diff --git a/conf/ice-servers.json b/conf/ice-servers.json index 877f3c1..a63da38 100644 --- a/conf/ice-servers.json +++ b/conf/ice-servers.json @@ -1,8 +1,8 @@ [ { "urls": [ - "turn:example.com:5349", - "turn:example.com:5349?transport=tcp" + "turn:turn.example.org:5349", + "turn:turn.example.org:5349?transport=tcp" ], "username": "galene", "credential": "secret", diff --git a/conf/systemd.service b/conf/systemd.service index 053d09f..148beb1 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -8,7 +8,7 @@ Type=simple WorkingDirectory=__FINALPATH__/ User=__APP__ Group=__APP__ -ExecStart=__FINALPATH__/galene -turn __PUBLIC_IP4__:__TURN_PORT__ +ExecStart=__FINALPATH__/galene -http __PORT__ -turn __PUBLIC_IP4__:__TURN_PORT__ -udp-range 49152:65535 LimitNOFILE=65536 [Install] diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index 0f1d407..fe68e5a 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -1,3 +1,27 @@ -### How to creat groups +### Configure your groups Groups are defined by files in the `/opt/yunohost/galene/groups` directory. Various options are available (see https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file) + +## Configure your TURN server + +#### Using Galène Turn server +Galène comes with build in TURN server that should work out-of-the-box. +- If your server is behind NAT, allow incoming traffic to TCP port `8443` (or whatever is configured with the `-http` option in `/etc/systemd/system/galene.service`) and port `1194` (or whatever is configured with the `-turn` option in `/etc/systemd/system/galene.service`) + +#### Using you own TURN server +- Install [coturn_ynh](https://github.com/YunoHost-Apps/coturn_ynh). +- Add `data/ice-servers.json` with this lines and change `turn.example.org` and `secret` + +``` + [ + { + "urls": [ + "turn:turn.example.org:443", + "turn:turn.example.org:443?transport=tcp" + ], + "username": "galene", + "credential": "secret" + } + ] +``` +- set `/etc/systemd/system/galene.service` turn option to `-turn auto` diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md index e3fcbcd..16b6393 100644 --- a/doc/DISCLAIMER_fr.md +++ b/doc/DISCLAIMER_fr.md @@ -1,3 +1,29 @@ ### Comment créer des groupes Les groupes sont définis par des fichiers dans le répertoire `/opt/yunohost/galene/groups`. Différentes options sont disponibles (voir https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file) + +### Configurez vos groupes + +## Configurez votre serveur TURN + +#### Utilisation du serveur Galène Turn +Galène est livré avec un serveur TURN intégré qui devrait fonctionner immédiatement. +- Si votre serveur est derrière NAT, autorisez le trafic entrant vers le port TCP `8443` (ou tout ce qui est configuré avec l'option` -http` dans `/etc/systemd/system/galene.service`) et le port` 1194` (ou tout ce qui est configuré avec l'option `-turn` dans` /etc/systemd/system/galene.service`) + +#### Utilisation de votre propre serveur TURN +- Installez [coturn_ynh] (https://github.com/YunoHost-Apps/coturn_ynh). +- Ajoutez `data/ice-servers.json` avec ces lignes et changez `turn.example.org` et `secret` + +`` + [ + { + "urls": [ + "turn: turn.example.org: 443", + "turn: turn.example.org: 443? transport = tcp" + ], + "username": "galene", + "credential": "secret" + } + ] +``` +- définir l'option de virage `/etc/systemd/system/galene.service` sur` -turn auto` \ No newline at end of file diff --git a/scripts/install b/scripts/install index ede54c5..de020e1 100755 --- a/scripts/install +++ b/scripts/install @@ -76,6 +76,9 @@ ynh_script_progression --message="Configuring firewall..." --weight=1 ynh_exec_warn_less yunohost firewall allow Both $turn_port +# Reserve UDP Port range 49152:65535 +ynh_exec_warn_less yunohost firewall allow UDP -4 49152:65535 + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= diff --git a/scripts/remove b/scripts/remove index df202ee..27f03fd 100755 --- a/scripts/remove +++ b/scripts/remove @@ -68,6 +68,11 @@ then ynh_exec_warn_less yunohost firewall disallow both $turn_port fi +if yunohost firewall list | grep -q "\- 49152:65535" +then + ynh_exec_warn_less yunohost firewall disallow UDP 49152:65535 +fi + #================================================= # GENERIC FINALIZATION #=================================================