πŸ“ΉVideo Calls

This guide will help you set up Cloudflare's TURN service for dynamic video call relay functionality in your phone resource.

This guide will help you set up Cloudflare's TURN service for dynamic video call relay functionality in your phone resource.

What is Cloudflare TURN?

Cloudflare TURN (Traversal Using Relays around NAT) is a service that helps establish reliable video call connections between players, especially when direct peer-to-peer connections are blocked by firewalls or NAT configurations.

Benefits:

  • βœ… Free tier: 1,000 GB of data per month

  • βœ… Globally distributed servers for low latency

  • βœ… Dynamic credentials for enhanced security

  • βœ… Automatic credential management

Prerequisites

  • A Cloudflare account (free tier is sufficient)

  • Access to your FiveM server configuration files

Step-by-Step Setup

Step 1: Create Cloudflare Account

  1. Visit cloudflare.com and sign up for a free account

  2. Complete the account verification process

Step 2: Generate TURN Credentials

  1. Log in to your Cloudflare dashboard

  2. Navigate to Realtime β†’ TURN Server(Search in the search bar for "TURN Server")

  3. Click Create to generate a new TURN key

  4. Copy the following credentials:

    • Turn Token ID (a long string)

    • API Token (another long string)

⚠️ Important: Keep these credentials secure and never share them publicly.

Step 3: Configure Server Credentials

Open server/apiKeys.lua and locate the RTCRelaySecrets section:

RTCRelaySecrets = {
    token = GetConvar("yseriesRTCRelayToken", nil), -- Turn Token ID from Cloudflare
    apiKey = GetConvar("yseriesRTCRelayApiKey", nil) -- API Token from Cloudflare
}

Option A: Using Convars (Recommended)

Add these lines to your server.cfg:

set yseriesRTCRelayToken "YOUR_TURN_TOKEN_ID_HERE"
set yseriesRTCRelayApiKey "YOUR_API_TOKEN_HERE"

Option B: Direct Configuration

Replace nil with your credentials directly in apiKeys.lua:

RTCRelaySecrets = {
    token = "YOUR_TURN_TOKEN_ID_HERE",
    apiKey = "YOUR_API_TOKEN_HERE"
}

Step 4: Enable RTC Relay

Open config/config.upload.lua and add the following configuration:

Config.RTCRelay = {}
Config.RTCRelay.Enabled = true                    -- Enable dynamic RTC relay
Config.RTCRelay.Provider = "cloudflare"          -- Currently only "cloudflare" is supported
Config.RTCRelay.StripStun = false                -- Keep STUN servers (recommended)
Config.RTCRelay.CredentialTTL = 86400            -- Credential lifetime in seconds (24 hours)

Step 5: Restart Server

  1. Save all configuration files

  2. Restart your FiveM server

  3. Check server console for confirmation message: RTC Relay enabled, using Cloudflare as the provider.

Configuration Options

Option
Type
Default
Description

Enabled

boolean

false

Enable/disable dynamic RTC relay

Provider

string

"cloudflare"

TURN service provider (currently only Cloudflare)

StripStun

boolean

false

Remove STUN servers when using relay (not recommended)

CredentialTTL

number

86400

Credential lifetime in seconds (max: 86400 = 24 hours)

How It Works

  1. When a player initiates a video call, the system requests fresh TURN credentials from Cloudflare

  2. Credentials are generated with a configurable expiration time (default: 24 hours)

  3. These credentials are used to establish the WebRTC connection

  4. When the call ends or player disconnects, credentials are automatically revoked

  5. If Cloudflare is unavailable, the system falls back to static TURN servers

Troubleshooting

Video Calls Not Working

Check 1: Verify Configuration

  • Ensure Config.RTCRelay.Enabled = true in config.misc.lua

  • Verify credentials are set correctly in server/apiKeys.lua

Check 2: Server Console

  • Look for error messages about missing credentials

  • Check for Cloudflare API errors (status codes other than 201)

Check 3: Credentials

  • Verify your Turn Token ID and API Token are correct

  • Ensure they haven't expired or been revoked in Cloudflare dashboard

Common Error Messages

"RTC Relay is enabled but credentials are missing"

  • Solution: Add your credentials to server/apiKeys.lua or set convars in server.cfg

"Failed to get RTC relay credentials from Cloudflare. Status: 401"

  • Solution: Your API Token is incorrect or expired. Generate a new one in Cloudflare dashboard.

"Failed to get RTC relay credentials from Cloudflare. Status: 404"

  • Solution: Your Turn Token ID is incorrect. Check it in Cloudflare dashboard.

Fallback Behavior

If Cloudflare TURN is unavailable or disabled, the system automatically uses the default TURN servers(this is unreliable and it will cause issues like black screen, frozen video calls, etc.). Video calls will still work, but may have reduced reliability in restrictive network environments.

Monitoring Usage

  1. Log in to Cloudflare dashboard

  2. Navigate to Realtime β†’ TURN Server

  3. View usage statistics and monitor data consumption

  4. Free tier includes 1,000 GB per month; additional usage costs $0.05 per GB

Security Best Practices

  • βœ… Never commit credentials to version control

  • βœ… Use convars in server.cfg instead of hardcoding in files

  • βœ… Rotate credentials periodically

  • βœ… Monitor usage for unusual activity

  • βœ… Keep Cloudflare account secure with 2FA enabled

Additional Resources

Support

If you encounter issues not covered in this guide:

  1. Check server console logs for detailed error messages

  2. Enable Config.DebugPrint = true for additional debugging information

  3. Verify your Cloudflare account status and TURN key validity

PreviousCameraNextApps

Last updated