Tried to post a while ago, it said I was awaiting approval from a mod but the post doesn't show in my history - so I'll do a shorter one here.
Is anyone able to spare 5 minutes to troubleshoot? CoTurn and Synapse aren't playing nicely together and I don't know why! I posted my logs in the last post, won't do that all again in case this disappears into the abyss too, but if anyone says they could help I'll post configs and logs etc. Cheers.
Edit: well this post stuck, so I'll post some info.
/etc/turnserver.conf contains:
Code:
min-port=49152
max-port=65535
realm=turn.charlievick.co.uk
use-auth-secret
static-auth-secret=poppygoose2302
cert=/etc/letsencrypt/live/charlievick.co.uk/fullchain.pem
pkey=/etc/letsencrypt/live/charlievick.co.uk/privkey.pem
lt-cred-mech
no-tcp-relay
sudo turnserver -v returns:
Code:
0: log file opened: /var/log/turn_1011_2019-01-22.log
0:
RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Version Coturn-4.5.0.7 'dan Eider'
0:
Max number of open files/sockets allowed for this process: 1048576
0:
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: 524000 (approximately)
0:
==== Show him the instruments, Practical Frost: ====
0: TLS supported
0: DTLS supported
0: DTLS 1.2 supported
0: TURN/STUN ALPN supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.1.0g 2 Nov 2017 (0x1010007f)
0:
0: SQLite supported, default database location is /var/lib/turn/turndb
0: Redis supported
0: PostgreSQL supported
0: MySQL supported
0: MongoDB is not supported
0:
0: Default Net Engine version: 3 (UDP thread per CPU core)
=====================================================
0: Config file found: /etc/turnserver.conf
0: Config file found: /etc/turnserver.conf
0: Domain name:
0: Default realm: turn.mydomain.co.uk
0:
CONFIG: --no-tcp-relay: TCP relay endpoints are not allowed.
0: SSL23: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: SSL23: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: TLS1.0: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: TLS1.0: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: TLS1.1: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: TLS1.1: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: TLS1.2: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: TLS1.2: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: TLS cipher suite: DEFAULT
0: DTLS1.2: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: DTLS1.2: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: DTLS: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: DTLS: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: DTLS cipher suite: DEFAULT
0: NO EXPLICIT LISTENER ADDRESS(ES) ARE CONFIGURED
0: ===========Discovering listener addresses: =========
0: Listener address to use: 127.0.0.1
0: Listener address to use: 192.168.2.2
0: Listener address to use: ::1
0: =====================================================
0: Total: 1 'real' addresses discovered
0: =====================================================
0: NO EXPLICIT RELAY ADDRESS(ES) ARE CONFIGURED
0: ===========Discovering relay addresses: =============
0: Relay address to use: 192.168.2.2
0: Relay address to use: ::1
0: =====================================================
0: Total: 2 relay addresses discovered
0: =====================================================
0: pid file created: /var/run/turnserver.pid
0: IO method (main listener thread): epoll (with changelist)
0: WARNING: I cannot support STUN CHANGE_REQUEST functionality because only one IP address is provided
0: Wait for relay ports initialization...
0: relay 192.168.2.2 initialization...
0: relay 192.168.2.2 initialization done
0: relay ::1 initialization...
0: relay ::1 initialization done
0: Relay ports initialization done
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=0 created
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:8443
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:5349
0: IPv4. TLS/TCP listener opened on : 192.168.2.2:8443
0: IPv4. TLS/TCP listener opened on : 192.168.2.2:5349
0: IPv6. TLS/TCP listener opened on : ::1:8443
0: IPv6. TLS/TCP listener opened on : ::1:5349
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=1 created
0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:8443
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:8443
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:5349
0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:5349
0: IPv4. TLS/TCP listener opened on : 192.168.2.2:8443
0: IPv4. TLS/TCP listener opened on : 192.168.2.2:5349
0: IPv4. DTLS/UDP listener opened on: 192.168.2.2:8443
0: IPv6. TLS/TCP listener opened on : ::1:8443
0: IPv6. TLS/TCP listener opened on : ::1:5349
0: IPv4. DTLS/UDP listener opened on: 192.168.2.2:5349
0: IPv6. DTLS/UDP listener opened on: ::1:8443
0: IPv6. DTLS/UDP listener opened on: ::1:5349
0: Total General servers: 2
0: IO method (auth thread): epoll (with changelist)
0: IO method (auth thread): epoll (with changelist)
0: IO method (admin thread): epoll (with changelist)
0: IPv4. CLI listener opened on : 127.0.0.1:5766
0: SQLite DB connection success: /var/lib/turn/turndb
My /etc/matrix-synapse/homeserver.yaml contains:
Code:
turn_uris: [ "turn:turn.mydomain.co.uk:3478?transport=udp", "turn:turn.mydomain.co.uk:3478?transport=tcp" ]
turn_shared_secret: sharedsecretkey
turn_user_lifetime: 86400000
turn_allow_guests: True
I don't think it's a network issue: router is 1:1 Nat currently forwarding all traffic, and I have a LOT of ports open on the server while I try to get this right. Where do I go from here? I'm afraid I'm at the very limit of my abilities now and I've been found wanting - but I'd love to get this working so if anyone knowledgeable reads this I'd appreciate some insight. any VoIP call just hangs when answered. Thanks for reading!