Nextcloud ready for Talk

First switch into sudo mode and install coturn as your TURN server:

sudo -s
apt install coturn

Modify the coturn configuration file

vi /etc/default/coturn

by removing the leading ‘#’ at the beginning of “TURNSERVER_ENABLED=1”

#
# Uncomment it if you want to have the turnserver running as
# an automatic system service daemon
#
TURNSERVER_ENABLED=1

Now move the default turnserver.conf and create a new one:

mv /etc/turnserver.conf /etc/turnserver.conf.bak && vi /etc/turnserver.conf

Paste the following rows

listening-port=5349
fingerprint
lt-cred-mech
use-auth-secret
static-auth-secret=fad4e775da881a4ff8a48163567f3b54d20044210463dae11fd788374be73618
realm=61xxxxxxx
total-quota=100
bps-capacity=0
stale-nonce=600
cert=/etc/ssl/certs/ssl-cert-snakeoil.pem
pkey=/etc/ssl/private/ssl-cert-snakeoil.key
dh-file=/etc/ssl/certs/ssl-cert-snakeoil.pem
cipher-list="TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384"
no-loopback-peers
no-multicast-peers
no-tlsv1
no-tlsv1_1
no-stdout-log
~               

Create your personal secret by issuing

openssl rand -hex 32

Open the port 5349 (UDP/TCP) in both, your ufw

ufw allow 5349/tcp && ufw allow 5349/udp

service coturn restart && service nginx restart