diff --git a/copy_coturn_certs.sh b/copy_coturn_certs.sh
new file mode 100755
index 0000000..ac8586b
--- /dev/null
+++ b/copy_coturn_certs.sh
@@ -0,0 +1,7 @@
+#!/bin/sh -x
+DOMAIN=turn.boba.best
+
+mkdir -p data/coturn/certs
+sudo cp /var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/$DOMAIN/$DOMAIN.crt data/coturn/certs/
+sudo cp /var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/$DOMAIN/$DOMAIN.key data/coturn/certs/
+sudo chown -R nobody:nogroup data/coturn/certs
diff --git a/docker-compose.yml b/docker-compose.yml
index 8ae5c4f..f139e74 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -207,6 +207,31 @@ services:
       synapse-autoheal: "true"
     mem_limit: 2G
 
+
+  coturn:
+    image: coturn/coturn:latest
+    restart: always
+    network_mode: "host"
+    command:
+      - "-n"
+      - "--use-auth-secret"
+      - "--static-auth-secret=$COTURN_AUTH_SECRET"
+      - "--realm=turn.boba.best"
+      - "--no-tcp-relay"
+      - "-q=16"
+      #- "--relay-ip=$$(detect-external-ip --ipv4)"
+      #- "--relay-ip=$$(detect-external-ip --ipv6)"
+      - "--cert=/certs/turn.boba.best.crt"
+      - "--pkey=/certs/turn.boba.best.key"
+    volumes:
+      - ./data/coturn/certs:/certs:ro
+    tmpfs:
+      - /var/lib/coturn
+    #ports:
+    #  - 3478:3478
+    #  - 5349:5349
+    #  - 49152-65535:49152-65535/udp
+
   prometheus:
     image: prom/prometheus:latest
     restart: always