View Source Docker Image for eturnal STUN/TURN Server

This is a multi-arch eturnal Docker image based on Alpine Linux and currently built for:

  • linux/amd64
  • linux/386
  • linux/s390x
  • linux/ppc64le
  • linux/arm64
  • linux/arm/v7
  • linux/arm/v6

The image is available as ghcr.io/processone/eturnal from GitHub Packages.

usage

Usage

To pull the image:

docker pull ghcr.io/processone/eturnal

The image will run eturnal in foreground mode, if started this way:

docker run -d ghcr.io/processone/eturnal

The image can also run in a less privileged mode (recommended):

docker run -d \
  --name eturnal \
  --user 9000:9000 \
  -v /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml \
  -p 3478:3478/udp \
  -p 49152-65535:49152-65535/udp \
  --read-only \
  --security-opt no-new-privileges \
  --cap-drop=ALL \
  ghcr.io/processone/eturnal

As an alternative, since Docker performs badly with large port ranges, use the host network by adding --network=host to the command line:

docker run -d \
  --name eturnal \
  --user 9000:9000 \
  -v /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml \
  --network=host \
  --read-only \
  --security-opt no-new-privileges \
  --cap-drop=ALL \
  ghcr.io/processone/eturnal

Note: The Docker container is no longer isolated from the host network when using this option.

Inspect the running container with:

docker logs <container_name>

To use the eturnalctl command, e.g. just run:

docker exec <container_name> eturnalctl info

tags

Tags

XX.YY.ZZ represents the official eturnal release. -AA suffix for image version of the particular release in case of any bug fix etc. of the image.

Images are scanned daily by Trivy and, if necessary, the latest release will be rebuild and updated.

TagsDescriptionAdditional notes
edgeBuilt from master branch, see ChangelogFor testing purposes.
1.8.4, latestRelease changelog

configuration

Configuration

Configuration is mainly done by the mounted eturnal.yml file (recommended), see the example configuration file. However, eturnal may also be configured by specifying certain environment variables, see the documentation.

The configuration file is best mounted directly into the container:

Mountpath: -v /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml

Note: For logs to be printed with the docker logs command, log_dir: should be set to stdout in eturnal.yml.

Here are some more hints how to configure eturnal.

volume-mounts

Volume Mounts

Volumes may be mounted for the configuration file and TLS certificates/dh-parameter files. TLS certificates and the dh-parameter file shall be .pem files.

volumes:
  - /path/to/eturnal.yml:/opt/eturnal/etc/eturnal.yml  # For (custom) configuration file.
  - /path/to/cert-files:/opt/eturnal/tls               # For TLS certificates.

TLS certificates must be readable by the eturnal user/group 9000:9000 and should not have world-readable access rights (chmod 400).

examples-for-docker-compose-and-kubernetes

Examples for Docker Compose and Kubernetes

This repository also contains configuration examples for: