eturnal is a modern, straightforward STUN and TURN server. For authentication, the mechanism described in the REST API for Access to TURN Services specification is implemented. The server can easily be tested in a Linux shell or using Docker. For a persistent installation, see the following section.
Note: Running eturnal in container environments such as Docker or Kubernetes is described on a separate documentation page.
On APT-based Linux distributions, run:
sudo apt install extrepo
sudo extrepo enable eturnal
sudo apt update
sudo apt install eturnal
On DNF5-based Linux distributions, run:
sudo dnf config-manager addrepo --from-repofile=https://eturnal.net/eturnal.repo
sudo dnf install eturnal
sudo systemctl --now enable eturnal
On DNF4-based Linux distributions, run:
sudo dnf config-manager --add-repo https://eturnal.net/eturnal.repo
sudo dnf install eturnal
sudo systemctl --now enable eturnal
On YUM-based Linux distributions, run:
sudo yum-config-manager --add-repo https://eturnal.net/eturnal.repo
sudo yum install eturnal
sudo systemctl --now enable eturnal
On SUSE Linux Enterprise and openSUSE systems, distribution repositories can be used instead. There's also an official Alpine package. Gentoo users may install eturnal using the GURU overlay. On other Linux systems, the binary release can be installed as described in the reference documentation. On FreeBSD, the official port can be used. For Windows, an installer is available.
On macOS, homebrew can be used like this:
brew tap processone/eturnal https://github.com/processone/eturnal
brew install processone/eturnal/eturnal
On other platforms, eturnal is built from source.
The eturnal server is configured by editing the /etc/eturnal.yml
file. This
file uses the (indentation-sensitive!) YAML format. For TURN relaying to
work, you'll have to specify the shared authentication secret
and (if
autodetection fails) also the relay_ipv4_addr
option, which should be set to
the server's external IPv4 address. As an example, a configuration for
offering STUN and TURN services on port 3478 (UDP and TCP) might look like
this:
eturnal:
secret: "long-and-cryptic" # Shared secret, CHANGE THIS.
relay_ipv4_addr: "203.0.113.4" # The server's public IPv4 address.
relay_ipv6_addr: "2001:db8::4" # The server's public IPv6 address (optional).
A more detailed, commented example configuration is shipped with the eturnal server.
On Linux systems, the eturnal server is usually invoked by systemd. For
non-systemd platforms, example init and OpenRC scripts are shipped
below the etc
directory.
For controlling eturnal, the eturnalctl
command can be used; see:
eturnalctl help
If eturnal was started by systemd, log files are written into the
/var/log/eturnal
directory by default. In order to log to the journal
instead, the log_dir
option can be set to stdout
in the configuration file.
For a detailed description of eturnal's configuration options and the
eturnalctl
tool, see the reference documentation. For notable changes
between eturnal releases, see the change log.
Please use our issue tracker for bug reports and feature requests. Feel
free to (ab)use it for usage questions as well. If you happen to be using
XMPP, you could also join our public room
eturnal@conference.process-one.net
. Otherwise, just use the web client.
As an alternative, there's an #eturnal
channel on Slack.