2 years ago · 4f95e9f562
--- a/compose/docker-compose.yml
+++ b/compose/docker-compose.yml
@@ -32,6 +32,8 @@ services:
 
				       TURN_SERVER_HOST: "turn.NETMAKER_BASE_DOMAIN"
			
 
				       TURN_SERVER_API_HOST: "https://api.turn.NETMAKER_BASE_DOMAIN"
			
 
				       TURN_PORT: "3479"
			
 
				+      TURN_USERNAME: "REPLACE_TURN_USERNAME"
			
 
				+      TURN_PASSWORD: "REPLACE_TURN_PASSWORD"
			
 
				     ports:
			
 
				       - "3478:3478/udp"
			
 
				   netmaker-ui:
			
--- a/config/config.go
+++ b/config/config.go
@@ -78,6 +78,8 @@ type ServerConfig struct {
 
				 	TurnServer           string    `yaml:"turn_server"`
			
 
				 	TurnApiServer        string    `yaml:"turn_api_server"`
			
 
				 	TurnPort             int       `yaml:"turn_port"`
			
 
				+	TurnUserName         string    `yaml:"turn_username"`
			
 
				+	TurnPassword         string    `yaml:"turn_password"`
			
 
				 }
			
 
				 
			
 
				 // ProxyMode - default proxy mode for server
			
--- a/logic/hosts.go
+++ b/logic/hosts.go
@@ -2,6 +2,7 @@ package logic
 
				 
			
 
				 import (
			
 
				 	"crypto/md5"
			
 
				+	"encoding/base64"
			
 
				 	"encoding/json"
			
 
				 	"errors"
			
 
				 	"fmt"
			
@@ -442,12 +443,12 @@ func ConvHostPassToHash(hostPass string) string {
 
				 
			
 
				 // RegisterHostWithTurn - registers the host with the given turn server
			
 
				 func RegisterHostWithTurn(hostID, hostPass string) error {
			
 
				-
			
 
				+	auth := servercfg.GetTurnUserName() + ":" + servercfg.GetTurnPassword()
			
 
				 	api := httpclient.JSONEndpoint[models.SuccessResponse, models.ErrorResponse]{
			
 
				-		URL:    servercfg.GetTurnApiHost(),
			
 
				-		Route:  "/api/v1/host/register",
			
 
				-		Method: http.MethodPost,
			
 
				-		//Authorization: fmt.Sprintf("Bearer %s", op.AuthToken),
			
 
				+		URL:           servercfg.GetTurnApiHost(),
			
 
				+		Route:         "/api/v1/host/register",
			
 
				+		Method:        http.MethodPost,
			
 
				+		Authorization: fmt.Sprintf("Basic %s", base64.StdEncoding.EncodeToString([]byte(auth))),
			
 
				 		Data: models.HostTurnRegister{
			
 
				 			HostID:       hostID,
			
 
				 			HostPassHash: ConvHostPassToHash(hostPass),
			
@@ -467,11 +468,12 @@ func RegisterHostWithTurn(hostID, hostPass string) error {
 
				 
			
 
				 // DeRegisterHostWithTurn - to be called when host need to be deregistered from a turn server
			
 
				 func DeRegisterHostWithTurn(hostID string) error {
			
 
				-
			
 
				+	auth := servercfg.GetTurnUserName() + ":" + servercfg.GetTurnPassword()
			
 
				 	api := httpclient.JSONEndpoint[models.SuccessResponse, models.ErrorResponse]{
			
 
				 		URL:           servercfg.GetTurnApiHost(),
			
 
				 		Route:         fmt.Sprintf("/api/v1/host/deregister?host_id=%s", hostID),
			
 
				 		Method:        http.MethodPost,
			
 
				+		Authorization: fmt.Sprintf("Basic %s", base64.StdEncoding.EncodeToString([]byte(auth))),
			
 
				 		Response:      models.SuccessResponse{},
			
 
				 		ErrorResponse: models.ErrorResponse{},
			
 
				 	}
			
--- a/mq/handlers.go
+++ b/mq/handlers.go
@@ -141,7 +141,10 @@ func UpdateHost(client mqtt.Client, msg mqtt.Message) {
 
				 		}
			
 
				 		sendPeerUpdate = true
			
 
				 	case models.RegisterWithTurn:
			
 
				-		logic.RegisterHostWithTurn(hostUpdate.Host.ID.String(), hostUpdate.Host.HostPass)
			
 
				+		err = logic.RegisterHostWithTurn(hostUpdate.Host.ID.String(), hostUpdate.Host.HostPass)
			
 
				+		if err != nil {
			
 
				+			logger.Log(0, "failed to register host with turn server: ", err.Error())
			
 
				+		}
			
 
				 	}
			
 
				 
			
 
				 	if sendPeerUpdate {
			
--- a/servercfg/serverconf.go
+++ b/servercfg/serverconf.go
@@ -663,6 +663,30 @@ func GetTurnPort() int {
 
				 	return port
			
 
				 }
			
 
				 
			
 
				+// GetTurnUserName - fetches the turn server username
			
 
				+func GetTurnUserName() string {
			
 
				+	userName := ""
			
 
				+	if os.Getenv("TURN_USERNAME") != "" {
			
 
				+		userName = os.Getenv("TURN_USERNAME")
			
 
				+	} else {
			
 
				+		userName = config.Config.Server.TurnUserName
			
 
				+	}
			
 
				+	return userName
			
 
				+
			
 
				+}
			
 
				+
			
 
				+// GetTurnPassword - fetches the turn server password
			
 
				+func GetTurnPassword() string {
			
 
				+	pass := ""
			
 
				+	if os.Getenv("TURN_PASSWORD") != "" {
			
 
				+		pass = os.Getenv("TURN_PASSWORD")
			
 
				+	} else {
			
 
				+		pass = config.Config.Server.TurnPassword
			
 
				+	}
			
 
				+	return pass
			
 
				+
			
 
				+}
			
 
				+
			
 
				 // IsProxyEnabled - is proxy on or off
			
 
				 func IsProxyEnabled() bool {
			
 
				 	var enabled = false //default
			
--- a/turnserver/internal/auth/auth.go
+++ b/turnserver/internal/auth/auth.go
@@ -15,10 +15,12 @@ var (
 
				 	authMapLock    = &sync.RWMutex{}
			
 
				 	HostMap        = make(map[string]string)
			
 
				 	authBackUpFile = "auth.json"
			
 
				+	backUpFilePath = filepath.Join("/etc/config", authBackUpFile)
			
 
				 )
			
 
				 
			
 
				 func init() {
			
 
				 	os.MkdirAll("/etc/config", os.ModePerm)
			
 
				+	loadCredsFromFile()
			
 
				 }
			
 
				 
			
 
				 func RegisterNewHostWithTurn(hostID, hostPass string) {
			
@@ -42,8 +44,16 @@ func dumpCredsToFile() {
 
				 		return
			
 
				 	}
			
 
				 
			
 
				-	err = os.WriteFile(filepath.Join("/etc/config", authBackUpFile), d, os.ModePerm)
			
 
				+	err = os.WriteFile(backUpFilePath, d, os.ModePerm)
			
 
				 	if err != nil {
			
 
				 		logger.Log(0, "failed to backup auth data: ", err.Error())
			
 
				 	}
			
 
				 }
			
 
				+
			
 
				+func loadCredsFromFile() error {
			
 
				+	d, err := os.ReadFile(backUpFilePath)
			
 
				+	if err != nil {
			
 
				+		return err
			
 
				+	}
			
 
				+	return json.Unmarshal(d, &HostMap)
			
 
				+}