(D241122) godns webhook coturn and dynamic IP address on FreeBSD
This is for FreeBSD. It may not work on Linux because sh and sed on FreeBSD are not the same as Linux (bash and other sed).
We're running a STUN/TURN server, it work well but we don't have a static IP address. Everytime we got a new IP address we need to change coturn config and restart the service.
There is a way to get it work by a cron job that run a shell script check public ip every 5 minutes and restart service if the public IP address has changed.
#!/bin/bash
# Linux only, doesn't work on FreeBSD
current_external_ip_config=$(cat /etc/turnserver.conf | grep "^external-ip" | cut -d'=' -f2)
current_external_ip=$(dig +short <MY_DOMAIN>)
if [[ -n "$current_external_ip" ]] && [[ $current_external_ip_config != $current_external_ip ]]; then
sed -i "/^external-ip=/ c external-ip=$current_external_ip" /etc/turnserver.conf
systemctl restart coturn
firef: set up with dynamic ip address
Since we're running a godns daemon to update our IP to Cloudflare DNS server we also want godns send a webhook to coturn server whenever it update IP to Cloudflare. That may be more effective.
So this is what we have:
$ cat /etc/godns/config.json
{
"provider": "Cloudflare",
"login_token": "YOUR_TOKEN",
"domains": [
{
"domain_name": "yourdomain.com",
"sub_domains": [
"@"
]
}
],
"ip_urls": [
"https://api.ipify.org"
],
"ip_type": "IPv4",
"interval": 300,
"resolver": "8.8.8.8",
"webhook": {
"enabled": true,
"url": "http://your.coturn.webhook.endpoint:9000/hooks/godns",
"request_body": "{ \"domain\": \"{{.Domain}}\", \"ip\": \"{{.CurrentIP}}\", \"ip_type\": \"{{.IPType}}\" }"
}
}$ cat /usr/local/etc/webhook.yaml
---
# See https://github.com/adnanh/webhook/wiki for further information on this
# file and its options. Instead of YAML, you can also define your
# configuration as JSON. We've picked YAML for these examples because it
# supports comments, whereas JSON does not.
#
# In the default configuration, webhook runs as user nobody. Depending on
# the actions you want your webhooks to take, you might want to run it as
# user root. Set the rc.conf(5) variable webhook_user to the desired user,
# and restart webhook.
# An example for a simple webhook you can call from a browser or with
# wget(1) or curl(1):
# curl -v 'localhost:9000/hooks/samplewebhook?secret=geheim'
- id: godns
execute-command: "/usr/local/etc/godns.sh"
command-working-directory: "/usr/local/etc"
pass-arguments-to-command:
- source: payload
name: domain
- source: payload
name: ip
- source: payload
name: ip_type
trigger-rule:
and:
- match:
type: value
value: "your.domain.com"
parameter:
source: payload
name: domainshell script
$ cat /usr/local/etc/godns.sh
#!/bin/sh
# write ip log to a file
now="$(date +'%y%m%d%H%M%S%N')"
echo $now $1 $2 $3 >> godns.txt
# restart coturn when ip changed
turnserver_config="/usr/local/etc/turnserver.conf"
current_external_ip_config=$(cat $turnserver_config | grep "^external-ip" | cut -d'=' -f2)
current_external_ip_webhook=$2
if [ -n "$current_external_ip_webhook" ] && [ $current_external_ip_config != $current_external_ip_webhook ]; then
sed -i .old -e "s/external-ip=$current_external_ip_config/external-ip=$current_external_ip_webhook/g" $turnserver_config
service turnserver restart
fiIt may not work well enough, if something happen and godns can not send webhook to coturn server. But for now we stick with it.