nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-03-11 09:04:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/static/themes/default/icons/coturn.svg
Sunil Mohan Adapa b4e6c03bd7
coturn: New app to manage Coturn TURN/STUN server 
- Shows URLs and shared secret that communication servers like matrix-synapse
should be configured to. Later we will implement auto-configuring those servers.

- Allow selecting domain for the sake of TLS/DTLS certificate installation.

- Simplify systemd service file options. Drop log file and pid file support as
they are not needed with systemd. Add security options.

- Set custom configuration file by overriding systemd service file options so
that we don't have a problem with conffile prompts.

- Implement functional tests (and automatic diagnostics).

- Custom icon selected from the Noun project as Coturn project does not have
one.

- Backup/restore configuration file and certificates.

- Document some questions regarding configuration options.

Tests performed:

- App is not listed in the app page if 'advanced' flag is disabled.

- App name, icon and short description shows up correctly in apps page.

- App name, icon, short description, description, manual link, enable/disable
button and diagnostics link show up currently in app page.

- Verify that configuration used by coturn server is the FreedomBox
configuration by checking the cert path in the log output.

- PID file is not created in /var/run/turnserver/. It goes into /dev/null
according to the log output.

- No log file is created other than what is collected by systemd from command
line.

- systemctl show coturn.service shows all the intended restrictions such as
NoNewPrivileges, Protect* options.

- Run functional tests.

- Ensure that backup of configuration file works by taking backup, changing the
secret and restoring. During backup and restore coturn should be stopped and
started as per logs.

- Build Debian package. No warnings about the copyright file.

- Enabling the app enables the service and runs it.

- Disabling the app disables the service and stop it.

- All diagnostics tests pass.

- Diagnostic tests show firewall port coturn-freedombox for internal and
external networks, service coturn, and each listening port for udp4, udp6, tcp4
and tcp6.

- Information in the firewall page shows up properly. Enabling the app opens
firewall ports, and disabling it closes them.

- When the app is installed, if a cert domain is available, it will be used.
When multiple domains are available, one of them is picked.

- Status shows 4 URLs with the currently selected domain and secret key.

- Changing domain to another domain succeeds and reflects in the status
information.

- When no domain is configured. Installing the app succeeds. No domain is shown
in the list of domains.

- When domain is changed, the certificates files in /etc/coturn/certs are
overwritten.

- Certificates have the ownership turnserver:turnserver. Public key is cert.pem
has 644 permissions. Private is pkey.pem has 600 permissions. /etc/coturn/certs
is owned by root:root.

- Let's encrypt certificates are setup immediately after install.

- Port forwarding information shows all ports except for relay ports.

- Trying to create a user with username 'turnserver' throws an error. This
happens even when coturn is not installed yet.

- After installing coturn, the configuration file /etc/coturn/freedombox.conf is
created with ownership root:turnserver and permissions 640. The directory
/etc/coturn is created with ownership root:root and permissions 755.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
[jvalleroy: Fix copied form_valid comment]
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2020-05-02 18:51:23 -04:00

68 lines
2.8 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
viewBox="0 0 512 512"
x="0px"
y="0px"
version="1.1"
id="svg12"
sodipodi:docname="coturn.svg"
width="512"
height="512"
inkscape:version="0.92.4 (5da689c313, 2019-01-14)"
inkscape:export-filename="/home/bunny/work/freedombox/plinth/static/themes/default/icons/coturn.png"
inkscape:export-xdpi="48"
inkscape:export-ydpi="48">
<metadata
id="metadata18">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title>Communication, video, call, camera, talk, record, media</dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<defs
id="defs16" />
<sodipodi:namedview
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1"
objecttolerance="10"
gridtolerance="10"
guidetolerance="10"
inkscape:pageopacity="0"
inkscape:pageshadow="2"
inkscape:window-width="1782"
inkscape:window-height="1122"
id="namedview14"
showgrid="false"
inkscape:zoom="0.73750001"
inkscape:cx="23.98607"
inkscape:cy="48.884982"
inkscape:window-x="1233"
inkscape:window-y="454"
inkscape:window-maximized="0"
inkscape:current-layer="svg12" />
<title
id="title2">Communication, video, call, camera, talk, record, media</title>
<g
data-name="Video Call"
id="g6"
transform="matrix(10.24,0,0,10.24,-71.68,-71.68)">
<path
d="m 36.1963,35.02 -5,-1 a 0.9967,0.9967 0 0 0 -1.1025,0.5576 l -2.1484,4.6061 a 19.09,19.09 0 0 1 -9.1286,-9.1286 l 4.6061,-2.1483 a 1.0008,1.0008 0 0 0 0.5576,-1.1026 l -1,-5 A 1,1 0 0 0 22,21 h -6 a 1,1 0 0 0 -1,1 21.0508,21.0508 0 0 0 21,21 1,1 0 0 0 1,-1 V 36 A 1,1 0 0 0 36.1963,35.02 Z M 21.8652,26.4258 18.06,28.2009 A 16.9646,16.9646 0 0 1 17.0507,23 h 4.13 z m 9.709,9.709 L 35,36.82 v 4.13 A 17.4236,17.4236 0 0 1 29.8,39.9381 Z M 56.5254,20.1494 A 0.9978,0.9978 0 0 0 55.5527,20.1055 L 45,25.3818 V 19 A 3.0033,3.0033 0 0 0 42,16 H 10 a 3.0033,3.0033 0 0 0 -3,3 v 26 a 3.0033,3.0033 0 0 0 3,3 h 32 a 3.0033,3.0033 0 0 0 3,-3 v -6.3818 l 10.5527,5.2763 A 1,1 0 0 0 57,43 V 21 A 1,1 0 0 0 56.5254,20.1494 Z M 43,45 a 1.0009,1.0009 0 0 1 -1,1 H 10 A 1.0013,1.0013 0 0 1 9,45 V 19 a 1.0013,1.0013 0 0 1 1,-1 h 32 a 1.0009,1.0009 0 0 1 1,1 z m 12,-3.6182 -10,-5 v -8.7636 l 10,-5 z"
id="path4"
inkscape:connector-curvature="0" />
</g>
</svg>
Reference in New Issue View Git Blame Copy Permalink