From 460cfa38af15ab606b4bddbff0a4e8432edc7863 Mon Sep 17 00:00:00 2001 From: dominiquefournier Date: Sat, 10 Feb 2024 05:14:49 +0100 Subject: [PATCH] Update SQLite.md (#1429) Markdown is now proper --- docs/SQLite.md | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/docs/SQLite.md b/docs/SQLite.md index 32f3f59..ed479e4 100644 --- a/docs/SQLite.md +++ b/docs/SQLite.md @@ -11,10 +11,10 @@ PREFIX/share/turnserver/schema.sql file after the turnserver installation: If you would like to created a new fresh SQLite TURN database: -$ sqlite3 < turndb/schema.sql +$ `sqlite3 < turndb/schema.sql` The schema description: - +``` # Table for long-term credentials mechanism authorization: # CREATE TABLE turnusers_lt ( @@ -23,6 +23,7 @@ CREATE TABLE turnusers_lt ( hmackey char(128), PRIMARY KEY (realm,name) ); +``` The field hmackey contains HEX string representation of the key. We do not store the user open passwords for long-term credentials, for @@ -31,7 +32,7 @@ if you change the realm, you will have to update the HMAC keys of all users, because the realm is used for the HMAC key generation. The key must be up to 32 characters (HEX representation of 16 bytes) for SHA1: - +``` # Table holding shared secrets for secret-based authorization # (REST API). Shared secret can be stored either in unsecure open # plain form, or in encrypted form (see turnadmin docs). @@ -94,6 +95,7 @@ CREATE TABLE oauth_key ( realm varchar(127) default '', primary key (kid) ); +``` The oauth_key table fields meanings are: @@ -113,7 +115,7 @@ The oauth_key table fields meanings are: The default value is "A256GCM"; realm - (optional) can be used to set the user realm (if the field is not empty). - +``` # Https access admin users. # Leave this table empty if you do not want # remote https access to the admin functions. @@ -126,6 +128,7 @@ CREATE TABLE admin_user ( password varchar(127), primary key (name) ); +``` You can use turnadmin program to manage the database - you can either use turnadmin to add/modify/delete users, or you can use turnadmin to produce @@ -133,7 +136,7 @@ the hmac keys and modify the database with your favorite tools. When starting the turnserver, the --db parameter will be, for example: -turnserver ... --db="/var/db/turndb" +`turnserver ... --db="/var/db/turndb"` You will have to use the program turnadmin to fill the database, or you can do that manually with psql. @@ -142,14 +145,14 @@ Fill in users, for example: Shared secret for the TURN REST API (realm north.gov): - $ bin/turnadmin -s logen -r north.gov -b "/var/db/turndb" + $ `bin/turnadmin -s logen -r north.gov -b "/var/db/turndb"` Long-term credentials mechanism: - $ bin/turnadmin -a -b "/var/db/turndb" -u gorst -r north.gov -p hero - $ bin/turnadmin -a -b "/var/db/turndb" -u ninefingers -r north.gov -p youhavetoberealistic + $ `bin/turnadmin -a -b "/var/db/turndb" -u gorst -r north.gov -p hero` \ + $ `bin/turnadmin -a -b "/var/db/turndb" -u ninefingers -r north.gov -p youhavetoberealistic` Admin users: - $ bin/turnadmin -A -b "/var/db/turndb" -u gorst -p hero - $ bin/turnadmin -A -b "/var/db/turndb" -u ninefingers -p youhavetoberealistic -r north.gov + $ `bin/turnadmin -A -b "/var/db/turndb" -u gorst -p hero` \ + $ `bin/turnadmin -A -b "/var/db/turndb" -u ninefingers -p youhavetoberealistic -r north.gov`