Out of the Box CoTURN setup seems unlikely to work well #33
Description
Now that I've gotten Riot and Synapse working an stable I'm turning my attention to bridges and audio/video.
Looking at CoTURN docs and this setup, I think the OOTB config the chart is using right now needs tweaking. For starters I believe each CoTURN server (or pod in this case) needs it's own external IP and they aren't supposed to be behind a loadbalancer. Another challenge is it seems only about 50% of cloud providers will provide UDP port support on a loadbalancer.
I think we either need to put coturn into TCP mode or allow the array of URIs to be able to be specified so a DNS record can be pointed to each kube node.
{{- if .Values.coturn.enabled }}
## TURN ##
# The public URIs of the TURN server to give to clients
turn_uris:
- "turn:{{ include "matrix.hostname" . }}?transport=udp"
# The shared secret used to compute passwords for the TURN server
turn_shared_secret: {{ include "matrix.coturn.sharedSecret" . }}
# How long generated TURN credentials last
turn_user_lifetime: 1h
# Whether guests should be allowed to use the TURN server.
# This defaults to True, otherwise VoIP will be unreliable for guests.
# However, it does introduce a slight security risk as it allows users to
# connect to arbitrary endpoints without having first signed up for a
# valid account (e.g. by passing a CAPTCHA).
turn_allow_guests: {{ .Values.coturn.allowGuests }}
{{- end }}