NAME¶

turnadmin - a TURN relay administration tool.

SYNOPSIS¶

$ turnadmin [command] [options]
$ turnadmin [ -h | --help]

DESCRIPTION¶

Commands:

-P, --generate-encrypted-password

Generate and print to the standard output an encrypted form of a password (for web admin user or CLI). The value then can be used as a safe key for the password storage on disk or in the database. Every invocation for the same password produces a different result. The format of the encrypted password is: $5$<...salt...>$<...sha256(salt+password)...>. Salt is 16 characters, the sha256 output is 64 characters. Character 5 is the algorithm id (sha256). Only sha256 is supported as the hash function.

-k, --key

Generate key for a long-term credentials mechanism user.

-a, --add

Add or update a long-term user.

-A, --add-admin

Add or update an admin user.

-d, --delete

Delete a long-term user.

-D, --delete-admin

Delete an admin user.

-l, --list

List long-term users in the database.

-L, --list-admin

List admin users in the database.

-s, --set-secret=<value> Add shared secret for TURN REST API

-S, --show-secret

Show stored shared secrets for TURN REST API

-X, --delete-secret=<value> Delete a shared secret.

-O, --add-origin

Add origin-to-realm relation.

-R, --del-origin

Delete origin-to-realm relation.

-I, --list-origins

List origin-to-realm relations.

-g, --set-realm-option

Set realm params: max-bps, total-quota, user-quota.

-G, --list-realm-options

List realm params.

-E, --generate-encrypted-password-aes

Generate and print to the standard output an encrypted form of password with AES-128

Options with required values:

-b, --db, --userdb

SQLite user database file name (default - /var/db/turndb or /usr/local/var/db/turndb or /var/lib/turn/turndb). See the same option in the turnserver section.

-e, --psql-userdb

PostgreSQL user database connection string. See the --psql-userdb option in the turnserver section.

-M, --mysql-userdb

MySQL user database connection string. See the --mysql-userdb option in the turnserver section.

-J, --mongo-userdb

MongoDB user database connection string. See the --mysql-mongo option in the turnserver section.

-N, --redis-userdb

Redis user database connection string. See the --redis-userdb option in the turnserver section.

-u, --user

User name.

-r, --realm

Realm.

-p, --password

Password.

-x, --key-path

Generates a 128 bit key into the given path.

-f, --file-key-path

Contains a 128 bit key in the given path.

-v, --verify

Verify a given base64 encrypted type password.

-o, --origin

Origin

--max-bps

Set value of realm's max-bps parameter.

--total-quota

Set value of realm's total-quota parameter.

--user-quota

Set value of realm's user-quota parameter.

-h, --help

Help.

Command examples:

Generate an encrypted form of a password:

$ turnadmin -P -p <password>

Generate a key:

$ turnadmin -k -u <username> -r <realm> -p <password>

Add/update a user in the in the database:

$ turnadmin -a [-b <userdb-file> | -e <db-connection-string> | -M <db-connection-string> | -N <db-connection-string> ] -u <username> -r <realm> -p <password>

Delete a user from the database:

$ turnadmin -d [-b <userdb-file> | -e <db-connection-string> | -M <db-connection-string> | -N <db-connection-string> ] -u <username> -r <realm>

List all long-term users in MySQL database:

$ turnadmin -l --mysql-userdb="<db-connection-string>" -r <realm>

List all admin users in Redis database:

$ turnadmin -L --redis-userdb="<db-connection-string>"

Set secret in MySQL database:

$ turnadmin -s <secret> --mysql-userdb="<db-connection-string>" -r <realm>

Show secret stored in PostgreSQL database:

$ turnadmin -S --psql-userdb="<db-connection-string>" -r <realm>

Set origin-to-realm relation in MySQL database:

$ turnadmin --mysql-userdb="<db-connection-string>" -r <realm> -o <origin>

Delete origin-to-realm relation from Redis DB:

$ turnadmin --redis-userdb="<db-connection-string>" -o <origin>

List all origin-to-realm relations in Redis DB:

$ turnadmin --redis-userdb="<db-connection-string>" -I

List the origin-to-realm relations in PostgreSQL DB for a single realm:

$ turnadmin --psql-userdb="<db-connection-string>" -I -r <realm>

Create new key file for mysql password encryption:

$ turnadmin -E --key-path <key-file>

Create encrypted mysql password:

$ turnadmin -E --file-key-path <key-file> -p <secret>

Verify/decrypt encrypted password:

$ turnadmin --file-key-path <key-file> -v <encrypted>

DOCS¶

After installation, run the command:

$ man turnadmin

or in the project root directory:

$ man -M man turnadmin

to see the man page.

FILES¶

/etc/turnserver.conf

/var/db/turndb

/usr/local/var/db/turndb

/var/lib/turn/turndb

/usr/local/etc/turnserver.conf

DIRECTORIES¶

/usr/local/share/turnserver

/usr/local/share/doc/turnserver

/usr/local/share/examples/turnserver

SEE ALSO¶

turnserver, turnutils

WEB RESOURCES¶

project page:

https://github.com/coturn/coturn/

Wiki page:

https://github.com/coturn/coturn/wiki

forum:

https://groups.google.com/forum/?fromgroups=#!forum/turn-server-project-rfc5766-turn-server/

AUTHORS¶

Oleg Moskalenko <mom040267@gmail.com>

Gabor Kovesdan http://kovesdan.org/

Daniel Pocock http://danielpocock.com/

John Selbie (jselbie@gmail.com)

Lee Sylvester <lee@designrealm.co.uk>

Erik Johnston <erikj@openmarket.com>

Roman Lisagor <roman@demonware.net>

Vladimir Tsanev <tsachev@gmail.com>

Po-sheng Lin <personlin118@gmail.com>

Peter Dunkley <peter.dunkley@acision.com>

Mutsutoshi Yoshimoto <mutsutoshi.yoshimoto@mixi.co.jp>

Federico Pinna <fpinna@vivocha.com>

Bradley T. Hughes <bradleythughes@fastmail.fm>

Mihály Mészáros <misi@majd.eu>

ACTIVE MAINTAINERS¶

Mihály Mészáros <misi@majd.eu>