After investing a lot of time trying to get the nginx ssl_preread to work as I want with other services I host (by using proxy_protocol to get the real remote ip in the application logging and making another map based on server name; but that’s a story for another time), I noticed in the latest config that this way will be deprecated and replaced by websocket. It had this link accompanying it: https://jitsi.github.io/handbook/docs/devops-guide/faq#how-to-migrate-away-from-multiplexing-and-enable-bridge-websockets
Now I’ve done exactly what it states in the document but I still wonder:
- does this only apply to ‘turns’ or is now everything (stun, turn and turns) routed through the websocket?
- so this means I only need port 443 open, and not the turnservers 3478 and 5349?
- as this is a application specific way, I cannot use https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/ to test stun, turn or turns?
- If not, what is a easy way to to test these?
Thanks for your help. I like how this (future) change will make configuring jitsi less of a hard task when hosting other services as well.