/[resiprocate]/main/reTurn/reTurnServer.config
ViewVC logotype

Contents of /main/reTurn/reTurnServer.config

Parent Directory Parent Directory | Revision Log Revision Log


Revision 10717 - (show annotations) (download)
Fri Dec 6 12:34:10 2013 UTC (6 years ago) by dpocock
File size: 6817 byte(s)
reTurn: add support for TLS private key in standalone file
1 ########################################################
2 # reTurnServer configuration file
3 ########################################################
4
5 ########################################################
6 # Transport settings
7 ########################################################
8
9 # Local IP Address to bind base STUN/TURN transports to.
10 # Note: This is the IP Address that clients should be configured to
11 # send STUN/TURN traffic to.
12 # Warning: If you are enabling RFC3489 backwards compatability
13 # (see AltStunAddress and AltStunPort settings), then do
14 # not leave this set to INADDR_ANY (0.0.0.0), place
15 # a valid IP address from a local NIC here.
16 TurnAddress = 0.0.0.0
17
18 # Local IPv6 Address to bind base STUN/TURN transports to.
19 # Note: This is the IP Address that IPv6 clients should be configured to
20 # send STUN/TURN traffic to.
21 # Not currently supported with RFC3489 backwards compatability
22 TurnV6Address = ::0
23
24 # Local UDP/TCP Port to bind base STUN/TURN transports to.
25 # Note: This is the port that clients should be configured to
26 # send STUN/TURN traffic over UDP and TCP.
27 # reTurn will always bind on this port using both UDP and TCP.
28 TurnPort = 3478
29
30 # Local TLS Port to bind base STUN/TURN transports to.
31 # Note: This is the port that clients should be configured to
32 # send STUN/TURN traffic over TLS.
33 # Set this to 0 to disable TLS support.
34 # The default port for STUN over TLS is 5349
35 # It is often necessary to use port 443 instead so that
36 # users can connect through a HTTP proxy that only allows
37 # traffic that appears to be going to a HTTPS server.
38 TlsTurnPort = 5349
39
40 # Local IP Address to bind the transports used in Classic Stun
41 # NAT type discovery. Note: This address is only required if
42 # you need Classic Stun (RFC3489) support.
43 # It must be different from the TurnAddress setting, and a valid
44 # local IP Address. Use 0.0.0.0 to disable RFC3489 backwards compatbility
45 # support.
46 # Note: The STUN/TURN Client should not be configured with this
47 # address anywhere. This address is discovered by clients
48 # in Binding responses that are sent to the TurnAddress.
49 AltStunAddress = 0.0.0.0
50
51 # Local UDP Port to bind classic STUN (RFC3489) transports to.
52 # Set AltStunPort to 0 to disable any RFC3489 backwards compatibility,
53 # if you do not have a need to support the NAT type discovery procedures
54 # of RFC3489.
55 # Note: STUN/TURN Client should not be configured with this port anywhere.
56 # This port is discovered by clients in Binding responses that are
57 # sent to the TurnAddress/TurnPort.
58 AltStunPort = 0
59
60
61 ########################################################
62 # Logging settings
63 ########################################################
64
65 # Logging Type: syslog|cerr|cout|file
66 LoggingType = file
67
68 # Logging level: NONE|CRIT|ERR|WARNING|INFO|DEBUG|STACK
69 LoggingLevel = DEBUG
70
71 # Log Filename
72 LogFilename = reTurnServer.log
73
74 # Log file Max Size
75 LogFileMaxLines = 50000
76
77
78 ########################################################
79 # UNIX related settings
80 ########################################################
81
82 # Must be true or false, default = false, not supported on Windows
83 Daemonize = false
84
85 # On UNIX it is normal to create a PID file
86 # if unspecified, no attempt will be made to create a PID file
87 #PidFile = /var/run/reTurnServer/reTurnServer.pid
88
89 # UNIX account information to run process as
90 #RunAsUser = return
91 #RunAsGroup = return
92
93
94 ########################################################
95 # Authentication settings
96 ########################################################
97
98 # Authentication Realm for Long Term Passwords
99 AuthenticationRealm = reTurn
100
101 # File containing user authentication data.
102 # The format of each line is:
103 #
104 # login:password:realm:state
105 #
106 # Typically, the realm field must match the value of AuthenticationRealm
107 # defined above.
108 #
109 # The state field can be one of:
110 #
111 # authorized (user authorized)
112 # refused (user denied access)
113 # restricted (for when bandwidth limiting is implemented)
114 #
115 # This file format is interchangeable with TurnServer.org's user database
116 #
117 UserDatabaseFile = users.txt
118
119
120 ########################################################
121 # TURN Allocation settings
122 ########################################################
123
124 NonceLifetime = 3600
125
126 # The starting port number to use for TURN allocations.
127 # This number MUST be an even number, in order to ensure
128 # proper operation for allocation of RTP port pairs.
129 # Default: 49152 (start of the Dynamic and/or Private Port range
130 # - recommended by RFC)
131 AllocationPortRangeMin = 49152
132
133 # The ending port number to use for TURN allocations.
134 # This number MUST be an odd number, in order to ensure
135 # proper operation for allocation of RTP port pairs.
136 # Default: 65535 (end of the Dynamic and/or Private Port range
137 # - recommended by RFC)
138 AllocationPortRangeMax = 65535
139
140 # Default time (in seconds) that an allocation will expire if an allocation
141 # refresh request is not sent. Default is 600 (10 minutes).
142 DefaultAllocationLifetime = 600
143
144 # Maximum time (in seconds) allowed that will be accepted in an allocation requests
145 # lifetime header (ie. between TURN allocation refreshes). If an allocation is
146 # received with a higher lifetime, then the response will be returned with this
147 # value instead. Default is 3600 (1 hour).
148 MaxAllocationLifetime = 3600
149
150
151 ########################################################
152 # SSL/TLS Certificate settings
153 ########################################################
154
155 # TLS Server Certificate Filename (loaded from working directory)
156 # The PEM formated file that contains the server certificate.
157 # If the CA supplieds an intermediate certificate chain, those
158 # certificates should also be appened to this file.
159 # The private key may optionally be included in this file
160 # or in a separate key file specified by TlsServerPrivateKeyFilename
161 TlsServerCertificateFilename = server.pem
162
163 # TLS Server Private Key Filename (loaded from working directory)
164 # The PEM formated file that contains the private key of the certificate
165 # that will be presented to clients connecting over TLS.
166 # If not specified, reTurn will also try to find the private key
167 # in the file specified by TlsServerCertificateFilename
168 TlsServerPrivateKeyFilename = server-key.pem
169
170 # TLS temporary Diffie-Hellman parameters file (loaded from working directory)
171 TlsTempDhFilename = dh512.pem
172
173 # TLS server private key certificate password required to read
174 # from PEM file. Leave blank if key is not encrypted.
175 TlsPrivateKeyPassword =
176
177

webmaster AT resiprocate DOT org
ViewVC Help
Powered by ViewVC 1.1.27