DEV Community

Cover image for Deploying a Multi-Video Call Project with Node.js WebRTC Signaling Server: using STUN TURN on Ubuntu Server

Posted on • Updated on

Deploying a Multi-Video Call Project with Node.js WebRTC Signaling Server: using STUN TURN on Ubuntu Server

Deploying a Multi-Party Video Call Project with Node.js WebRTC Signaling Server: Implementing STUN and TURN on Ubuntu Server


WebRTC (Web Real-Time Communication) has revolutionized how we enable real-time peer-to-peer communication directly within web applications. In this guide, we'll walk through the process of deploying a multi-party video call project utilizing a Node.js WebRTC signaling server. We'll also explore the implementation of STUN and TURN servers to enhance connectivity in challenging network environments.

Step-by-Step Setup

1. Server Setup
Obtain an Ubuntu server, either from a cloud provider (like AWS, Azure, or DigitalOcean) or a local machine.

Install Node.js and npm (Node.js package manager) on the server using the following commands:

sudo apt update
sudo apt install nodejs npm
Enter fullscreen mode Exit fullscreen mode

2. Project Setup: WebRTC Signaling Server
Clone your Node.js project repository onto the server using Git.

git clone
Enter fullscreen mode Exit fullscreen mode

Navigate to the project directory and install project dependencies using npm:

cd your-project-directory
npm install
Enter fullscreen mode Exit fullscreen mode

Configure your server to run the signaling server using Nginx:

server {
    listen 80;

    location / {
        proxy_pass http://localhost:3030;
        # Other proxy settings

    add_header Permissions-Policy "geolocation 'self'; camera 'self'; speaker 'self';";
Enter fullscreen mode Exit fullscreen mode

3. Run the Application
Use a process manager like PM2 to start and manage your Node.js application:

pm2 start app.js
Enter fullscreen mode Exit fullscreen mode

Peers interact with a signaling server to share the handshakes and start a direct peer-to-peer transmission.

Image description

4. Implementing STUN and TURN Servers
Set up your own or use public STUN and TURN servers for network traversal and media relaying.

That's the point when we need a STUN server. It allows to detect peers public network addresses and establish a peer-to-peer connection behind a NAT.

Image description

A way to solve this problem is to use a TURN server. It has a public address, so both peers can interact with TURN server even behind firewalls. So when no direct peer-to-peer connection available, TURN server transmits audio/video streams of both peers just like a common media server.

Image description

We will be using coturn, free open-source implementation of TURN and STUN Server, evolved from rfc5766-turn-server project with additional new advanced features.

Install and configure the coturn server for TURN:

sudo apt-get -y update
sudo apt-get upgrade
sudo apt-get install coturn
sudo systemctl stop coturn
Enter fullscreen mode Exit fullscreen mode

Configure coturn's settings in /etc/turnserver.conf and start the service:

sudo nano /etc/default/coturn
Enter fullscreen mode Exit fullscreen mode

and remove the # before TURNSERVER_ENABLED.
Let's work on etc/turnserver.conf

First, let's save the current configuration, in case we want to look through the structure later.

sudo  mv /etc/turnserver.conf /etc/turnserver.config.backup
# Now paste the following to /etc/turnserver.conf
sudo nano /etc/turnserver.config
Enter fullscreen mode Exit fullscreen mode
# /etc/turnserver.conf
# STUN server port is 3478 for UDP and TCP, and 5349 for TLS.
# Allow connection on the UDP port 3478
# and 5349 for TLS (secure)

# Require authentication

# We will use the longterm authentication mechanism, but if
# you want to use the auth-secret mechanism, comment lt-cred-mech and 
# uncomment use-auth-secret
# Check:
#The static auth secret needs to be changed, in this tutorial
# we'll generate a token using OpenSSL
# use-auth-secret
# static-auth-secret=replace-this-secret
# ----
# If you decide to use use-auth-secret, After saving the changes, change the auth-secret using the following command:
# sed -i "s/replace-this-secret/$(openssl rand -hex 32)/" /etc/turnserver.conf
# This will replace the replace-this-secret text on the file with the generated token using openssl. 

# Specify the server name and the realm that will be used
# if is your first time configuring, just use the domain as name

# Important: 
# Create a test user if you want
# You can remove this user after testing


# Path to the SSL certificate and private key. In this example we will use
# the letsencrypt generated certificate files.

# Specify the allowed OpenSSL cipher list for TLS/DTLS connections

# Specify the process user and group
Enter fullscreen mode Exit fullscreen mode

Remember to Enable port 3478 and 5349 for TCP and UDP incoming connection.

sudo nano /etc/turnserver.conf
sudo systemctl start coturn
Enter fullscreen mode Exit fullscreen mode

5. Web Server Setup
Choose a web server Nginx to serve your Node.js application.
Configure SSL certificates for secure connections (use Let's Encrypt for automatic SSL certificate generation).

We need SSL certificate to configure out TURN server, so let's generate the SSL certificate using Let's Encrypt.

sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx -d -d
Enter fullscreen mode Exit fullscreen mode
server {
    listen 443 ssl;

    ssl_certificate /etc/letsencrypt/live/;
    ssl_certificate_key /etc/letsencrypt/live/;

    # Add other SSL settings here if needed

    location / {
        # Your existing configuration for handling requests

Enter fullscreen mode Exit fullscreen mode

6. Testing STUN and TURN Servers
Use the Trickle ICE tool to test your STUN and TURN servers.
Ensure that STUN server works with candidates of type "srflx" and TURN server with candidates of type "relay".

Deploying a multi-party video call project with a Node.js WebRTC signaling server is a powerful way to enable real-time communication within web applications. By implementing STUN and TURN servers, you enhance connectivity even in challenging network environments. Remember to allocate sufficient resources for TURN servers due to their higher processing and bandwidth requirements.

WebRTC continues to transform the way we communicate online, and with these steps, you're well on your way to creating seamless and robust real-time communication experiences.

Top comments (0)