automation/deployer/roles/build/templates/synapse/coturn/turnserver.conf.j2

#jinja2: lstrip_blocks: "True"

# Adapted from 
# https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/roles/matrix-coturn/templates/turnserver.conf.j2
# in Jan. 2021

# TURN listener port for UDP and TCP (Default: 3478).
# Note: actually, TLS & DTLS sessions can connect to the
# "plain" TCP & UDP port(s), too - if allowed by configuration.
listening-port={{ site.coturn.listening_port }}


# Alternative listening port for UDP and TCP listeners;
# default (or zero) value means "listening port plus one".
# This is needed for RFC 5780 support
# (STUN extension specs, NAT behavior discovery). The TURN Server
# supports RFC 5780 only if it is started with more than one
# listening IP address of the same family (IPv4 or IPv6).
# RFC 5780 is supported only by UDP protocol, other protocols
# are listening to that endpoint only for "symmetry".
#
alt-listening-port=0

use-auth-secret
static-auth-secret={{ site.coturn.static_auth_secret }}
realm=turn.{{ site.url }}

min-port={{ site.coturn.min_port }}
max-port={{ site.coturn.min_port }}
external-ip={{ site.coturn.external_ip }}

log-file=stdout
pidfile=/var/tmp/turnserver.pid
userdb=/var/tmp/turnserver.db

no-cli
no-tls
no-dtls

prod
no-tcp-relay

{% if site.coturn.user_quota != None %}
user-quota={{ site.coturn.user_quota }}
{% endif %}
{% if site.coturn.total_quota != None %}
total-quota={{ site.coturn.total_quota }}
{% endif %}

{% for ip_range in matrix_coturn_denied_peer_ips %}
denied-peer-ip={{ ip_range }}
{% endfor %}
{% for ip_range in matrix_coturn_allowed_peer_ips %}
allowed-peer-ip={{ ip_range }}
{% endfor %}
starting to work on setting up a TURN server for Synapse 2021-01-17 13:04:43 +00:00			`#jinja2: lstrip_blocks: "True"`

			`# Adapted from`
			`# https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/roles/matrix-coturn/templates/turnserver.conf.j2`
			`# in Jan. 2021`

before testing coturn 2021-01-17 20:22:35 +00:00			`# TURN listener port for UDP and TCP (Default: 3478).`
			`# Note: actually, TLS & DTLS sessions can connect to the`
			`# "plain" TCP & UDP port(s), too - if allowed by configuration.`
			`listening-port={{ site.coturn.listening_port }}`


			`# Alternative listening port for UDP and TCP listeners;`
			`# default (or zero) value means "listening port plus one".`
			`# This is needed for RFC 5780 support`
			`# (STUN extension specs, NAT behavior discovery). The TURN Server`
			`# supports RFC 5780 only if it is started with more than one`
			`# listening IP address of the same family (IPv4 or IPv6).`
			`# RFC 5780 is supported only by UDP protocol, other protocols`
			`# are listening to that endpoint only for "symmetry".`
			`#`
			`alt-listening-port=0`

starting to work on setting up a TURN server for Synapse 2021-01-17 13:04:43 +00:00			`use-auth-secret`
			`static-auth-secret={{ site.coturn.static_auth_secret }}`
			`realm=turn.{{ site.url }}`

			`min-port={{ site.coturn.min_port }}`
			`max-port={{ site.coturn.min_port }}`
			`external-ip={{ site.coturn.external_ip }}`

			`log-file=stdout`
			`pidfile=/var/tmp/turnserver.pid`
			`userdb=/var/tmp/turnserver.db`

			`no-cli`
			`no-tls`
			`no-dtls`

			`prod`
			`no-tcp-relay`

			`{% if site.coturn.user_quota != None %}`
			`user-quota={{ site.coturn.user_quota }}`
			`{% endif %}`
			`{% if site.coturn.total_quota != None %}`
			`total-quota={{ site.coturn.total_quota }}`
			`{% endif %}`

			`{% for ip_range in matrix_coturn_denied_peer_ips %}`
			`denied-peer-ip={{ ip_range }}`
			`{% endfor %}`
			`{% for ip_range in matrix_coturn_allowed_peer_ips %}`
			`allowed-peer-ip={{ ip_range }}`
			`{% endfor %}`