FROM debian:11.1-slim@sha256:a23887a2e830b815955e010f30d4c2430cd5ef82e93c130471024bc9f808d5d3

ENV COTURN_VERSION="4.5.2"
ENV PROMETHEUS_CLIENT_VERSION="v0.1.3"

ENV BUILD_PREFIX /usr/local/src

WORKDIR /root/coturn

RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y build-essential pkg-config libssl-dev libevent-dev curl \
 && PCV=$(echo "${PROMETHEUS_CLIENT_VERSION}" | cut -c 2-) \
 && curl -L "https://github.com/digitalocean/prometheus-client-c/releases/download/${PROMETHEUS_CLIENT_VERSION}/libprom-dev-${PCV}-Linux.deb" > /tmp/libprom.deb \
 && curl -L "https://github.com/digitalocean/prometheus-client-c/releases/download/${PROMETHEUS_CLIENT_VERSION}/libpromhttp-dev-${PCV}-Linux.deb" > /tmp/libpromhttp.deb \
 && apt-get install -y /tmp/libprom.deb \
 && apt-get install -y /tmp/libpromhttp.deb \
 && rm /tmp/libprom.deb /tmp/libpromhttp.deb \
 && curl -L "https://github.com/coturn/coturn/archive/${COTURN_VERSION}.tar.gz" | tar xvz --strip 1 \
 && ./configure \
 && make \
 && make install \
 && rm -rf /root/coturn \
 && apt-get remove -y --purge curl

RUN addgroup --system turnserver \
 && adduser --system --home / --shell /bin/false --no-create-home --ingroup turnserver --disabled-password --disabled-login --gecos "turnserver daemon" turnserver

WORKDIR /
USER turnserver

# SUTN/TURN PORTS
EXPOSE 3478 3479 3478/udp 3479/udp 80 80/udp
EXPOSE 5349 5350 5349/udp 5350/udp 443 443/udp
# CLI
EXPOSE 5766
# Relay Ports
EXPOSE 49152-65535 49152-65535/udp
# Prometheus
EXPOSE 9641

ENTRYPOINT ["turnserver", "--pidfile", "/var/tmp/turnserver.pid"]