« back to all changes in this revision
Viewing changes to INSTALL
- browse files at revision 11
- compare with another revision
- download diff
- download tarball
- view history from revision 11
- Committer: Package Import Robot
- Author(s): Oleg Moskalenko
- Date: 2014-11-23 00:15:03 UTC
- mfrom: (1.1.7)
- Revision ID: package-import@ubuntu.com-20141123001503-oxzujsbx5ye4ea6i
Tags: 4.3.1.1-1
Sync to 4.3.1.1: SQLite support added.
- examples/var
- examples/var/db
- files removed:
- examples/etc/turnuserdb.conf
- files modified:
- ChangeLog
added
removed
INSTALL
2
2
3
3
At the present time, several operation systems have this project pre-packaged:
4
4
5
1) FreeBSD (and PC-BSD) have this project as a "port", named "turnserver",
6
in /usr/ports/net/turnserver directory. Installation is very simple:
7
8
# optional commands, to update the ports tree:
9
$ sudo portsnap fetch
10
$ sudo portsnap update
11
12
# Build and install the TURN Server:
13
$ cd /usr/ports/net/turnserver
14
$ sudo make install clean
15
16
2) Debian "jessie" (and the recent version of Ubuntu and Mint)
17
have the predecessor of this project packaged as "rfc5766-turn-server", see the link:
18
19
http://packages.qa.debian.org/r/rfc5766-turn-server.html
20
21
In the new Debian "jessie", and in the related Ubuntu and Mint, you will
22
be able to just select rfc5766-turn-server from the packages list and
23
install it through Synaptic or through the package manager.
24
25
If you are using the Debian package from the project download site, then follow these instructions:
5
1) New Linuxes in Debian family have package "coturn":
6
7
http://packages.qa.debian.org/r/coturn.html
8
9
If you are using the Debian package from the project download site,
10
then follow these instructions:
26
11
27
12
Unpack the archive:
28
13
50
35
The service start-up control scripts will be in /etc/init.d/coturn and
51
36
in /etc/defaults/coturn files.
52
37
53
3) ArchLinux has this TURN server package:
38
2) ArchLinux has this TURN server package:
54
39
55
40
https://aur.archlinux.org/packages/coturn/
56
41
57
4) OpenSUSE has an older package, too:
58
59
https://build.opensuse.org/package/show/home:ehauenstein/rfc5766-turn-server
60
61
If you are using a pre-packaged TURN server then you can skip
62
to the section IX.
42
3) FreeBSD and OpenSUSE have the predecessor of this project packaged
43
(rfc5766-turn-server).
63
44
64
45
II. DOWNLOAD
65
46
81
62
82
63
It will create a Makefile customized for your system.
83
64
84
By default, the generated Makefile will be set to install everything
85
in:
65
By default, the generated Makefile will install everything to:
66
86
67
- /usr on Solaris.
87
68
- /usr/pkg on NetBSD.
88
69
- /usr/local everywhere else.
89
70
90
The binaries will be copied in bin subdirectory of the installation
91
destination, config files copied to etc subdirectory. There will be
71
The binaries will be copied to the bin subdirectory of the installation
72
destination, config files copied to etc subdirectory. The default SQLite database
73
will be created in var/db/turndb. There will be
92
74
also documents, examples and some other files, in separate directories.
93
75
94
You can change the root configured destination directory by
76
You can change the root configured destination directory by
95
77
setting PREFIX variable in the
96
78
configure command line. For example:
97
79
102
84
$ ./configure --prefix=/opt
103
85
104
86
You can change the auxiliary configured destination sub-directories by
105
setting BINDIR, CONFDIR, MANPREFIX, EXAMPLESDIR, DOCSDIR, LIBDIR, SCHEMADIR
106
and TURNINCLUDEDIR variables in the
87
setting BINDIR, CONFDIR, MANPREFIX, EXAMPLESDIR, DOCSDIR, LIBDIR, SCHEMADIR,
88
LOCALSTATEDIR and TURNINCLUDEDIR variables in the
107
89
configure command line. For example:
108
90
109
91
$ PREFIX=/opt BINDIR=/opt/bin64 CONFDIR=/opt/conf ./configure
120
102
121
103
See below a separate INSTALL section for more details.
122
104
123
The script configure is a proprietary script. It will create a Makefile
105
The script "configure" is a proprietary script. It will create a Makefile
124
106
that you can use to build the project:
125
107
126
108
$ make
131
113
"utility" programs there.
132
114
- create lib/ sub-directory and put the client library there.
133
115
- create include/turn/ sub-directory and put include files there.
116
- create sqlite/turndb default empty database that will be copied to
117
var/db/ during the installation.
134
118
135
The programs can be either called directly, or a shell scripts can be used.
119
The TURN programs can be either called directly, or a shell scripts can be used.
136
120
The script examples are located in examples/scripts directory. These scripts
137
121
are just examples: you can run them successfully for the tests, but
138
122
you will have to change the script parameters for your real environment.
169
153
IV. INSTALL
170
154
171
155
This step is optional. You can run the turnserver from the original build
172
directory, successfully, without installing the TURN server into the system.
156
directory, successfully, without installing the TURN server into your system.
173
157
You have to install the turnserver only if you want to integrate the
174
158
turnserver in your system.
175
159
186
170
187
171
- copy the content of examples subdirectory into
188
172
PREFIX/share/examples/turnserver/ directory;
173
- copy the generated default empty SQLite database from sqlite/turndb
174
to /var/db/turndb;
189
175
- copy the content of include/turn subdirectory into
190
176
PREFIX/include/turn/ directory;
191
177
- copy the database schema file turndb/schema.sql into
192
PREFIX/share/turnserver/
178
PREFIX/share/turnserver/
193
179
directory;
194
180
- copy all docs into PREFIX/share/doc/turnserver/ directory.
195
181
203
189
In this example, the root installation directory will be /opt/usr.
204
190
205
191
The "configure" script by default generates a Makefile with "rpath" option
206
set for the binaries linking (if your compiler allows that option). If that
207
is not desirable (like in some OS packaging procedures), then run the
208
"configure" script with --disable-rpath option.
192
set for the dynamic libraries linking (if your system and your compiler
193
allow that option). If that is not desirable (like in some OS packaging
194
procedures), then run the "configure" script with --disable-rpath option.
209
195
210
If you do not want to use the rpath linking option, or you OS or compiler
211
do not allows that, then after the installation, you may have to adjust the
212
system-wide shared library search path by using "ldconfig -n <libdirname>"
213
(Linux), "ldconfig -m <libdirname>" (BSD) or "crle -u -l <libdirname>"
214
(Solaris). Your system must be able to find the libevent2, openssl and
215
(optionally) PostgreSQL and/or MySQL (MariaDB) and/or MongoDB and/or Redis
216
shared libraries, either with the help of the system-wide library search
217
configuration or by using LD_LIBRARY_PATH. "make install" will make a
218
non-garantied effort to add automatically PREFIX/lib and /usr/local/lib to
219
the libraries search path, but if you have some libraries in different
220
non-default directories you will have to add them manually to the search
221
path, or you will have to adjust LD_LIBRARY_PATH.
196
If you are not using the rpath linking option, then after the installation,
197
you may have to adjust the system-wide shared library search path with
198
"ldconfig -n <libdirname>" (Linux), "ldconfig -m <libdirname>" (BSD) or
199
"crle -u -l <libdirname>" (Solaris). Your system must be able to find the
200
libevent2, openssl and (optionally) SQLite and/or PostgreSQL and/or MySQL
201
(MariaDB) and/or MongoDB and/or Redis shared libraries, either with the
202
help of the system-wide library search configuration or by using
203
LD_LIBRARY_PATH. "make install" will make a non-guaranteed effort to add
204
automatically PREFIX/lib and /usr/local/lib to the libraries search path,
205
but if you have some libraries in different non-default directories then
206
you will have to add them manually to the search path, or you will have
207
to adjust LD_LIBRARY_PATH.
222
208
223
209
V. PLATFORMS
224
210
225
211
The TURN Server is using generic *NIX system APIs and is supposed to be
226
212
usable on wide range of *NIX systems.
227
213
228
The following platforms have been used in the development:
229
230
- Linux Ubuntu 11.x and 12.x, i386 and x86_64
231
- FreeBSD 6.x, i386
232
- FreeBSD 8.x, i386
233
- PC-BSD 9.x, x86_64
234
- Solaris 11, x86_64
235
- Linux CentOS / Red Hat Enterprise Edition 6.x-7.0, x86_64 (i386 & amd64)
236
- Linux Debian 'Squeeze', i386
237
- Linux Mint 14.1 'Nadia', i386
238
- Linux Mint 16 'Petra', i386
239
- Linux Debian 'Wheezy', x86_64
240
- Cygwin 1.7.20
241
- NetBSD 6.0.1, i386
242
- OpenBSD 5.3, i386
243
- Amazon Linux, x86_64
244
- Mac OS X Mountain Lion
245
- ArchLinux, x86_64
246
- Fedora 19 and 20, x86_64
247
- OpenSUSE 12.3, x86_64
248
249
It must work on many other *NIXes, as well. The configure script and/or
214
The following platforms are supported
215
(both i386 and x86_64 variants when applicable):
216
217
- Linux,
218
- BSD family (Mac OS X, FreeBSD, NetBSD, OpenBSD),
219
- Solaris 11,
220
- Cygwin
221
222
It must work on other *NIXes, as well. The configure script and/or
250
223
Makefile may need adjustments for other *NIXes not mentioned above.
251
224
252
225
The code of the client messaging library can be compiled and used on
259
232
260
233
The tested C compilers are:
261
234
262
- gcc 3.4.4 thru 4.8.1
235
- gcc 3.4.4 thru 4.8.x
263
236
- clang 3.0 or better
264
- Solaris Studio 12.3 C compiler, version 5.12
237
- Solaris Studio 12 C compiler
265
238
266
It may be compiled with others compilers, too.
239
It may be compiled with other compilers, too.
267
240
268
241
The code is compatible with C++ compiler, and a C++ compiler
269
242
(like g++) can be used for the compilation, too:
275
248
276
249
In addition to common *NIX OS services and libraries, to compile this code,
277
250
OpenSSL (version 1.0.0a or better recommended) and libevent2 (version 2.0.5
278
or better) are required, the PostgreSQL C client development setup is
279
optional, the MySQL (MariaDB) C client development setup is optional, the MongoDB
280
C Driver and the Hiredis development files for Redis database access are optional.
281
For fully functional build, the extra set of libraries must be installed
282
in full version (the development headers and the libraries to link with).
283
For runtime, only runtime setup is required. If the build is modified for
251
or better) are required, SQLite C development library and header is optional,
252
the PostgreSQL C client development setup is optional,
253
the MySQL (MariaDB) C client development setup is optional,
254
the MongoDB C Driver and the Hiredis development files for Redis database
255
access are all optional. For development build, the development headers and
256
the libraries to link with, are to be installed. For the runtime, only the
257
runtime setup is required. If the build is modified for
284
258
static linking, then even runtime installation is not needed.
285
259
286
OpenSSL, libevent2, PostgreSQL, MySQL (or MariaDB) and Hiredis
260
OpenSSL, SQLite, libevent2, PostgreSQL, MySQL (or MariaDB) and Hiredis
287
261
libraries can be downloaded from their web sites:
288
262
- http://www.openssl.org (required);
289
263
- http://www.libevent.org (required);
264
- http://www.sqlite.org (optional);
290
265
- http://www.postgresql.org (optional);
291
266
- http://www.mysql.org (or http://mariadb.org) (optional);
292
267
- https://github.com/mongodb/mongo-c-driver (optional);
298
273
installed in their default locations. If not, then you will have to modify
299
274
those.
300
275
301
Most modern popular systems (FreeBSD / PC-BSD, Linux Ubuntu 11.10+, Debian Wheezy,
302
Linux Mint 14+, Amazon Linux, Fedora) have a simpler way of the third party tools
303
installation:
276
Most modern popular systems (FreeBSD, Linux Ubuntu/Debian/Mint, Amazon Linux, Fedora)
277
have a simpler way of the third party tools installation:
304
278
305
*) PC-BSD or FreeBSD (the FRESH ports database is assumed to be installed, with
279
*) FreeBSD (the FRESH ports database is assumed to be installed, with
306
280
the turnserver port included):
307
281
308
282
$ cd /usr/ports/net/turnserver
315
289
316
290
$ cd /usr/ports/security/openssl/
317
291
$ sudo make install clean
292
$ cd /usr/ports/databases/sqlite3/
293
$ sudo make install clean
318
294
$ cd /usr/ports/devel/libevent2/
319
295
$ sudo make install clean
320
296
$ cd /usr/ports/databases/postgresql84-client/ (or any other version)
324
300
$ cd /usr/ports/databases/hiredis/
325
301
$ sudo make install clean
326
302
327
**) Linux Ubuntu 11.10+, Debian Wheezy, Mint 14+:
303
**) Linux Ubuntu, Debian, Mint:
328
304
329
305
$ sudo apt-get install libssl-dev
306
$ sudo apt-get install libsqlite3 (or sqlite3)
307
$ sudo apt-get install libsqlite3-dev (or sqlite3-dev)
330
308
$ sudo apt-get install libevent-dev
331
309
$ sudo apt-get install libpq-dev
332
310
$ sudo apt-get install mysql-client
338
316
***) Fedora:
339
317
340
318
$ sudo yum install openssl-devel
319
$ sudo yum install sqlite
320
$ sudo yum install sqlite-devel
341
321
$ sudo yum install libevent
342
322
$ sudo yum install libevent-devel
343
323
$ sudo yum install postgresql-devel
352
332
- you have to install gcc first:
353
333
$ sudo yum install gcc
354
334
355
- mongo-c-driver packages are not available. MongoDB support
356
will not be compiled, unless you install it "manually" before
357
the TURN server compilation. Refer to https://github.com/mongodb/mongo-c-driver
358
for installation instructions of the driver.
335
- mongo-c-driver packages are not available "automatically".
336
MongoDB support will not be compiled, unless you install it "manually"
337
before the TURN server compilation. Refer to
338
https://github.com/mongodb/mongo-c-driver for installation instructions
339
of the driver.
359
340
360
341
- hiredis packages are not available, so do not issue the
361
342
hiredis installation commands. Redis support will not be
365
346
perfectly installed without redis support - if you do not
366
347
need it.
367
348
368
*****) Some OSes in Debian family (Debian Squeeze and
369
pre-11.10 Ubuntus) setups are similar to Debian Wheezy,
370
although some packages have different names.
349
*****) Older Debian family Linuxes are using some packages
350
with different names.
371
351
372
352
******) On some CentOS / RedHat 6.x systems you have to install
373
353
libevent2 "manually", and optionally you have to download and
385
365
386
366
Dynamic library paths:
387
367
388
You may also have to adjust the turn server start script, add PostgreSQL
389
and/or MySQL and/or MongoDB and/or Redis runtime library path to LD_LIBRARY_PATH.
390
Or you may find that it would be more convenient to adjust the
368
You may also have to adjust the turn server start script, add all the dynamic runtime
369
library paths to LD_LIBRARY_PATH. Or you may find that it would be more convenient to adjust the
391
370
system-wide shared library search path by using commands:
392
371
393
372
on Linux:
408
387
409
388
2) Before the compilation, check the dynamic libraries and adjust their identification names,
410
389
if necessary, to the absolute library path or to @rpath/<library-file-name>.
411
For exmple, the MySQL dynamic library may need that adjustment. You will have to use
390
For example, the MySQL dynamic library may need that adjustment. You will have to use
412
391
"adjust_name_tool" with -id option for that; OR
413
392
414
3) After the compilation, you can use the same tool, "adjust_name_tool", with option -change,
415
to adjust the library paths values in the binary, where necessary. All library paths must be
416
absolute paths or @rpath/... .
393
3) After the compilation, you can use the same tool, "adjust_name_tool",
394
with option -change, to adjust the library paths values in the binary,
395
where necessary. All library paths must be absolute paths or @rpath/... .
417
396
418
397
See also the next section.
419
398
420
NOTE: See "PostgreSQL setup" and "MySQL setup" and "MongoDB setup" and
421
"Redis setup" sections below for more database setup information.
399
NOTE: See "SQLite setup" and "PostgreSQL setup" and "MySQL setup" and
400
"MongoDB setup" and "Redis setup" sections below for more database setup
401
information.
422
402
423
NOTE: If you do not install PostgreSQL or MySQL or MongoDB or Redis then you will
424
be limited to flat files for user database. It will work great for
425
smaller user databases (like 100 users) but for larger systems you
426
will need PostgreSQL or MySQL or MongoDB or Redis.
403
NOTE: If you do not install SQLite or PostgreSQL or MySQL or MongoDB or Redis,
404
then you will be limited to the command-line options for user database.
405
It will work great for development setup, but for real runtime systems you
406
will need SQLite or PostgreSQL or MySQL or MongoDB or Redis.
427
407
428
408
NOTE: To run PostgreSQL or MySQL or MongoDB or Redis server on the same system,
429
409
you will also have to install a corresponding PostgreSQL or MySQL or
446
426
libevent2 from their web site. It was tested with older *NIXes
447
427
(like FreeBSD 6.x) and it works just fine.
448
428
429
NOTE: SQLite must be of version 3.x.
430
449
431
NOTE: For extra security features (DTLS and SHA256) support, OpenSSL version
450
432
1.0.0a or newer is recommended. Older versions do not support DTLS, reliably,
451
433
in some cases. For example, the Debian 'Squeeze' Linux supplies 0.9.8 version
500
482
$ ldconfig -m <libdirname> (BSD)
501
483
$ crle -u -l <libdirname> (Solaris)
502
484
503
IX. TEST SCRIPT SETS
485
IX. TEST SCRIPTS
504
486
505
First of all, we can use test vectors from RFC 5769 to double-check that our
487
First of all, you can use the test vectors from RFC 5769 to double-check that the
506
488
STUN/TURN message encoding algorithms work properly. Run the utility:
507
489
508
490
$ cd examples
585
567
X. OS X compilation notes
586
568
587
569
OS X usually has an older version of openssl supplied, with some Apple
588
additions. The best option is to install a good fresh openssl development
589
library, free of Apple tweaks, from http://www.openssl.org. But the "native"
590
openssl will work, too.
570
additions. The the "native" openssl will work, within its limitations,
571
but the best option is to install a good fresh openssl development
572
library, from http://www.openssl.org. You will have
573
to handle the dynamic linking of the generated binaries.
591
574
592
575
XI. MS Windows and Cygwin support
593
576
623
606
subdirectory of the original archive tree. After the installation, it will
624
607
be placed in PREFIX/share/doc/turnserver/html.
625
608
626
XIV. PostgreSQL setup
627
628
The site http://www.postgresql.org site has excellent extensive documentation.
629
For a quick-start guide, you can take a look into this page:
630
http://www.freebsddiary.org/postgresql.php. That page is written for
631
FreeBSD users, but it has lots of generic information applicable to other
632
*NIXes, too.
633
634
For the psql-userdb TURN server parameter, you can either set a PostgreSQL
635
connection string, or a PostgreSQL URI, see the link:
636
637
For 8.4 PostgreSQL version:
638
http://www.postgresql.org/docs/8.4/static/libpq-connect.html
639
640
For newer 9.x versions:
641
http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING.
642
643
In the PostgreSQL connection string or URI, you can set the host, the
644
access port, the database name, the user, and the user password
645
(if the access is secured). Numerous other parameters can be set,
646
see the links above. The TURN server will blindly use that connection
647
string without any modifications. You are responsible for the right
648
connection string format.
649
650
Below are the steps to setup the PostgreSQL database server from scratch:
651
652
1) Install PostgreSQL server.
653
654
2) Find and edit Postgres' pg_hba.conf file to set the access options
655
(see docs). On different systems, it may be located in different places.
656
Set the lines for local access as "trust" for now (you can change it later),
657
for TCP/IP access set the value as "md5".
658
To set TCP/IP access from any host, use "0.0.0.0/0" for IPv4, and "::/0"
659
for IPv6.
660
661
3) Edit postgresql.conf file to allow TCP/IP access - uncomment and edit
662
the "listen_addresses" option (see docs). On different systems, this file
663
may be located in different places.
664
665
4) Restart your system or restart the postgresql server, for example:
666
667
$ sudo /etc/init.d/postgresql stop
668
$ sudo /etc/init.d/postgresql start
669
670
5) Check /etc/passwd file to find out which user account is used for the
671
PostgreSQL admin access on your system (it may be "pgsql", or "postgres",
672
or "postgresql"). Let's assume that this is "postgres" account.
673
674
6) Create a database for the TURN purposes, with name, say, "turn":
675
676
$ createdb -U postgres turn
677
678
7) Create a user for the TURN with name, say, "turn":
679
$ psql -U postgres turn
680
turn=# create user turn with password 'turn';
681
turn=#
682
Ctrl-D
683
684
8) Create the TURN users database schema.
609
XIV. SQLite setup
610
611
The site http://www.sqlite.org site has excellent extensive documentation.
612
613
The default SQLite database location for the TURN Server is
614
/usr/local/var/db/turndb or /var/db/turndb (depending on the platform).
685
615
686
616
The database schema for the TURN server is very minimalistic and is located
687
617
in project's turndb/schema.sql file, or in the system's
688
618
PREFIX/share/turnserver/schema.sql file after the turnserver installation:
689
619
690
$ cat turndb/schema.sql | psql -U turn turn
691
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "turnusers_lt_pkey" for table "turnusers_lt"
692
CREATE TABLE
693
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "turnusers_st_pkey" for table "turnusers_st"
694
CREATE TABLE
695
CREATE TABLE
696
$
620
If you would like to created a new fresh SQLite TURN database:
621
622
$ sqlite3 <your-db-file-name> < turndb/schema.sql
697
623
698
624
The schema description:
699
625
826
752
turnadmin to add/modify/delete users, or you can use turnadmin to produce
827
753
the hmac keys and modify the database with your favorite tools.
828
754
755
When starting the turnserver, the --db parameter will be, for example:
756
757
turnserver ... --db="/var/db/turndb"
758
759
You will have to use the program turnadmin to fill the
760
database, or you can do that manually with psql.
761
762
Fill in users, for example:
763
764
Shared secret for the TURN REST API (realm north.gov):
765
766
$ bin/turnadmin -s logen -r north.gov -b "/var/db/turndb"
767
768
Long-term credentials mechanism:
769
770
$ bin/turnadmin -a -b "/var/db/turndb" -u gorst -r north.gov -p hero
771
$ bin/turnadmin -a -b "/var/db/turndb" -u ninefingers -r north.gov -p youhavetoberealistic
772
773
Long-term credentials mechanism with SHA256 extention:
774
$ bin/turnadmin -a -b "/var/db/turndb" -u bethod -r north.gov -p king-of-north --sha256
775
776
Short-term credentials mechanism:
777
778
$ bin/turnadmin -A -b "/var/db/turndb" -u gorst -p hero
779
$ bin/turnadmin -A -b "/var/db/turndb" -u ninefingers -p youhavetoberealistic
780
781
XV. PostgreSQL setup
782
783
The site http://www.postgresql.org site has excellent extensive documentation.
784
For a quick-start guide, you can take a look into this page:
785
http://www.freebsddiary.org/postgresql.php. That page is written for
786
FreeBSD users, but it has lots of generic information applicable to other
787
*NIXes, too.
788
789
For the psql-userdb TURN server parameter, you can either set a PostgreSQL
790
connection string, or a PostgreSQL URI, see the link:
791
792
For 8.4 PostgreSQL version:
793
http://www.postgresql.org/docs/8.4/static/libpq-connect.html
794
795
For newer 9.x versions:
796
http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING.
797
798
In the PostgreSQL connection string or URI, you can set the host, the
799
access port, the database name, the user, and the user password
800
(if the access is secured). Numerous other parameters can be set,
801
see the links above. The TURN server will blindly use that connection
802
string without any modifications. You are responsible for the right
803
connection string format.
804
805
Below are the steps to setup the PostgreSQL database server from scratch:
806
807
1) Install PostgreSQL server.
808
809
2) Find and edit Postgres' pg_hba.conf file to set the access options
810
(see docs). On different systems, it may be located in different places.
811
Set the lines for local access as "trust" for now (you can change it later),
812
for TCP/IP access set the value as "md5".
813
To set TCP/IP access from any host, use "0.0.0.0/0" for IPv4, and "::/0"
814
for IPv6.
815
816
3) Edit postgresql.conf file to allow TCP/IP access - uncomment and edit
817
the "listen_addresses" option (see docs). On different systems, this file
818
may be located in different places.
819
820
4) Restart your system or restart the postgresql server, for example:
821
822
$ sudo /etc/init.d/postgresql stop
823
$ sudo /etc/init.d/postgresql start
824
825
5) Check /etc/passwd file to find out which user account is used for the
826
PostgreSQL admin access on your system (it may be "pgsql", or "postgres",
827
or "postgresql"). Let's assume that this is "postgres" account.
828
829
6) Create a database for the TURN purposes, with name, say, "turn":
830
831
$ createdb -U postgres turn
832
833
7) Create a user for the TURN with name, say, "turn":
834
$ psql -U postgres turn
835
turn=# create user turn with password 'turn';
836
turn=#
837
Ctrl-D
838
839
8) Create the TURN users database schema.
840
841
The database schema for the TURN server is very minimalistic and is located
842
in project's turndb/schema.sql file, or in the system's
843
PREFIX/share/turnserver/schema.sql file after the turnserver installation:
844
845
$ cat turndb/schema.sql | psql -U turn turn
846
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "turnusers_lt_pkey" for table "turnusers_lt"
847
CREATE TABLE
848
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "turnusers_st_pkey" for table "turnusers_st"
849
CREATE TABLE
850
CREATE TABLE
851
852
See the SQLite section for the detailed database schema explanation.
853
854
You can use turnadmin program to manage the database - you can either use
855
turnadmin to add/modify/delete users, or you can use turnadmin to produce
856
the hmac keys and modify the database with your favorite tools.
857
829
858
More examples of database schema creation:
830
859
831
860
psql -h <host> -U <db-user> -d <database-name> < turndb/schema.sql
856
885
857
886
Fill in users, for example:
858
887
859
Shared secret for the TURN REST API:
888
Shared secret for the TURN REST API (realm north.gov):
860
889
861
$ bin/turnadmin -s logen -e "host=localhost dbname=coturn user=turn password=turn"
890
$ bin/turnadmin -s logen -r north.gov -e "host=localhost dbname=coturn user=turn password=turn"
862
891
863
892
Long-term credentials mechanism:
864
893
870
899
871
900
Short-term credentials mechanism:
872
901
873
$ bin/turnadmin -A -e "host=localhost dbname=coturn user=turn password=turn" -u gorst -r north.gov -p hero
874
$ bin/turnadmin -A -e "host=localhost dbname=coturn user=turn password=turn" -u ninefingers -r north.gov -p youhavetoberealistic
902
$ bin/turnadmin -A -e "host=localhost dbname=coturn user=turn password=turn" -u gorst -p hero
903
$ bin/turnadmin -A -e "host=localhost dbname=coturn user=turn password=turn" -u ninefingers -p youhavetoberealistic
875
904
876
XV. MySQL (MariaDB) setup
905
XVI. MySQL (MariaDB) setup
877
906
878
907
The MySQL setup is similar to PostgreSQL (same idea), and is well documented
879
908
on their site http://www.mysql.org. The TURN Server database schema is the
881
910
in the system's PREFIX/share/turnserver/schema.sql file after the turnserver
882
911
installation.
883
912
884
The general setup idea is the same as for PostgreSQL case:
913
The general setup idea is the same as for PostgreSQL:
885
914
886
915
1) Check that the mysql server access is OK. Immediately after the MySQL server
887
916
installation, it must be accessible, at the very minimum, at the localhost with
911
940
912
941
6) Fill in users, for example:
913
942
914
Shared secret for the TURN REST API:
943
Shared secret for the TURN REST API (realm north.gov):
915
944
916
$ bin/turnadmin -s logen -M "host=localhost dbname=coturn user=turn password=turn"
945
$ bin/turnadmin -s logen -r north.gov -M "host=localhost dbname=coturn user=turn password=turn"
917
946
918
947
Long-term credentials mechanism:
919
948
925
954
926
955
Short-term credentials mechanism:
927
956
928
$ bin/turnadmin -A -M "host=localhost dbname=coturn user=turn password=turn" -u gorst -r north.gov -p hero
929
$ bin/turnadmin -A -M "host=localhost dbname=coturn user=turn password=turn" -u ninefingers -r north.gov -p youhavetoberealistic
957
$ bin/turnadmin -A -M "host=localhost dbname=coturn user=turn password=turn" -u gorst -p hero
958
$ bin/turnadmin -A -M "host=localhost dbname=coturn user=turn password=turn" -u ninefingers -p youhavetoberealistic
930
959
931
960
7) Now we can use mysql in the turnserver.
932
961
956
985
http://dev.mysql.com/doc/refman/5.1/en/ssl-options.html for the
957
986
command options description).
958
987
959
XVI. MongoDB setup
988
XVII. MongoDB setup
960
989
961
990
The MongoDB setup is well documented on their site http://docs.mongodb.org/manual/.
962
991
988
1017
989
1018
See the file testmongosetup.sh for the database structure examples.
990
1019
991
XVII. Redis setup
1020
XVIII. Redis setup
992
1021
993
1022
The Redis setup is well documented on their site http://redis.io.
994
1023
The TURN Server Redis database schema description can be found
1022
1051
traffic notifications.
1023
1052
1024
1053
See the explanation in the turndb/schema.stats.redis file, and an example in
1025
turndb/testredisdbsetup.sh file. One special thing about TURN Redis security setup
1026
is that you can store open passwords for long-term credentials in Redis.
1027
You cannot set open passwords for long-term credentials in MySQL and PostgreSQL -
1028
with those DBs, you have to use the keys only. With Redis, you have a choice -
1029
keys or open passwords.
1054
turndb/testredisdbsetup.sh file. One special thing about TURN Redis security
1055
setup is that you can store open passwords for long-term credentials in Redis.
1056
You cannot set open passwords for long-term credentials in SQLite or MySQL or
1057
PostgreSQL - with those DBs, you have to use the keys only. With Redis, you
1058
have a choice - keys or open passwords.
1030
1059
1031
1060
You also have to take care about Redis connection parameters, the timeout and the
1032
1061
keepalive. The following settings must be in your Redis config file
1040
1069
1041
1070
Redis TURN admin commands:
1042
1071
1043
Shared secret for the TURN REST API:
1072
Shared secret for the TURN REST API (realm north.gov):
1044
1073
1045
$ bin/turnadmin -s logen -N "host=localhost dbname=2 user=turn password=turn"
1074
$ bin/turnadmin -s logen -r north.gov -N "host=localhost dbname=2 user=turn password=turn"
1046
1075
1047
1076
Long-term credentials mechanism:
1048
1077
1054
1083
1055
1084
Short-term credentials mechanism:
1056
1085
1057
$ bin/turnadmin -A -N "host=localhost dbname=2 user=turn password=turn" -u gorst -r north.gov -p hero
1058
$ bin/turnadmin -A -N "host=localhost dbname=2 user=turn password=turn" -u ninefingers -r north.gov -p youhavetoberealistic
1086
$ bin/turnadmin -A -N "host=localhost dbname=2 user=turn password=turn" -u gorst -p hero
1087
$ bin/turnadmin -A -N "host=localhost dbname=2 user=turn password=turn" -u ninefingers -p youhavetoberealistic
1059
1088
1060
1089
See the file testredisdbsetup.sh for the data structure examples.
1061
1090
1062
XVIII. Performance tuning
1091
XIX. Performance tuning
1063
1092
1064
1093
This topic is covered in the wiki page:
1065
1094
1066
1095
http://code.google.com/p/coturn/wiki/turn_performance_and_load_balance
1067
1096
1068
XIX. TURN Server setup
1097
XX. TURN Server setup
1069
1098
1070
1099
Read the project wiki pages: http://code.google.com/p/coturn/w/list
1071
1100
1072
1101
Also, check the project from page links to the TURN/WebRTC configuration examples.
1073
1102
It may give you an idea how it can be done.
1074
1103
1075
XX. Management interface
1104
XXI. Management interface
1076
1105
1077
1106
You have a telnet interface (enabled by default) to access the turnserver process,
1078
1107
to view its state, to gather some statistical information, and to make some changes
Loggerhead is a web-based interface for Breezy
Version: 2.0.1