I am running a defederated local Matrix server, and I need to set up calls. From what I can tell, the “legacy” calls require a STUN and TURN server, and the new MatrixRTC standard seems to require them as well for Livekit to work. However, I do not want to expose anything out to the public internet, as I want everything to be behind NAT for local access only (all of the clients for the server will also be behind the NATted network). I also have Tailscale running on my servers, and it would be useful if I would be able to connect to the TURN server even when not in the network. Is there a way to get STUN/TURN to work in this situation? It seems that all the servers expect to have public network access.