I’m getting this message.
The error says:
"Could not establish a connection with at least one participant. A TURN server might be needed for your scenario. Please ask your administrator to set one up followings this documentation /
Ok so it’s way more complicated then I thought.
And dont use TLS … this one is not supported by Talk …
Thanks,
I just wonder why STUN is not handling this. I know the message tells me I should install a TURN server but I wonder if I just need something on my nginix proxy / reverse proxy that could fix this.
Currently router ports are only 80/443 to the nginix server, then all passes go to nextcloud. This is all working.
Perhaps the nginix is interfering with Talk somehow ?
Reading your links it looks like it should all work on local network out of the box and I should test this to be sure.
Thanks
No, it is not 
Install coturn
Check in ‘/etc/default/coturn’ if its enabled
TURNSERVER_ENABLED=1
Create Auth-Secret for static-auth-secret
openssl rand -hex 32
Enable/modify following entries in ‘/etc/turnserver.conf’
listening-port=3478
fingerprint
use-auth-secret
static-auth-secret=yoursecret
realm=yourdomainnameofyourcortuninstallation
total-quota=100
bps-capacity=0
stale-nonce=600
no-multicast-peers
systemctl restart cortun
Open port 3478 at your firewall
Fill in the URL:3478 and the secret in nextcloud → settings → talk
Thats it …
2 Likes
Should I install coturn to nginix server which is the where the public IP is pointing to ?
I am not sure where to install actually.
I have ngnix behind the router, then nextcloud is behind nginix on 2 different VM’s.
After reading your link and many others it seems my setup might be more complicated.
Are you running your nextcloud just behind router or also behind another proxy etc. ?
Please advise
Hi,
my nextcloud instances both run in my local network. So I decided to install the coturn server on an instance at a cloud provider. IMHO, with this design I have more bandwidth and less latency between the different nextcloud talkers. If you don’t want to spend extra money or you do not have any existing cloud instance, i would install coturn on the same server as your nextcloud installation …
Thanks
I guess I’m confused about how the traffic works and what’s required.
Can I use a totally different VM and install coturn there ?
I mean assuming coturn does not use ports 80/443 then I guess it would relay traffic using TALK ports just like nginix is relaying traffic with proxy_pass.
Please express anything about it. I’m having trouble deciding what configurations are available for my setup.
If I install coturn directly on the nextcloud server will this work behind the nginix proxy ? I’m confused if I still need to to something on the proxy to make it work ?
Or I’m installing on nginix which is a separate VM from nextcloud and trying it that way. Others online complained they could not get it working exactly right this way though.
Thanks
Quick generic question.
Does Talk need coturn regardless right ? I mean at your local server on the nextcloud server itself or another instance elsewhere right ? I mean if it’s behind a router and port forwarded for nextcloud. It would still need coturn right ?
The only time you don’t need that is for local TALK on the local network right ?
Please confirm
thanks
After some more reading it seems that I need to do something with nginix since I’m not behind firewall or nat.
I’m not sure how to configure this but looks like this might be related to using the same port for different things at the same time.
https://www.nginx.com/blog/running-non-ssl-protocols-over-ssl-port-nginx-1-15-2/
A TURN-Server relays webrtc traffic (talk video / audio) between the peers - so imagine: I you are at home in a private network (e.g. 192.168.0.1) and your friend is at his / her house in another private LAN. In this situation, it would be impossible to route the traffic between these 2 peers.
See also: WebRTC Signaling Servers – STUN vs TURN – WebRTC.ventures
So in order to relay the traffic your turn-server has to be accessible from the internet - it does not matter if it is located at home (fw port open and port forwarding of port 3478 to the private ip of your server) or in the cloud. I decided to install mine in the cloud due to better bandwith (i just have a 300/30 mbps line at home) and latency …
I think I understand.
Thanks.
So these services need Turn Servers too: Skype, Zoom, Discord etc. ? Because it’s connecting peers I think I get that. Not like hosting website exactly but direct connect of peers.
Anyhow now I’m wondering what method.
-So I could put the Turn server on some VPS with different public IP then the nextcloud public IP ?
-OR put Turn on my nginix box the same public ip for nextcloud
-OR put Turn directly on the nextcloud but then it would not share the same public IP because technically the public IP goes to the nginx server first.
If I put coturn on separate VM and port forward port 3478 that would be the only port. There would be no port sharing of 80/443 at that point so I’m wondering how this will work if nginix is consuming ports 80/443 traffic.
Doesn’t TALK still require those ports somehow ? If not then I guess port forwards to another VM would be good enough.
Thanks
One more question thanks.
What VPS specs would you suggest for strictly a Turn / coturn server ?
1cpu / 2GB enough ? Or does it need much more ?
thanks
Based on this article
https://fatiherikci.com/en/how-to-install-turn-coturn/
It looks like ports 443 cannot already have another web application running at least according to this.
nextcloud uses ports 443 already, and nginix is receiving the 443 traffic and proxy_pass to nextcloud.
I’m not sure coturn is going to work like it should when running it on the same network that is already running 443 applications etc. At least I don’t know how.
I would like more advise if you know about this part.
Thanks
It would seem that I would need to somehow share 80/443 or to install on VPS I don’t see how to work around this.
Also VPS would have it’s own domain that I could perhaps subdomain this at my domain records somehow.
I would prefer to host myself but I don’t know how to work around the port 443 unless I can understand how to set this up in nginix somehow.
Looks like someone has it working with nginx here. But my nginx.conf needs something like listed here.
https://github.com/coturn/coturn/issues/702
I’ll have to play with it some if I plan to make it work with self hosting
So with my current setup it still seems the easiest thing to do is to install a separate coturn VPS and it’s own domain.
Did you have a separate subdomain or domain for your turn server ?
Please advise thanks
In the meantime TLS is supported, but since WebRTC is encrypted already, it doesn’t give you any security benefit but is only required when your firewall allows HTTPS only on signalling level.
If you run into hardware limits (CPU usage, bandwidth etc) with the Nextcloud server system, then indeed it makes sense to run the TURN server on a dedicated machine. Basically all WebRTC traffic is passed through the TURN server. So monitor resource usage before doing the decision.
Thanks.
I’m struggling with ease of use via VPS vs self hosting.
I would attempt a self hosting with a VM but I just can’t seem to grasp the details.
nginx is in control of port 80/443 on single IP which does proxy_pass to nextcloud.
I installed a VM Turn Server but I am unsure about how to configure nginix to work like this. From what I read, I need to use the stream module of nginx but my lack of knowledge is not giving me a clear enough picture.
So for now it’s either try VPS or keep reading.
Looks like everything I need to know is here:
https://github.com/coturn/coturn/issues/702
For starters do I need to port forward port 3478 to the coturn server if behind a router etc. ?
I may not have enough backround to understand it or how to configure this.
Thanks