Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
How to upgrade your server to include TURN. In docker-compose.yml:
TURN_SERVER_HOST: "turn.NETMAKER_BASE_DOMAIN"
TURN_SERVER_API_HOST: "https://turnapi.NETMAKER_BASE_DOMAIN"
TURN_PORT: "3479"
TURN_USERNAME: "REPLACE_TURN_USERNAME"
TURN_PASSWORD: "REPLACE_TURN_PASSWORD"
USE_TURN: "true"
2.a Replace NETMAKER_BASE_DOMAIN with your base domain. Replace REPLACE_TURN_USERNAME with a username of your choice, and REPLACE_TURN_PASSWORD with a password (should be strong)
turn:
container_name: turn
image: gravitl/turnserver:v1.0.0
network_mode: "host"
volumes:
- turn_server:/etc/config
environment:
DEBUG_MODE: "off"
VERBOSITY: "1"
TURN_PORT: "3479"
TURN_API_PORT: "8089"
CORS_ALLOWED_ORIGIN: "*"
TURN_SERVER_HOST: "turn.NETMAKER_BASE_DOMAIN"
USERNAME: "REPLACE_TURN_USERNAME"
PASSWORD: "REPLACE_TURN_PASSWORD"
3.a replace NETMAKER_BASE_DOMAIN, REPLACE_TURN_USERNAME, and REPLACE_TURN_PASSWORD with the same values as in 1.a.
volumes:
caddy_data: {}
caddy_conf: {}
sqldata: {}
dnsconfig: {}
mosquitto_logs: {}
turn_server: {}
caddy:
image: caddy:2.6.2
container_name: caddy
restart: unless-stopped
extra_hosts:
- "host.docker.internal:host-gateway"
volumes:
- /root/Caddyfile:/etc/caddy/Caddyfile
- caddy_data:/data
- caddy_conf:/config
ports:
- "80:80"
- "443:443"
# TURN
https://turn.NETMAKER_BASE_DOMAIN {
reverse_proxy host.docker.internal:3479
}
#TURN API
https://turnapi.NETMAKER_BASE_DOMAIN {
reverse_proxy http://host.docker.internal:8089
}
You should now have turn configured with your server.
Egress to 0.0.0.0/0 (internet gateways) is currently disabled. Will be re-implemented in a near-future release. If you use or need internet gateways, either stay with 0.17.1, or use the following list of ranges in place of 0.0.0.0/0:
0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4
EE should still be considered pre-release, and we do not recommend upgrading yet.
wget https://raw.githubusercontent.com/gravitl/netmaker/release_v0.18.5/scripts/nm-upgrade.sh && chmod +x nm-upgrade.sh && ./nm-upgrade.sh
Egress to 0.0.0.0/0 (internet gateways) is currently disabled. Will be re-implemented in a near-future release. If you use or need internet gateways, either stay with 0.17.1, or use the following list of ranges in place of 0.0.0.0/0:
0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4
EE should still be considered pre-release, and we do not recommend upgrading yet.
wget https://raw.githubusercontent.com/gravitl/netmaker/release_v0.18.5/scripts/nm-upgrade.sh && chmod +x nm-upgrade.sh && ./nm-upgrade.sh
nmctl
mqtts://mybroker.com:8083
(we will still default to wss)