xtr.dev/rondevu-demo
1
0
Fork 0
mirror of https://github.com/xtr-dev/rondevu-demo.git synced 2025-12-10 02:43:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add TURNS (secure) endpoints for upgraded TURN server

Browse Source 
Updated ICE configuration to use TURNS (TLS/DTLS) on port 5349
as the preferred relay method, with plain TURN on port 3478 as
fallback. WebRTC will try secure endpoints first for better
security and reliability.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
Bas van den Aakster
2025-12-06 15:58:15 +01:00
parent 2cbd46b27a
commit 3a42f74371
2 changed files with 34 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
CLAUDE.md
View File

@@ -6,12 +6,37 @@
When configuring TURN servers: When configuring TURN servers:
-**DO** include the port number in TURN URLs: `turn:server.com:3478` -**DO** use TURNS (secure) on port 5349 when available: `turns:server.com:5349`
-**DO** include TURN fallback on port 3478: `turn:server.com:3478`
-**DO** include the port number in TURN URLs (even if default)
-**DO** test TURN connectivity before deploying: `turnutils_uclient -u user -w pass server.com 3478 -y` -**DO** test TURN connectivity before deploying: `turnutils_uclient -u user -w pass server.com 3478 -y`
-**DO** provide both TCP and UDP transports for maximum compatibility -**DO** provide both TCP and UDP transports for maximum compatibility
-**DON'T** omit the port number (even if it's the default 3478) -**DON'T** omit the port number
-**DON'T** assume TURN works without testing -**DON'T** assume TURN works without testing
**Current Configuration:**
```javascript
const RTC_CONFIG = {
iceServers: [
{ urls: ["stun:stun.share.fish:3478"] },
{
urls: [
// TURNS (secure) - TLS/DTLS on port 5349 (preferred)
"turns:turn.share.fish:5349?transport=tcp",
"turns:turn.share.fish:5349?transport=udp",
// TURN (fallback) - plain on port 3478
"turn:turn.share.fish:3478?transport=tcp",
"turn:turn.share.fish:3478?transport=udp",
],
username: "webrtcuser",
credential: "supersecretpassword"
}
]
};
```
WebRTC will try TURNS (secure) endpoints first, falling back to plain TURN if needed.
### ICE Configuration ### ICE Configuration
**Force Relay Mode for Testing:** **Force Relay Mode for Testing:**

13
src/App.jsx
View File

@@ -6,19 +6,20 @@ const API_URL = 'https://api.ronde.vu';
const RTC_CONFIG = { const RTC_CONFIG = {
iceServers: [ iceServers: [
{ urls: ["stun:stun.ronde.vu:3478"] }, { urls: ["stun:stun.share.fish:3478"] },
{ {
urls: [ urls: [
"turn:turn.ronde.vu:3478?transport=tcp", // TURNS (secure) - TLS/DTLS on port 5349
"turn:turn.ronde.vu:3478?transport=udp", "turns:turn.share.fish:5349?transport=tcp",
"turns:turn.share.fish:5349?transport=udp",
// TURN (fallback) - plain on port 3478
"turn:turn.share.fish:3478?transport=tcp",
"turn:turn.share.fish:3478?transport=udp",
], ],
username: "webrtcuser", username: "webrtcuser",
credential: "supersecretpassword" credential: "supersecretpassword"
} }
], ],
// Force TURN relay to bypass NAT hairpinning (when testing on same network)
// Comment out for production to allow direct connections when possible
iceTransportPolicy: 'relay'
}; };
export default function App() { export default function App() {