[CENTOS 7] Install secure Coturn UDP DTLS with Nextcloud

Install coturn UDP with DTLS to Centos 7

##Source

https://blog.bandinelli.net/index.php?post/2019/09/08/Installer-un-serveur-TURN/STUN-pour-Talk@Nextcloud

https://nextcloud-talk.readthedocs.io/en/latest/

##Installation Coturn

rpm -Uvh http://download-ib01.fedoraproject.org/pub/epel/7/x86_64/Packages/c/coturn-4.5.1.1-1.el7.x86_64.rpm

FOR secretKey : openssl rand -hex 32

nano /etc/coturn/turnserver.conf

tls-listening-port=5349 
listening-ip=ip priv
relay-ip=ip priv
min-port=65510 
max-port=65530 
fingerprint 
use-auth-secret 
static-auth-secret=secretkey
realm=domain
user-quota=12 
total-quota=1200 
bps-capacity=0 
no-udp 
no-tcp 
no-tls 
no-tcp-relay 
stale-nonce=600 
cert=/etc/coturn/cert.pem 
pkey=/etc/coturn/privkey.pem 
cipher-list="ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5" 
dh-file=/etc/coturn/dhparam.pem 
no-stdout-log 
log-file=/var/log/turnserver.log 
syslog 
simple-log 
no-multicast-peers 
mobility 
no-cli 
no-tlsv1 
no-tlsv1_1

yes | cp /etc/nginx/cert/dhparam.pem /etc/coturn/

yes | cp /etc/letsencrypt/live/domain/privkey.pem /etc/coturn/

yes | cp /etc/letsencrypt/live/domain/cert.pem /etc/coturn/

##check conf

egrep -v “^$|^[[:space:]]*#” /etc/coturn/turnserver.conf

##IPTABLES : TurnServer

/sbin/iptables -A INPUT -p udp -m state --state NEW --dport 5349 -j ACCEPT

/sbin/iptables -A OUTPUT -p udp -m state --state NEW -m multiport --sports 65510:65530 -j ACCFEPT

1 Like

Hi!

I am trying to install on centos 7 but “http://download-ib01.fedoraproject.org/pub/epel/7/x86_64/Packages/c/coturn-4.5.1.1-1.el7.x86_64.rpm” doesn’t work.

please help.

there is a newer version:

https://download-ib01.fedoraproject.org/pub/epel/7/x86_64/Packages/c/coturn-4.5.1.3-1.el7.x86_64.rpm