Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Where is the coturn config located?

Scheduled Pinned Locked Moved Solved Support
turn
31 Posts 4 Posters 1.2k Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • ? Offline
    ? Offline
    A Former User
    wrote on last edited by girish
    #1

    I am trying to resolve my issues with the TURN server not working (across multiple apps) for me. It seems I just get errors saying local ports are blocked. I have port forwarded.

    Where would I find the coturn config for Cloudron? the one I found in /etc/ seems to have everything commented out.

    robiR 1 Reply Last reply
    0
  • robiR Offline
    robiR Offline
    robi
    replied to A Former User on last edited by
    #2

    @atrilahiji that just means it's using defaults, no?

    otherwise it's in a container?

    When I had TURN issues it was not with Cloudron, but with router or App. And since Apps are managed config, they should be good.

    Life of sky tech

    ? 1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to robi on last edited by
    #3

    @robi Huh... my issue seems to be happening regardless of what I do in terms of my port forwarding and the app I use 😞

    robiR 1 Reply Last reply
    0
  • robiR Offline
    robiR Offline
    robi
    replied to A Former User on last edited by
    #4

    @atrilahiji we can't guess as to what app, network config and where clients are coming from.. or logs with errors.

    Life of sky tech

    ? 1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to robi on last edited by A Former User
    #5

    @robi This is the error I'm running into: 0c0117f4-1720-41ed-b232-4243e30e4de0-image.png

    For reference, this is the internal IP of my cloudron server. I tried calling my brother in another city using my phone (the iOS nextcloud talk app) on LTE

    robiR 1 Reply Last reply
    0
  • robiR Offline
    robiR Offline
    robi
    replied to A Former User on last edited by
    #6

    @atrilahiji that looks like an error in NC Talk.

    I have a Cloudron with a similar setup and once the v6 upgrade happened our NC:T went down. We just needed the new ports added to the router for STUN & TURN.

    Life of sky tech

    ? 1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to robi on last edited by
    #7

    @robi Those logs are for the TURN service in the services page on my cloudron btw. So I get the exact same thing when I try a video chat with Kopano Meet. These are my forwaded ports for the same IP that is apparently being blocked:

    3478,3479,5349,5350,49152:65535/tcp
    3478,3479,5349,5350,49152:65535/udp

    robiR 1 Reply Last reply
    0
  • robiR Offline
    robiR Offline
    robi
    replied to A Former User on last edited by
    #8

    @atrilahiji I see..
    can you find the process and trace it to a container?

    I have to run atm, but would dig into the CL TURN docs and see how or why they restrict the private networks if that's where it's blocked.

    Life of sky tech

    1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    wrote on last edited by
    #9

    The documentation seems quite lacking in this regard. Perhaps @girish or @nebulon have more info on this? Meanwhile I'll see if I can figure something out combing through the cloudron/box repo

    nebulonN 1 Reply Last reply
    0
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    replied to A Former User on last edited by
    #10

    @atrilahiji So the turn addon is configured as per https://github.com/coturn/coturn/blob/master/examples/etc/turnserver.conf to have the following ports:

    listening-port=3478
    tls-listening-port=5349
    min-port=50000
    max-port=51000
    

    We have also included a section for preventing some attack, which I think is what you may hit?

    # https://www.rtcsec.com/2020/04/01-slack-webrtc-turn-compromise/
    no-multicast-peers
    denied-peer-ip=0.0.0.0-0.255.255.255
    denied-peer-ip=10.0.0.0-10.255.255.255
    denied-peer-ip=100.64.0.0-100.127.255.255
    denied-peer-ip=127.0.0.0-127.255.255.255
    denied-peer-ip=169.254.0.0-169.254.255.255
    denied-peer-ip=127.0.0.0-127.255.255.255
    denied-peer-ip=172.16.0.0-172.31.255.255
    denied-peer-ip=192.0.0.0-192.0.0.255
    denied-peer-ip=192.0.2.0-192.0.2.255
    denied-peer-ip=192.88.99.0-192.88.99.255
    denied-peer-ip=192.168.0.0-192.168.255.255
    denied-peer-ip=198.18.0.0-198.19.255.255
    denied-peer-ip=198.51.100.0-198.51.100.255
    denied-peer-ip=203.0.113.0-203.0.113.255
    denied-peer-ip=240.0.0.0-255.255.255.255
    

    Those IPs are anyways no public IPs and thus would not help you to achieve connectivity through it as far as I understand.

    ? 2 Replies Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to nebulon on last edited by
    #11

    @nebulon I didn’t see those lines in /etc/turn server.conf. Is this configured per app or is there a config file somewhere else I’m missing?

    girishG 1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    replied to A Former User on last edited by
    #12

    @atrilahiji The config is in /run/turnserver/turnserver.conf inside the container

    ? 2 Replies Last reply
    1
  • ? Offline
    ? Offline
    A Former User
    replied to girish on last edited by
    #13

    @girish perfect, thanks! I’ll play around in there and see if I can get this sorted.

    1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to girish on last edited by
    #14

    @girish Digging this back up again. So I found the config file, however removing the disallowed peers doesnt work as it is all reset when the turn server is restarted.

    @robi For your setup is your computer and server on the same network? I'm seeing 401s every time I try to connect with others.

    robiR 1 Reply Last reply
    0
  • robiR Offline
    robiR Offline
    robi
    replied to A Former User on last edited by
    #15

    @atrilahiji computer = server, so yes. clients no.

    Life of sky tech

    ? 1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to robi on last edited by
    #16

    @robi Ah what I meant is if you have run a meeting off of a computer that is on the same network as the server which is clearly also a computer.

    robiR 1 Reply Last reply
    0
  • robiR Offline
    robiR Offline
    robi
    replied to A Former User on last edited by
    #17

    @atrilahiji Yes, same box. it's actually a nested virtualized server and the host is a client.
    ISP Router ports forward directly to the server for this.

    Life of sky tech

    1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    wrote on last edited by A Former User
    #18

    5ce0a490-306d-4337-83ea-fc14ce243816-image.png
    Huh so I am back on the debugging train here. I do seem to fail the Reflexive connectivity test here O_O

    Also, I should point out that I use Adguard Home on my router, which is also what connects to my cloudron. Would that cause any problems?

    But its weird because it seems to work between my phone on data and my desktop (on the same network as my cloudron) but not between my someone in toronto and my desktop.

    I remember there was a change related to this slated for a release @girish. Is this true? I'm really not sure what else I can do here O_O

    EDIT: Seems like my investigations are going nowhere 😞

    I assumed it might have to do with this commit but if it works for Robi in the same scenario I've got nothing else I can think of trying: https://git.cloudron.io/cloudron/box/-/commit/6adf5772d8f871eae98ad5f5ffdbed7098bac214

    robiR 1 Reply Last reply
    0
  • robiR Offline
    robiR Offline
    robi
    replied to A Former User on last edited by
    #19

    @atrilahiji No Adguard in our picture so try disabling it temporarily.

    Life of sky tech

    1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    wrote on last edited by
    #20

    Ugh no luck...

    robiR 1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks