59 lines
1.4 KiB
Markdown
59 lines
1.4 KiB
Markdown
# niom-turn
|
|
|
|
A minimal TURN/STUN server in Rust (Tokio), including long-term authentication (REALM/NONCE + MESSAGE-INTEGRITY) and optional TLS (`turns:`).
|
|
|
|
## Features
|
|
|
|
- STUN Binding (basic)
|
|
- TURN Allocate / Refresh
|
|
- CreatePermission, ChannelBind, Send
|
|
- UDP relay + return path as Data Indication or ChannelData
|
|
- TCP (`turn:`) and TLS (`turns:`) control plane (stream framing)
|
|
- TURN REST credentials (optional)
|
|
- Basic limits (allocations/permissions/channel bindings + rate limits)
|
|
|
|
## Quickstart
|
|
|
|
```bash
|
|
cargo build
|
|
cargo test
|
|
```
|
|
|
|
Local start (loads `appsettings.json` from the current working directory):
|
|
|
|
```bash
|
|
cp appsettings.example.json appsettings.json
|
|
cargo run --bin niom-turn
|
|
```
|
|
|
|
## Configuration
|
|
|
|
The current schema is shown in `appsettings.example.json`.
|
|
Important: `niom-turn` currently **always** loads `appsettings.json` from the **working directory**.
|
|
|
|
Details: `docs/config/runtime.md`.
|
|
|
|
## Deployment
|
|
|
|
See `docs/deployment.md` for:
|
|
- systemd unit (including `WorkingDirectory=/etc/niom-turn`)
|
|
- TLS certificate/key paths
|
|
- NAT / `relay.advertised_ip`
|
|
- debugging with `journalctl`
|
|
|
|
## Protocol / Interop notes
|
|
|
|
- `CHANNEL-BIND` can implicitly create the permission for that peer (interop with common clients).
|
|
- Responses are signed using an MI mode that matches the accepted request variant.
|
|
|
|
See `docs/turn_end_to_end_flow.md`.
|
|
|
|
## Docs
|
|
|
|
Entry point: `docs/index.md`.
|
|
|
|
## License
|
|
|
|
MIT
|
|
|