====== Spreed standalone signaling server ====== aka HPB (High Performance Backend) is now available as OpenSource. It is composed from following services: * Spreed backend (it is REST api service) which control everything * NATS (Messaging server) * can be message broker to connect cluster of signaling servers * [[https://janus.conf.meetecho.com/|Janus WebRTC server]] * [[https://github.com/meetecho/janus-gateway|github]] * [[https://archive.fosdem.org/2020/schedule/event/janus/attachments/audio/3993/export/events/attachments/janus/audio/3993/fosdem2020_janus_rtp_forwarders.pdf|Janus as a WebRTC “enabler”]] * CoTURN server (act as STUN/TURN) Notes for dockerized solution: * It is using direct ''host'' network because large ranges of ports are needed (RTP/TURN) and Docker port forwarding proxy performance is poor. * Using one shared ''host'' network let detect already used ports when 2 services can opens ports with overlaping ranges: * Janus WebRTC opens listening ports on any range (it can be limited in janus.jcfg or cmd line argument) * TURN also opens listening ports 49152-65535 (range required by RFC) ===== behind NAT ===== Port forwarding is needed: * Spreed backend HTTP port 3080 (set in server.conf) neeeds to be rev proxied with SSL to external IP with attached domain * STUN/TURN UDP/TCP port 3478 * CoTURN UDP/TCP ports 49152-65535 (range required by RFC) * Janus WebRTC ports 20000-40000 (set by cmd line argument ''-r 20000-40000'') ===== Verify and debug ====== Check if web frontend for signaling server is working: curl -k -i https://signaling.example.com/standalone-signaling/api/v1/welcome During NC Talk call, open WebRTC diagnose page in browser: * Firefox [[about:webrtc]] * Chrome [[chrome://webrtc-internals]] and check what is **Remote Candidate** column. It should be only external configured IP of signaling server. If TURN or JANUS is incorrectly configured (especially if it is running behind NAT) it can offer some wrong local IPs collected from all interfaces of machine on which is running (it can be some local LAN addresses like 192.168.x.x or Docker virtual interfaces like 172.17.x.x). ===== NextCloud setup ===== * **Settigns** --> **Talk** * **STUN servers** * ''signaling.example.com:3478'' * **TURN servers** * ''signaling.example.com:3478'' * set [Turn API KEY] (set in ''server.conf'' in section ''[turn]'' ''secret='' * **Signaling servers** * ''https://signaling.example.com/standalone-signaling/'' * check ''Validate SSL certificate'' * Shared secret: [Nextcloud-Secret-Key] (set in ''server.conf'' in section ''[backend]'' ''secret=''