/eturnal

STUN / TURN standalone server

Primary LanguageErlangApache License 2.0Apache-2.0

eturnal TURN Server

CI

eturnal is a modern, straightforward STUN and TURN server. For authentication, the mechanism described in the REST API for Access to TURN Services specification is implemented. The server can easily be tested in a Linux shell or using Docker. For a persistent installation, see the following section.

Installation

Note: Running eturnal in container environments such as Docker or Kubernetes is described on a separate documentation page.

On APT-based Linux distributions, run:

sudo apt install extrepo
sudo extrepo enable eturnal
sudo apt update
sudo apt install eturnal

On DNF-based Linux distributions, run:

sudo dnf config-manager --add-repo https://eturnal.net/eturnal.repo
sudo dnf install eturnal
sudo systemctl --now enable eturnal

On YUM-based Linux distributions, run:

sudo yum-config-manager --add-repo https://eturnal.net/eturnal.repo
sudo yum install eturnal
sudo systemctl --now enable eturnal

On SUSE Linux Enterprise and openSUSE systems, distribution repositories can be used instead. There's also an official Alpine package. On other Linux systems, the binary release can be installed as described in the reference documentation. For Windows, an installer is available.

On macOS, homebrew can be used like this:

brew tap processone/eturnal https://github.com/processone/eturnal
brew install processone/eturnal/eturnal

On other platforms, eturnal is built from source.

Configuration

The eturnal server is configured by editing the /etc/eturnal.yml file. This file uses the (indentation-sensitive!) YAML format. For TURN relaying to work, you'll have to specify the shared authentication secret and (if autodetection fails) also the relay_ipv4_addr option, which should be set to the server's external IPv4 address. As an example, a configuration for offering STUN and TURN services on port 3478 (UDP and TCP) might look like this:

eturnal:
  secret: "long-and-cryptic"     # Shared secret, CHANGE THIS.
  relay_ipv4_addr: "203.0.113.4" # The server's public IPv4 address.
  relay_ipv6_addr: "2001:db8::4" # The server's public IPv6 address (optional).

A more detailed, commented example configuration is shipped with the eturnal server.

Running eturnal

On Linux systems, the eturnal server is usually invoked by systemd. For non-systemd platforms, example init and OpenRC scripts are shipped below the etc directory.

For controlling eturnal, the eturnalctl command can be used; see:

eturnalctl help

Logging

If eturnal was started by systemd, log files are written into the /var/log/eturnal directory by default. In order to log to the journal instead, the log_dir option can be set to stdout in the configuration file.

Documentation

For a detailed description of eturnal's configuration options and the eturnalctl tool, see the reference documentation. For notable changes between eturnal releases, see the change log.

Feedback/Support

Please use our issue tracker for bug reports and feature requests. Feel free to (ab)use it for usage questions as well. If you happen to be using XMPP, you could also join our public room eturnal@conference.process-one.net. Otherwise, just use the web client. As an alternative, there's an #eturnal channel on Slack.