Matrix coturn issues
from ludicolo@lemmy.ml to selfhosted@lemmy.world on 20 Nov 2024 12:09
https://lemmy.ml/post/22704162

I am trying to get coturn working on my vps provider (I am using digital ocean) for matrix rtc.

I cannot seem to get matrix dendrite to connect to it. I think I have landed on the issue being dns records in cloudflare but I am unsure. Recently I switched to cloudflare and have been using tunnels (which I use for matrix)

Matrix dendrite works fine besides rtc when I uncomment the lines for the turn server but then doesn’t function at all when they are there.

I am using ubuntu with docker for matrix dendrite and I am using a debian vps with digital ocean for the coturn server.

Any help is appreciated!

EDIT: Lemmy you beautiful community you!!! Solved yet another issue of mine!

#selfhosted

threaded - newest

hendrik@palaver.p3x.de on 20 Nov 2024 12:22 collapse

Have you checked your coturn server works correctly? And answers requests in the first place?

See if you get some lines with type "srflx" or "relay".

(And I believe coturn needs to bypass cloudflare. Unless you have an enterprise subscription, it doesn't do raw TCP/UDP connections. So TURN can't work through a free cloudflare tunnel. You need ports 3478, ... and port-min to port-max open on your VPS. And DNS (at least for coturn's subdomain) point to the correct IP of your VPS.)

ludicolo@lemmy.ml on 20 Nov 2024 12:44 collapse

So I checked and I do not think it can connect.

I have a cloudflare domain I am using and I am only using cloudflare tunnels for the matrix dendrite server not the coturn vps server. I am using cloudflare to setup dns record for coturn on my purchased domain. Is that still an issue?

EDIT:

so i just tried it with the regular vps ip address instead of the domain I set in the dns records and the test tools you linked say it is working that way.

hendrik@palaver.p3x.de on 20 Nov 2024 12:53 next collapse

I am getting feedback but i am unsure if it is saying it can connect

It does connect if you get a line with "srflx" or "relay". Otherwise it does not connect. And your whole coturn server might not be reachable at all.

I am using cloudflare to setup dns record for coturn on my purchased domain. Is that still an issue?

Well, that depends on how you set it up. What domain name are you using for coturn? (The one you put in the tester.) Where does it point to? To your cloudflare tunnel? To your real IP? And if it's pointing at cloudflare's endpoint: Do you have a paid subscription and set up Spectrum to forward the packets?

ludicolo@lemmy.ml on 20 Nov 2024 13:05 collapse

Sorry I jusy recently updated my comment. I was able to get it to say “relay” when using the regular public ip and port for my vps. It doesn’t work if I use the domain I created for it though “turn.domainexample.com”

The domain name should be pointed to the vps public ip type A

Paid subscription? No I only have the cloudflare domain and the vps subscription. Do I need the subscription to get this working? 😮‍💨

Or is there another solution?

hendrik@palaver.p3x.de on 20 Nov 2024 13:13 collapse

Once the TURN testing tools I linked, work with the domain name: You should be able to fill out the turn section in config/dendrite.yaml with that. It should be something like turn:turn.domainexample.com?transport=udp.

Maybe your DNS isn't pointing to the correct IP? You could try pinging it, or use the command dig A turn.domainexample.com and see if it returns the correct IP for the VPS.

(Edited)

ludicolo@lemmy.ml on 20 Nov 2024 13:22 collapse

I did fill that out, anytime I do matrix crashes and I think the logs say something along the lines of not being able to find the turn server. I just tried it now with the vps ip and port and it still caused matrix to crash.

The turn tesying tools don’t work with the URI at all its only the ip and port they work with.

When I use the dig A command it gives me different ips than the vps ip.

hendrik@palaver.p3x.de on 20 Nov 2024 13:30 collapse

Alright. I believe that means you need to fix your DNS.
"turn.domainexample.com" is pointing to a different server, and not the one running coturn.

Do you use Cloudflare as a DNS provider? I mean I don't know how that works, since I've never used it... But judging by the following documentation: https://developers.cloudflare.com/dns/manage-dns-records/reference/proxied-dns-records/

I believe you need a dedicated record for the turn subdomain that's not "Proxied", but "DNS only".

But(!) there seems to be a caveat. There is a note on that page, saying: "If you have multiple A/AAAA records on the same name and at least one of them is proxied, Cloudflare will treat all A/AAAA records on this name as being proxied." I believe that means you can't point one of the subdomains directly at your VPS. At least not with Cloudflare DNS.

Edit: I'm not sure though, why putting in the IP address doesn't work... I think that should work. I'm not sure what Dendrite does in the background. Have you added the correct secret or username/password and set the correct transport type (TCP/UDP)? Maybe you could add the port number if it's non-standard...

ludicolo@lemmy.ml on 20 Nov 2024 13:54 collapse

Progress has been made!

So I got it working with the domain name. The turn testing tools now respond with relay and pin point the vps server! Nice!

However when I put the info into the matrix dendrite.yaml it still crashes. The logs say

“Invalid config file: yaml: line 210: did not find expected key”

“Invalid config file: yaml: line 206: did not find expected " - " indicator”

Line 210 and 206 refer to the turn section which is formatted:

turn: turn_user_lifetime: “5m” turn_uris: - turn:turn.exampledomain.com?transport=udp - turn:turn.exampledomain.com?transport=tcp

turn_username: user
turn_password: password

EDIT: line 206 seems to be

  • turn:turn.exampledomain.com?transport=tcp

And line 210 is uncommented description so I don’t know what that is about

hendrik@palaver.p3x.de on 20 Nov 2024 14:03 collapse

Check your indentation. I'm not sure if Lemmy is messing with that, but there seems to be an additional erraneous space before turn_username and password in your config. And the dash should (I guess) be indented two spaces further than the previous line and then one space after the dash. I'm not sure if it's that.

ludicolo@lemmy.ml on 20 Nov 2024 14:10 collapse

Holy. Fuck. You just did it. You absolute madlad. It works no issues!!!

Thank you!!

hendrik@palaver.p3x.de on 20 Nov 2024 14:16 collapse

You're welcome! Glad I could help, happy self-hosting ☺️ Hope it also forwards everything correctly and the chat client/app works, too.

hendrik@palaver.p3x.de on 20 Nov 2024 13:07 next collapse

Concerning your Edit:

You might now want to try putting in the correct address into config/dendrite.yaml. That has a "turn" section. You could try and add an URL with the IP address (instead of a domain name) in "turn_uris".

I mean I'm probably the wrong person to ask. I don't use Cloudflare. And I also skipped Dendrite and went for the Conduit server... What's your reasoning to use Cloudflare in the first place? Maybe you want to get rid of it? Or add another supdomain to your DNS that directly points at your server, and have the turn_uri be that, so you don't have to put IP numbers into that section...

MangoPenguin@lemmy.blahaj.zone on 20 Nov 2024 13:44 collapse

Make sure cloudflare proxy is disabled on that DNS record.

ludicolo@lemmy.ml on 20 Nov 2024 13:59 collapse

Just barely fixed that! Thanks! I have another issue thst I fommented about though:

Progress has been made!

So I got it working with the domain name. The turn testing tools now respond with relay and pin point the vps server! Nice!

However when I put the info into the matrix dendrite.yaml it still crashes. The logs say

“Invalid config file: yaml: line 210: did not find expected key”

“Invalid config file: yaml: line 206: did not find expected " - " indicator”

Line 210 and 206 refer to the turn section which is formatted:

turn: turn_user_lifetime: “5m” turn_uris: - turn:turn.exampledomain.com?transport=udp - turn:turn.exampledomain.com?transport=tcp

turn_username: user
turn_password: password
    
MangoPenguin@lemmy.blahaj.zone on 20 Nov 2024 17:43 collapse

Throw the whole thing into a YAML linter: www.yamllint.com and see what it says. Likely a spacing/indent format error or something like that.