View Source Docker Image for eturnal STUN/TURN Server

This is a multi-arch eturnal Docker image based on Alpine Linux and currently built for:

  • linux/amd64
  • linux/386
  • linux/s390x
  • linux/ppc64le
  • linux/arm64
  • linux/arm/v7
  • linux/arm/v6

The image is available as from GitHub Packages.



To pull the image:

docker pull

The image will run eturnal in foreground mode, if started this way:

docker run -d

The image can also run in a less privileged mode (recommended):

docker run -d \
  --name eturnal \
  --user 9000:9000 \
  -v /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml \
  -p 3478:3478/udp \
  -p 49152-65535:49152-65535/udp \
  --read-only \
  --security-opt no-new-privileges \
  --cap-drop=ALL \

As an alternative, since Docker performs badly with large port ranges, use the host network by adding --network=host to the command line:

docker run -d \
  --name eturnal \
  --user 9000:9000 \
  -v /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml \
  --network=host \
  --read-only \
  --security-opt no-new-privileges \
  --cap-drop=ALL \

Note: The Docker container is no longer isolated from the host network when using this option.

Inspect the running container with:

docker logs <container_name>

To use the eturnalctl command, e.g. just run:

docker exec <container_name> eturnalctl info



XX.YY.ZZ represents the official eturnal release. -AA suffix for image version of the particular release in case of any bug fix etc. of the image.

Images are scanned daily by Trivy and, if necessary, the latest release will be rebuild and updated.

TagsDescriptionAdditional notes
edgeBuilt from master branch, see ChangelogFor testing purposes.
1.8.4, latestRelease changelog



Configuration is mainly done by the mounted eturnal.yml file (recommended), see the example configuration file. However, eturnal may also be configured by specifying certain environment variables, see the documentation.

The configuration file is best mounted directly into the container:

Mountpath: -v /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml

Note: For logs to be printed with the docker logs command, log_dir: should be set to stdout in eturnal.yml.

Here are some more hints how to configure eturnal.


Volume Mounts

Volumes may be mounted for the configuration file and TLS certificates/dh-parameter files. TLS certificates and the dh-parameter file shall be .pem files.

  - /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml  # For (custom) configuration file.
  - /path/to/cert-files:/opt/eturnal/tls               # For TLS certificates.

TLS certificates must be readable by the eturnal user/group 9000:9000 and should not have world-readable access rights (chmod 400).


Examples for Docker Compose and Kubernetes

This repository also contains configuration examples for: