From 3bef3c6679b1d6e402a9061cfe09d71bc2f3dc15 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sedat=20=C3=96ZT=C3=9CRK?= <76204082+iamsedatozturk@users.noreply.github.com> Date: Mon, 1 Sep 2025 12:16:21 +0300 Subject: [PATCH] =?UTF-8?q?Classroom=20=C3=87=C4=B1kan=20ki=C5=9Finin=20ad?= =?UTF-8?q?=C4=B1n=C4=B1=20yazd=C4=B1k?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- configs/deployment/configs/turnserver.conf | 58 ++++++++++++++------ configs/deployment/docker-compose-devops.yml | 13 ++++- 2 files changed, 51 insertions(+), 20 deletions(-) diff --git a/configs/deployment/configs/turnserver.conf b/configs/deployment/configs/turnserver.conf index fe0488b7..eaa2bdf9 100644 --- a/configs/deployment/configs/turnserver.conf +++ b/configs/deployment/configs/turnserver.conf @@ -1,29 +1,53 @@ -# Coturn ana config +# ======================== +# Coturn TURN/STUN Server +# ======================== -#Portları firewall üzerinden açmak için aşağıdaki kodları kullan. -#sudo ufw allow 3478/udp -#sudo ufw allow 3478/tcp -#sudo ufw allow 5349/tcp +# Ports +# ======================== +# Coturn TURN/STUN Server +# ======================== +# Ports listening-port=3478 tls-listening-port=5349 -# 🔑 Prod’da sabit domain kullan -realm=kursplatform.local +# IP / Domain +listening-ip=0.0.0.0 +relay-ip=0.0.0.0 +external-ip=213.238.160.83/172.20.0.2 +realm=turn.sozsoft.com -# 🔑 TURN için shared secret -# Bunu backend’te de aynı şekilde kullanacaksın (dinamik credential üretmek için) -use-auth-secret -static-auth-secret=supersecretkey123 +# Auth +lt-cred-mech +user=webrtc:strongpassword123 -# TLS sertifikaları (opsiyonel, prod’da Let’s Encrypt kullanabilirsin) +# TLS cert=/etc/ssl/sozsoft.com/fullchain1.pem pkey=/etc/ssl/sozsoft.com/privkey1.pem -# STUN/TURN protokolleri -lt-cred-mech +# Security fingerprint -no-stdout-log - -# Güvenlik stale-nonce +no-loopback-peers +no-multicast-peers + +# Performance +min-port=49160 +max-port=49200 + +# Logs +#log-file=/var/log/turnserver.log +simple-log +cli-password=supersecret + + +# sudo ufw allow 3478/udp +# sudo ufw allow 3478/tcp +# sudo ufw allow 5349/udp +# sudo ufw allow 5349/tcp +# sudo ufw allow 49152:49200/udp + +# https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/?utm_source=chatgpt.com +# Username: webrtc +# Credential: strongpassword123 +# Relay candidate çıkarsa → her şey çalışıyor diff --git a/configs/deployment/docker-compose-devops.yml b/configs/deployment/docker-compose-devops.yml index 9cf4db46..10a7434a 100644 --- a/configs/deployment/docker-compose-devops.yml +++ b/configs/deployment/docker-compose-devops.yml @@ -95,10 +95,17 @@ services: - n8n coturn: - image: instrumentisto/coturn + image: coturn/coturn:latest # ✅ Güncel resmi image container_name: coturn restart: unless-stopped - network_mode: host + ports: + - "3478:3478" # STUN/TURN TCP + - "3478:3478/udp" # STUN/TURN UDP + - "5349:5349" # TLS TCP + - "5349:5349/udp" # DTLS UDP + - "49160-49200:49160-49200/udp" # Relay port aralığı volumes: - ./configs/turnserver.conf:/etc/coturn/turnserver.conf:ro - command: ["-c", "/etc/coturn/turnserver.conf"] + - /etc/ssl/sozsoft.com:/etc/ssl/sozsoft.com:ro # Sertifikaları mount ettik + - ./logs/coturn:/var/log # Logları dışarı al (opsiyonel) + command: ["turnserver", "-c", "/etc/coturn/turnserver.conf"]