Using Prosody with coturn

coturn is a TURN and STUN server.

Installation

This assumes a Debian system. Commands for installation and config file paths may vary with operating system.

Install coturn

sudo apt install coturn

Check whether it was started automatically,

sudo systemctl status coturn

If not, do so (or wait until after configuring).

sudo systemctl enable --now coturn

Firewall

If you have a firewall enabled, make sure to allow coturn through.

sudo ufw allow Turnserver

Install mod_turncredentials

See page about installing_modules.

modules_enabled = {
    -- other modules ...
    "turncredentials"
}

Configuration

Generate a suitably strong shared secret and put it both as static-auth-secret in /etc/turnserver.conf and as turncredentials_secret in Prosodys configuration.

use-auth-secret
static-auth-secret=s1kr3t

In Prosodys configuration, /etc/prosody/prosody.cfg.lua, add:

modules_enabled = {
    -- other modules ...
    "turncredentials"
}

turncredentials_host = "turn.example.com"
turncredentials_secret = "s1kr3t"

Test

By using a client with an XML console, manually request temporary credentials as per XEP-0215. These can be tested using https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/