split dockerfiles based on db

docker/README.docker

@@ -0,0 +1,19 @@
+Before you begin
+ * copy db schema run ./cp_schema.sh
+ * edit turnserver/turnserver.cfg according your db selection (mysql or postgresql or redis or mongodb)
+
+# start
+
+  docker-compose -f docker-compose-all.yml up --build --detach
+
+# restart
+Notice: May restart needed for coturn container, if it could not access database yet, due initialization delay.
+  docker restart docker_coturn_1
+
+# stop
+  docker-compose -f docker-compose-all.yml down
+
+
+# Or Stop with volume removal
+  docker-compose down --volumes
+

docker/Dockerfile → docker/coturn/Dockerfile

@@ -19,7 +19,7 @@ RUN make
 
 ### 2. stage: create production image
 
-FROM debian:stable-slim AS coturn
+FROM debian:stable AS coturn
 
 ENV INSTALL_PREFIX /usr/local
 ENV BUILD_PREFIX /usr/local/src
@@ -28,12 +28,14 @@ ENV TURNSERVER_USER turnserver
 
 COPY --from=coturn-build ${BUILD_PREFIX}/coturn/bin/ ${INSTALL_PREFIX}/bin/
 COPY --from=coturn-build ${BUILD_PREFIX}/coturn/man/ ${INSTALL_PREFIX}/man/
-COPY turnserver.conf ${INSTALL_PREFIX}/etc
+#COPY turnserver.conf ${INSTALL_PREFIX}/etc
 COPY --from=coturn-build ${BUILD_PREFIX}/coturn/sqlite/turndb ${INSTALL_PREFIX}/var/db/turndb
+COPY --from=coturn-build ${BUILD_PREFIX}/coturn/turndb ${INSTALL_PREFIX}/turndb
 # Install build dependencies
 RUN export DEBIAN_FRONTEND=noninteractive && \
 	apt-get update && \
 	apt-get install -y libc6>=2.15 libevent-core-2.0-5>=2.0.10-stable libevent-extra-2.0-5>=2.0.10-stable libevent-openssl-2.0-5>=2.0.10-stable libevent-pthreads-2.0-5>=2.0.10-stable libhiredis0.13>=0.13.1 libmariadbclient18>=5.5.36 libpq5>=8.4~ libsqlite3-0>=3.6.0 libssl1.1>=1.1.0 libmongoc-1.0 libbson-1.0
+RUN	apt-get install -y mysql-client postgresql-client redis-tools mongodb-clients
 
 RUN if ! getent group "$TURNSERVER_GROUP" >/dev/null; then \
         addgroup --system "$TURNSERVER_GROUP" || exit 1 ;\
@@ -61,8 +63,8 @@ EXPOSE 5766
 # Relay Ports
 EXPOSE 49152-65535 49152-65535/udp
 
+#COPY ./docker-entrypoint.sh /
+#ENTRYPOINT ["/docker-entrypoint.sh"]
 
 WORKDIR ${INSTALL_PREFIX}
-
 CMD ${INSTALL_PREFIX}/bin/turnserver
-

docker/coturn/cert.pem

@@ -0,0 +1,35 @@
+-----BEGIN CERTIFICATE-----
+MIIGFzCCBP+gAwIBAgISA6lUbjohIPynulrqRhhtei8uMA0GCSqGSIb3DQEBCwUA
+MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
+ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA5MDkwOTM3NTJaFw0x
+ODEyMDgwOTM3NTJaMCExHzAdBgNVBAMTFmRvY2tlci5sYWIudnZjLm5paWYuaHUw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR2NpBf8lYR9x1Aq1AltIr
+huhuWPqtzRSTxNPlHAD5qfx86IWex59jx+aNAfYZSUg9Zex13XNgJAO37fSxQ5LY
+zEXDgGusIbaZ3rSW+62Smpw2p4nrDVetf39A83jXMTU/yWLT43ab6tgfpnggpHzO
+YLnaG46DVjTXEJTd38sRZoGZdHUcMqV7A5463vsoukBrmO9wpPUz6U/uTw7tD0eQ
+f5dJViqY88120hXIxqD9vxJpn7aOK2H9sa9OJ3XVRwyCpnB980CMM4kCqMh0j3EA
+z6T0UblDpEiZjcMVKyjKAlDntbQXmy0bvABdU1LI98QXqEGzGYBA+wxVs6hcf4+n
+AgMBAAGjggMeMIIDGjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFKrVAeFyV+crd1H1
+SOlUXtyYCALQMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsG
+AQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNl
+bmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNl
+bmNyeXB0Lm9yZy8wIQYDVR0RBBowGIIWZG9ja2VyLmxhYi52dmMubmlpZi5odTCB
+/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYB
+BQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCB
+ngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkg
+UmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUg
+Q2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQu
+b3JnL3JlcG9zaXRvcnkvMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAKTxRllTI
+OWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgAAAFlvejBzwAABAMARzBFAiEAwGHT
+AIxt5AEprWh2r7eyK/GZKZZheimdNtCca6q4LMACICxxpzVgjAkikFARMwUxvGfs
+73T5lSzAsRLa9w88bGSFAHYAwRZK4Kdy0tQ5LcgKwQdw1PDEm96ZGkhAwfoHUWT2
+M2AAAAFlvejDqgAABAMARzBFAiEAisNayIaZAimDAhbhpTuMhOY6ZCtqQqHHrTId
+HRTJD8cCIFhfNrFMemmfT9kAWZ2phtRqtVjAHYVEq5HbbcLnQ3YwMA0GCSqGSIb3
+DQEBCwUAA4IBAQAHhIpkn23C53LMI+ns5QDFDtGLxJWycZt83WowFXfFuT87K+LW
+n0kUMl3GLlEbP8hi7LAH21p9WNSfFFwQmdqiO/eRm8quDjfOMmDu7njVASzTSeke
+uiuSgqGq2BRiFI5juHo1UqqzQItcv4BvMS8l7bAQRgek2bhmUlb68Ebr3awFEdSQ
+McjzYKZT0mIQgVTWik7PyMJTnzFYu5KHiU6n8B/UZqZP3hAJnHt6pG0brjaKUcaD
+aPQYYxE363Vo0L7aC0Gkmi8FnS9f2c0nkxI4aMqbFlxiIztydHvk5R1gO7bOakP/
+Im62n/0uRF4BrgWqxYEuAYnzCYsqg1oByl8V
+-----END CERTIFICATE-----

docker/coturn/coturn.env

@@ -0,0 +1 @@
+# for future usage

docker/coturn/privkey.pem

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDR2NpBf8lYR9x1
+Aq1AltIrhuhuWPqtzRSTxNPlHAD5qfx86IWex59jx+aNAfYZSUg9Zex13XNgJAO3
+7fSxQ5LYzEXDgGusIbaZ3rSW+62Smpw2p4nrDVetf39A83jXMTU/yWLT43ab6tgf
+pnggpHzOYLnaG46DVjTXEJTd38sRZoGZdHUcMqV7A5463vsoukBrmO9wpPUz6U/u
+Tw7tD0eQf5dJViqY88120hXIxqD9vxJpn7aOK2H9sa9OJ3XVRwyCpnB980CMM4kC
+qMh0j3EAz6T0UblDpEiZjcMVKyjKAlDntbQXmy0bvABdU1LI98QXqEGzGYBA+wxV
+s6hcf4+nAgMBAAECggEBAJ6vpMR5NLIcjXqyjn9UThR6TVP813wMpG3mHvKXTal+
+wR9X2ouqmz6iURb6j7apcwZzB/BNiUz/jwxM1ogh+G8Xcf4YI9QkHmiXP+sY4TYG
+0vCFm0bzbQUXcAyW0R+x53mX+bMPxIa9fbfZc+gDWxnZjVGBGzD4RLcJo/lwnahG
+gt02EROW4bbHu+7EgWTnwH0WNO8ivtFs5qq6twOcCiA/ri5op2Qy1iLAWY6g2pf5
+exvJNeqUP2QNOgWJJpUADD/B+fUDrsYtLA9hba63IkRnTgeSCsOfB2Rmqkehg9SB
+bIZjqFDBCZuDhrdi4xyO+54TcKMAb04rNtu4g9vzXFkCgYEA/hs5CE/SEfh/FLaN
++mi/rAtgkVhEQzNOdV0KurPUf3fC8P86G0ylJcJ/qsNCZVxRU6R4lvk6ZE6OZY+o
+hbzgj1M9yd/jY1d9Qcua9v8EoZxyp7sgWMf++/DxrpPvcgQTlNNRV5rX/aDz8uL4
+GnZrkyLA+/0WFn/zAV7OjCw2FXsCgYEA02kxcuU+ldNkgHl7YrEl0tlWscfbzm10
+fRqMzuyyRyRgPEgKAIKExI0OVuwmyWvCFTbi8IOpZs/jtG3+r83RFY9VA0r0g3ch
+jilCaI+2P1ZYm0UAQCyVLCjtVLIZu4Z/h8TctHHDXUjy18xDdLNMTs7hIcbuH85Q
+hpzfcMRgmMUCgYEAmw6Ti73hazPeoA4RrwbyRxKeN7LL3NHXA4jl/i2z8qBq5VJo
+67WmZNc9vj7uKhneSpLnPwEQH5tMCy9RX2J1CSB7aM9k2v7NITQT+Lp+4fssf6uR
+Pnuz3ZsWbzg4ebOBG2Sjkziaqlrn4YOcb9FpLVyctGeobcxfxatLkH999TcCgYBx
+PhrHwbZJiSd/jhMipWNuUw8WQckjBQxt6ufb+3vvkbOe9rOs3D0ED87LjsmkAP3A
+YVsknFIEiX0ebAEN6MCDvPg7wE3Dke++d6lj2v8zZCwoV8ivl3H8apveT1xrT7tG
+XZQfcATHFklGgNrtSxGn8Tc04ZsyHFCUGrmxbO+VRQKBgE7CUNEDLRD1D34v/rYd
+e2yAeuQQiiKW1pNACBv6Y+Bc/tftunBh3ekTz5Z4XwRE1RZjdCjmEiT47IWh5mlu
+cylZTVCkk0RbbRDTA37uw5ggMuNrTy7p9ktC4V1RbfO/yFfu0+R5T4X/n+6UFxu0
+PQrYxRItI7dWCOyRl1nwUogT
+-----END PRIVATE KEY-----

docker/turnserver.conf → docker/coturn/turnserver.conf

@@ -38,12 +38,12 @@ tls-listening-port=5349
 # RFC 5780 is supported only by UDP protocol, other protocols
 # are listening to that endpoint only for "symmetry".
 #
-alt-listening-port=0
+#alt-listening-port=0
 
 # Alternative listening port for TLS and DTLS protocols.
 # Default (or zero) value means "TLS listening port plus one".
 #
-alt-tls-listening-port=0
+#alt-tls-listening-port=0
 
 # Listener IP address of relay server. Multiple listeners can be specified.
 # If no IP(s) specified in the config file or in the command line options,
@@ -123,6 +123,8 @@ alt-tls-listening-port=0
 #
 #external-ip=60.70.80.91/172.17.19.101
 #external-ip=60.70.80.92/172.17.19.102
+#external-ip=60.70.80.92/172.17.19.102
+external-ip=193.224.22.37
 
 
 # Number of the relay threads to handle the established connections
@@ -167,7 +169,7 @@ fingerprint
 # Uncomment to use long-term credential mechanism.
 # By default no credentials mechanism is used (any user allowed).
 #
-#lt-cred-mech
+lt-cred-mech
 
 # This option is opposite to lt-cred-mech.
 # (TURN Server with no-auth option allows anonymous access).
@@ -279,6 +281,8 @@ fingerprint
 #
 #psql-userdb="host=<host> dbname=<database-name> user=<database-user> password=<database-user-password> connect_timeout=30"
 
+#psql-userdb="host=postgresql dbname=coturn user=coturn password=CHANGE_ME connect_timeout=30"
+
 # MySQL database connection string in the case that we are using MySQL
 # as the user database.
 # This database can be used for long-term credential mechanism
@@ -293,6 +297,8 @@ fingerprint
 #
 #mysql-userdb="host=<host> dbname=<database-name> user=<database-user> password=<database-user-password> port=<port> connect_timeout=<seconds> read_timeout=<seconds>"
 
+mysql-userdb="host=mysql dbname=coturn user=coturn password=CHANGE_ME port=3306 connect_timeout=10 read_timeout=10"
+
 # If you want to use in the MySQL connection string the password in encrypted format,
 # then set in this option the MySQL password encryption secret key file.
 #
@@ -311,6 +317,9 @@ fingerprint
 #
 #mongo-userdb="mongodb://[username:password@]host1[:port1][,host2[:port2],...[,hostN[:portN]]][/[database][?options]]"
 
+#mongo-userdb="mongodb://coturn:CHANGE_ME@mongodb/coturn"
+#mongo-userdb="mongodb://mongodb/coturn"
+
 # Redis database connection string in the case that we are using Redis
 # as the user database.
 # This database can be used for long-term credential mechanism
@@ -319,6 +328,8 @@ fingerprint
 #
 #redis-userdb="ip=<ip-address> dbname=<database-number> password=<database-user-password> port=<port> connect_timeout=<seconds>"
 
+#redis-userdb="ip=redis dbname=2 password=CHANGE_ME connect_timeout=30"
+
 # Redis status and statistics database connection string, if used (default - empty, no Redis stats DB used).
 # This database keeps allocations status information, and it can be also used for publishing
 # and delivering traffic and allocation event notifications.
@@ -327,6 +338,8 @@ fingerprint
 #
 #redis-statsdb="ip=<ip-address> dbname=<database-number> password=<database-user-password> port=<port> connect_timeout=<seconds>"
 
+#redis-statsdb="ip=redis dbname=2 password=CHANGE_ME connect_timeout=30"
+
 # The default realm to be used for the users when no explicit
 # origin/realm relationship was found in the database, or if the TURN
 # server is not using any database (just the commands-line settings
@@ -337,6 +350,7 @@ fingerprint
 #       If domain name is empty string, or '(None)', then it is initialized to am empty string.
 #
 #realm=mycompany.org
+realm=example.org
 
 # The flag that sets the origin consistency
 # check: across the session, all requests must have the same
@@ -437,6 +451,7 @@ fingerprint
 # configuration file.
 #
 #cert=/usr/local/etc/turn_server_cert.pem
+cert=/etc/ssl/certs/cert.pem
 
 # Private key file.
 # Use an absolute path or path relative to the
@@ -444,6 +459,7 @@ fingerprint
 # Use PEM file format.
 #
 #pkey=/usr/local/etc/turn_server_pkey.pem
+pkey=/etc/ssl/private/privkey.pem
 
 # Private key file password, if it is in encoded format.
 # This option has no default value.
@@ -657,6 +673,7 @@ cli-port=5766
 # Or unsecure form for the same password:
 #
 #cli-password=qwerty
+cli-password=CHANGE_ME
 
 # Server relay. NON-STANDARD AND DANGEROUS OPTION.
 # Only for those applications when we want to run

docker/cp-schema.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+cp ../turndb/schema.sql mysql/
+cp ../turndb/schema.sql postgresql/

docker/docker-compose-all.yml

@@ -0,0 +1,108 @@
+version: "3"
+services:
+
+# MySQL mariadb
+  mysql:
+    build:
+      context: ./mysql
+    restart: unless-stopped
+    volumes:
+      - mysql-data:/var/lib/mysql/data
+    env_file: 
+      - mysql/mysql.env
+    networks:
+      - backend
+
+# PostgreSQL
+  postgresql:
+    build:
+      context: ./postgresql
+    restart: unless-stopped
+    volumes:
+      - postgresql-data:/var/lib/postgresql/data
+    env_file: 
+      - postgresql/postgresql.env
+    networks:
+      - backend
+
+# Redis
+  redis:
+    build:
+      context: ./redis
+    restart: unless-stopped
+    volumes:
+      - redis-data:/data
+    env_file: 
+      - redis/redis.env
+    networks:
+      - backend
+
+# MongoDB
+  mongodb:
+    image: mongo
+    restart: unless-stopped
+    volumes:
+      - mongodb-data:/data/db
+    env_file: 
+      - mongodb/mongodb.env
+    networks:
+      - backend
+
+
+# coTURN
+  coturn:
+    build:
+      context: ./coturn
+    restart: always
+    volumes:
+      - ${PWD}/coturn/turnserver.conf:/etc/turnserver.conf
+      - ${PWD}/coturn/privkey.pem:/etc/ssl/private/privkey.pem
+      - ${PWD}/coturn/cert.pem:/etc/ssl/certs/cert.pem
+    ports:
+## STUN/TURN
+      - "3478:3478"
+      - "3478:3478/udp"
+      - "3479:3479"
+      - "3479:3479/udp"
+      - "80:80"
+      - "80:80/udp"
+## STUN/TURN SSL
+      - "5349:5349"
+      - "5349:5349/udp"
+      - "5350:5350"
+      - "5350:5350/udp"
+      - "443:443"
+      - "443:443/udp"
+# Relay Ports
+#      - "49152-65535:49152-65535"
+#      - "49152-65535:49152-65535/udp"
+    networks:
+      - frontend
+      - backend
+    depends_on:
+      - mysql
+      - postgresql
+      - redis
+      - mongodb
+    env_file:
+      - coturn/coturn.env
+# DB
+      - mysql/mysql.env
+      - postgresql/postgresql.env
+      - redis/redis.env
+      - mongodb/mongodb.env
+volumes:
+  mysql-data:
+  postgresql-data:
+  redis-data:
+  mongodb-data:
+
+networks:
+  frontend:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.16.238.0/24
+  backend:
+    internal: true

docker/docker-compose-mongodb.yml

@@ -0,0 +1,63 @@
+version: "3"
+services:
+
+# MongoDB
+  mongodb:
+    image: mongo
+    restart: unless-stopped
+    volumes:
+      - mongodb-data:/data/db
+    env_file: 
+      - mongodb/mongodb.env
+    networks:
+      - backend
+
+
+# coTURN
+  coturn:
+    build:
+      context: ./coturn
+    restart: always
+    volumes:
+      - ${PWD}/coturn/turnserver.conf:/etc/turnserver.conf
+      - ${PWD}/coturn/privkey.pem:/etc/ssl/private/privkey.pem
+      - ${PWD}/coturn/cert.pem:/etc/ssl/certs/cert.pem
+    ports:
+## STUN/TURN
+      - "3478:3478"
+      - "3478:3478/udp"
+      - "3479:3479"
+      - "3479:3479/udp"
+      - "80:80"
+      - "80:80/udp"
+## STUN/TURN SSL
+      - "5349:5349"
+      - "5349:5349/udp"
+      - "5350:5350"
+      - "5350:5350/udp"
+      - "443:443"
+      - "443:443/udp"
+# Relay Ports
+#      - "49152-65535:49152-65535"
+#      - "49152-65535:49152-65535/udp"
+    networks:
+      - frontend
+      - backend
+    depends_on:
+      - mongodb
+    env_file:
+      - coturn/coturn.env
+# DB
+      - mongodb/mongodb.env
+volumes:
+  mongodb-data:
+
+networks:
+  frontend:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.16.238.0/24
+  backend:
+    internal: true

docker/docker-compose-mysql.yml

@@ -0,0 +1,64 @@
+version: "3"
+services:
+
+# MySQL mariadb
+  mysql:
+    build:
+      context: ./mysql
+    restart: unless-stopped
+    volumes:
+      - mysql-data:/var/lib/mysql/data
+    env_file: 
+      - mysql/mysql.env
+    networks:
+      - backend
+
+
+# coTURN
+  coturn:
+    build:
+      context: ./coturn
+    restart: always
+    volumes:
+      - ${PWD}/coturn/turnserver.conf:/etc/turnserver.conf
+      - ${PWD}/coturn/privkey.pem:/etc/ssl/private/privkey.pem
+      - ${PWD}/coturn/cert.pem:/etc/ssl/certs/cert.pem
+    ports:
+## STUN/TURN
+      - "3478:3478"
+      - "3478:3478/udp"
+      - "3479:3479"
+      - "3479:3479/udp"
+      - "80:80"
+      - "80:80/udp"
+## STUN/TURN SSL
+      - "5349:5349"
+      - "5349:5349/udp"
+      - "5350:5350"
+      - "5350:5350/udp"
+      - "443:443"
+      - "443:443/udp"
+# Relay Ports
+#      - "49152-65535:49152-65535"
+#      - "49152-65535:49152-65535/udp"
+    networks:
+      - frontend
+      - backend
+    depends_on:
+      - mysql
+    env_file:
+      - coturn/coturn.env
+# DB
+      - mysql/mysql.env
+volumes:
+  mysql-data:
+
+networks:
+  frontend:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.16.238.0/24
+  backend:
+    internal: true

docker/docker-compose-postgresql.yml

@@ -0,0 +1,64 @@
+version: "3"
+services:
+
+# PostgreSQL
+  postgresql:
+    build:
+      context: ./postgresql
+    restart: unless-stopped
+    volumes:
+      - postgresql-data:/var/lib/postgresql/data
+    env_file: 
+      - postgresql/postgresql.env
+    networks:
+      - backend
+
+
+# coTURN
+  coturn:
+    build:
+      context: ./coturn
+    restart: always
+    volumes:
+      - ${PWD}/coturn/turnserver.conf:/etc/turnserver.conf
+      - ${PWD}/coturn/privkey.pem:/etc/ssl/private/privkey.pem
+      - ${PWD}/coturn/cert.pem:/etc/ssl/certs/cert.pem
+    ports:
+## STUN/TURN
+      - "3478:3478"
+      - "3478:3478/udp"
+      - "3479:3479"
+      - "3479:3479/udp"
+      - "80:80"
+      - "80:80/udp"
+## STUN/TURN SSL
+      - "5349:5349"
+      - "5349:5349/udp"
+      - "5350:5350"
+      - "5350:5350/udp"
+      - "443:443"
+      - "443:443/udp"
+# Relay Ports
+#      - "49152-65535:49152-65535"
+#      - "49152-65535:49152-65535/udp"
+    networks:
+      - frontend
+      - backend
+    depends_on:
+      - postgresql
+    env_file:
+      - coturn/coturn.env
+# DB
+      - postgresql/postgresql.env
+volumes:
+  postgresql-data:
+
+networks:
+  frontend:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.16.238.0/24
+  backend:
+    internal: true

docker/docker-compose-redis.yml

@@ -0,0 +1,64 @@
+version: "3"
+services:
+
+# Redis
+  redis:
+    build:
+      context: ./redis
+    restart: unless-stopped
+    volumes:
+      - redis-data:/data
+    env_file: 
+      - redis/redis.env
+    networks:
+      - backend
+
+
+# coTURN
+  coturn:
+    build:
+      context: ./coturn
+    restart: always
+    volumes:
+      - ${PWD}/coturn/turnserver.conf:/etc/turnserver.conf
+      - ${PWD}/coturn/privkey.pem:/etc/ssl/private/privkey.pem
+      - ${PWD}/coturn/cert.pem:/etc/ssl/certs/cert.pem
+    ports:
+## STUN/TURN
+      - "3478:3478"
+      - "3478:3478/udp"
+      - "3479:3479"
+      - "3479:3479/udp"
+      - "80:80"
+      - "80:80/udp"
+## STUN/TURN SSL
+      - "5349:5349"
+      - "5349:5349/udp"
+      - "5350:5350"
+      - "5350:5350/udp"
+      - "443:443"
+      - "443:443/udp"
+# Relay Ports
+#      - "49152-65535:49152-65535"
+#      - "49152-65535:49152-65535/udp"
+    networks:
+      - frontend
+      - backend
+    depends_on:
+      - redis
+    env_file:
+      - coturn/coturn.env
+# DB
+      - redis/redis.env
+volumes:
+  redis-data:
+
+networks:
+  frontend:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.16.238.0/24
+  backend:
+    internal: true

docker/docker-compose.yml

@@ -1,77 +0,0 @@
-version: "3"
-services:
-
-# MySQL mariadb
-  mariadb:
-    image: mariadb
-    restart: unless-stopped
-    env_file: env/mysql.env
-    networks:
-      - backend
-
-# PostgreSQL
-  postgresql:
-    image: postgresql
-    restart: unless-stopped
-    env_file: env/postgresql.env
-    networks:
-      - backend
-
-# Redis
-  redis:
-    image: redis
-    restart: unless-stopped
-    env_file: env/redis.env
-    networks:
-      - backend
-
-# MongoDB
-  mongodb:
-    image: mongodb
-    restart: unless-stopped
-    env_file: env/mongodb.env
-    networks:
-      - backend
-
-
-# coTURN
-  coturn:
-    image: coturn
-    restart: unless-stopped
-    ports:
-## STUN/TURN
-      - "3478"
-      - "3478/udp"
-      - "3479"
-      - "3479/udp"
-      - "80"
-      - "80/udp"
-## STUN/TURN SSL
-      - "5349"
-      - "5349/udp"
-      - "5350"
-      - "5350/udp"
-      - "443"
-      - "443/udp"
-# Relay Ports
-      - "49152-65535"
-      - "49152-65535/udp"
-    networks:
-      - frontend
-      - backend
-    depends_on:
-      - mysql
-      - postgresql
-      - redis
-      - mongodb
-    env_file:
-      - env/coturn.env
-# DB
-      - env/mysql.env
-      - env/postresql.env
-      - env/redis.env
-      - env/mongodb.env
-
-networks:
-  frontend:
-  backend:

docker/mongodb/mongodb.env

@@ -0,0 +1,3 @@
+#MONGO_INITDB_ROOT_USERNAME=coturn
+#MONGO_INITDB_ROOT_PASSWORD=CHANGE_ME
+#MONGO_INITDB_DATABASE=coturn

docker/mysql/Dockerfile

@@ -0,0 +1,6 @@
+### init db with coturn schema
+FROM mariadb
+
+ADD init-coturn-db.sql /docker-entrypoint-initdb.d
+
+ADD schema.sql /docker-entrypoint-initdb.d

docker/mysql/init-coturn-db.sql

@@ -0,0 +1 @@
+ALTER DATABASE coturn CHARACTER SET latin1;

docker/mysql/mysql.env

@@ -0,0 +1,6 @@
+MYSQL_ROOT_PASSWORD=CHANGE_ME
+
+MYSQL_USER=coturn
+MYSQL_PASSWORD=CHANGE_ME
+MYSQL_DATABASE=coturn
+

docker/mysql/schema.sql

@@ -0,0 +1,55 @@
+
+CREATE TABLE turnusers_lt (
+    realm varchar(127) default '',
+    name varchar(512),
+    hmackey char(128),
+    PRIMARY KEY (realm,name)
+);
+
+CREATE TABLE turn_secret (
+	realm varchar(127) default '',
+	value varchar(256),
+	primary key (realm,value)
+);
+
+CREATE TABLE allowed_peer_ip (
+	realm varchar(127) default '',
+	ip_range varchar(256),
+	primary key (realm,ip_range)
+);
+
+CREATE TABLE denied_peer_ip (
+	realm varchar(127) default '',
+	ip_range varchar(256),
+	primary key (realm,ip_range)
+);
+
+CREATE TABLE turn_origin_to_realm (
+	origin varchar(127),
+	realm varchar(127),
+	primary key (origin)
+);
+
+CREATE TABLE turn_realm_option (
+	realm varchar(127) default '',
+	opt varchar(32),
+	value varchar(128),
+	primary key (realm,opt)
+);
+
+CREATE TABLE oauth_key (
+	kid varchar(128),
+	ikm_key varchar(256),
+	timestamp bigint default 0,
+	lifetime integer default 0,
+	as_rs_alg varchar(64) default '',
+	realm varchar(127),
+	primary key (kid)
+);
+
+CREATE TABLE admin_user (
+	name varchar(32),
+	realm varchar(127),
+	password varchar(127),
+	primary key (name)
+);

docker/postgresql/Dockerfile

@@ -0,0 +1,4 @@
+### init db with coturn schema
+FROM postgres
+
+ADD schema.sql /docker-entrypoint-initdb.d

docker/postgresql/postgresql.env

@@ -0,0 +1,3 @@
+POSTGRES_USER=coturn
+POSTGRES_PASSWORD=CHANGE_ME
+POSTGRES_DB=coturn

docker/postgresql/schema.sql

@@ -0,0 +1,55 @@
+
+CREATE TABLE turnusers_lt (
+    realm varchar(127) default '',
+    name varchar(512),
+    hmackey char(128),
+    PRIMARY KEY (realm,name)
+);
+
+CREATE TABLE turn_secret (
+	realm varchar(127) default '',
+	value varchar(256),
+	primary key (realm,value)
+);
+
+CREATE TABLE allowed_peer_ip (
+	realm varchar(127) default '',
+	ip_range varchar(256),
+	primary key (realm,ip_range)
+);
+
+CREATE TABLE denied_peer_ip (
+	realm varchar(127) default '',
+	ip_range varchar(256),
+	primary key (realm,ip_range)
+);
+
+CREATE TABLE turn_origin_to_realm (
+	origin varchar(127),
+	realm varchar(127),
+	primary key (origin)
+);
+
+CREATE TABLE turn_realm_option (
+	realm varchar(127) default '',
+	opt varchar(32),
+	value varchar(128),
+	primary key (realm,opt)
+);
+
+CREATE TABLE oauth_key (
+	kid varchar(128),
+	ikm_key varchar(256),
+	timestamp bigint default 0,
+	lifetime integer default 0,
+	as_rs_alg varchar(64) default '',
+	realm varchar(127),
+	primary key (kid)
+);
+
+CREATE TABLE admin_user (
+	name varchar(32),
+	realm varchar(127),
+	password varchar(127),
+	primary key (name)
+);

docker/redis/Dockerfile

@@ -0,0 +1,6 @@
+### init db with coturn schema
+FROM redis
+
+COPY redis.conf /usr/local/etc/redis/redis.conf
+CMD [ "redis-server", "/usr/local/etc/redis/redis.conf" ]
+

docker/redis/redis.conf

@@ -0,0 +1,3 @@
+timeout 0
+tcp-keepalive 60
+requirepass CHANGE_ME