Integrate a TURN/STUN server into the relay for NAT traversal of
WebRTC connections. Clients request time-limited HMAC-SHA1 credentials
over a new libp2p request-response protocol and then talk to the TURN
server directly via UDP/TCP.
Key changes:
- Add `turn` module with server, credentials, and configuration
- Register `/dusk/turn-credentials/1.0.0` request-response protocol
so clients can obtain time-limited TURN credentials (24h TTL)
- Expose TURN signaling (3478/udp+tcp) and relay allocation ports
(49152-65535/udp) in Dockerfile and docker-compose
- Add TURN-related environment variables for public IP, shared secret,
realm, port ranges, and allocation limits
- Validate directory display_name (1-64 chars) and return typed errors
- Restrict keypair file permissions to 0600 on Unix
cloudwithax