every-channel/every.channel
1
0
Fork 0
Code Releases Activity Actions 2
every.channel/evolution/proposals/ECP-0056-turn-ice-bootstrap.md
every.channel 897e556bea
every.channel: sanitized baseline
2026-02-15 16:17:27 -05:00

1.5 KiB
Raw Blame History

ECP-0056: TURN ICE Bootstrap Endpoint

Status: Draft

Problem

WebRTC connectivity is unreliable across diverse NAT / firewall environments when we rely only on public STUN servers. For "send a link to mom" reliability, viewers need TURN available.

We also need a single, stable place for the web app and native CLI to fetch ICE server config without exposing implementation details in the UI.

Proposal

  • Add GET /api/turn on every.channel.
  • Response returns a just-webrtc compatible PeerConfiguration subset:
    • ice_servers: array of STUN/TURN servers.
  • Default behavior:
    • Always include STUN servers (Cloudflare STUN + Google STUN fallback).
    • If a TURN shared secret is configured in the Worker environment, also include TURN servers with short-lived credentials generated via the TURN REST pattern (HMAC-based).

This keeps the container DO offline (enableInternet=false) and centralizes "how to TURN" in the Worker, while clients remain generic.

Security / Abuse Notes

  • TURN credentials are short-lived (hour-scale) and only usable against the TURN provider.
  • We do not log or persist TURN credentials.
  • The shared secret is stored as a Worker secret (not in git).

Rollout

  1. Deploy Worker with /api/turn.
  2. Update web viewer + ec-node direct publish/subscribe to fetch and use /api/turn.
  3. If/when Cloudflare Calls TURN keys are enabled for the account, store the Calls TURN key as the shared secret in the Worker and turn on TURN at the edge.