Página inicial Explorar Ajuda
Registrar Entrar
Apq
/
coturn
mirror de https://github.com/coturn/coturn.git
1
0
Fork 0
Arquivos Issues 0 Wiki
Ver código fonte

Easy installation of coturn on AWS (#1581)

https://github.com/coturn/coturn/issues/1576

Co-authored-by: Pavel Punsky <[email protected]>
hariprasadt 11 meses atrás
pai
268f811f9e
commit
e5ffe6e0a3
1 arquivos alterados com 175 adições e 0 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 175 0
      scripts/install_coturn_on_aws_ec2.sh

+ 175 - 0
scripts/install_coturn_on_aws_ec2.sh
Ver arquivo 

@@ -0,0 +1,175 @@
 
+#!/bin/bash
 
+#####################################################################################
 
+############## purpose                 : install coturn as a server          ########
 
+############## verification on aws     : tested & verified on aws ec2        ########
 
+############## platform                : aws ec2                             ########
 
+############## aws ubuntu version      : ubuntu 22.04 LTS                    ########
 
+############## coturn base version     : 4.6.2                               ########
 
+############## dependent tools         : installs prometheus client as well  ########
 
+############## file permissions        : chmod 777 install_coturn_on_aws_ec2.sh #####
 
+############## run command             : ./install_coturn_on_aws_ec2.sh      ########
 
+############## developer               : [email protected]            ########
 
+#####################################################################################
 
+
 
+coturn_package="https://github.com/coturn/coturn/archive/refs/tags/4.6.2.tar.gz"
 
+coturn_version="4.6.2"
 
+
 
+if [ "$#" -eq 0 ]
 
+then
 
+  echo "coturn version is not supplied as argument, installing below version as default."
 
+  echo "default coturn package: $coturn_package"
 
+else
 
+  coturn_package="https://github.com/coturn/coturn/archive/refs/tags/$1.tar.gz"
 
+  coturn_version="$1"
 
+  echo "installing coturn package: $coturn_package"
 
+fi
 
+
 
+echo "--------> this script installs coturn server version $1 on aws ec2 instance..."
 
+
 
+echo "--------> create user turnserver..."
 
+sudo adduser --gecos "" --disabled-password turnserver
 
+
 
+echo "--------> updating packages..."
 
+sudo DEBIAN_FRONTEND=noninteractive apt-get -y update
 
+sudo DEBIAN_FRONTEND=noninteractive apt-get -y upgrade
 
+
 
+### install all dependent packages
 
+echo "--------> installing dependent packages..."
 
+sudo DEBIAN_FRONTEND=noninteractive apt-get install -y gcc make openssl-dev build-essential pkg-config libsystemd-dev musl-dev sqlite
 
+sudo DEBIAN_FRONTEND=noninteractive apt-get install -y libssl-dev libsqlite3-dev libevent-dev libpq-dev libmysqlclient-dev libhiredis-dev libmicrohttpd-dev
 
+
 
+### download prometheus client libraries
 
+echo "--------> installing prometheus client..."
 
+wget https://github.com/digitalocean/prometheus-client-c/releases/download/v0.1.3/libprom-dev-0.1.3-Linux.deb
 
+wget https://github.com/digitalocean/prometheus-client-c/releases/download/v0.1.3/libpromhttp-dev-0.1.3-Linux.deb
 
+sudo dpkg -i prometheus-client/libprom-dev-0.1.3-Linux.deb
 
+sudo dpkg -i prometheus-client/libpromhttp-dev-0.1.3-Linux.deb
 
+
 
+### download coturn source code
 
+echo "--------> downloading coturn $coturn_package"
 
+wget "$coturn_package"
 
+tar -xf "$coturn_version.tar.gz"
 
+cd "coturn-$coturn_version"
 
+./configure
 
+
 
+### compile & install coturn
 
+make
 
+echo "--------> installing coturn ..."
 
+sudo make install
 
+
 
+sudo bash -c "cat > /etc/default/coturn << EOL
 
+TURNSERVER_ENABLED=1
 
+EXTRA_OPTIONS=-v
 
+EOL"
 
+
 
+echo "--------> generating random key for realm..."
 
+secret_key=$(bash -c 'openssl rand -hex 32')
 
+
 
+### fetch ec2 public ip and private ip using metadata token (applicable for v2 version of metadata)
 
+echo "--------> retrieving public & private ips of ec2 instance..."
 
+aws_token=$(bash -c 'curl -s -X PUT "http://instance-data/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"')
 
+public_ip=$(bash -c 'curl -s -H "X-aws-ec2-metadata-token:'$aws_token'" -X GET "http://instance-data/latest/meta-data/public-ipv4"')
 
+private_ip=$(bash -c 'curl -s -H "X-aws-ec2-metadata-token:'$aws_token'" -X GET "http://instance-data/latest/meta-data/local-ipv4"')
 
+
 
+echo "--------> public ip: $public_ip, private ip: $private_ip"
 
+
 
+sudo bash -c "mv /etc/turnserver.conf /etc/turnserver.conf.original"
 
+
 
+### create configuration file for coturn with basic expected parameters
 
+### change below values as per your requirement.. like ports, username, password, etc.
 
+echo "--------> applying new config changes..."
 
+sudo bash -c "cat > /etc/turnserver.conf << EOL
 
+listening-port=3478
 
+tls-listening-port=5349
 
+# allow only TLSv1.2+
 
+no-tlsv1
 
+no-tlsv1_1
 
+userdb=/usr/local/var/db/turndb
 
+no-cli
 
+min-port=45000
 
+max-port=65535
 
+log-file=/var/log/turnserver/turnserver.log
 
+verbose
 
+fingerprint
 
+realm=${secret_key}
 
+lt-cred-mech
 
+user=username:password
 
+external-ip=${public_ip}/${private_ip}
 
+new-log-timestamp
 
+new-log-timestamp-format \"%FT%T%z\"
 
+log-binding
 
+prometheus
 
+EOL"
 
+
 
+### make coturn as auto recoverable by making it as a service
 
+sudo bash -c "cat > /lib/systemd/system/coturn.service << EOL
 
+[Unit]
 
+Description=coTURN STUN Server
 
+Documentation=man:coturn(1) man:turnadmin(1) man:turnserver(1)
 
+After=network.target
 
+
 
+[Service]
 
+User=turnserver
 
+Group=turnserver
 
+Type=notify
 
+EnvironmentFile=/etc/default/coturn
 
+ExecStart=/usr/local/bin/turnserver -c /etc/turnserver.conf --pidfile=
 
+Restart=on-failure
 
+InaccessibleDirectories=/home
 
+PrivateTmp=yes
 
+LimitCORE=infinity
 
+LimitNOFILE=1000000
 
+LimitNPROC=60000
 
+LimitRTPRIO=infinity
 
+LimitRTTIME=7000000
 
+
 
+[Install]
 
+WantedBy=multi-user.target
 
+EOL"
 
+
 
+### memory based database configurations
 
+sudo bash -c "sudo mkdir -p /var/lib/turn/turndb"
 
+sudo bash -c "sudo chown turnserver:turnserver /var/lib/turn/turndb"
 
+
 
+### apply log rotation policy to avoid "disk full" issues
 
+echo "--------> setting log rotation policy..."
 
+sudo bash -c "sudo mkdir -p /var/log/turnserver"
 
+sudo bash -c "sudo chown turnserver:turnserver /var/log/turnserver"
 
+sudo bash -c "cat > /etc/logrotate.d/coturn << EOL
 
+/var/log/turnserver/*.log
 
+{
 
+        rotate 7
 
+        daily
 
+        missingok
 
+        notifempty
 
+        compress
 
+        postrotate
 
+                /bin/systemctl kill -s HUP coturn.service
 
+        endscript
 
+}
 
+EOL"
 
+
 
+sudo ufw allow 80/tcp
 
+sudo ufw allow 443/tcp
 
+sudo ufw allow 3478/udp
 
+sudo ufw allow 5349/tcp
 
+
 
+#Running coTURN on privileged port 443
 
+sudo bash -c "setcap cap_net_bind_service=+ep /usr/local/bin/turnserver"
 
+
 
+sudo bash -c "sudo chown turnserver:turnserver /etc/default/coturn"
 
+sudo bash -c "sudo chown turnserver:turnserver /etc/turnserver.conf"
 
+
 
+echo "--------> starting coturn as a service..."
 
+sudo systemctl enable coturn.service
 
+sudo systemctl daemon-reload
 
+sudo systemctl restart coturn.service
 
+echo "--------> coturn is running successfully..."
 
+
 
+####
 
+echo "------ verification steps after installation -------"
 
+echo "a. check with command: ps -eaf | grep turnserver"
 
+echo "b. check with command: systemctl status coturn"
 
+echo "c. check configuration: cat /etc/turnserver.conf"
 
+echo "----------------------------------------------------"
 
+####