Manual coturn install for Nextcloud?

I have seen that there is already a app wishlist entry for a turn server for Nextcloud Talk. Has anyone been able to install anything manually in the meantime so that webrtc can work on Nextcloud Talk? Either on the cloudron server directly - or on another server?

It's a bit of a blocker for us at the moment. We could setup Nextcloud & a turn server on Ubuntu directly without cloudron, but as we're a small NGO, cloudron is a much easier solution to support without a dedicated IT department.

Does anyone have any ideas?

same here on a Hetzner storage box 2 days back - couldn't manually remount either. Had to reboot & then remounted automatically as per /etc/fstab.

Hi - is there anyway to make cloudron backups for Nextcloud excluding the data folder. I find the internal cloudron backup a bi impractical for large datasets.

I am using a Hetzner smb mounted storagebox share & rsync can't use hardlinks so I have to do full non-incremental backups & as can be expected - quickly run out of space. I am however using borg to backup to the same storagebox & that is deduplicated so uses space efficiently. I also pull a backup of the Nextcloud every night to our Synology NAS.

I would prefer though to still have a cloudron native backup of the Nextcloud app/db minus the data. Is that possible? If not - could it become possible in a future update?

Thanks

@p44 said in Backup failing:

@robi right suggestions.

@girish I had this problem again: all backup folder this morning where unmounted...

I've had the same thing again too

@girish said in Backup failing:

@iqweb Are you also using CIFS/NFS?

Yes - storage provider: CIFS Mount

@p44 said in Backup failing:

@iqweb Still on Hetzner storage?

Yes - Hetzner storage box

& again - I had to reboot to be able to remount.

Ok - here's how I got it working. This was worked out by checking out various posts on the Nextcloud and also an excellent, simple tutorial on my vps host's tutorial site, Hetzner.

This is a detailed how-to to enable voice/video/screensharing support in Nextcloud Talk installed in Nextcloud on Cloudron that is available from outside the local network by installing coturn turn/stun server.

Prequisites:
Nextcloud and Nextcloud Talk installed on Cloudron
'A' record setup on your DNS registrar's admin panel pointing to your cloudron server's public ip address with a name record chosen by you e.g. 'turn'

All the below commands should be run as root or with sudo.

1. Install coturn and persistent iptables:

apt-get install coturn iptables-persistent

2. Temporarily stop coturn:

systemctl stop coturn

3. Open ports for use with coturn (default ports in this example)

iptables -I INPUT -p tcp --dport 5349 -j ACCEPT
iptables -I INPUT -p udp --dport 5349 -j ACCEPT
iptables-save > /etc/iptables/rules.v4

4. Enable coturn daemon

Open the file /etc/default/coturn and remove the # in front of TURNSERVER_ENABLED=1 (i.e. uncomment it)

5. Make a backup of the original turnserver.conf file:

mv /etc/turnserver.conf /etc/turnserver.conf.orig

6. Create new /etc/turnserver.conf using nano or vim or whatever editor you choose as below referring to the comments for changes to be made for your installation:

#the port that you opened using iptables
tls-listening-port=5349

fingerprint
lt-cred-mech

use-auth-secret
# this is created by running the sed command in the detailed instrucions
static-auth-secret=replace-this-secret

# the domain that you create an A record for
realm=aaa.bbb.ccc

total-quota=100
stale-nonce=600

# the host domain certs that were created by cloudron on installation
cert=/home/yellowtent/boxdata/certs/xxx.yyy.host.cert
pkey=/home/yellowtent/boxdata/certs/xxx.yyy.host.key
# this will be created using openssl
dh-file=/home/yellowtent/boxdata/certs/dhparam.pem

cipher-list="ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384"

no-sslv3
no-tlsv1
no-tlsv1_1


no-stdout-log

# this can be watched using tail -f for troubleshooting
log-file=/var/tmp/turn.log

# once everything is confirmed working you can comment out the above line & uncomment the following

#log-file=/dev/null

no-loopback-peers
no-multicast-peers

proc-user=turnserver
proc-group=turnserver

7. Create DiffieHellman (dhparam.pem) key exchange file for better TLS security. (this can take sometime - be patient)

openssl dhparam -out /home/yellowtent/boxdata/certs/dhparam.pem 4096

8. Start coturn

systemctl status coturn

9. In Nextcloud, login as an admin & go to the settings page & scroll down to the Talk settings. Add a new TURN server using the domain name you created an A record that appears in your turnserver.conf file after realm= followed by a colon with the tls-listening-port number that you opened - e.g. aaa.bbb.ccc:5349 and for secret enter the static-auth-secret in your turnserver.conf. Choose UDP and TCP. It should then check that it is working and a checkmark will temporarily appear confirming it works. You can also optionally enter the same server:port combination for adding your own STUN server.

You can go ahead & test a voice & or video chat between 2 clients. To troubleshoot you can tail the latest log file while attempting a chat e.g.

tail -f /var/tmp/turn_2019-08-23.log