https://github.com/small-hack/coturn-chart

Coturn Helm Chart to provide a STUN/TURN Server on Kubernetes
https://github.com/small-hack/coturn-chart

coturn helm

Last synced: 8 months ago
JSON representation

Coturn Helm Chart to provide a STUN/TURN Server on Kubernetes

• Host: GitHub
• URL: https://github.com/small-hack/coturn-chart
• Owner: small-hack
• License: gpl-3.0
• Created: 2023-07-24T11:15:47.000Z (about 2 years ago)
• Default Branch: main
• Last Pushed: 2025-02-20T17:54:53.000Z (8 months ago)
• Last Synced: 2025-02-20T18:44:56.544Z (8 months ago)
• Topics: coturn, helm
• Language: Smarty
• Homepage: https://small-hack.github.io/coturn-chart/
• Size: 2.64 MB
• Stars: 12
• Watchers: 2
• Forks: 8
• Open Issues: 10
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# coturn Helm Chart



An unofficial [coturn](https://github.com/coturn/coturn) helm chart using the official [coturn docker image](https://hub.docker.com/r/coturn/coturn).

* [Usage](#usage)

  * [TLDR](#tldr)

  * [Basics](#basics)

    * [Coturn Realm](#coturn-realm)

    * [Adding a user declaritively](#adding-a-user-declaritively)

    * [Databases](#databases)

    * [Internal SQLite database](#internal-sqlite-database)

    * [Bundled PostgreSQL subchart](#bundled-postgresql-subchart)

    * [External PostgreSQL database](#external-postgresql-database)

    * [Bundled MySQL subchart](#bundled-mysql-subchart)

    * [External MySQL database](#external-mysql-database)

  * [Testing](#testing)

* [Status and Contributing](#status-and-contributing)

  * [Thanks](#thanks)

# Usage

### TLDR 

Note that you still need to fill out the [`charts/coturn/values.yaml`](./charts/coturn/values.yaml) (Autogenerated Docs can be found in [`charts/coturn/README.md`](./charts/coturn/README.md)).

```console

helm repo add coturn https://small-hack.github.io/coturn-chart/

helm install coturn coturn/coturn --values values.yaml

```

## Basics

### Coturn Realm

At very least, you'll need to configure a coturn [realm](https://github.com/coturn/coturn/blob/d7db17f048675f46fc2b30827813eeaf0c822fb2/examples/etc/turnserver.conf#L349-L358) which is like your hostname, and is used for authentication as well.

```yaml

# most coturn config parameters that you really need

coturn:

  # --  hostname for the coturn server realm

  realm: "turn.example.com"

```

### Adding a user declaritively

Pass in one set of credentials (username/password) directly either plaintext, or via an existing k8s secret, like this:

```yaml

# most coturn config parameters that you really need

coturn:

  # --  hostname for the coturn server realm

  realm: "turn.example.com"

  auth:

    # -- username for the main user of the turn server; ignored if you existingSecret is not ""

    username: "coturn"

    # -- password for the main user of the turn server; ignored if you existingSecret is not ""

    password: "myverysecretpasswordthatimobviouslygoingtochangeright"

    # -- existing secret with keys username/password for coturn; if this is not "" then we will ignore coturn.auth.username/password

    existingSecret: ""

    secretKeys:

      # -- key in existing secret for turn server user

      username: username

      # -- key in existing secret for turn server user's password

      password: password

```

Currently only one user is supported, but we'd like to support adding more than that to match what is possible in the [coturn/coturn:`examples/etc/turnserver.conf`](https://github.com/coturn/coturn/blob/d7db17f048675f46fc2b30827813eeaf0c822fb2/examples/etc/turnserver.conf#L256-L280)

### Databases

### Internal SQLite database

If you would like to use the built-in sqlite database, set `externalDatabse.enabled` and `postgresql.enabled` to `false` in your `values.yaml` like this:

```yaml

externalDatabse:

  enabled: false

postgresql:

  enabled: false

```

### Bundled PostgreSQL subchart

We provide optional Bitnami Postgresql subchart to deploy an external database. You can use it like this:

```yaml

externalDatabse:

  enabled: true

postgresql:

  enabled: false

  global:

    postgresql:

      # -- global.postgresql.auth overrides postgresql.auth

      auth:

        # -- username for database, ignored if existingSecret is passed in

        username: "coturn"

        # -- password for db, autogenerated if empty & existingSecret empty

        password: "mycoolpasswordthatisplaintextforsomereason"

        # -- database to create, ignored if existingSecret is passed in

        database: "coturn"

        # -- name of existing Secret to use for postgresql credentials

        existingSecret: ""

        # Names of the keys in existing secret to use for PostgreSQL credentials

        # all of these are ignored if existingSecret is empty

        secretKeys:

          # -- key in existingSecret for database to create

          hostname: "hostname"

          # -- key in existingSecret for database to create

          database: "database"

          # -- key in exsiting Secret to use for the coturn user

          username: "username"

          # -- key in existing Secret to use for postgres admin user's password

          adminPasswordKey: "postgresPassword"

          # -- key in existing Secret to use for coturn user's password

          userPasswordKey: "password"

```

You're free to use any other values you find in the [Bitnami postgresql helm values](https://github.com/bitnami/charts/tree/main/bitnami/postgresql) under the `postgresql` parameter in your values.yaml for coturn.

### External PostgreSQL database

If `externalDatabase.enabled` is set to `true`, and `postgresql.enabled` is set to false, you can pass in credentials from an existing postgresql database, like this:

```yaml

externalDatabse:

  enabled: true

  # -- Currently only postgresql is supported. mariadb/mysql coming soon

  type: "postgresql"

  # -- required if externalDatabase.enabled: true and postgresql.enabled: false

  hostname: "mypostgresserver"

  # -- username for database, ignored if existingSecret is passed in

  username: "coturn"

  # -- password for database, ignored if existingSecret is passed in

  password: "coolpasswordfordogs"

  # -- database to create, ignored if existingSecret is passed in

  database: "coturn"

  # -- name of existing Secret to use for postgresql credentials

  existingSecret: ""

  # Names of the keys in existing secret to use for PostgreSQL credentials

  secretKeys:

    # -- key in existing Secret to use for the db user

    username: ""

    # -- key in existing Secret to use for db user's password

    password: ""

    # -- key in existing Secret to use for the database name

    database: ""

    # -- key in existing Secret to use for the db's hostname

    hostname: ""

postgresql:

  enabled: false

```

### Bundled MySQL subchart

We provide optional Bitnami MySQL subchart to deploy an external database. You can use it like this:

```yaml

mysql:

  enabled: true

  auth:

    # -- username for database, ignored if existingSecret is passed in

    username: "coturn"

    # -- password for db, autogenerated if empty & existingSecret empty

    password: "mycoolpasswordthatisplaintextforsomereason"

    # -- database to create, ignored if existingSecret is passed in

    database: "coturn"

    # -- Use existing secret for password details. 

    # The secret has to contain the keys mysql-root-password, mysql-replication-password and mysql-password

    existingSecret: ""

    # Names of the keys in existing secret to use for MySQL credentials

    secretKeys:

      # -- key in exsiting Secret to use for the coturn user

      username: "username"

      # -- key in existing Secret to use for coturn user's password

      password: "password"

```

You're free to use any other values you find in the [Bitnami mysql helm values](https://github.com/bitnami/charts/tree/main/bitnami/mysql) under the `mysql` parameter in your values.yaml for coturn.

### External MySQL database

If `externalDatabase.enabled` is set to `true`, and `mysql.enabled` is set to false, you can pass in credentials from an existing mysql database, like this:

```yaml

externalDatabse:

  enabled: true

  # -- Currently postgresql and mysql are supported.

  type: "mysql"

  # -- required if externalDatabase.enabled: true and mysql.enabled: false

  hostname: "mysqlserver"

  # -- username for database, ignored if existingSecret is passed in

  username: "coturn"

  # -- password for database, ignored if existingSecret is passed in

  password: "coolpasswordfordogs"

  # -- database to create, ignored if existingSecret is passed in

  database: "coturn"

  # -- name of existing Secret to use for mysql credentials

  existingSecret: ""

  # Names of the keys in existing secret to use for MySQL credentials

  secretKeys:

    # -- key in existing Secret to use for the db user

    username: ""

    # -- key in existing Secret to use for db user's password

    password: ""

    # -- key in existing Secret to use for the database name

    database: ""

    # -- key in existing Secret to use for the db's hostname

    hostname: ""

mysql:

  enabled: false

```

## Testing

Source: [Tutorial for turnutils_uclient and Coturn server](https://gist.github.com/cameronelliott/be1e581cb7b28f748e04bcabc249e6b6)

1. Install coturn:

  

    ```bash

    brew install coturn

    ```

2. Test the connection to the server. This is an example for LoadBalancer type services:

    ```bash

    turnutils_uclient -u $COTURN_USER \

      -w $COTURN_PASSWORD \

      -L $CLIENT_IP \

      -y $SERVER_UDP_IP

    ```

    A Successful test looks like this:

  

    ```logtalk

    0: (18446744073709551615): INFO: Total connect time is 0

    1: (18446744073709551615): INFO: start_mclient: msz=4, tot_send_msgs=0, tot_recv_msgs=0, tot_send_bytes ~ 0, tot_recv_bytes ~ 0

    2: (18446744073709551615): INFO: start_mclient: msz=4, tot_send_msgs=0, tot_recv_msgs=0, tot_send_bytes ~ 0, tot_recv_bytes ~ 0

    3: (18446744073709551615): INFO: start_mclient: msz=4, tot_send_msgs=10, tot_recv_msgs=10, tot_send_bytes ~ 1000, tot_recv_bytes ~ 1000

    4: (18446744073709551615): INFO: start_mclient: msz=1, tot_send_msgs=20, tot_recv_msgs=20, tot_send_bytes ~ 2000, tot_recv_bytes ~ 2000

    4: (18446744073709551615): INFO: start_mclient: tot_send_msgs=20, tot_recv_msgs=20

    4: (18446744073709551615): INFO: start_mclient: tot_send_bytes ~ 2000, tot_recv_bytes ~ 2000

    4: (18446744073709551615): INFO: Total transmit time is 4

    4: (18446744073709551615): INFO: Total lost packets 0 (0.000000%), total send dropped 0 (0.000000%)

    4: (18446744073709551615): INFO: Average round trip delay 5.500000 ms; min = 4 ms, max = 13 ms

    4: (18446744073709551615): INFO: Average jitter 1.700000 ms; min = 0 ms, max = 9 ms

    ```

If you're developing the helm chart, note that we have [GitHub Actions CI jobs](https://github.com/small-hack/coturn-chart/blob/main/.github/workflows/lint-and-test-chart.yaml) to test the chart with sqllite, postgresql, and mysql. You can see an example [here](https://github.com/small-hack/coturn-chart/actions/runs/8451352725).

# Status and Contributing

This is actively maintained by both live developers and [renovateBot](https://github.com/renovatebot/github-action) via a scheduled Github Action. If you'd like to contribute, please read the [CONTRIBUTING.md](./CONTRIBUTING.md) feel free to open a PR :) If you'd like a feature or want to report a bug, please do that in the GitHub Issues. If you know coturn and k8s well enough, please also feel free to scan the issues and help others <3 We recently moved the repo from jessebot's account to the small-hack org where we maintain all our helm charts.

## Thanks

This is a fork of the, now deprecated, [iits-consulting/coturn](https://github.com/iits-consulting/coturn-chart) chart. Thanks to them for getting this started.