turnserver.conf
von Ano- SNIPPET_DESC:
- /etc/turnserver.conf
- SNIPPET_CREATION_TIME:
- 06.04.2021 09:59:28
- SNIPPET_PRUNE_TIME:
- Unendlich
- SNIPPET_TEXT:
-
- # TURN server name and realm
- realm=xyz.dyn-dns.org
- server-name=xyz.dyn-dns.org
- # IPs the TURN server listens to
- listening-ip=0.0.0.0
- # External IP-Address of the TURN server
- external-ip=<externe IP>
- # Main listening port
- listening-port=3478
- # Further ports that are open for communication
- min-port=10000
- max-port=20000
- # Use fingerprint in TURN message
- fingerprint
- # Log file path
- log-file=/var/log/turnserver.log
- # Enable verbose logging
- verbose
- # Enable long-term credential mechanism
- #lt-cred-mech # Only on coTURN below v4.5.0.8!
- # SSL certificates
- cert=/etc/letsencrypt/live/xyz.dyn-snd.org/cert.pem
- pkey=/etc/letsencrypt/live/xyz.dyn-dns.org/privkey.pem
- #dhparam generieren mit "openssl dhparam -out /etc/ssl/private/dhparam.pem 4096" (dauert auf 'nem Pi ewig)
- dh-file=/etc/ssl/private/dhparam.pem
- cipher-list="ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384"
- # 443 for TURN over TLS, which can bypass firewalls
- tls-listening-port=5349
- use-auth-secret
- static-auth-secret=<output von "openssl rand -hex 32">
- total-quota=100
- bps-capacity=0
- stale-nonce=600
- no-multicast-peers
- no-tlsv1
- no-tlsv1_1
- no-stdout-log
- syslog
Quellcode
Hier kannst du den Code kopieren und ihn in deinen bevorzugten Editor einfügen. PASTEBIN_DOWNLOAD_SNIPPET_EXPLAIN