# location of example configuration ## https://github.com/coturn/coturn/blob/master/docker/coturn/ listening-port=3478 tls-listening-port=5349 #listening-ip= # Automatically Detected #relay-ip= # Automatically Detected fingerprint #use-auth-secret # Authentication Issue #static-auth-secret= # Authentication Issue #realm=stun.kuketz-meet.de # Automatically detected total-quota=100 bps-capacity=0 no-udp #?? no-tcp #?? # stale-nonce=600 # Authentication Issue cert=/etc/ssl/certs/stun.kuketz-meet_ecdsa.pem # same as jitsi? pkey=/etc/ssl/private/stun.kuketz-meet_ecdsa.key # same as jitsi? cipher-list="ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256" ec-curve-name=secp384r1 # dh-file=/etc/ssl/certs/dhparam.pem # should we use custom DH TLS key? no-stdout-log log-file=/var/log/coturn.log # simple-log # We want logs with pid and date in the name no-multicast-peers # cli-port=5766 # do we want cli access? #cli-password=SOME_SALTED_PW # do we want a cli password? no-tlsv1 no-tlsv1_1 # Authentication Issue -> restrict access to only jitsi server ? ## 1 use-auth-secret? ## 2 if yes: what secret to define ## 3 reauthentication only possible with auth-secret ## There seems to be a userdb file for authentication # CLI Security ## do we want a password? # TODO import from env variables # TODO find paths for cert and pkey