Help with turnserver community plugin rules

[NoelleAttachedStorage]

Hey all,

I've been half halfheartedly been trying to get coturn working for quite some time now. I have nextcloud and Matrix instances running on my unRAID machine, but neither of them have working voice/video calls. With the new Discord policy change, I would really like to get Coturn working. I was first trying to get it working from a container on my unRAID machine, but that ultimately didn't work out. I have since built and deployed my OPNsense router and found out there's a Coturn plugin.

So far, I've made a DNS-only A record on Cloudflare pointing to my public IP. I then installed the community plugin for Coturn and just filled in the realm and other basic settings for a non-TLS turnserver. I plan to do proper TLS once I can do a trickleICE test and actually gather candidates. As of right now I'm really not sure what firewall rules/settings I need to create.

Have any of you deployed this plugin successfully that would be willing to share screenshots or advise on what rules I need to create? These are the basic settings I have so far (I plan to significantly reduce the port range, only have roughly 20 friends in my Nextcloud).

Thanks,

[nero355]

I have nextcloud and Matrix instances running on my unRAID machine, but neither of them have working voice/video calls.

Do you have 1:1 Port Translation configured for them ?

I am guessing you need to since a lot of Voice/Video Call software does not function correctly without it.

With the new Discord policy change, I would really like to get Coturn working.

Discord is SPYWARE as far as I am concerned so the less you have to deal with it the better! ;)

[NoelleAttachedStorage]

I've only just installed OPNsense maybe a month ago and honestly have very little familiarity with it lol. I did enable static port for the coturn container on the unraid machine but was still having problems, so I just decided it would be easier to run on the OPNsense router directly. My Nextcloud instance can't work with the built in turn server they use because I use a cloudflare proxy that breaks it. I think it would be simplest to enable the coturn service on my router, and point Matrix, Nextcloud, and any future webRTC applications at the coturn(.)my-domain.org I created.

I found this blog post, but it seems a bit outdated and with extra steps https://blog.wolfspyre.com/2024/may/opnsense-gets-its-turn/ I was hoping someone had more recently used the plugin and could share their settings/rules.

[NoelleAttachedStorage]

Discord is SPYWARE as far as I am concerned so the less you have to deal with it the better! ;)

yeah it really sucks how much information is locked behind using it these days.

[NoelleAttachedStorage]

Bump with a picture of my spare parts opnsense build. Surely someone has installed and configured this plugin lol

[nero355]

Bump with a picture of my spare parts opnsense build.

As a former Thermalright freak I approve this build !!!

- https://tweakers.net/i/mCY0F_YNMut5Ir9Aa-teoFO71zo=/fit-in/4920x3264/filters:max_bytes(3145728):no_upscale():strip_icc():strip_exif()/f/image/YB4h9eBrBWWLV53H8MffQWsN.jpg?f=user_large
- https://tweakers.net/i/QRkJJxvp7gXqCP1fFuFnd3dYaCs=/fit-in/4920x3264/filters:max_bytes(3145728):no_upscale():strip_icc():strip_exif()/f/image/3J1WlWNHDpqFwGQGaQp1FULd.jpg?f=user_large

;)

[NoelleAttachedStorage]

Bump with a picture of my spare parts opnsense build.

As a former Thermalright freak I approve this build !!!

- https://tweakers.net/i/mCY0F_YNMut5Ir9Aa-teoFO71zo=/fit-in/4920x3264/filters:max_bytes(3145728):no_upscale():strip_icc():strip_exif()/f/image/YB4h9eBrBWWLV53H8MffQWsN.jpg?f=user_large
- https://tweakers.net/i/QRkJJxvp7gXqCP1fFuFnd3dYaCs=/fit-in/4920x3264/filters:max_bytes(3145728):no_upscale():strip_icc():strip_exif()/f/image/3J1WlWNHDpqFwGQGaQp1FULd.jpg?f=user_large

;)

That's what's up lol,I dig the retro build archives. This was my partner's old 3800x, RAM, and motherboard combo. Bought a r5 430 for $10 just to have video out for inital setup 😹 The 3800X is extremely overkill I think, but it's what I had on hand haha.