Nginx TURN

Hello everybody, I’ve installed jitsi on my Ubuntu 20.04 server.
What I’m trying to do is to set up the turn on port 443.
First of all I don’t know if I to open the ports

sudo ufw allow in 10000:20000/udp

even if I set up the turn.

But the main problem is the configuration of the other virtual hosts.
I am running moodle, nextcloud on my server and the are not working.
I’ve changed the vhost https port from 443 to 4445.

Then I edited the turn config as it follows:

stream {
    map $ssl_preread_server_name $name {
        meet.example.com web_backend;
        turn.meet.example.com turn_backend;
    }

    upstream web_backend {
        server 127.0.0.1:4444;
     }

upstream nextcloud {

  server 127.0.0.1:4445;
     }

    upstream turn_backend {
        server XXX.XXX.XXX.XXX:5349;  #my server's IP
       
    server {
        listen 443;
        listen [::]:443;

        # since 1.11.5
        ssl_preread on;

        proxy_pass $name;

        # Increase buffer to serve video
        proxy_buffer_size 10m;
    }
}


server {
    listen 443 ssl;
    server_name nextcloud.example.com www.nextcloud.example.com;

ssl_preread on;
    location / {
        proxy_pass http://nextcloud;
    }
}

I’m not very confident with nginx and idk where I am making mistakes.

I’ve also noticed that sometimes when there are 3 or more people on a conference, the cameras and audio disappear. What may be the cause?

Thank you in advance for you help

You need port 10000/udp (only) for better performance than turn allows. Also if your turn server don’t work port 10000/udp will do the job instead. And given your other requirements making turn work will be a tough task.

if you mean by that the Jitsi-meet main entry, it’s not a good idea if you want to get a true certificate like Let’sEncrypt (and you should).

if you are at this point you should forget about turn. It’s not strictly necessary for setting a small site, it’s only necessary for ‘business firewalls’ that are blocking port 10000/udp (and also to be fair by some VPNs - but if you want to host meetings that could be spied on by the NSA, you should first become an uber specialist in nginx and other stuff)

if your turn don’t work and you have no port 10000/udp available (check this forum), meeting of more than 2 people won’t work. That’s because 2 persons meeting work by direct communication between the users, while 3 persons meeting go through the videobridge (a Java process part of Jitsi-meet installation), a software that requires the use of port 10000/udp, either directly (simpler and faster option) or through relaying via turn (coturn software), more complicated and slower option. It’s difficult to make coturn work and frankly with your complicated setup, it’s artist work. I see no way of helping a non expert in going through its complications with a so convoluted setup. I’d not even attempt it myself.