(**) Translated with www.DeepL.com/Translator
(source)
This procedure allows the activation of the VoIP relay on your Matrix server using the coturn service.
This is to be able to start an audio/video communication between two partners.
For conferences, look on the side Jitsi
NB : You also have the option of not installing a Turn server and going through the Turn relay of Matrix.org. This choice will force the configuration of all Element.io clients.
Installation of the coturn service
The coturn service implements the TURN REST API and must be installed on a server visible to partners. If you use it on the internet, this service must be installed on a server with a public address.
Create an internet domain pointing to the future coTurn server (not documented here, depends on your domain name provider). For example: turn.mydomain.com pointing to the public ip of your future coTurn server.
Install the coturn service on your server
Execute the installation command :
apt update
apt install coturn
Service Setting
# Generate a password with apg
apt install apg
apg
# Retrieve a string from the values provided
# Editing the coturn configuration file
vi /etc/turnserver.conf
Add at the end of the file :
use-auth-secret
static-auth-secret=motdepasseapg
realm=turn.mondomaine.com
listening-ip=adresseipserveurcoturn
use-auth-secret
no-tcp
user-quota=12
total-quota=1200
NB :
- Replace motdepasseapg by the password generated by apg (without spaces)
- Replace turn.mondomaine.com with your FQDN
- Replace adresseipserveurcoturn address with the public IP address of the coturn server.
- no-tcp allows not to listen on the proto tcp, the communications are all udp.
- user-quota and total-quota are recommended values. (source).
Start the coturn service
systemctl start coturn
Stop the coturn service
systemctl stop coturn
Restart the coturn service
systemctl restart coturn
Firewall
| Direction | Port | Proto |
|---|---|---|
| INPUT | UDP | 3478 - no TLS |
| OUTPUT (RELATED,ESTABLISHED) | UDP | 3478 |
| INPUT | UDP | 5349 - TLS |
| OUTPUT (RELATED,ESTABLISHED) | UDP | 5349 |
| INPUT | UDP | 49152:65535 (range) - P2P |
| OUTPUT (RELATED,ESTABLISHED) | UDP | 49152:65535 (range) |
Matrix-Synapse Server Setup
Edit the file /opt/synapse/homeserver.yaml
vi /opt/synapse/homeserver.yaml
to add these 4 lines (at the end of the file)
turn_uris: [ "turn:turn.mondomaine.com:3478?transport=udp" ]
turn_shared_secret: motdepasseapg
turn_user_lifetime: 86400000
turn_allow_guests: True
Enregistrer : ESC :wq
NB :
- Replace motdepasseapg by the password generated by apg.
- Replace turn.mondomaine.com with your FQDN
Restart the Matrix service
systemctl restart matrix-synapse
If communications are not working, check the firewalls of all parties.
Go further
Document licence : Creative Commons (CC BY-NC-ND 4.0)
THIS DOCUMENTATION IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND AND DISTRIBUTED FOR EDUCATIONAL PURPOSES ONLY. THE AUTHOR, CONTRIBUTORS TO THIS DOCUMENTATION OR ©MYTINYDC.COM SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT OR INDIRECT DAMAGE THAT MAY RESULT FROM THE APPLICATION OF THE PROCEDURES IMPLEMENTED IN THIS DOCUMENTATION, OR FROM THE INCORRECT INTERPRETATION OF THIS DOCUMENT.