OpenCloud
/
MatrixSynapse
mirror of https://github.com/matrix-org/synapse
1
0
Fork 0
Code Issues Releases Wiki Activity

more updates

pull/8779/head
Richard van der Hoff 2020-11-19 18:08:08 +00:00
parent 4dd9f8c1a2
commit 563858873e
1 changed files with 27 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
docs/turn-howto.md
View File

@ -116,21 +116,23 @@ This will install and start a systemd service called `coturn`.
basic installation and got it working. basic installation and got it working.
1. Ensure your firewall allows traffic into the TURN server on the ports 1. Ensure your firewall allows traffic into the TURN server on the ports
you've configured it to listen on (By default: 3478 for TURN and 5349 for you've configured it to listen on (By default: 3478 and 5349 for TURN
TURNs traffic (remember to allow both TCP and UDP traffic), and ports traffic (remember to allow both TCP and UDP traffic), and ports 49152-65535
49152-65535 for the UDP relay.) for the UDP relay.)
1. If your TURN server is behind NAT, you will need to tell it its external IP 1. We do not recommend running a TURN server behind NAT, and are not aware of
address: anyone doing so successfully.
If you want to try it anyway, you will at least need to tell coturn its
external IP address:
external-ip=192.88.99.1 external-ip=192.88.99.1
For this to work, your NAT gateway must forward all of the relayed ports ... and your NAT gateway must forward all of the relayed ports directly
directly (relayed port 12345 must be always mapped to the same 'external' (eg, port 56789 on the external IP must be always be forwarded to port
port 12345). 56789 on the internal IP).
We are not aware of anyone who has successfully configured a TURN server If you get this working, let us know!
behind NAT. If you get it working, let us know!
1. (Re)start the turn server: 1. (Re)start the turn server:
@ -226,8 +228,9 @@ Here are a few things to try:
* If you are using a browser-based client under Chrome, check * If you are using a browser-based client under Chrome, check
`chrome://webrtc-internals/` for insights into the internals of the `chrome://webrtc-internals/` for insights into the internals of the
negotiation. (Understanding the output is beyond the scope of this negotiation. On Firefox, check the "Connection Log" on `about:webrtc`.
document!)
(Understanding the output is beyond the scope of this document!)
* There is a WebRTC test tool at * There is a WebRTC test tool at
https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/. To https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/. To
@ -238,6 +241,18 @@ Here are a few things to try:
matrix client to your homeserver in your browser's network inspector. In matrix client to your homeserver in your browser's network inspector. In
the response you should see `username` and `password`. Or: the response you should see `username` and `password`. Or:
* Use the following shell commands:
```sh
secret=staticAuthSecretHere
u=$((`date +%s` + 3600)):test
p=$(echo -n $u | openssl dgst -hmac $secret -sha1 -binary | base64)
echo -e "username: $u\npassword: $p"
```
Or:
* Temporarily configure coturn to accept a static username/password. To do * Temporarily configure coturn to accept a static username/password. To do
this, comment out `use-auth-secret` and `static-auth-secret` and add the this, comment out `use-auth-secret` and `static-auth-secret` and add the
following: following: