TURN servers doesn't appear in iceServers

Hi. I’ve added turncredential secret and hosts in com.example.cfg.lua

VirtualHost “example.com
…authentication = “anonymous”
…ssl = {
________key = “/var/lib/prosody/example.com.key”;
________certificate = “/var/lib/prosody/example.com.crt”;
…}
…modules_enabled = {
________“bosh”;
________“pubsub”;
…}
…c2s_require_encryption = false
VirtualHost “auth.example.com
…ssl = {
________key = “/var/lib/prosody/auth.example.com.key”;
________certificate = “/var/lib/prosody/auth.example.com.crt”;
…}
…authentication = “internal_plain”
admins = {“fous@auth.example.com”}
Component “conference.example.com” “muc”
Component “jitsi-videobridge.example.com
…component_secret = “YOURSECRET1”
Component “focus.example.com
…component_secret = “YOURSECRET2”
turncredentials_secret = “xxx”;
turncredentials = {
…{ type = “stun”, host = “turnserver.com”, port = 3478, transport = “udp”},
…{ type = “turn”, host = “turnserver.com”, port = 3478, transport = “tcp”},
…{ type = “turn”, host = “turnserver.com”, port = 3478, transport = “udp”},
};
modules_enabled = {
"turncredentials";
}

and I’ve added mod_turncredentails.lua from mod_turncredentials to the /usr/lib/prosody/modules/ path and also i’ve uncomment useStunTurn in config.js. When I add turn servers directly in config.js in stunServer = [{url:’turnserver.com’, credential:‘xxx’, username=‘yyy’}] it works well but when I use with mod_turncredentials.lua it doesn’t work and in the chrome://web-internals, iceServers is always empty list. Also I’ve enabled turncredentials module in com.example.cfg.lua.

This is my /etc/turnserver.conf:

listening-port=3478
lt-cred-mech
use-auth-secret
static-auth-secret=xxx
user=myusername:mypassword
cert=cert.pem
pkey=pkwy.pem

I need your help :relieved:

regards
Nima

Only turns candidates are added to the bridge connection: https://github.com/jitsi/lib-jitsi-meet/blob/c2f269884a4991f1cee466367b98a095ace0b811/modules/xmpp/strophe.jingle.js#L364
There is no point of adding turn candidates to the bridge connection, as the bridge itself is a udp relay. You want to add those candidates only for the tcp connections. You need to change your config to have:
{ type = “turns”, host = “turnserver.com”, port = 3478, transport = “tcp”}

I applied this but still doesn’t work. Maybe the problem is mod_turncredentials.lua

Did you restart prosody? Did you enable useStunTurn: true, under only p2p or also under the main level in config.js (check meet.jit.si config.js).

I had only enabled useStunTurn under p2p. Now I enable it under both level but it doesn’t work. I restart prosody after every change :woozy_face:

This is my config.js:
var config = {
hosts: {
domain: ‘example.com’,
focus: ‘focus.example.com’,
muc: ‘conference.example.com’,
bridge: ‘jitsi-videobridge.example.com
},
useNick: false,
bosh: ‘//example.com/http-bind’,
clientNode: ‘http://jitsi.org/jitsimeet’,
testing: {
enableFirefoxSimulcast: false,
p2pTestMode: false
},
disableSuspendVideo: true,
desktopSharingChromeExtId: null,
desktopSharingChromeSources: [ ‘screen’, ‘window’, ‘tab’ ],
desktopSharingChromeMinExtVersion: ‘0.1’,
channelLastN: -1,
useStunTurn: true,
enableWelcomePage: true,
enableUserRolesBasedOnToken: false,
p2p: {
enabled: true,
useStunTurn: true,
iceTransportPolicy: ‘all’,
preferH264: true
},
analytics: {
},
deploymentInfo: {
}};

One more thing. I comment stunServers in p2p but still default google stun servers appear in iceServer. I restart nginx after every change.

In order p2p to at least try establishing a connection a stun server is needed, that’s why there is a default set of servers in the code, if p2p is enabled and no servers are provided the default set will be used: https://github.com/jitsi/lib-jitsi-meet/blob/985a0bbfab72f88db668b64c25d5a4224452dfd6/modules/xmpp/xmpp.js#L48

You can check your config by visiting https://example.com/config.js, if you see your changes there and the web client is seeing those …