How to Set up Coturn TURN Server for Spreed WebRTC

Coturn is a free and open-source TURN and STUN server for VoIP and WebRTC. In a previous tutorial, we discussed how to install Spreed WebRTC server and how to integrate Spreed WebRTC with NextCloud.

But there’s a problem: WebRTC won’t work if users are behind different NAT devices. It will be blocked. To traverse NAT, we need to set up a TURN server as a relay between Web browsers. TURN stands for Traversal Using Relays around NAT. How it works is beyond the scope of this tutorial.

This tutorial is going to show you how to set up coturn, an open-source implementation of TURN, on Ubuntu 16.04 and how to connect Spreed WebRTC to coturn.

Note: To reduce latency, the TURN server should be close to users and be aware that TURN server consumes lots of bandwidth as it will rely audio and video. Coturn can be on the same machine with Spreed WebRTC or on another machine that are not behind NAT.

How to Set up Coturn Server for Spreed WebRTC

Coturn is available from Ubuntu 16.04, 16.10 and Debian 8 repository, so install it with the following command:

sudo apt install coturn

To let it auto start at system boot time, edit /etc/default/coturn file.

sudo nano /etc/default/coturn

Find the following line and uncomment it by removing # symbol.

#TURNSERVER_ENABLED=1

Save and close the file. Next, edit the main configuration file.

sudo nano /etc/turnserver.conf

By default, all lines in this file are commented out. Below is an example configuration which you can copy and paste into your file. Replace your-domain.com with the domain name for your NextCloud or Spreed WebRTC. Also set a long and secure authenticate secret.

# Run as TURN server only, all STUN requests will be ignored.
no-stun

# Specify listening port. Change to 80 or 443 to go around some strict NATs.
listening-port=8443
tls-listening-port=5349

# Specify listening IP, if not set then Coturn listens on all system IPs. 
#listening-ip=12.34.56.78
#relay-ip=12.34.56.78

# These lines enable support for WebRTC
fingerprint
lt-cred-mech
realm=your-domain.com

# Authentication method
use-auth-secret
static-auth-secret=your-auth-secret

total-quota=100

# Total bytes-per-second bandwidth the TURN server is allowed to allocate
# for the sessions, combined (input and output network streams are treated separately).
bps-capacity=0

# This line provides extra security.
stale-nonce

log-file=/var/log/turnserver/turn.log
no-loopback-peers
no-multicast-peers

Save and close the file. Then start coturn server with:

sudo turnserver -c /etc/turnserver.conf --daemon -v

Now let’s edit Spreed WebRTC configuration file.

sudo nano /etc/spreed/server.conf

Add the following two lines in the [app] section. Replace red-text accordingly.

turnURIs = turn:coturn-server-ip:8443?transport=udp

turnSecret = your-auth-secrect

Save and close the file. Then restart Spreed WebRTC docker container with

sudo docker restart my-spreed-webrtc

or run the following command if you installed Spreed via Ubuntu PPA.

sudo systemctl restart spreed-webrtc

Once coturn is running and Spreed WebRTC is restarted, users who are behind NAT should be able to use audio/video calls normally.

That’s it! I hope this tutorial helped you install coturn server for Spreed WebRTC. As always, if you found this post useful, then subscribe to our free newsletter. You can also follow us on Google+ Twitter or like our Facebook page.

Rate this tutorial
[Total: 5 Average: 3.8]