Tutorial Topic: How to Setup a Turn Server for Nextcloud Talk

This tutorial is meant to be a "learning in process". It was created by a guy who is constantly playing with various technologies.

The turn server will be installed on a fresh installation of Debian with domain www.example.com hosted on an Ngix webserver on Linode.

Here are the steps:

  1. Register the domain name www.example.com.
  2. Setup a new linode and point www.example.com to this linode.
  3. Install and Setup Nginx server block for domain www.example.com.
  4. Install and setup UFW and open ports SSH, Nginx Full and Turnserver (Turnsever ports will be opened after installation of Turnserver)
  5. Install and Setup certbot and obtain SSH certificate for turnserver.example.com.
  6. Install Coturn (open source Turn Server)
  7. Configure Coturn
  8. Setup Nextcloud Talk for the new Turn Server.

Steps 1 to 5 will be covered elsewhere. We will only cover steps 6-7 here.

Step # 6: Install Coturn package

$ sudo apt-get install coturn

Step # 7: Edit the coturn file to enable Turnserver

$ sudo nano /etc/default/coturn

uncomment TURNSERVER_ENABLED=1

Default config

Step # 7b: Edit the turnserver.conf file. The conf file is well documentated with examples.

Change the following:

  1. uncomment listening-port=3478
  2. This allows turnserver to listen to UDP port 3478. You can also use another port you may want.

    Open Port 3478
  3. uncomment tls-listening-port=5349
  4. This allows turnserver to listen to TLS port 5349. You can also use another port you may want.

    Open TLS Port 5349
  5. uncomment and add your ip address (this is an example) listening-ip=166.51.103.20
  6. Listening IP
  7. uncomment and add your ip address (this is an example) relay-ip=166.51.103.20
  8. Relay IP
  9. uncomment fingerprint
  10. Fingerprint
  11. uncomment lt-cred-mech**NEED TO RESEARCH THIS**
  12. Long-term credential
  13. uncomment use-auth-secret
  14. Use Authorization Secret
  15. uncomment and add a password static-auth-secret=fakepassword
  16. Authorization Key
  17. uncomment and add your turnserver realm=turnserver.example.com
  18. Turnserver
  19. uncomment and set your total quota. Since I will be using this for personal use, I will make it 100. total-quota=100
  20. Total quota
  21. uncomment and set your stale-nonce. I will make it for 600 seconds. stale-nonce=600
  22. Stale-nonce
  23. uncomment and set the log file. log-file=/var/tmp/turn.log
  24. Log File
  25. uncomment no-multicast-peers
  26. No Multicast Peers