coturn TURN/STUN server deployment for Trixcord. Enables voice, video and screen sharing for Matrix clients behind NAT.
|
|
||
|---|---|---|
| config | ||
| docs | ||
| LICENSE | ||
| README.md | ||
trixcord-coturn
TURN/STUN server configuration for the Trixcord Matrix infrastructure.
coturn 4.6.1 provides NAT traversal for voice, video, and screen sharing in Matrix clients. Authentication uses the use-auth-secret (HMAC) mechanism, compatible with Dendrite.
Part of the Trixcord infrastructure. See the hub repository for the full architecture overview.
Prerequisites
- Debian 12 or 13 (bare metal, VM, or container)
- coturn 4.6.1 (
apt install coturn) - Valid TLS certificate for the TURN domain
- Shared TURN secret (must match Dendrite's
turn_shared_secret)
Quick deployment
# 1. Install coturn
apt install coturn
# 2. Deploy configuration
cp config/turnserver.conf.example /etc/turnserver.conf
# Edit /etc/turnserver.conf and replace all ${VAR} placeholders
# 3. Set certificate permissions
chown root:turnserver /etc/ssl/turn/fullchain.pem /etc/ssl/turn/privkey.pem
chmod 750 /etc/ssl/turn/
# 4. Enable and start the service
systemctl enable --now coturn
Repository structure
config/
turnserver.conf.example # Annotated configuration template
docs/
installation.md # Full installation procedure
certificates.md # TLS certificate management and auto-reload
credentials.md # HMAC use-auth-secret mechanism and credential generation
testing.md # Testing with trickle-ice and Dendrite API