Coturn-Synapse service requires manual restarting after rebooting the server

[csolisr]

Describe the bug

After rebooting the server, the coturn-synapse service fails to load by default and requires restarting the service manually. Specifically, it attempts to get an IP port before the network is up and therefore fails to boot. As explained in this bug report, this can be solved by replacing a line in the systemd service file from

After: syslog.target network.target

to

After: syslog.target network-online.target

(notice the added "-online")

Context

• Hardware: Home server based on x86
• YunoHost version: 11.0.7
• I have access to my server: Through SSH, webadmin, direct access
• Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: yes
  • If yes, please explain: Requires connecting to an external server via Wireguard to bypass ISP incoming connection blocks, however, this issue also happened with my old ISP which didn't block connections and could connect directly.
• Using, or trying to install package version/branch: 1.59.0

Steps to reproduce

• Install Synapse
• Reboot the server

Expected behavior

When rebooting the server, Coturn should not be failing to boot and should wait for the server to have a working network connection to attempt getting an IP.

Logs

From journalctl -u coturn-synapse:

Jun 09 07:32:23 azkware.net turnserver[515]: 0: : Bad configuration format: no-loopback-peers
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : log file opened: /var/tmp/turn_515_2022-06-09.log
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : Bad configuration format: no-loopback-peers
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : log file opened: /var/log/matrix-synapse/turnserver.log
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : Whitelisting external-ip private part: 10.7.0.1
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : Bad configuration format: no-loopback-peers
Jun 09 07:32:23 azkware.net turnserver[515]: 0: :
Jun 09 07:32:23 azkware.net turnserver[515]: RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Jun 09 07:32:23 azkware.net turnserver[515]: Version Coturn-4.5.2 'dan Eider'
Jun 09 07:32:23 azkware.net turnserver[515]: 0: :
Jun 09 07:32:23 azkware.net turnserver[515]: Max number of open files/sockets allowed for this process: 999999
Jun 09 07:32:23 azkware.net turnserver[515]: 0: :
Jun 09 07:32:23 azkware.net turnserver[515]: Due to the open files/sockets limitation,
Jun 09 07:32:23 azkware.net turnserver[515]: max supported number of TURN Sessions possible is: 499500 (approximately)
Jun 09 07:32:23 azkware.net turnserver[515]: 0: :
Jun 09 07:32:23 azkware.net turnserver[515]: ==== Show him the instruments, Practical Frost: ====
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : TLS supported
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : DTLS supported
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : DTLS 1.2 supported
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : TURN/STUN ALPN supported
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : Third-party authorization (oAuth) supported
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : GCM (AEAD) supported
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : OpenSSL compile-time version: OpenSSL 1.1.1k  25 Mar 2021 (0x101010bf)
Jun 09 07:32:23 azkware.net turnserver[515]: 0: :
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : SQLite supported, default database location is /var/lib/turn/turndb
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : Redis supported
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : PostgreSQL supported
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : MySQL supported
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : MongoDB is not supported
Jun 09 07:32:23 azkware.net systemd[1]: coturn-synapse.service: Failed with result 'exit-code'.
Jun 09 07:32:23 azkware.net turnserver[515]: 0: :
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : Default Net Engine version: 3 (UDP thread per CPU core)
Jun 09 07:32:23 azkware.net turnserver[515]: =====================================================
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : Domain name:
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : Default realm: azkware.net
Jun 09 07:32:23 azkware.net turnserver[515]: 0: :
Jun 09 07:32:23 azkware.net turnserver[515]: CONFIGURATION ALERT: You specified --lt-cred-mech and --use-auth-secret in the same time.
Jun 09 07:32:23 azkware.net turnserver[515]: Be aware that you could not mix the username/password and the shared secret based auth methods.
Jun 09 07:32:23 azkware.net turnserver[515]: Shared secret overrides username/password based auth method. Check your configuration!
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : SSL23: Certificate file found: /etc/yunohost/certs/azkware.net/crt.pem
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : SSL23: Private key file found: /etc/yunohost/certs/azkware.net/key.pem
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : TLS1.2: Certificate file found: /etc/yunohost/certs/azkware.net/crt.pem
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : TLS1.2: Private key file found: /etc/yunohost/certs/azkware.net/key.pem
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : TLS cipher suite: DEFAULT
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : DTLS: Certificate file found: /etc/yunohost/certs/azkware.net/crt.pem
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : DTLS: Private key file found: /etc/yunohost/certs/azkware.net/key.pem
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : DTLS1.2: Certificate file found: /etc/yunohost/certs/azkware.net/crt.pem
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : DTLS1.2: Private key file found: /etc/yunohost/certs/azkware.net/key.pem
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : DTLS cipher suite: DEFAULT
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : NO EXPLICIT LISTENER ADDRESS(ES) ARE CONFIGURED
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : ===========Discovering listener addresses: =========
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : Listener address to use: 127.0.0.1
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : Listener address to use: ::1
Jun 09 07:32:23 azkware.net turnserver[515]: 0: : ERROR: main: Cannot configure any meaningful IP listener address
Jun 09 07:32:23 azkware.net systemd[1]: Failed to start coturn.

[kurijn]

Exactly same issue here. The bug report you're pointing to is a general coturn one, which seems to indicate it's not yunohost related. Also, this issue is the more active (still open) one: coturn/coturn#558
I had no success with the manual workaround instructions given there, summarised as:
Modifying the following line in /etc/systemd/system/multi-user.target.wants/coturn.service :
After=network.target
To
After=network-online.target

I tried the same with these files:
/usr/lib/systemd/system/coturn.service
/var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/coturn.service
The latter was an existing but empty file, I've put this in it:
[Unit]
After=network-online.target

I also made a new service file with that content after the command "systemctl edit --force --full notify_push.service".

As also suggested there I tried the dirty workaround by adding the line "ExecStartPre=/bin/sleep 30" before ExecStart in the [Service] part of /usr/lib/systemd/system/coturn.service

All no luck :~/

[eekhof]

I tried implementing the dirty workaround with the sleep in the .service-file too, which also did not work for me. But I set up a crontab entry, which does the same, and it works:

crontab -e

and in there add the line:

@reboot sleep 60 && systemctl restart coturn

[Lab-8916100448256]

Changing After=syslog.target network.target to After=syslog.target network-online.target was not enough on my server.

I tried a different workaround, that is to add the parameter -L 0.0.0.0 to the ExecStart line in the systemd unit file
This seems to be working fine.

[Josue-T]

Fixed by #426