Hum Rahi

────────────────────────────────────────────────────────────
US-030.INFRA.1 — STUN/TURN Server Provisioning & WebRTC Network Infrastructure
────────────────────────────────────────────────────────────

Role
As an infrastructure engineer on Ham Rahi,
I need to provision and configure STUN and TURN servers that support
the WebRTC audio stream between citizen devices and the police panel,
So that peer connections can be established reliably across the range
of real-world network conditions present in Indian urban environments,
including mobile data, NAT traversal, and restricted institutional
networks used by police stations.

User Story
As Priya,
I want my SOS audio to reach the police operator even if my phone is
behind a mobile carrier NAT or the police station has a restrictive
network,
So that poor network topology does not prevent my emergency from being
heard.

In-Scope

• Provisioning of STUN server(s) for peer reflexive candidate
  discovery, supporting symmetric and asymmetric NAT environments
• Provisioning of TURN server(s) as a media relay fallback for
  connections that cannot complete direct peer-to-peer traversal
• TURN server authentication: time-limited credential generation
  per session to prevent unauthorised relay usage
• Geographic placement of STUN/TURN infrastructure: at minimum one
  node co-located in or near Central India to minimise latency for
  the Bhopal Police deployment context
• TURN relay capacity planning for the expected peak concurrent SOS
  session load defined in the Ham Rahi capacity model
• TLS encryption on all STUN/TURN signalling and SRTP on all media
  relay traffic
• Health monitoring and alerting for STUN/TURN node availability;
  automated alert if any node goes below defined uptime threshold
• Firewall and port configuration: TURN must be reachable over TCP
  443 as a fallback for environments where UDP is blocked (common in
  government/police network configurations)
• Infrastructure-as-code definition for all provisioned resources to
  enable reproducible deployment and disaster recovery

Out-of-Scope

• WebRTC signalling server logic (US-030.BE.1)
• Application-layer SOS session management
• Video relay infrastructure (Phase 2)
• CDN or media storage for recorded SOS audio (separate infra story
  if audio recording is added in a future phase)
• End-user device network troubleshooting or fallback UX

Acceptance Criteria

AC1 At least one STUN server is provisioned and reachable from both
citizen device networks (mobile data) and the police panel network;
ICE candidate discovery succeeds for symmetric NAT configurations
in test.

AC2 At least one TURN relay server is provisioned as fallback; relay
connections complete successfully in a test environment that
blocks direct peer-to-peer UDP traffic.

AC3 TURN session credentials are time-limited and generated per SOS
session by the signalling server (US-030.BE.1); static or shared
credentials must not be used.

AC4 All TURN relay media traffic is encrypted using SRTP; plaintext
audio relay is not permitted under any configuration.

AC5 TURN server is reachable over TCP port 443 in addition to standard
UDP ports, ensuring connectivity from restricted institutional
networks such as police station LAN environments.

AC6 STUN/TURN node geographic placement results in a round-trip
latency of no more than 80 ms between the provisioned node and
a test client in Bhopal or Indore under normal conditions.

AC7 A health monitoring alert fires within 2 minutes of a STUN or
TURN node becoming unreachable; the alert reaches the designated
infrastructure on-call channel.

AC8 All infrastructure resources are defined in version-controlled
infrastructure-as-code; provisioning can be reproduced in a new
environment without manual steps beyond secrets injection.

AC9 Load test confirms TURN relay capacity supports the peak
concurrent SOS session count defined in the Ham Rahi capacity
model without packet loss exceeding 1% or latency exceeding
150 ms end-to-end.

Definition of Done

• STUN and TURN nodes provisioned and reachable in staging environment
• ICE traversal test passing for symmetric NAT scenario
• TCP 443 fallback confirmed reachable from a network with UDP blocked
• SRTP encryption on relay traffic verified by packet capture in test
• Per-session TURN credential generation integrated with US-030.BE.1
  and confirmed rotating correctly
• Latency test from Bhopal/Indore region within 80 ms confirmed
• Health monitoring alert tested via deliberate node shutdown
• Infrastructure-as-code committed and peer-reviewed
• Load test at peak concurrency passing AC9 thresholds
• No open P1 or P2 infrastructure issues