Re: How get I video working on a new installation on Fedora Server?
Hello all, Just as a short information: As much as I'd rather spend time working on OpenMeeting on Fedora, I have to do something for the buns in between :-). And the next Fedora release is coming up, I'm involved in that too. In the meantime I successfully installed the demo on a box in my homelab. And I plan to continue early next week with a fresh start of the installation following the tutorial. Something I may have overlooked there. I'll get back to you and I'm sure I'll have more questions, maybe successes, probably errors - we'll see. Thanks for all the information Peter > Am 27.09.2023 um 03:39 schrieb Maxim Solodovnik : > > Hello All, > > sorry for top posting :( > The discussion is now a bit hard to follow :(( > > I have created my version of Coturn config based on this: > https://stackoverflow.com/questions/35766382/coturn-how-to-use-turn-rest-api > guide > > It works for me for years :) > > I also got warning regarding conflicting options, but have no time to > investigate ... > So I'm using what working :) > > "kurento.turn.user" might be left blank but, if i remember correctly, > it was useful for debugging and for TURN server testing > > According to ports: > > - port is KMS port, it might be left open in case you would like > to allow your users to directly connect to media server, and reduce > TURN server load > > In fact TURN server might work as STUN i.e. can provide the way to > establish connections between devices at private networks that can be > behind firewalls) > OR as TURN server: it can work as full proxy to pass multimedia to KMS > > > I'm starting all OM related services under user nobody to make system > more secure :) > > @Peter, > I've just have checked your set-up (can be done via video-testing app: > https://148.251.152.52:5443/openmeetings/hash?app=settings) > > And it seems your TURN server is EMPTY :( > > have you restarted OM after openmeetings.properties modification? :) > > On Wed, 27 Sept 2023 at 08:01, Guofeng Zhang wrote: >> >> Hi, >> >> I just installed OM 7.1.0 a few days ago, and I don’t know much about the >> various components of OM. A few notes for my situation: >> >> lt-cred-mech: It shoul be commented out like "#lt-cred-mech", becuase here >> we use use-auth-secret. >> >> kurento.turn.user=fedorian: It should be "kurento.turn.user=" the same >> reason as above. >> >> Port range 49152-65535, it is used for video/audio streaming when >> conferencing, which coTrun bridge the steaming between the client and media >> server (here Kurento) in many case. >> >> Best regards >> >> Guofeng >> >> >> >> On Wed, Sep 27, 2023 at 4:39 AM Peter Boy wrote: >>> >>> Hi all, >>> >>> For sake of simplicity, I answer to all mails in one go. >>> >>> Am 26.09.2023 um 02:50 schrieb Guofeng Zhang : Hi, I met the same issue as yours after the installation. You please first verify if CoTurn is set up correctly. Using stunclient from https://www.stunprotocol.org/ to check if CoTurn setup correctly stunclient 3478 It should prompt "Binding test: success" if the setup is ok. >>> >>> Great hint. I got on a request from my desktop to the server: >>> >>> Binding test: success >>> Local address: 192.168.158.120:54174 >>> Mapped address: 87.150.96.84:54174 >>> >>> But the —-mode behavior test failed. >>> >>> But obviously the basic functionality works. >>> >>> IIf there is any error message prompted, you please verify if the following ports are opened by your firewall. For me, this is the root cause (I opened port 3478 UDP, but forgot opening port 3478 TCP). 3478 TCP-UDP IN 5443 TCP IN TCP IN 49152:65535 UDP IN-OUT >>> >>> I think, the ports are OK: >>> >>> [root@letsmeet ~]# firewall-cmd --list-all >>> FedoraServer (active) >>> target: default >>> icmp-block-inversion: no >>> interfaces: enp1s0 >>> sources: >>> services: cockpit dhcpv6-client http https mdns ssh >>> ports: 5443/tcp 3478/tcp 3478/udp /tcp 49152-65535/udp >>> protocols: >>> forward: yes >>> masquerade: no >>> >>> The firewall blocks no outgoing traffic at all. >>> >>> But I wandering about port . As far as I get it, this port is for >>> communication between OM and Kurento using the localhost interface. >>> >>> Or is there any incoming traffic from the clients? >>> >>> And the Port range 49152-65535, Isn’t it used by Kurento initializing p2p >>> traffic to the clients. So Kurento is opening the port anyway? >>> >>> >>> But if your CoTurn runs on a VM in a cloud lik AWS, you should google to know how to configure CoTurn specially, like: external-ip=/ listening-ip= relay-ip= >>> >>> My VM is running on my own root Server in a data center. So that’s not a >>> problem here. But I take that for the Fedora Server documentation when I >>> manage to get it running. >>> Hope the above is helpful to you.
Re: How get I video working on a new installation on Fedora Server?
Hello All, sorry for top posting :( The discussion is now a bit hard to follow :(( I have created my version of Coturn config based on this: https://stackoverflow.com/questions/35766382/coturn-how-to-use-turn-rest-api guide It works for me for years :) I also got warning regarding conflicting options, but have no time to investigate ... So I'm using what working :) "kurento.turn.user" might be left blank but, if i remember correctly, it was useful for debugging and for TURN server testing According to ports: - port is KMS port, it might be left open in case you would like to allow your users to directly connect to media server, and reduce TURN server load In fact TURN server might work as STUN i.e. can provide the way to establish connections between devices at private networks that can be behind firewalls) OR as TURN server: it can work as full proxy to pass multimedia to KMS I'm starting all OM related services under user nobody to make system more secure :) @Peter, I've just have checked your set-up (can be done via video-testing app: https://148.251.152.52:5443/openmeetings/hash?app=settings) And it seems your TURN server is EMPTY :( have you restarted OM after openmeetings.properties modification? :) On Wed, 27 Sept 2023 at 08:01, Guofeng Zhang wrote: > > Hi, > > I just installed OM 7.1.0 a few days ago, and I don’t know much about the > various components of OM. A few notes for my situation: > > lt-cred-mech: It shoul be commented out like "#lt-cred-mech", becuase here we > use use-auth-secret. > > kurento.turn.user=fedorian: It should be "kurento.turn.user=" the same reason > as above. > > Port range 49152-65535, it is used for video/audio streaming when > conferencing, which coTrun bridge the steaming between the client and media > server (here Kurento) in many case. > > Best regards > > Guofeng > > > > On Wed, Sep 27, 2023 at 4:39 AM Peter Boy wrote: >> >> Hi all, >> >> For sake of simplicity, I answer to all mails in one go. >> >> >> > Am 26.09.2023 um 02:50 schrieb Guofeng Zhang : >> > >> > Hi, >> > >> > I met the same issue as yours after the installation. You please first >> > verify if CoTurn is set up correctly. Using stunclient from >> > https://www.stunprotocol.org/ to check if CoTurn setup correctly >> > stunclient 3478 >> > It should prompt "Binding test: success" if the setup is ok. >> >> Great hint. I got on a request from my desktop to the server: >> >> Binding test: success >> Local address: 192.168.158.120:54174 >> Mapped address: 87.150.96.84:54174 >> >> But the —-mode behavior test failed. >> >> But obviously the basic functionality works. >> >> >> > IIf there is any error message prompted, you please verify if the >> > following ports are opened by your firewall. For me, this is the root >> > cause (I opened port 3478 UDP, but forgot opening port 3478 TCP). >> > >> > 3478 TCP-UDP IN >> > 5443 TCP IN >> > TCP IN >> > 49152:65535 UDP IN-OUT >> >> I think, the ports are OK: >> >> [root@letsmeet ~]# firewall-cmd --list-all >> FedoraServer (active) >> target: default >> icmp-block-inversion: no >> interfaces: enp1s0 >> sources: >> services: cockpit dhcpv6-client http https mdns ssh >> ports: 5443/tcp 3478/tcp 3478/udp /tcp 49152-65535/udp >> protocols: >> forward: yes >> masquerade: no >> >> The firewall blocks no outgoing traffic at all. >> >> But I wandering about port . As far as I get it, this port is for >> communication between OM and Kurento using the localhost interface. >> >> Or is there any incoming traffic from the clients? >> >> And the Port range 49152-65535, Isn’t it used by Kurento initializing p2p >> traffic to the clients. So Kurento is opening the port anyway? >> >> >> >> > But if your CoTurn runs on a VM in a cloud lik AWS, you should google to >> > know how to configure CoTurn specially, like: >> > external-ip=/ >> > listening-ip= >> > relay-ip= >> >> My VM is running on my own root Server in a data center. So that’s not a >> problem here. But I take that for the Fedora Server documentation when I >> manage to get it running. >> >> > >> > Hope the above is helpful to you. >> >> Yes, it is. Thanks! >> >> >> >> >> > Am 26.09.2023 um 06:31 schrieb Maxim Solodovnik : >> > >> >> ……. >> > >> > Our current demo server (and Dockerized Ubuntu 22) versions will work >> > with Dokerized KMS >> > KMS natively supports Ubuntu 20 only :( >> > >> > TURN server (listening ports 3478 TCP+UDP AND ports being used for >> > proxy 49152:65535 UDP IN-OUT) should be public >> > In all my configurations I'm using TURN at the same server as OM and KMS >> > >> > Coturn config should be as simple as >> > https://lists.apache.org/thread/x4rl7xjq6fnfy6nyl5c6lhmp57fdf4br >> >> The source says: >> fingerprint >> lt-cred-mech >> use-auth-secret >> static-auth-secret=** >> realm=om.alteametasoft.com >> stale-nonce=0 >> proc-user=nobody >> proc-group=nogroup >> >> I couldn’t switch the user to nobody.
Re: How get I video working on a new installation on Fedora Server?
Hi, I just installed OM 7.1.0 a few days ago, and I don’t know much about the various components of OM. A few notes for my situation: lt-cred-mech: It shoul be commented out like "#lt-cred-mech", becuase here we use use-auth-secret. kurento.turn.user=fedorian: It should be "kurento.turn.user=" the same reason as above. Port range 49152-65535, it is used for video/audio streaming when conferencing, which coTrun bridge the steaming between the client and media server (here Kurento) in many case. Best regards Guofeng On Wed, Sep 27, 2023 at 4:39 AM Peter Boy wrote: > Hi all, > > For sake of simplicity, I answer to all mails in one go. > > > > Am 26.09.2023 um 02:50 schrieb Guofeng Zhang : > > > > Hi, > > > > I met the same issue as yours after the installation. You please first > verify if CoTurn is set up correctly. Using stunclient from > https://www.stunprotocol.org/ to check if CoTurn setup correctly > > stunclient 3478 > > It should prompt "Binding test: success" if the setup is ok. > > Great hint. I got on a request from my desktop to the server: > > Binding test: success > Local address: 192.168.158.120:54174 > Mapped address: 87.150.96.84:54174 > > But the —-mode behavior test failed. > > But obviously the basic functionality works. > > > > IIf there is any error message prompted, you please verify if the > following ports are opened by your firewall. For me, this is the root cause > (I opened port 3478 UDP, but forgot opening port 3478 TCP). > > > > 3478 TCP-UDP IN > > 5443 TCP IN > > TCP IN > > 49152:65535 UDP IN-OUT > > I think, the ports are OK: > > [root@letsmeet ~]# firewall-cmd --list-all > FedoraServer (active) > target: default > icmp-block-inversion: no > interfaces: enp1s0 > sources: > services: cockpit dhcpv6-client http https mdns ssh > ports: 5443/tcp 3478/tcp 3478/udp /tcp 49152-65535/udp > protocols: > forward: yes > masquerade: no > > The firewall blocks no outgoing traffic at all. > > But I wandering about port . As far as I get it, this port is for > communication between OM and Kurento using the localhost interface. > > Or is there any incoming traffic from the clients? > > And the Port range 49152-65535, Isn’t it used by Kurento initializing p2p > traffic to the clients. So Kurento is opening the port anyway? > > > > > But if your CoTurn runs on a VM in a cloud lik AWS, you should google to > know how to configure CoTurn specially, like: > > external-ip=/ > > listening-ip= > > relay-ip= > > My VM is running on my own root Server in a data center. So that’s not a > problem here. But I take that for the Fedora Server documentation when I > manage to get it running. > > > > > Hope the above is helpful to you. > > Yes, it is. Thanks! > > > > > > Am 26.09.2023 um 06:31 schrieb Maxim Solodovnik : > > > >> ……. > > > > Our current demo server (and Dockerized Ubuntu 22) versions will work > > with Dokerized KMS > > KMS natively supports Ubuntu 20 only :( > > > > TURN server (listening ports 3478 TCP+UDP AND ports being used for > > proxy 49152:65535 UDP IN-OUT) should be public > > In all my configurations I'm using TURN at the same server as OM and KMS > > > > Coturn config should be as simple as > > https://lists.apache.org/thread/x4rl7xjq6fnfy6nyl5c6lhmp57fdf4br > > The source says: > fingerprint > lt-cred-mech > use-auth-secret > static-auth-secret=** > realm=om.alteametasoft.com > stale-nonce=0 > proc-user=nobody > proc-group=nogroup > > I couldn’t switch the user to nobody. Fedora create a user coturn, so the > proc is not running with root privileges. > > And regarding lt-cred-mech the docs say: > > # Be aware that use-auth-secret overrides some parts of lt-cred-mech. > # The use-auth-secret feature depends internally on lt-cred-mech, so if > you set > # this option then it automatically enables lt-cred-mech internally > # as if you had enabled both. > # > # Note that you can use only one auth mechanism at the same time! This is > because, > # both mechanisms conduct username and password validation in different > ways. > # > # Use either lt-cred-mech or use-auth-secret in the conf > # to avoid any confusion. > # > #use-auth-secret > use-auth-secret > > And the log gave a warning. > > > > > > `openmeetings.properties` file should have > > > > ### localhost IP in case KMS and OM are at the same server > > kurento.ws.url=ws://127.0.0.1:/kurento > > > > ### this URL must be *Public* IP+PORT, like 8.8.8.8:3478 > > kurento.turn.url= > > > > ### can be any string, for ex: fedora-user > > kurento.turn.user= > > > > ### this one should match *static-auth-secret* fron coturn config > > kurento.turn.secret= > > > > kurento.turn.mode=rest > > > > My Kurento section is now: > > ## Kurento ## > kurento.ws.url=ws://127.0.0.1:/kurento > kurento.turn.url=148.251.152.52:3478 > kurento.turn.user=fedorian >
Re: How get I video working on a new installation on Fedora Server?
Hi all, For sake of simplicity, I answer to all mails in one go. > Am 26.09.2023 um 02:50 schrieb Guofeng Zhang : > > Hi, > > I met the same issue as yours after the installation. You please first verify > if CoTurn is set up correctly. Using stunclient from > https://www.stunprotocol.org/ to check if CoTurn setup correctly > stunclient 3478 > It should prompt "Binding test: success" if the setup is ok. Great hint. I got on a request from my desktop to the server: Binding test: success Local address: 192.168.158.120:54174 Mapped address: 87.150.96.84:54174 But the —-mode behavior test failed. But obviously the basic functionality works. > IIf there is any error message prompted, you please verify if the following > ports are opened by your firewall. For me, this is the root cause (I opened > port 3478 UDP, but forgot opening port 3478 TCP). > > 3478 TCP-UDP IN > 5443 TCP IN > TCP IN > 49152:65535 UDP IN-OUT I think, the ports are OK: [root@letsmeet ~]# firewall-cmd --list-all FedoraServer (active) target: default icmp-block-inversion: no interfaces: enp1s0 sources: services: cockpit dhcpv6-client http https mdns ssh ports: 5443/tcp 3478/tcp 3478/udp /tcp 49152-65535/udp protocols: forward: yes masquerade: no The firewall blocks no outgoing traffic at all. But I wandering about port . As far as I get it, this port is for communication between OM and Kurento using the localhost interface. Or is there any incoming traffic from the clients? And the Port range 49152-65535, Isn’t it used by Kurento initializing p2p traffic to the clients. So Kurento is opening the port anyway? > But if your CoTurn runs on a VM in a cloud lik AWS, you should google to know > how to configure CoTurn specially, like: > external-ip=/ > listening-ip= > relay-ip= My VM is running on my own root Server in a data center. So that’s not a problem here. But I take that for the Fedora Server documentation when I manage to get it running. > > Hope the above is helpful to you. Yes, it is. Thanks! > Am 26.09.2023 um 06:31 schrieb Maxim Solodovnik : > >> ……. > > Our current demo server (and Dockerized Ubuntu 22) versions will work > with Dokerized KMS > KMS natively supports Ubuntu 20 only :( > > TURN server (listening ports 3478 TCP+UDP AND ports being used for > proxy 49152:65535 UDP IN-OUT) should be public > In all my configurations I'm using TURN at the same server as OM and KMS > > Coturn config should be as simple as > https://lists.apache.org/thread/x4rl7xjq6fnfy6nyl5c6lhmp57fdf4br The source says: fingerprint lt-cred-mech use-auth-secret static-auth-secret=** realm=om.alteametasoft.com stale-nonce=0 proc-user=nobody proc-group=nogroup I couldn’t switch the user to nobody. Fedora create a user coturn, so the proc is not running with root privileges. And regarding lt-cred-mech the docs say: # Be aware that use-auth-secret overrides some parts of lt-cred-mech. # The use-auth-secret feature depends internally on lt-cred-mech, so if you set # this option then it automatically enables lt-cred-mech internally # as if you had enabled both. # # Note that you can use only one auth mechanism at the same time! This is because, # both mechanisms conduct username and password validation in different ways. # # Use either lt-cred-mech or use-auth-secret in the conf # to avoid any confusion. # #use-auth-secret use-auth-secret And the log gave a warning. > > `openmeetings.properties` file should have > > ### localhost IP in case KMS and OM are at the same server > kurento.ws.url=ws://127.0.0.1:/kurento > > ### this URL must be *Public* IP+PORT, like 8.8.8.8:3478 > kurento.turn.url= > > ### can be any string, for ex: fedora-user > kurento.turn.user= > > ### this one should match *static-auth-secret* fron coturn config > kurento.turn.secret= > > kurento.turn.mode=rest > My Kurento section is now: ## Kurento ## kurento.ws.url=ws://127.0.0.1:/kurento kurento.turn.url=148.251.152.52:3478 kurento.turn.user=fedorian kurento.turn.secret=500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 kurento.turn.mode=rest ## minutes kurento.turn.ttl=60 ## milliseconds kurento.check.timeout=1 ## milliseconds kurento.object.check.timeout=200 kurento.watch.thread.count=10 kurento.flowout.timeout=5 ## please ensure this one is unique, better to regenerate it from time to time ## can be generated for ex. here https://www.uuidtools.com kurento.kuid=df992960-e7b0-11ea-9acd-337fb30dd93d ## this list can be space and/or comma separated kurento.ignored.kuids= ## See https://doc-kurento.readthedocs.io/en/latest/features/security.html#media-plane-security-dtls ## possible values: RSA, or ECDSA (capital-case) kurento.certificateType= > hope this helps :) It does, yes, although I still get the error message: ERROR: check_stun_auth: Cannot find credentials of user
Re: How get I video working on a new installation on Fedora Server?
...this dd USB stick burn works for me on Mac: sudo diskutil list ...look for your pendrive... sudo diskutil unmountDisk /dev/diskN ...replace last N for your pendrive number-disk... sudo dd if=./Live_OpenMeetings_7.1.0_on_Ubuntu_18.04_lts.iso of=/dev/diskN bs=1m ...replace last N for your pendrive number-disk and fill the empty spaces in the name "Live OpenMeetings 7.1.0" When finish will show something similar to this: 88+0 records in 388+0 records out 406847488 bytes transferred in 94.024237 secs (4327049 bytes/sec) = # Respect to configuration Turn server and other, only can say...please follow pdf tutorial. There is any information. --- On Mon, 25 Sep 2023 21:00:37 +0200 Peter Boy wrote: > Hi > > > Am 25.09.2023 um 18:57 schrieb Alvaro : > > > > ...i made the bootable iso on USB with "Rufus" on Windows. > > Too bad, I don't have Windows. Only Linux and macOS. Hopefully, I may find > someone around who still uses Windows and is a bit adventurous with their > precious system. > > > > The tutorial works on the following path: > > > > /opt/open710 > > > > ...and you are working on: > > > > "And in /opt/openmeetings/…./kurento.properties" > > > > Maybe you are working on some right path and > > other times on /opt/openmeetings/, and therefore > > the differents configurations no coincide. > > Well, I used openmeetings instead of open710. I just checked again, I did it > consistently. > > > Obviously, there is a communication block between KMS and coturn. > > Is there a third location where I have to specify the the secret? > > And do I use the correct IP configuration? > > > > Thanks again > > Peter > > > > > > > --- > > > > > > > > On Mon, 25 Sep 2023 17:53:28 +0200 > > Peter Boy wrote: > > > >> Hi Alvaro, > >> > >> Thanks for the info > >> > >>> Am 25.09.2023 um 11:21 schrieb Alvaro : > >>> > >>> > >>> > >>> You said: > >>> > >>> "But the video is only displayed for each local > >>> user on their own machine" > >>> > >>> ...That is happen to me when the server is not > >>> connected to Internet. When is connected to Internet > >>> any user can see the cam of the other users. > >>> > >>> About the live iso in the tutorial section it can > >>> be booted from USB memory stick. > >> > >> How get I the iso onto the stick? I tried balenaEtcher which got me just > >> one hidden partition on the stick, not recognized as bootable, and I tried > >> dd, which got me the same (id 17 HPFS/NTFS) and a warning about iso9660 > >> signature. The partition was marked as bootable but not recognized as > >> bootable by BIOS. I can mount the partition and get 4 directories. > >> Unfortunately, I have no idea how to make it bootable. > >> > >> > >>> Attached my turn.log file running some minutes ago > >>> with succes. > >> > >> I got the same with some differences regarding the interfaces. But after I > >> connected to the server I got > >> In /var/log/coturn/turnserver.log : > >> > >> 3: (1947): DEBUG: turn server id=3 created > >> 3: (1943): INFO: Total auth threads: 3 > >> 3: (1943): INFO: turnserver compiled without prometheus support > >> 1661: (1945): ERROR: check_stun_auth: Cannot find credentials of user > >> <1695643791:cbb57dbd-240c-4f61-b801-efe0886c2d7f> > >> 1661: (1944): ERROR: check_stun_auth: Cannot find credentials of user > >> <1695643791:cbb57dbd-240c-4f61-b801-efe0886c2d7f> > >> (repeatedly) > >> > >> So I must have missed an important part of your guide, but I don’t get it. > >> > >> I generated the secret using openssl and got > >> 500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 > >> > >> I edited /etc/coturn/turnserver: > >> > >>> < > >> ... > >> # Listener interface device (optional, Linux only). > >> # NOT RECOMMENDED. > >> # > >> #listening-device=eth0 > >> > >> # TURN listener port for UDP and TCP (Default: 3478). > >> # Note: actually, TLS & DTLS sessions can connect to the > >> # "plain" TCP & UDP port(s), too - if allowed by configuration. > >> # > >> #listening-port=3478 > >> > >> # > >> #use-auth-secret > >> use-auth-secret > >> ... > >> # by a separate program, so this is why that mode is considered 'dynamic'. > >> # > >> #static-auth-secret=north > >> static-auth-secret=500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 > >> > >> ... > >> # > >> #realm=mycompany.org > >> realm=letsmeet.commtalk.org > >> > >> # > >> #stale-nonce=600 > >> stale-nonce=0 > >>> < > >> > >> And in /opt/openmeetings/…./kurento.properties > >>> < > >> ## Kurento ## > >> kurento.ws.url=ws://127.0.0.1:/kurento > >> kurento.turn.url=148.251.152.52:3478 > >> kurento.turn.user= > >> kurento.turn.secret=500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 > >> > >> kurento.turn.mode=rest > >>> < > >> > >> > >> > >> What do I miss? > >> > >>
Re: How get I video working on a new installation on Fedora Server?
On Tue, 26 Sept 2023 at 01:09, Peter Boy wrote: > > Hi Maxim > > > Am 25.09.2023 um 11:50 schrieb Maxim Solodovnik : > > > > Hello Peter, > > > > On Mon, 25 Sept 2023 at 13:56, Peter Boy wrote: > >> > >> Hi, > >> > >> > >> I get the same message on screen: "Media server connection for user XXX is > >> failed, will try to re-connect“ as described in the post mentioned above. > >> > > > > This is most probably caused by missing/misconfigured TURN server > > Yes, in the meantime I found a clear error message (see my other reply). But > no idea how to fix it. > > > > >> > >> > > > > Shame on me :( > > I never configured secure TURN server :( > > > > Have used non-secured all the time :( > > OK, if it is basically able to work insecure, it’s fine for me, too. > > > > > >> > >> c) is there an Ansible playbook for OpenMeetings Installation anywhere (my > >> search was unsuccessful)? > >> > > > > Alvaro's instructions are most detailed one :( > > I, personally, use the process "described" in > > https://github.com/openmeetings/openmeetings-docker/ > > > > Most probably I'll create another Docker for Ubuntu 22 (Maybe with KMS) > > Thanks, that may give me some hints how to do it natively in Fedora > Our current demo server (and Dockerized Ubuntu 22) versions will work with Dokerized KMS KMS natively supports Ubuntu 20 only :( TURN server (listening ports 3478 TCP+UDP AND ports being used for proxy 49152:65535 UDP IN-OUT) should be public In all my configurations I'm using TURN at the same server as OM and KMS Coturn config should be as simple as https://lists.apache.org/thread/x4rl7xjq6fnfy6nyl5c6lhmp57fdf4br `openmeetings.properties` file should have ### localhost IP in case KMS and OM are at the same server kurento.ws.url=ws://127.0.0.1:/kurento ### this URL must be *Public* IP+PORT, like 8.8.8.8:3478 kurento.turn.url= ### can be any string, for ex: fedora-user kurento.turn.user= ### this one should match *static-auth-secret* fron coturn config kurento.turn.secret= kurento.turn.mode=rest hope this helps :) > > >> > >> > >> d) Another more general question is: > >> > >> The starting point for my exploration of OpenMeeting is a search for a > >> stable video conferencing system that we can introduce into Fedora Server > >> as a new "specifically supported service". If I can manage to get a > >> stable and reproducible test installation, I would then have to compile > >> OpenMeetings including Kurento from source and build a corresponding RPM. > >> Kurento is likely to be particularly elaborate. But there was at least a > >> CentOS 7 rpm. Then it should actually be possible with Fedora, too. > >> > >> Do you consider that a feasible project? Or is the OpenMeetings build > >> system too complex and highly idiosyncratic? I would certainly have some > >> more questions than I do have now. Would that be feasible with the mailing > >> list or does it blow up the resources? > > > > OM build is as simple as `mvn clean install` :) > > KMS build might be more complicated ... :( > > OK, if OM is standard maven, it should not be that difficult. And KMS, I’ll > see. > > > > > I will be happy to answer your questions :) > > > Thanks, I hope I will not have too many questions. :-) > > > > Thanks for your support! > > > > > -- > Peter Boy > https://fedoraproject.org/wiki/User:Pboy > p...@fedoraproject.org > > Timezone: CET (UTC+1) / CEST /UTC+2) > > Fedora Server Edition Working Group member > Fedora Docs team contributor and board member > Java developer and enthusiast > > > -- Best regards, Maxim
Re: How get I video working on a new installation on Fedora Server?
Hi, I met the same issue as yours after the installation. You please first verify if CoTurn is set up correctly. Using stunclient from https://www.stunprotocol.org/ to check if CoTurn setup correctly stunclient 3478 It should prompt "Binding test: success" if the setup is ok. IIf there is any error message prompted, you please verify if the following ports are opened by your firewall. For me, this is the root cause (I opened port 3478 UDP, but forgot opening port 3478 TCP). 3478 TCP-UDP IN 5443 TCP IN TCP IN 49152:65535 UDP IN-OUT But if your CoTurn runs on a VM in a cloud lik AWS, you should google to know how to configure CoTurn specially, like: external-ip=/ listening-ip= relay-ip= Hope the above is helpful to you. On Tue, Sep 26, 2023 at 3:01 AM Peter Boy wrote: > Hi > > > Am 25.09.2023 um 18:57 schrieb Alvaro : > > > > ...i made the bootable iso on USB with "Rufus" on Windows. > > Too bad, I don't have Windows. Only Linux and macOS. Hopefully, I may find > someone around who still uses Windows and is a bit adventurous with their > precious system. > > > > The tutorial works on the following path: > > > > /opt/open710 > > > > ...and you are working on: > > > > "And in /opt/openmeetings/…./kurento.properties" > > > > Maybe you are working on some right path and > > other times on /opt/openmeetings/, and therefore > > the differents configurations no coincide. > > Well, I used openmeetings instead of open710. I just checked again, I did > it consistently. > > > Obviously, there is a communication block between KMS and coturn. > > Is there a third location where I have to specify the the secret? > > And do I use the correct IP configuration? > > > > Thanks again > > Peter > > > > > > > --- > > > > > > > > On Mon, 25 Sep 2023 17:53:28 +0200 > > Peter Boy wrote: > > > >> Hi Alvaro, > >> > >> Thanks for the info > >> > >>> Am 25.09.2023 um 11:21 schrieb Alvaro : > >>> > >>> > >>> > >>> You said: > >>> > >>> "But the video is only displayed for each local > >>> user on their own machine" > >>> > >>> ...That is happen to me when the server is not > >>> connected to Internet. When is connected to Internet > >>> any user can see the cam of the other users. > >>> > >>> About the live iso in the tutorial section it can > >>> be booted from USB memory stick. > >> > >> How get I the iso onto the stick? I tried balenaEtcher which got me > just one hidden partition on the stick, not recognized as bootable, and I > tried dd, which got me the same (id 17 HPFS/NTFS) and a warning about > iso9660 signature. The partition was marked as bootable but not recognized > as bootable by BIOS. I can mount the partition and get 4 directories. > Unfortunately, I have no idea how to make it bootable. > >> > >> > >>> Attached my turn.log file running some minutes ago > >>> with succes. > >> > >> I got the same with some differences regarding the interfaces. But > after I connected to the server I got > >> In /var/log/coturn/turnserver.log : > >> > >> 3: (1947): DEBUG: turn server id=3 created > >> 3: (1943): INFO: Total auth threads: 3 > >> 3: (1943): INFO: turnserver compiled without prometheus support > >> 1661: (1945): ERROR: check_stun_auth: Cannot find credentials of user > <1695643791:cbb57dbd-240c-4f61-b801-efe0886c2d7f> > >> 1661: (1944): ERROR: check_stun_auth: Cannot find credentials of user > <1695643791:cbb57dbd-240c-4f61-b801-efe0886c2d7f> > >> (repeatedly) > >> > >> So I must have missed an important part of your guide, but I don’t get > it. > >> > >> I generated the secret using openssl and got > >> 500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 > >> > >> I edited /etc/coturn/turnserver: > >> > >>> < > >> ... > >> # Listener interface device (optional, Linux only). > >> # NOT RECOMMENDED. > >> # > >> #listening-device=eth0 > >> > >> # TURN listener port for UDP and TCP (Default: 3478). > >> # Note: actually, TLS & DTLS sessions can connect to the > >> # "plain" TCP & UDP port(s), too - if allowed by configuration. > >> # > >> #listening-port=3478 > >> > >> # > >> #use-auth-secret > >> use-auth-secret > >> ... > >> # by a separate program, so this is why that mode is considered > 'dynamic'. > >> # > >> #static-auth-secret=north > >> > static-auth-secret=500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 > >> > >> ... > >> # > >> #realm=mycompany.org > >> realm=letsmeet.commtalk.org > >> > >> # > >> #stale-nonce=600 > >> stale-nonce=0 > >>> < > >> > >> And in /opt/openmeetings/…./kurento.properties > >>> < > >> ## Kurento ## > >> kurento.ws.url=ws://127.0.0.1:/kurento > >> kurento.turn.url=148.251.152.52:3478 > >> kurento.turn.user= > >> > kurento.turn.secret=500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 > > >> kurento.turn.mode=rest > >>> < > >> > >> > >> > >> What do I miss? > >> > >> > >> Thanks > >> Peter > >> > >> > >> > >> > >> > >>> - >
Re: How get I video working on a new installation on Fedora Server?
Hi > Am 25.09.2023 um 18:57 schrieb Alvaro : > > ...i made the bootable iso on USB with "Rufus" on Windows. Too bad, I don't have Windows. Only Linux and macOS. Hopefully, I may find someone around who still uses Windows and is a bit adventurous with their precious system. > The tutorial works on the following path: > > /opt/open710 > > ...and you are working on: > > "And in /opt/openmeetings/…./kurento.properties" > > Maybe you are working on some right path and > other times on /opt/openmeetings/, and therefore > the differents configurations no coincide. Well, I used openmeetings instead of open710. I just checked again, I did it consistently. Obviously, there is a communication block between KMS and coturn. Is there a third location where I have to specify the the secret? And do I use the correct IP configuration? Thanks again Peter > --- > > > > On Mon, 25 Sep 2023 17:53:28 +0200 > Peter Boy wrote: > >> Hi Alvaro, >> >> Thanks for the info >> >>> Am 25.09.2023 um 11:21 schrieb Alvaro : >>> >>> >>> >>> You said: >>> >>> "But the video is only displayed for each local >>> user on their own machine" >>> >>> ...That is happen to me when the server is not >>> connected to Internet. When is connected to Internet >>> any user can see the cam of the other users. >>> >>> About the live iso in the tutorial section it can >>> be booted from USB memory stick. >> >> How get I the iso onto the stick? I tried balenaEtcher which got me just one >> hidden partition on the stick, not recognized as bootable, and I tried dd, >> which got me the same (id 17 HPFS/NTFS) and a warning about iso9660 >> signature. The partition was marked as bootable but not recognized as >> bootable by BIOS. I can mount the partition and get 4 directories. >> Unfortunately, I have no idea how to make it bootable. >> >> >>> Attached my turn.log file running some minutes ago >>> with succes. >> >> I got the same with some differences regarding the interfaces. But after I >> connected to the server I got >> In /var/log/coturn/turnserver.log : >> >> 3: (1947): DEBUG: turn server id=3 created >> 3: (1943): INFO: Total auth threads: 3 >> 3: (1943): INFO: turnserver compiled without prometheus support >> 1661: (1945): ERROR: check_stun_auth: Cannot find credentials of user >> <1695643791:cbb57dbd-240c-4f61-b801-efe0886c2d7f> >> 1661: (1944): ERROR: check_stun_auth: Cannot find credentials of user >> <1695643791:cbb57dbd-240c-4f61-b801-efe0886c2d7f> >> (repeatedly) >> >> So I must have missed an important part of your guide, but I don’t get it. >> >> I generated the secret using openssl and got >> 500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 >> >> I edited /etc/coturn/turnserver: >> >>> < >> ... >> # Listener interface device (optional, Linux only). >> # NOT RECOMMENDED. >> # >> #listening-device=eth0 >> >> # TURN listener port for UDP and TCP (Default: 3478). >> # Note: actually, TLS & DTLS sessions can connect to the >> # "plain" TCP & UDP port(s), too - if allowed by configuration. >> # >> #listening-port=3478 >> >> # >> #use-auth-secret >> use-auth-secret >> ... >> # by a separate program, so this is why that mode is considered 'dynamic'. >> # >> #static-auth-secret=north >> static-auth-secret=500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 >> >> ... >> # >> #realm=mycompany.org >> realm=letsmeet.commtalk.org >> >> # >> #stale-nonce=600 >> stale-nonce=0 >>> < >> >> And in /opt/openmeetings/…./kurento.properties >>> < >> ## Kurento ## >> kurento.ws.url=ws://127.0.0.1:/kurento >> kurento.turn.url=148.251.152.52:3478 >> kurento.turn.user= >> kurento.turn.secret=500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 >> >> kurento.turn.mode=rest >>> < >> >> >> >> What do I miss? >> >> >> Thanks >> Peter >> >> >> >> >> >>> - >>> >>> >>> On Mon, 25 Sep 2023 08:55:45 +0200 >>> Peter Boy wrote: >>> Hi, I installed OpenMeetings on a Fedora F38 Server (new VM) following the Installation Guide by Alvaro Bustos at https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20OpenMeetings%207.1.0%20on%20Fedora%2038.pdf?version=1=1683788437000=v2 And the corresponding tomcat34 and certificate guide. The system starts, I can log in and enter one of the (public) predefined rooms. But I get a similar issue as user Thomas Scholzen in March this year: I see all the user in a room by a placeholder graphics. But the video is only displayed for each local user on their own machine. All other users are only reprensented by a placeholder image. The admin can obviously perform all admin tasks, as far as I could notice. I get the same message on screen: "Media server connection for
Re: How get I video working on a new installation on Fedora Server?
Hi Maxim > Am 25.09.2023 um 11:50 schrieb Maxim Solodovnik : > > Hello Peter, > > On Mon, 25 Sept 2023 at 13:56, Peter Boy wrote: >> >> Hi, >> >> >> I get the same message on screen: "Media server connection for user XXX is >> failed, will try to re-connect“ as described in the post mentioned above. >> > > This is most probably caused by missing/misconfigured TURN server Yes, in the meantime I found a clear error message (see my other reply). But no idea how to fix it. > >> >> > > Shame on me :( > I never configured secure TURN server :( > > Have used non-secured all the time :( OK, if it is basically able to work insecure, it’s fine for me, too. > >> >> c) is there an Ansible playbook for OpenMeetings Installation anywhere (my >> search was unsuccessful)? >> > > Alvaro's instructions are most detailed one :( > I, personally, use the process "described" in > https://github.com/openmeetings/openmeetings-docker/ > > Most probably I'll create another Docker for Ubuntu 22 (Maybe with KMS) Thanks, that may give me some hints how to do it natively in Fedora >> >> >> d) Another more general question is: >> >> The starting point for my exploration of OpenMeeting is a search for a >> stable video conferencing system that we can introduce into Fedora Server >> as a new "specifically supported service". If I can manage to get a stable >> and reproducible test installation, I would then have to compile >> OpenMeetings including Kurento from source and build a corresponding RPM. >> Kurento is likely to be particularly elaborate. But there was at least a >> CentOS 7 rpm. Then it should actually be possible with Fedora, too. >> >> Do you consider that a feasible project? Or is the OpenMeetings build system >> too complex and highly idiosyncratic? I would certainly have some more >> questions than I do have now. Would that be feasible with the mailing list >> or does it blow up the resources? > > OM build is as simple as `mvn clean install` :) > KMS build might be more complicated ... :( OK, if OM is standard maven, it should not be that difficult. And KMS, I’ll see. > > I will be happy to answer your questions :) Thanks, I hope I will not have too many questions. :-) > Thanks for your support! -- Peter Boy https://fedoraproject.org/wiki/User:Pboy p...@fedoraproject.org Timezone: CET (UTC+1) / CEST /UTC+2) Fedora Server Edition Working Group member Fedora Docs team contributor and board member Java developer and enthusiast
Re: How get I video working on a new installation on Fedora Server?
...i made the bootable iso on USB with "Rufus" on Windows. The tutorial works on the following path: /opt/open710 ...and you are working on: "And in /opt/openmeetings/…./kurento.properties" Maybe you are working on some right path and other times on /opt/openmeetings/, and therefore the differents configurations no coincide. --- On Mon, 25 Sep 2023 17:53:28 +0200 Peter Boy wrote: > Hi Alvaro, > > Thanks for the info > > > Am 25.09.2023 um 11:21 schrieb Alvaro : > > > > > > > > You said: > > > > "But the video is only displayed for each local > > user on their own machine" > > > > ...That is happen to me when the server is not > > connected to Internet. When is connected to Internet > > any user can see the cam of the other users. > > > > About the live iso in the tutorial section it can > > be booted from USB memory stick. > > How get I the iso onto the stick? I tried balenaEtcher which got me just one > hidden partition on the stick, not recognized as bootable, and I tried dd, > which got me the same (id 17 HPFS/NTFS) and a warning about iso9660 > signature. The partition was marked as bootable but not recognized as > bootable by BIOS. I can mount the partition and get 4 directories. > Unfortunately, I have no idea how to make it bootable. > > > > Attached my turn.log file running some minutes ago > > with succes. > > I got the same with some differences regarding the interfaces. But after I > connected to the server I got > In /var/log/coturn/turnserver.log : > > 3: (1947): DEBUG: turn server id=3 created > 3: (1943): INFO: Total auth threads: 3 > 3: (1943): INFO: turnserver compiled without prometheus support > 1661: (1945): ERROR: check_stun_auth: Cannot find credentials of user > <1695643791:cbb57dbd-240c-4f61-b801-efe0886c2d7f> > 1661: (1944): ERROR: check_stun_auth: Cannot find credentials of user > <1695643791:cbb57dbd-240c-4f61-b801-efe0886c2d7f> > (repeatedly) > > So I must have missed an important part of your guide, but I don’t get it. > > I generated the secret using openssl and got > 500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 > > I edited /etc/coturn/turnserver: > > >< > ... > # Listener interface device (optional, Linux only). > # NOT RECOMMENDED. > # > #listening-device=eth0 > > # TURN listener port for UDP and TCP (Default: 3478). > # Note: actually, TLS & DTLS sessions can connect to the > # "plain" TCP & UDP port(s), too - if allowed by configuration. > # > #listening-port=3478 > > # > #use-auth-secret > use-auth-secret > ... > # by a separate program, so this is why that mode is considered 'dynamic'. > # > #static-auth-secret=north > static-auth-secret=500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 > > ... > # > #realm=mycompany.org > realm=letsmeet.commtalk.org > > # > #stale-nonce=600 > stale-nonce=0 > >< > > And in /opt/openmeetings/…./kurento.properties > >< > ## Kurento ## > kurento.ws.url=ws://127.0.0.1:/kurento > kurento.turn.url=148.251.152.52:3478 > kurento.turn.user= > kurento.turn.secret=500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 > > kurento.turn.mode=rest > >< > > > > What do I miss? > > > Thanks > Peter > > > > > > > - > > > > > > On Mon, 25 Sep 2023 08:55:45 +0200 > > Peter Boy wrote: > > > >> Hi, > >> > >> > >> I installed OpenMeetings on a Fedora F38 Server (new VM) following the > >> Installation Guide by Alvaro Bustos at > >> > >> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20OpenMeetings%207.1.0%20on%20Fedora%2038.pdf?version=1=1683788437000=v2 > >> > >> > >> And the corresponding tomcat34 and certificate guide. > >> > >> The system starts, I can log in and enter one of the (public) predefined > >> rooms. > >> > >> > >> > >> But I get a similar issue as user Thomas Scholzen in March this year: > >> > >> I see all the user in a room by a placeholder graphics. But the video is > >> only displayed for each local user on their own machine. All other users > >> are only reprensented by a placeholder image. The admin can obviously > >> perform all admin tasks, as far as I could notice. > >> > >> I get the same message on screen: "Media server connection for user XXX is > >> failed, will try to re-connect“ as described in the post mentioned above. > >> > >> > >> > >> In the Kurento container I found: > >> ... > >> ocketTransport.cpp:203:initWebSocket: WebSocket server (ws://) listening > >> on address '::', port > >> ocketTransport.cpp:89:WebSocketTransport: Secure WebSocket server (wss://) > >> not enabled. < > >> 259:main: Kurento Media Server started > >> ... > >> STUN server not configured! NAT traversal requires STUN or TURN > >> <== > >> TURN relay server not configured! NAT traversal requires STUN or TURN. > >> <== > >> > >> > >> In
Re: How get I video working on a new installation on Fedora Server?
Hi Alvaro, Thanks for the info > Am 25.09.2023 um 11:21 schrieb Alvaro : > > > > You said: > > "But the video is only displayed for each local > user on their own machine" > > ...That is happen to me when the server is not > connected to Internet. When is connected to Internet > any user can see the cam of the other users. > > About the live iso in the tutorial section it can > be booted from USB memory stick. How get I the iso onto the stick? I tried balenaEtcher which got me just one hidden partition on the stick, not recognized as bootable, and I tried dd, which got me the same (id 17 HPFS/NTFS) and a warning about iso9660 signature. The partition was marked as bootable but not recognized as bootable by BIOS. I can mount the partition and get 4 directories. Unfortunately, I have no idea how to make it bootable. > Attached my turn.log file running some minutes ago > with succes. I got the same with some differences regarding the interfaces. But after I connected to the server I got In /var/log/coturn/turnserver.log : 3: (1947): DEBUG: turn server id=3 created 3: (1943): INFO: Total auth threads: 3 3: (1943): INFO: turnserver compiled without prometheus support 1661: (1945): ERROR: check_stun_auth: Cannot find credentials of user <1695643791:cbb57dbd-240c-4f61-b801-efe0886c2d7f> 1661: (1944): ERROR: check_stun_auth: Cannot find credentials of user <1695643791:cbb57dbd-240c-4f61-b801-efe0886c2d7f> (repeatedly) So I must have missed an important part of your guide, but I don’t get it. I generated the secret using openssl and got 500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 I edited /etc/coturn/turnserver: >< ... # Listener interface device (optional, Linux only). # NOT RECOMMENDED. # #listening-device=eth0 # TURN listener port for UDP and TCP (Default: 3478). # Note: actually, TLS & DTLS sessions can connect to the # "plain" TCP & UDP port(s), too - if allowed by configuration. # #listening-port=3478 # #use-auth-secret use-auth-secret ... # by a separate program, so this is why that mode is considered 'dynamic'. # #static-auth-secret=north static-auth-secret=500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 ... # #realm=mycompany.org realm=letsmeet.commtalk.org # #stale-nonce=600 stale-nonce=0 >< And in /opt/openmeetings/…./kurento.properties >< ## Kurento ## kurento.ws.url=ws://127.0.0.1:/kurento kurento.turn.url=148.251.152.52:3478 kurento.turn.user= kurento.turn.secret=500647a15be4f9cef63a8a5208042cfbfbc50f6ac28b1c10f901ee1caedf8421 kurento.turn.mode=rest >< What do I miss? Thanks Peter > - > > > On Mon, 25 Sep 2023 08:55:45 +0200 > Peter Boy wrote: > >> Hi, >> >> >> I installed OpenMeetings on a Fedora F38 Server (new VM) following the >> Installation Guide by Alvaro Bustos at >> >> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20OpenMeetings%207.1.0%20on%20Fedora%2038.pdf?version=1=1683788437000=v2 >> >> >> And the corresponding tomcat34 and certificate guide. >> >> The system starts, I can log in and enter one of the (public) predefined >> rooms. >> >> >> >> But I get a similar issue as user Thomas Scholzen in March this year: >> >> I see all the user in a room by a placeholder graphics. But the video is >> only displayed for each local user on their own machine. All other users are >> only reprensented by a placeholder image. The admin can obviously perform >> all admin tasks, as far as I could notice. >> >> I get the same message on screen: "Media server connection for user XXX is >> failed, will try to re-connect“ as described in the post mentioned above. >> >> >> >> In the Kurento container I found: >> ... >> ocketTransport.cpp:203:initWebSocket: WebSocket server (ws://) listening on >> address '::', port >> ocketTransport.cpp:89:WebSocketTransport: Secure WebSocket server (wss://) >> not enabled. < >> 259:main: Kurento Media Server started >> ... >> STUN server not configured! NAT traversal requires STUN or TURN >> <== >> TURN relay server not configured! NAT traversal requires STUN or TURN. >> <== >> >> >> In log/cotrun/turnserver.log I found >> 0: (106922): WARNING: cannot find certificate file: turn_server_cert.pem (1) >> 0: (106922): WARNING: cannot start TLS and DTLS listeners because >> certificate file is not set properly >> 0: (106922): WARNING: cannot find private key file: turn_server_pkey.pem (1) >> 0: (106922): WARNING: cannot start TLS and DTLS listeners because private >> key file is not set properly >> 0: (106922): INFO: Certificate file found: //turn_server_cert.pem >> 0: (106922): INFO: Private key file found: //turn_server_pkey.pem >> 0: (106922): WARNING: NO EXPLICIT LISTENER ADDRESS(ES) ARE CONFIGURED >> >> The installation guide didn’t mention to configure a certificate in Coturn. >> I’m not
Re: How get I video working on a new installation on Fedora Server?
Hello Peter, On Mon, 25 Sept 2023 at 13:56, Peter Boy wrote: > > Hi, > > > I installed OpenMeetings on a Fedora F38 Server (new VM) following the > Installation Guide by Alvaro Bustos at > > https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20OpenMeetings%207.1.0%20on%20Fedora%2038.pdf?version=1=1683788437000=v2 > > And the corresponding tomcat34 and certificate guide. > > The system starts, I can log in and enter one of the (public) predefined > rooms. > > > > But I get a similar issue as user Thomas Scholzen in March this year: > > I see all the user in a room by a placeholder graphics. But the video is only > displayed for each local user on their own machine. All other users are only > reprensented by a placeholder image. The admin can obviously perform all > admin tasks, as far as I could notice. > > I get the same message on screen: "Media server connection for user XXX is > failed, will try to re-connect“ as described in the post mentioned above. > This is most probably caused by missing/misconfigured TURN server > > > In the Kurento container I found: > ... > ocketTransport.cpp:203:initWebSocket: WebSocket server (ws://) listening on > address '::', port > ocketTransport.cpp:89:WebSocketTransport: Secure WebSocket server (wss://) > not enabled. < > 259:main: Kurento Media Server started > ... > STUN server not configured! NAT traversal requires STUN or TURN > <== > TURN relay server not configured! NAT traversal requires STUN or TURN. > <== > these can be ignored (but some users reports TURN inside KMS can be useful) > > In log/cotrun/turnserver.log I found > 0: (106922): WARNING: cannot find certificate file: turn_server_cert.pem (1) > 0: (106922): WARNING: cannot start TLS and DTLS listeners because certificate > file is not set properly > 0: (106922): WARNING: cannot find private key file: turn_server_pkey.pem (1) > 0: (106922): WARNING: cannot start TLS and DTLS listeners because private key > file is not set properly > 0: (106922): INFO: Certificate file found: //turn_server_cert.pem > 0: (106922): INFO: Private key file found: //turn_server_pkey.pem > 0: (106922): WARNING: NO EXPLICIT LISTENER ADDRESS(ES) ARE CONFIGURED > > The installation guide didn’t mention to configure a certificate in Coturn. > I’m not that familiar with the technical details of webrtc. But as far as I > read the docs a while ago, WebRTC/Video always needs a secure connection? So > I’m wondering. > Shame on me :( I never configured secure TURN server :( Have used non-secured all the time :( > > My questions are: > > a) How can I tackle this issue? > you can even - use non-secured TURN - OR set-up secure one and share details here :)) > > b) Is there a demo VM available that I can run either from an USB stick or > just install in KVM/Libvirt, and use as a kind of role model? (The iso in the > tutorial section is obviously für CD/DVD only and can’t boot from USB memory > stick). > public demo is available here: https://demo-openmeetings.apache.org/openmeetings You can also use Dockerized OM https://github.com/openmeetings/openmeetings-docker/ BUT it requires external TURN :( > > c) is there an Ansible playbook for OpenMeetings Installation anywhere (my > search was unsuccessful)? > Alvaro's instructions are most detailed one :( I, personally, use the process "described" in https://github.com/openmeetings/openmeetings-docker/ Most probably I'll create another Docker for Ubuntu 22 (Maybe with KMS) > > > d) Another more general question is: > > The starting point for my exploration of OpenMeeting is a search for a stable > video conferencing system that we can introduce into Fedora Server > as a new "specifically supported service". If I can manage to get a stable > and reproducible test installation, I would then have to compile OpenMeetings > including Kurento from source and build a corresponding RPM. Kurento is > likely to be particularly elaborate. But there was at least a CentOS 7 rpm. > Then it should actually be possible with Fedora, too. > > Do you consider that a feasible project? Or is the OpenMeetings build system > too complex and highly idiosyncratic? I would certainly have some more > questions than I do have now. Would that be feasible with the mailing list or > does it blow up the resources? OM build is as simple as `mvn clean install` :) KMS build might be more complicated ... :( I will be happy to answer your questions :) > > > > Thanks > -- > Peter Boy > https://fedoraproject.org/wiki/User:Pboy > p...@fedoraproject.org > > Timezone: CET (UTC+1) / CEST /UTC+2) > > Fedora Server Edition Working Group member > Fedora Docs team contributor and board member > Java developer and enthusiast > > > -- Best regards, Maxim
Re: How get I video working on a new installation on Fedora Server?
Hi Peter, Right now i´ve tested OM 7.1.0 on Fedora 38 again and works as expected. You said: "But the video is only displayed for each local user on their own machine" ...That is happen to me when the server is not connected to Internet. When is connected to Internet any user can see the cam of the other users. About the live iso in the tutorial section it can be booted from USB memory stick. Attached my turn.log file running some minutes ago with succes. Regards Alvaro - On Mon, 25 Sep 2023 08:55:45 +0200 Peter Boy wrote: > Hi, > > > I installed OpenMeetings on a Fedora F38 Server (new VM) following the > Installation Guide by Alvaro Bustos at > > https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20OpenMeetings%207.1.0%20on%20Fedora%2038.pdf?version=1=1683788437000=v2 > > > And the corresponding tomcat34 and certificate guide. > > The system starts, I can log in and enter one of the (public) predefined > rooms. > > > > But I get a similar issue as user Thomas Scholzen in March this year: > > I see all the user in a room by a placeholder graphics. But the video is only > displayed for each local user on their own machine. All other users are only > reprensented by a placeholder image. The admin can obviously perform all > admin tasks, as far as I could notice. > > I get the same message on screen: "Media server connection for user XXX is > failed, will try to re-connect“ as described in the post mentioned above. > > > > In the Kurento container I found: > ... > ocketTransport.cpp:203:initWebSocket: WebSocket server (ws://) listening on > address '::', port > ocketTransport.cpp:89:WebSocketTransport: Secure WebSocket server (wss://) > not enabled. < > 259:main: Kurento Media Server started > ... > STUN server not configured! NAT traversal requires STUN or TURN > <== > TURN relay server not configured! NAT traversal requires STUN or TURN. > <== > > > In log/cotrun/turnserver.log I found > 0: (106922): WARNING: cannot find certificate file: turn_server_cert.pem (1) > 0: (106922): WARNING: cannot start TLS and DTLS listeners because certificate > file is not set properly > 0: (106922): WARNING: cannot find private key file: turn_server_pkey.pem (1) > 0: (106922): WARNING: cannot start TLS and DTLS listeners because private key > file is not set properly > 0: (106922): INFO: Certificate file found: //turn_server_cert.pem > 0: (106922): INFO: Private key file found: //turn_server_pkey.pem > 0: (106922): WARNING: NO EXPLICIT LISTENER ADDRESS(ES) ARE CONFIGURED > > The installation guide didn’t mention to configure a certificate in Coturn. > I’m not that familiar with the technical details of webrtc. But as far as I > read the docs a while ago, WebRTC/Video always needs a secure connection? So > I’m wondering. > > > My questions are: > > a) How can I tackle this issue? > > > b) Is there a demo VM available that I can run either from an USB stick or > just install in KVM/Libvirt, and use as a kind of role model? (The iso in the > tutorial section is obviously für CD/DVD only and can’t ). > > > c) is there an Ansible playbook for OpenMeetings Installation anywhere (my > search was unsuccessful)? > > > > d) Another more general question is: > > The starting point for my exploration of OpenMeeting is a search for a stable > video conferencing system that we can introduce into Fedora Server > as a new "specifically supported service". If I can manage to get a stable > and reproducible test installation, I would then have to compile OpenMeetings > including Kurento from source and build a corresponding RPM. Kurento is > likely to be particularly elaborate. But there was at least a CentOS 7 rpm. > Then it should actually be possible with Fedora, too. > > Do you consider that a feasible project? Or is the OpenMeetings build system > too complex and highly idiosyncratic? I would certainly have some more > questions than I do have now. Would that be feasible with the mailing list or > does it blow up the resources? > > > > Thanks > -- > Peter Boy > https://fedoraproject.org/wiki/User:Pboy > p...@fedoraproject.org > > Timezone: CET (UTC+1) / CEST /UTC+2) > > Fedora Server Edition Working Group member > Fedora Docs team contributor and board member > Java developer and enthusiast > > > turnserver.log Description: Binary data
How get I video working on a new installation on Fedora Server?
Hi, I installed OpenMeetings on a Fedora F38 Server (new VM) following the Installation Guide by Alvaro Bustos at https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20OpenMeetings%207.1.0%20on%20Fedora%2038.pdf?version=1=1683788437000=v2 And the corresponding tomcat34 and certificate guide. The system starts, I can log in and enter one of the (public) predefined rooms. But I get a similar issue as user Thomas Scholzen in March this year: I see all the user in a room by a placeholder graphics. But the video is only displayed for each local user on their own machine. All other users are only reprensented by a placeholder image. The admin can obviously perform all admin tasks, as far as I could notice. I get the same message on screen: "Media server connection for user XXX is failed, will try to re-connect“ as described in the post mentioned above. In the Kurento container I found: ... ocketTransport.cpp:203:initWebSocket: WebSocket server (ws://) listening on address '::', port ocketTransport.cpp:89:WebSocketTransport: Secure WebSocket server (wss://) not enabled. < 259:main: Kurento Media Server started ... STUN server not configured! NAT traversal requires STUN or TURN <== TURN relay server not configured! NAT traversal requires STUN or TURN. <== In log/cotrun/turnserver.log I found 0: (106922): WARNING: cannot find certificate file: turn_server_cert.pem (1) 0: (106922): WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly 0: (106922): WARNING: cannot find private key file: turn_server_pkey.pem (1) 0: (106922): WARNING: cannot start TLS and DTLS listeners because private key file is not set properly 0: (106922): INFO: Certificate file found: //turn_server_cert.pem 0: (106922): INFO: Private key file found: //turn_server_pkey.pem 0: (106922): WARNING: NO EXPLICIT LISTENER ADDRESS(ES) ARE CONFIGURED The installation guide didn’t mention to configure a certificate in Coturn. I’m not that familiar with the technical details of webrtc. But as far as I read the docs a while ago, WebRTC/Video always needs a secure connection? So I’m wondering. My questions are: a) How can I tackle this issue? b) Is there a demo VM available that I can run either from an USB stick or just install in KVM/Libvirt, and use as a kind of role model? (The iso in the tutorial section is obviously für CD/DVD only and can’t boot from USB memory stick). c) is there an Ansible playbook for OpenMeetings Installation anywhere (my search was unsuccessful)? d) Another more general question is: The starting point for my exploration of OpenMeeting is a search for a stable video conferencing system that we can introduce into Fedora Server as a new "specifically supported service". If I can manage to get a stable and reproducible test installation, I would then have to compile OpenMeetings including Kurento from source and build a corresponding RPM. Kurento is likely to be particularly elaborate. But there was at least a CentOS 7 rpm. Then it should actually be possible with Fedora, too. Do you consider that a feasible project? Or is the OpenMeetings build system too complex and highly idiosyncratic? I would certainly have some more questions than I do have now. Would that be feasible with the mailing list or does it blow up the resources? Thanks -- Peter Boy https://fedoraproject.org/wiki/User:Pboy p...@fedoraproject.org Timezone: CET (UTC+1) / CEST /UTC+2) Fedora Server Edition Working Group member Fedora Docs team contributor and board member Java developer and enthusiast
