NoPaste

turnserver.conf

von Ano
SNIPPET_DESC:
/etc/turnserver.conf
SNIPPET_CREATION_TIME:
06.04.2021 09:59:28
SNIPPET_PRUNE_TIME:
Unendlich

SNIPPET_TEXT:
  1. # TURN server name and realm
  2. realm=xyz.dyn-dns.org
  3. server-name=xyz.dyn-dns.org
  4.  
  5. # IPs the TURN server listens to
  6. listening-ip=0.0.0.0
  7.  
  8. # External IP-Address of the TURN server
  9. external-ip=<externe IP>
  10.  
  11. # Main listening port
  12. listening-port=3478
  13.  
  14. # Further ports that are open for communication
  15. min-port=10000
  16. max-port=20000
  17.  
  18. # Use fingerprint in TURN message
  19. fingerprint
  20.  
  21. # Log file path
  22. log-file=/var/log/turnserver.log
  23.  
  24. # Enable verbose logging
  25. verbose
  26.  
  27. # Enable long-term credential mechanism
  28. #lt-cred-mech # Only on coTURN below v4.5.0.8!
  29.  
  30. # SSL certificates
  31. cert=/etc/letsencrypt/live/xyz.dyn-snd.org/cert.pem
  32. pkey=/etc/letsencrypt/live/xyz.dyn-dns.org/privkey.pem
  33.  
  34. #dhparam generieren mit "openssl dhparam -out /etc/ssl/private/dhparam.pem 4096" (dauert auf 'nem Pi ewig)
  35. dh-file=/etc/ssl/private/dhparam.pem
  36. cipher-list="ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384"
  37.  
  38. # 443 for TURN over TLS, which can bypass firewalls
  39. tls-listening-port=5349
  40.  
  41. use-auth-secret
  42. static-auth-secret=<output von "openssl rand -hex 32">
  43. total-quota=100
  44. bps-capacity=0
  45. stale-nonce=600
  46. no-multicast-peers
  47.  
  48. no-tlsv1
  49. no-tlsv1_1
  50. no-stdout-log
  51. syslog

Quellcode

Hier kannst du den Code kopieren und ihn in deinen bevorzugten Editor einfügen. PASTEBIN_DOWNLOAD_SNIPPET_EXPLAIN