mirror of
				https://github.com/coturn/coturn.git
				synced 2025-10-25 04:51:04 +02:00 
			
		
		
		
	
		
			
				
	
	
		
			378 lines
		
	
	
		
			8.9 KiB
		
	
	
	
		
			Groff
		
	
	
	
	
	
			
		
		
	
	
			378 lines
		
	
	
		
			8.9 KiB
		
	
	
	
		
			Groff
		
	
	
	
	
	
| .\" Text automatically generated by txt2man
 | |
| .TH TURN 1 "29 January 2019" "" ""
 | |
| .SH GENERAL INFORMATION
 | |
| 
 | |
| \fIturnadmin\fP is a TURN administration tool. This tool can be used to manage 
 | |
| the user accounts (add/remove users, generate 
 | |
| TURN keys for the users). For security reasons, we do not recommend 
 | |
| storing passwords openly. The better option is to use pre\-processed "keys" 
 | |
| which are then used for authentication. These keys are generated by \fIturnadmin\fP. 
 | |
| Turnadmin is a link to \fIturnserver\fP binary, but \fIturnadmin\fP performs different 
 | |
| functions.
 | |
| .PP
 | |
| Options note: \fIturnadmin\fP has long and short option names, for most options.
 | |
| Some options have only long form, some options have only short form. Their syntax 
 | |
| somewhat different, if an argument is required:
 | |
| .PP
 | |
| The short form must be used as this (for example):
 | |
| .PP
 | |
| .nf
 | |
| .fam C
 | |
|   $ turnadmin \-u <username> \.\.\.
 | |
| 
 | |
| .fam T
 | |
| .fi
 | |
| The long form equivalent must use the "=" character:
 | |
| .PP
 | |
| .nf
 | |
| .fam C
 | |
|   $ turnadmin \-\-user=<username> \.\.\.
 | |
| 
 | |
| .fam T
 | |
| .fi
 | |
| If this is a flag option (no argument required) then their usage are the same, for example:
 | |
| .PP
 | |
| .nf
 | |
| .fam C
 | |
|  $ turnadmin \-k \.\.\.
 | |
| 
 | |
| .fam T
 | |
| .fi
 | |
| is equivalent to:
 | |
| .PP
 | |
| .nf
 | |
| .fam C
 | |
|  $ turnadmin \-\-key \.\.\.
 | |
| 
 | |
| .fam T
 | |
| .fi
 | |
| You have always the use the \fB\-r\fP <realm> option with commands for long term credentials \- 
 | |
| because data for multiple realms can be stored in the same database.
 | |
| .PP
 | |
| =====================================
 | |
| .SS  NAME
 | |
| \fB
 | |
| \fBturnadmin \fP\- a TURN relay administration tool.
 | |
| \fB
 | |
| .SS  SYNOPSIS  
 | |
| 
 | |
| $ \fIturnadmin\fP [command] [options]
 | |
| .PP
 | |
| $ \fIturnadmin\fP [ \fB\-h\fP | \fB\-\-help\fP]
 | |
| .SS  DESCRIPTION
 | |
| 
 | |
| .TP
 | |
| .B
 | |
| Commands:
 | |
| .TP
 | |
| .B
 | |
| \fB\-P\fP, \fB\-\-generate\-encrypted\-password\fP
 | |
| Generate and print to the standard
 | |
| output an encrypted form of a password (for web admin user or CLI).
 | |
| The value then can be used as a safe key for the password
 | |
| storage on disk or in the database. Every invocation for the same password
 | |
| produces a different result. The for mat of the encrypted password is:
 | |
| $5$<\.\.\.salt\.\.\.>$<\.\.\.sha256(salt+password)\.\.\.>. Salt is 16 characters,
 | |
| the sha256 output is 64 characters. Character 5 is the algorithm id (sha256).
 | |
| Only sha256 is supported as the hash function.
 | |
| .TP
 | |
| .B
 | |
| \fB\-k\fP, \fB\-\-key\fP
 | |
| Generate key for a long\-term credentials mechanism user.
 | |
| .TP
 | |
| .B
 | |
| \fB\-a\fP, \fB\-\-add\fP
 | |
| Add or update a long\-term user.
 | |
| .TP
 | |
| .B
 | |
| \fB\-A\fP, \fB\-\-add\-admin\fP
 | |
| Add or update an admin user.
 | |
| .TP
 | |
| .B
 | |
| \fB\-d\fP, \fB\-\-delete\fP
 | |
| Delete a long\-term user.
 | |
| .TP
 | |
| .B
 | |
| \fB\-D\fP, \fB\-\-delete\-admin\fP
 | |
| Delete an admin user.
 | |
| .TP
 | |
| .B
 | |
| \fB\-l\fP, \fB\-\-list\fP
 | |
| List long\-term users in the database.
 | |
| .TP
 | |
| .B
 | |
| \fB\-L\fP, \fB\-\-list\-admin\fP
 | |
| List admin users in the database.
 | |
| .PP
 | |
| \fB\-s\fP, \fB\-\-set\-secret\fP=<value> Add shared secret for TURN RESP API
 | |
| .TP
 | |
| .B
 | |
| \fB\-S\fP, \fB\-\-show\-secret\fP
 | |
| Show stored shared secrets for TURN REST API
 | |
| .PP
 | |
| \fB\-X\fP, \fB\-\-delete\-secret\fP=<value> Delete a shared secret.
 | |
| .RS
 | |
| .TP
 | |
| .B
 | |
| \fB\-\-delete\-all_secrets\fP
 | |
| Delete all shared secrets for REST API.
 | |
| .RE
 | |
| .TP
 | |
| .B
 | |
| \fB\-O\fP, \fB\-\-add\-origin\fP
 | |
| Add origin\-to\-realm relation.
 | |
| .TP
 | |
| .B
 | |
| \fB\-R\fP, \fB\-\-del\-origin\fP
 | |
| Delete origin\-to\-realm relation.
 | |
| .TP
 | |
| .B
 | |
| \fB\-I\fP, \fB\-\-list\-origins\fP
 | |
| List origin\-to\-realm relations.
 | |
| .TP
 | |
| .B
 | |
| \fB\-g\fP, \fB\-\-set\-realm\-option\fP
 | |
| Set realm params: max\-bps, total\-quota, user\-quota.
 | |
| .TP
 | |
| .B
 | |
| \fB\-G\fP, \fB\-\-list\-realm\-options\fP
 | |
| List realm params.
 | |
| .TP
 | |
| .B
 | |
| \fB\-E\fP, \fB\-\-generate\-encrypted\-password\-aes\fP
 | |
| Generate and print to the standard output 
 | |
| an encrypted form of password with AES\-128
 | |
| .TP
 | |
| .B
 | |
| Options with required values:
 | |
| .TP
 | |
| .B
 | |
| \fB\-b\fP, \fB\-\-db\fP, \fB\-\-userdb\fP
 | |
| SQLite user database file name (default \- /var/db/turndb or
 | |
| /usr/local/var/db/turndb or /var/lib/turn/turndb).
 | |
| See the same option in the \fIturnserver\fP section.
 | |
| .TP
 | |
| .B
 | |
| \fB\-e\fP, \fB\-\-psql\-userdb\fP
 | |
| PostgreSQL user database connection string.
 | |
| See the \fB\-\-psql\-userdb\fP option in the \fIturnserver\fP section.
 | |
| .TP
 | |
| .B
 | |
| \fB\-M\fP, \fB\-\-mysql\-userdb\fP
 | |
| MySQL user database connection string.
 | |
| See the \fB\-\-mysql\-userdb\fP option in the \fIturnserver\fP section.
 | |
| .TP
 | |
| .B
 | |
| \fB\-J\fP, \fB\-\-mongo\-userdb\fP
 | |
| MongoDB user database connection string.
 | |
| See the \fB\-\-mysql\-mongo\fP option in the \fIturnserver\fP section.
 | |
| .TP
 | |
| .B
 | |
| \fB\-N\fP, \fB\-\-redis\-userdb\fP
 | |
| Redis user database connection string.
 | |
| See the \fB\-\-redis\-userdb\fP option in the \fIturnserver\fP section.
 | |
| .TP
 | |
| .B
 | |
| \fB\-u\fP, \fB\-\-user\fP
 | |
| User name.
 | |
| .TP
 | |
| .B
 | |
| \fB\-r\fP, \fB\-\-realm\fP
 | |
| Realm.
 | |
| .TP
 | |
| .B
 | |
| \fB\-p\fP, \fB\-\-password\fP
 | |
| Password.
 | |
| .TP
 | |
| .B
 | |
| \fB\-x\fP, \fB\-\-key\-path\fP
 | |
| Generates a 128 bit key into the given path.
 | |
| .TP
 | |
| .B
 | |
| \fB\-f\fP, \fB\-\-file\-key\-path\fP
 | |
| Contains a 128 bit key in the given path.
 | |
| .TP
 | |
| .B
 | |
| \fB\-v\fP, \fB\-\-verify\fP
 | |
| Verify a given base64 encrypted type password.
 | |
| .TP
 | |
| .B
 | |
| \fB\-o\fP, \fB\-\-origin\fP
 | |
| Origin
 | |
| .TP
 | |
| .B
 | |
| \fB\-\-max\-bps\fP
 | |
| Set value of realm's max\-bps parameter.
 | |
| .TP
 | |
| .B
 | |
| \fB\-\-total\-quota\fP
 | |
| Set value of realm's total\-quota parameter.
 | |
| .TP
 | |
| .B
 | |
| \fB\-\-user\-quota\fP
 | |
| Set value of realm's user\-quota parameter. 
 | |
| .TP
 | |
| .B
 | |
| \fB\-h\fP, \fB\-\-help\fP
 | |
| Help.
 | |
| .TP
 | |
| .B
 | |
| Command examples:
 | |
| .PP
 | |
| Generate an encrypted form of a password:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-P\fP \fB\-p\fP <password>
 | |
| .PP
 | |
| Generate a key:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-k\fP \fB\-u\fP <username> \fB\-r\fP <realm> \fB\-p\fP <password>
 | |
| .PP
 | |
| Add/update a user in the in the database:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-a\fP [\fB\-b\fP <userdb\-file> | \fB\-e\fP <db\-connection\-string> | \fB\-M\fP <db\-connection\-string> | \fB\-N\fP <db\-connection\-string> ] \fB\-u\fP <username> \fB\-r\fP <realm> \fB\-p\fP <password>
 | |
| .PP
 | |
| Delete a user from the database:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-d\fP [\fB\-b\fP <userdb\-file> | \fB\-e\fP <db\-connection\-string> | \fB\-M\fP <db\-connection\-string> | \fB\-N\fP <db\-connection\-string> ] \fB\-u\fP <username> \fB\-r\fP <realm>
 | |
| .PP
 | |
| List all long\-term users in MySQL database:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-l\fP \fB\-\-mysql\-userdb\fP="<db\-connection\-string>" \fB\-r\fP <realm>
 | |
| .PP
 | |
| List all admin users in Redis database:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-L\fP \fB\-\-redis\-userdb\fP="<db\-connection\-string>"
 | |
| .PP
 | |
| Set secret in MySQL database:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-s\fP <secret> \fB\-\-mysql\-userdb\fP="<db\-connection\-string>" \fB\-r\fP <realm>
 | |
| .PP
 | |
| Show secret stored in PostgreSQL database:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-S\fP \fB\-\-psql\-userdb\fP="<db\-connection\-string>" \fB\-r\fP <realm>
 | |
| .PP
 | |
| Set origin\-to\-realm relation in MySQL database:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-\-mysql\-userdb\fP="<db\-connection\-string>" \fB\-r\fP <realm> \fB\-o\fP <origin>
 | |
| .PP
 | |
| Delete origin\-to\-realm relation from Redis DB:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-\-redis\-userdb\fP="<db\-connection\-string>" \fB\-o\fP <origin>
 | |
| .PP
 | |
| List all origin\-to\-realm relations in Redis DB:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-\-redis\-userdb\fP="<db\-connection\-string>" \fB\-I\fP
 | |
| .PP
 | |
| List the origin\-to\-realm relations in PostgreSQL DB for a single realm:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-\-psql\-userdb\fP="<db\-connection\-string>" \fB\-I\fP \fB\-r\fP <realm>
 | |
| .PP
 | |
| Create new key file for mysql password encryption:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-E\fP \fB\-\-key\-path\fP <key\-file>
 | |
| .PP
 | |
| Create encrypted mysql password:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-E\fP \fB\-\-file\-key\-path\fP <key\-file> \fB\-p\fP <secret>
 | |
| .PP
 | |
| Verify/decrypt encrypted password:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-\-file\-key\-path\fP <key\-file> \fB\-v\fP <encrypted>
 | |
| .RE
 | |
| .PP
 | |
| 
 | |
| .RS
 | |
| .TP
 | |
| .B
 | |
| Help:
 | |
| .PP
 | |
| $ \fIturnadmin\fP \fB\-h\fP
 | |
| .PP
 | |
| =======================================
 | |
| .SS  DOCS
 | |
| 
 | |
| After installation, run the command:
 | |
| .PP
 | |
| $ man \fIturnadmin\fP
 | |
| .PP
 | |
| or in the project root directory:
 | |
| .PP
 | |
| $ man \fB\-M\fP man \fIturnadmin\fP
 | |
| .PP
 | |
| to see the man page.
 | |
| .PP
 | |
| =====================================
 | |
| .SS  FILES
 | |
| 
 | |
| /etc/turnserver.conf
 | |
| .PP
 | |
| /var/db/turndb
 | |
| .PP
 | |
| /usr/local/var/db/turndb
 | |
| .PP
 | |
| /var/lib/turn/turndb
 | |
| .PP
 | |
| /usr/local/etc/turnserver.conf
 | |
| .PP
 | |
| =====================================
 | |
| .SS  DIRECTORIES
 | |
| 
 | |
| /usr/local/share/\fIturnserver\fP
 | |
| .PP
 | |
| /usr/local/share/doc/\fIturnserver\fP
 | |
| .PP
 | |
| /usr/local/share/examples/\fIturnserver\fP
 | |
| .PP
 | |
| ======================================
 | |
| .SS  SEE ALSO
 | |
| 
 | |
| \fIturnserver\fP, \fIturnutils\fP
 | |
| .RE
 | |
| .PP
 | |
| ======================================
 | |
| .SS  WEB RESOURCES
 | |
| 
 | |
| project page:
 | |
| .PP
 | |
| https://github.com/coturn/coturn/
 | |
| .PP
 | |
| Wiki page:
 | |
| .PP
 | |
| https://github.com/coturn/coturn/wiki
 | |
| .PP
 | |
| forum:
 | |
| .PP
 | |
| https://groups.google.com/forum/?fromgroups=#!forum/turn\-server\-project\-rfc5766\-turn\-server/
 | |
| .RE
 | |
| .PP
 | |
| ======================================
 | |
| .SS  AUTHORS
 | |
| 
 | |
| Oleg Moskalenko <mom040267@gmail.com>
 | |
| .PP
 | |
| Gabor Kovesdan http://kovesdan.org/
 | |
| .PP
 | |
| Daniel Pocock http://danielpocock.com/
 | |
| .PP
 | |
| John Selbie (jselbie@gmail.com)
 | |
| .PP
 | |
| Lee Sylvester <lee@designrealm.co.uk>
 | |
| .PP
 | |
| Erik Johnston <erikj@openmarket.com>
 | |
| .PP
 | |
| Roman Lisagor <roman@demonware.net>
 | |
| .PP
 | |
| Vladimir Tsanev <tsachev@gmail.com>
 | |
| .PP
 | |
| Po\-sheng Lin <personlin118@gmail.com>
 | |
| .PP
 | |
| Peter Dunkley <peter.dunkley@acision.com>
 | |
| .PP
 | |
| Mutsutoshi Yoshimoto <mutsutoshi.yoshimoto@mixi.co.jp>
 | |
| .PP
 | |
| Federico Pinna <fpinna@vivocha.com>
 | |
| .PP
 | |
| Bradley T. Hughes <bradleythughes@fastmail.fm>
 | |
| .PP
 | |
| Mihaly Meszaros <misi@majd.eu>
 |