 | |
| 
 | |
| =====================================
 | |
| 
 | |
|   DIRECTORIES
 | |
| 
 | |
| /usr/local/share/turnserver
 | |
| 
 | |
| /usr/local/share/doc/turnserver
 | |
| 
 | |
| /usr/local/share/examples/turnserver
 | |
| 
 | |
| ======================================
 | |
| 
 | |
|   SEE ALSO
 | |
| 
 | |
| 	turnserver, turnutils
 | |
| 
 | |
| ======================================
 | |
| 
 | |
|   WEB RESOURCES
 | |
| 
 | |
| 	project page:
 | |
| 
 | |
| 	https://github.com/coturn/coturn/
 | |
| 
 | |
| 	Wiki page:
 | |
| 
 | |
| 	https://github.com/coturn/coturn/wiki
 | |
| 
 | |
| 	forum:
 | |
| 
 | |
| 	https://groups.google.com/forum/?fromgroups=#!forum/turn-server-project-rfc5766-turn-server/
 | |
| 
 | |
| ======================================
 | |
| 
 | |
|   AUTHORS
 | |
| 
 | |
| 	Oleg Moskalenko <mom040267@gmail.com>
 | |
| 
 | |
| 	Gabor Kovesdan http://kovesdan.org/
 | |
| 
 | |
| 	Daniel Pocock http://danielpocock.com/
 | |
| 
 | |
| 	John Selbie (jselbie@gmail.com)
 | |
| 
 | |
| 	Lee Sylvester <lee@designrealm.co.uk>
 | |
| 
 | |
| 	Erik Johnston <erikj@openmarket.com>
 | |
| 
 | |
| 	Roman Lisagor <roman@demonware.net>
 | |
| 	
 | |
| 	Vladimir Tsanev <tsachev@gmail.com>
 | |
| 	
 | |
| 	Po-sheng Lin <personlin118@gmail.com>
 | |
| 	
 | |
| 	Peter Dunkley <peter.dunkley@acision.com>
 | |
| 	
 | |
| 	Mutsutoshi Yoshimoto <mutsutoshi.yoshimoto@mixi.co.jp>
 | |
| 
 | |
| 	Federico Pinna <fpinna@vivocha.com>
 | |
| 
 | |
| 	Bradley T. Hughes <bradleythughes@fastmail.fm>
 | |
| 
 | |
|         Mihaly Meszaros <misi@majd.eu>
 |