diff --git a/configs/deployment/configs/turnserver.conf b/configs/deployment/configs/turnserver.conf index fe0488b7..eaa2bdf9 100644 --- a/configs/deployment/configs/turnserver.conf +++ b/configs/deployment/configs/turnserver.conf @@ -1,29 +1,53 @@ -# Coturn ana config +# ======================== +# Coturn TURN/STUN Server +# ======================== -#Portları firewall üzerinden açmak için aşağıdaki kodları kullan. -#sudo ufw allow 3478/udp -#sudo ufw allow 3478/tcp -#sudo ufw allow 5349/tcp +# Ports +# ======================== +# Coturn TURN/STUN Server +# ======================== +# Ports listening-port=3478 tls-listening-port=5349 -# 🔑 Prod’da sabit domain kullan -realm=kursplatform.local +# IP / Domain +listening-ip=0.0.0.0 +relay-ip=0.0.0.0 +external-ip=213.238.160.83/172.20.0.2 +realm=turn.sozsoft.com -# 🔑 TURN için shared secret -# Bunu backend’te de aynı şekilde kullanacaksın (dinamik credential üretmek için) -use-auth-secret -static-auth-secret=supersecretkey123 +# Auth +lt-cred-mech +user=webrtc:strongpassword123 -# TLS sertifikaları (opsiyonel, prod’da Let’s Encrypt kullanabilirsin) +# TLS cert=/etc/ssl/sozsoft.com/fullchain1.pem pkey=/etc/ssl/sozsoft.com/privkey1.pem -# STUN/TURN protokolleri -lt-cred-mech +# Security fingerprint -no-stdout-log - -# Güvenlik stale-nonce +no-loopback-peers +no-multicast-peers + +# Performance +min-port=49160 +max-port=49200 + +# Logs +#log-file=/var/log/turnserver.log +simple-log +cli-password=supersecret + + +# sudo ufw allow 3478/udp +# sudo ufw allow 3478/tcp +# sudo ufw allow 5349/udp +# sudo ufw allow 5349/tcp +# sudo ufw allow 49152:49200/udp + +# https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/?utm_source=chatgpt.com +# Username: webrtc +# Credential: strongpassword123 +# Relay candidate çıkarsa → her şey çalışıyor diff --git a/configs/deployment/docker-compose-devops.yml b/configs/deployment/docker-compose-devops.yml index 9cf4db46..10a7434a 100644 --- a/configs/deployment/docker-compose-devops.yml +++ b/configs/deployment/docker-compose-devops.yml @@ -95,10 +95,17 @@ services: - n8n coturn: - image: instrumentisto/coturn + image: coturn/coturn:latest # ✅ Güncel resmi image container_name: coturn restart: unless-stopped - network_mode: host + ports: + - "3478:3478" # STUN/TURN TCP + - "3478:3478/udp" # STUN/TURN UDP + - "5349:5349" # TLS TCP + - "5349:5349/udp" # DTLS UDP + - "49160-49200:49160-49200/udp" # Relay port aralığı volumes: - ./configs/turnserver.conf:/etc/coturn/turnserver.conf:ro - command: ["-c", "/etc/coturn/turnserver.conf"] + - /etc/ssl/sozsoft.com:/etc/ssl/sozsoft.com:ro # Sertifikaları mount ettik + - ./logs/coturn:/var/log # Logları dışarı al (opsiyonel) + command: ["turnserver", "-c", "/etc/coturn/turnserver.conf"]