mirror of https://github.com/OpenVidu/openvidu.git
deployment: Update coturn to 4.5.2 and use official docker image
parent
e5b4c725be
commit
a8174b45a9
|
@ -75,17 +75,22 @@ services:
|
||||||
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
||||||
|
|
||||||
coturn:
|
coturn:
|
||||||
image: openvidu/openvidu-coturn:3.0.0
|
image: openvidu/openvidu-coturn:4.0.0-dev1
|
||||||
restart: on-failure
|
restart: on-failure
|
||||||
network_mode: host
|
network_mode: host
|
||||||
environment:
|
environment:
|
||||||
- REDIS_IP=127.0.0.1
|
- REDIS_IP=127.0.0.1
|
||||||
- TURN_LISTEN_PORT=3478
|
|
||||||
- DB_NAME=0
|
- DB_NAME=0
|
||||||
- DB_PASSWORD=${OPENVIDU_SECRET}
|
- DB_PASSWORD=${OPENVIDU_SECRET}
|
||||||
- MIN_PORT=57001
|
command:
|
||||||
- MAX_PORT=65535
|
- --log-file=stdout
|
||||||
- ENABLE_COTURN_LOGS=true
|
- --listening-port=3478
|
||||||
|
- --fingerprint
|
||||||
|
- --lt-cred-mech
|
||||||
|
- --min-port=57001
|
||||||
|
- --max-port=65535
|
||||||
|
- --realm=openvidu
|
||||||
|
- --verbose
|
||||||
logging:
|
logging:
|
||||||
options:
|
options:
|
||||||
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
||||||
|
|
|
@ -85,18 +85,23 @@ services:
|
||||||
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
||||||
|
|
||||||
coturn:
|
coturn:
|
||||||
image: openvidu/openvidu-coturn:3.0.0
|
image: openvidu/openvidu-coturn:4.0.0-dev1
|
||||||
restart: on-failure
|
restart: on-failure
|
||||||
network_mode: host
|
network_mode: host
|
||||||
environment:
|
environment:
|
||||||
- REDIS_IP=127.0.0.1
|
- REDIS_IP=127.0.0.1
|
||||||
- TURN_LISTEN_PORT=3478
|
|
||||||
- DB_NAME=0
|
- DB_NAME=0
|
||||||
- DB_PASSWORD=${OPENVIDU_SECRET}
|
- DB_PASSWORD=${OPENVIDU_SECRET}
|
||||||
- MIN_PORT=40000
|
command:
|
||||||
- MAX_PORT=65535
|
- --log-file=stdout
|
||||||
- TURN_PUBLIC_IP=${TURN_PUBLIC_IP:-auto-ipv4}
|
- --external-ip=$$(detect-external-ip)
|
||||||
- ENABLE_COTURN_LOGS=true
|
- --listening-port=3478
|
||||||
|
- --fingerprint
|
||||||
|
- --lt-cred-mech
|
||||||
|
- --min-port=40000
|
||||||
|
- --max-port=65535
|
||||||
|
- --realm=openvidu
|
||||||
|
- --verbose
|
||||||
logging:
|
logging:
|
||||||
options:
|
options:
|
||||||
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
||||||
|
|
|
@ -62,18 +62,23 @@ services:
|
||||||
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
||||||
|
|
||||||
coturn:
|
coturn:
|
||||||
image: openvidu/openvidu-coturn:3.0.0
|
image: openvidu/openvidu-coturn:4.0.0-dev1
|
||||||
restart: on-failure
|
restart: on-failure
|
||||||
network_mode: host
|
network_mode: host
|
||||||
environment:
|
environment:
|
||||||
- REDIS_IP=127.0.0.1
|
- REDIS_IP=127.0.0.1
|
||||||
- TURN_LISTEN_PORT=3478
|
|
||||||
- DB_NAME=0
|
- DB_NAME=0
|
||||||
- DB_PASSWORD=${OPENVIDU_SECRET}
|
- DB_PASSWORD=${OPENVIDU_SECRET}
|
||||||
- MIN_PORT=40000
|
command:
|
||||||
- MAX_PORT=65535
|
- --log-file=stdout
|
||||||
- TURN_PUBLIC_IP=${TURN_PUBLIC_IP:-auto-ipv4}
|
- --external-ip=$$(detect-external-ip)
|
||||||
- ENABLE_COTURN_LOGS=true
|
- --listening-port=3478
|
||||||
|
- --fingerprint
|
||||||
|
- --lt-cred-mech
|
||||||
|
- --min-port=40000
|
||||||
|
- --max-port=65535
|
||||||
|
- --realm=openvidu
|
||||||
|
- --verbose
|
||||||
logging:
|
logging:
|
||||||
options:
|
options:
|
||||||
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
|
||||||
|
|
|
@ -1,14 +1,17 @@
|
||||||
FROM ubuntu:16.04
|
FROM coturn/coturn:4.5.2-alpine
|
||||||
|
|
||||||
RUN apt-get update \
|
USER root
|
||||||
&& apt-get install -y coturn curl dnsutils
|
|
||||||
|
|
||||||
COPY ./configuration-files.sh /tmp/
|
RUN apk add --no-cache bind-tools
|
||||||
COPY ./entrypoint.sh /usr/local/bin
|
|
||||||
COPY ./discover_my_public_ip.sh /usr/local/bin
|
|
||||||
|
|
||||||
RUN chmod +x /tmp/configuration-files.sh \
|
# Override detect-external-ip.sh script
|
||||||
&& chmod +x /usr/local/bin/entrypoint.sh \
|
COPY ./detect-external-ip.sh /usr/local/bin/detect-external-ip.sh
|
||||||
&& chmod +x /usr/local/bin/discover_my_public_ip.sh
|
COPY ./docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
|
||||||
|
|
||||||
ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]
|
RUN chmod +x /usr/local/bin/detect-external-ip.sh /usr/local/bin/docker-entrypoint.sh && \
|
||||||
|
chown -R nobody:nogroup /var/lib/coturn/ && \
|
||||||
|
touch /turnserver.conf && chown nobody:nogroup /turnserver.conf
|
||||||
|
|
||||||
|
USER nobody:nogroup
|
||||||
|
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||||
|
CMD ["--log-file=stdout", "--external-ip=$(detect-external-ip)"]
|
|
@ -1,42 +1,4 @@
|
||||||
# Coturn OpenVidu
|
# OpenVidu Coturn
|
||||||
|
|
||||||
This is a docker image to launch a coturn server. Environment variables can be defined to modify the files `/etc/default/coturn` and `cat>/etc/turnserver.conf`.
|
This is a minor modification from the official [coturn/coturn](https://hub.docker.com/r/coturn/coturn) image.
|
||||||
|
It just replace the `detect-external-ip.sh` with a custom one to use DNS to resolve getting the public IP.
|
||||||
## Environment variables
|
|
||||||
|
|
||||||
### Turn configuration
|
|
||||||
- TURN_PUBLIC_IP: Public ip where coturn will be placed. If this environment variable is not setted, it will get the ip returned by `curl ifconfig.co`.
|
|
||||||
- TURN_LISTEN_PORT: Port where turn will be listening.
|
|
||||||
|
|
||||||
### Turn credentials
|
|
||||||
- REDIS_IP: Redis where credentials are stored
|
|
||||||
- DB_NAME: Name of the database in redis
|
|
||||||
- DB_PASSWORD: Password of the redis database
|
|
||||||
|
|
||||||
# Execution example
|
|
||||||
|
|
||||||
Actual version of OpenVidu need to be located in the same node because tokens sends the url for turn/stun connections with the host url.
|
|
||||||
|
|
||||||
## Execute turn locally next to the redis database
|
|
||||||
|
|
||||||
You need to have a redis database running:
|
|
||||||
|
|
||||||
```
|
|
||||||
docker run --rm --name some-redis -d -p 6379:6379 redis
|
|
||||||
```
|
|
||||||
|
|
||||||
Get the ip of the container and after that, run coturn, you can use url as ip too, in this example I am running coturn with nip.io:
|
|
||||||
|
|
||||||
```
|
|
||||||
docker run -it -e REDIS_IP=172.17.0.2 -e DB_NAME=0 -e DB_PASSWORD=turn -e MIN_PORT=40000 -e MAX_PORT=65535 -e TURN_PUBLIC_IP=auto -e TURN_LISTEN_PORT=3478 --network=host openvidu/openvidu-coturn
|
|
||||||
```
|
|
||||||
|
|
||||||
## Execute turn locally with fixed username and password
|
|
||||||
```
|
|
||||||
docker run -it -e TURN_PUBLIC_IP=auto -e TURN_USERNAME_PASSWORD=<USER>:<PASSWORD> -e MIN_PORT=40000 -e MAX_PORT=65535 -e TURN_LISTEN_PORT=3478 --network=host openvidu/openvidu-coturn
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
||||||
# Kubernetes
|
|
||||||
|
|
||||||
TODO
|
|
||||||
|
|
|
@ -1,31 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# Enable turn
|
|
||||||
cat>/etc/default/coturn<<EOF
|
|
||||||
TURNSERVER_ENABLED=1
|
|
||||||
EOF
|
|
||||||
|
|
||||||
# Turn server configuration
|
|
||||||
cat>/etc/turnserver.conf<<EOF
|
|
||||||
listening-port=${TURN_LISTEN_PORT}
|
|
||||||
fingerprint
|
|
||||||
lt-cred-mech
|
|
||||||
max-port=${MAX_PORT:-65535}
|
|
||||||
min-port=${MIN_PORT:-40000}
|
|
||||||
simple-log
|
|
||||||
pidfile="/var/run/turnserver.pid"
|
|
||||||
realm=openvidu
|
|
||||||
verbose
|
|
||||||
EOF
|
|
||||||
|
|
||||||
if [[ ! -z "${TURN_PUBLIC_IP}" ]]; then
|
|
||||||
echo "external-ip=${TURN_PUBLIC_IP}" >> /etc/turnserver.conf
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ ! -z "${REDIS_IP}" ]] && [[ ! -z "${DB_NAME}" ]] && [[ ! -z "${DB_PASSWORD}" ]]; then
|
|
||||||
echo "redis-userdb=\"ip=${REDIS_IP} dbname=${DB_NAME} password=${DB_PASSWORD} connect_timeout=30\"" >> /etc/turnserver.conf
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ ! -z "${TURN_USERNAME_PASSWORD}" ]]; then
|
|
||||||
echo "user=${TURN_USERNAME_PASSWORD}" >> /etc/turnserver.conf
|
|
||||||
fi
|
|
|
@ -1,10 +1,8 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
VERSION=$1
|
VERSION=$1
|
||||||
if [[ ! -z $VERSION ]]; then
|
if [[ ! -z $VERSION ]]; then
|
||||||
cp ../utils/discover_my_public_ip.sh ./discover_my_public_ip.sh
|
|
||||||
|
|
||||||
docker build --rm -t openvidu/openvidu-coturn:$VERSION .
|
docker build --rm -t openvidu/openvidu-coturn:$VERSION .
|
||||||
|
|
||||||
rm ./discover_my_public_ip.sh
|
|
||||||
else
|
else
|
||||||
echo "Error: You need to specify a version as first argument"
|
echo "Error: You need to specify a version as first argument"
|
||||||
fi
|
fi
|
|
@ -0,0 +1,115 @@
|
||||||
|
#!/usr/bin/env sh
|
||||||
|
# shellcheck shell=dash
|
||||||
|
|
||||||
|
#/ Use DNS to find out about the external IP of the running system.
|
||||||
|
#/
|
||||||
|
#/ This script is useful when running from a machine that sits behind a NAT.
|
||||||
|
#/ Due to how NAT works, machines behind it belong to an internal or private
|
||||||
|
#/ subnet, with a different address space than the external or public side.
|
||||||
|
#/
|
||||||
|
#/ Typically it is possible to make an HTTP request to a number of providers
|
||||||
|
#/ that offer the external IP in their response body (eg: ifconfig.me). However,
|
||||||
|
#/ why do a slow and heavy HTTP request, when DNS exists and is much faster?
|
||||||
|
#/ Well established providers such as OpenDNS or Google offer special hostnames
|
||||||
|
#/ that, when resolved, will actually return the IP address of the caller.
|
||||||
|
#/
|
||||||
|
#/ https://unix.stackexchange.com/questions/22615/how-can-i-get-my-external-ip-address-in-a-shell-script/81699#81699
|
||||||
|
#/
|
||||||
|
#/
|
||||||
|
#/ Arguments
|
||||||
|
#/ ---------
|
||||||
|
#/
|
||||||
|
#/ --ipv4
|
||||||
|
#/
|
||||||
|
#/ Find the external IPv4 address.
|
||||||
|
#/ Optional. Default: Enabled.
|
||||||
|
#/
|
||||||
|
#/ --ipv6
|
||||||
|
#/
|
||||||
|
#/ Find the external IPv6 address.
|
||||||
|
#/ Optional. Default: Disabled.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# Shell setup
|
||||||
|
# ===========
|
||||||
|
|
||||||
|
# Shell options for strict error checking.
|
||||||
|
for OPTION in errexit errtrace pipefail nounset; do
|
||||||
|
set -o | grep -wq "$OPTION" && set -o "$OPTION"
|
||||||
|
done
|
||||||
|
|
||||||
|
# Trace all commands (to stderr).
|
||||||
|
#set -o xtrace
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# Shortcut: REAL_EXTERNAL_IP
|
||||||
|
# ==========================
|
||||||
|
|
||||||
|
if [ -n "${REAL_EXTERNAL_IP:-}" ]; then
|
||||||
|
echo "$REAL_EXTERNAL_IP"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# Parse call arguments
|
||||||
|
# ====================
|
||||||
|
|
||||||
|
CFG_IPV4="true"
|
||||||
|
|
||||||
|
while [ $# -gt 0 ]; do
|
||||||
|
case "${1-}" in
|
||||||
|
--ipv4) CFG_IPV4="true" ;;
|
||||||
|
--ipv6) CFG_IPV4="false" ;;
|
||||||
|
*)
|
||||||
|
echo "Invalid argument: '${1-}'" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
shift
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# Discover the external IP address
|
||||||
|
# ================================
|
||||||
|
|
||||||
|
if [ "$CFG_IPV4" = "true" ]; then
|
||||||
|
COMMANDS='dig @resolver1.opendns.com myip.opendns.com A -4 +short
|
||||||
|
dig @ns1.google.com o-o.myaddr.l.google.com TXT -4 +short | tr -d \"
|
||||||
|
dig @1.1.1.1 whoami.cloudflare TXT CH -4 +short | tr -d \"
|
||||||
|
dig @ns1-1.akamaitech.net whoami.akamai.net A -4 +short'
|
||||||
|
|
||||||
|
is_valid_ip() {
|
||||||
|
# Check if the input looks like an IPv4 address.
|
||||||
|
# Doesn't check if the actual values are valid; assumes they are.
|
||||||
|
echo "$1" | grep -Eq '^([0-9]{1,3}\.){3}[0-9]{1,3}$'
|
||||||
|
}
|
||||||
|
else
|
||||||
|
COMMANDS='dig @resolver1.opendns.com myip.opendns.com AAAA -6 +short
|
||||||
|
dig @ns1.google.com o-o.myaddr.l.google.com TXT -6 +short | tr -d \"
|
||||||
|
dig @2606:4700:4700::1111 whoami.cloudflare TXT CH -6 +short | tr -d \"'
|
||||||
|
|
||||||
|
is_valid_ip() {
|
||||||
|
# Check if the input looks like an IPv6 address.
|
||||||
|
# It's almost impossible to check the IPv6 representation because it
|
||||||
|
# varies wildly, so just check that there are at least 2 colons.
|
||||||
|
[ "$(echo "$1" | awk -F':' '{print NF-1}')" -ge 2 ]
|
||||||
|
}
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "$COMMANDS" | while read -r COMMAND; do
|
||||||
|
if IP="$(eval "$COMMAND")" && is_valid_ip "$IP"; then
|
||||||
|
echo "$IP"
|
||||||
|
exit 100 # Exits the pipe subshell.
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ $? -eq 100 ]; then
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "[$0] All providers failed" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
|
@ -0,0 +1,11 @@
|
||||||
|
#!/bin/sh
|
||||||
|
if [ ! -z "${REDIS_IP}" ] && [ ! -z "${DB_NAME}" ] && [ ! -z "${DB_PASSWORD}" ]; then
|
||||||
|
echo "redis-userdb=\"ip=${REDIS_IP} dbname=${DB_NAME} password=${DB_PASSWORD} connect_timeout=30\"" >> turnserver.conf
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If command starts with an option, prepend with turnserver binary.
|
||||||
|
if [ "${1:0:1}" == '-' ]; then
|
||||||
|
set -- turnserver "$@"
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec $(eval "echo $@")
|
|
@ -1,31 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# Set debug mode
|
|
||||||
DEBUG=${DEBUG:-false}
|
|
||||||
[ "$DEBUG" == "true" ] && set -x
|
|
||||||
|
|
||||||
#Check parameters
|
|
||||||
[[ "${TURN_PUBLIC_IP}" == "auto-ipv4" ]] && export TURN_PUBLIC_IP=$(/usr/local/bin/discover_my_public_ip.sh)
|
|
||||||
[[ "${TURN_PUBLIC_IP}" == "auto-ipv6" ]] && export TURN_PUBLIC_IP=$(/usr/local/bin/discover_my_public_ip.sh --ipv6)
|
|
||||||
[[ -z "${ENABLE_COTURN_LOGS}" ]] && export ENABLE_COTURN_LOGS=true
|
|
||||||
|
|
||||||
echo "TURN public IP: ${TURN_PUBLIC_IP:-"empty"}"
|
|
||||||
|
|
||||||
[[ ! -z "${TURN_LISTEN_PORT}" ]] && echo "TURN listening port: ${TURN_LISTEN_PORT}" ||
|
|
||||||
{ echo "TURN_LISTEN_PORT environment variable is not defined"; exit 1; }
|
|
||||||
|
|
||||||
[[ ! -z "${MIN_PORT}" ]] && echo "Defined min port coturn: ${MIN_PORT}" || echo "Min port coturn: 40000"
|
|
||||||
|
|
||||||
[[ ! -z "${MAX_PORT}" ]] && echo "Defined max port coturn: ${MAX_PORT}" || echo "Max port coturn: 65535"
|
|
||||||
|
|
||||||
# Load configuration files of coturn
|
|
||||||
source /tmp/configuration-files.sh
|
|
||||||
|
|
||||||
# Remove temp file with configuration parameters
|
|
||||||
rm /tmp/configuration-files.sh
|
|
||||||
|
|
||||||
if [[ "${ENABLE_COTURN_LOGS}" == "true" ]]; then
|
|
||||||
/usr/bin/turnserver -c /etc/turnserver.conf -v --log-file /dev/null
|
|
||||||
else
|
|
||||||
/usr/bin/turnserver -c /etc/turnserver.conf -v --log-file /dev/null --no-stdout-log
|
|
||||||
fi
|
|
Loading…
Reference in New Issue