[jitsi-dev] jitsi-meet and TURN/STUN servers (noob)


#1

Hi Dev,
I'm happily using jitsi meet for a couple of months, it works fine and it's
stable as well.
My current setup inclues:
- ejabberd (15.02)
- Apache httpd 2.x
- Videobridge (git clone)
- jitsi-meet pages served from Apache (git clone)
- jicofo (conference focus) (git clone)
- jigasi (sip gateway) (git clone)
- bind dns on a separate machine but with proper SRV records on SOA:
_xmpp-server|client._tcp|_udp, _jabber|-client._tcp|_udp, focus,
callcontrol and so on.
I'm fine with my lan environment but I'm now trying to expand it to remote
users as well.
I already have our own STUN/TURN server (with authentication) on Internet
(public and not natted obviously), it's not endorsed or part of my current
ejabberd system, I'm using rfc5766-turn-server on a separate linux machine
for that.

I have seen "useStunTurn: true" in jitsi meet configuration file
(config.js) and I'd like to use it but how can I enable it for outside
users ?
To use the stun/turn server I need to specify: username/password/hostname,
I guess hostname could be specified by adding other SRV records inside my
zone (_stun* and _turn* records) but how can I specify username/password
needed for auth ?
Is there a doc a wiki or something else where I can see this kind of config
? For what I have read I don't need to enable a module on the XMPP server
(ejabberd) but I'm puzzled about next steps.
Can someone address me on that ?

Thanks
Ben


#2

Hi Ben,

Is there a doc a wiki or something else where I can see this kind of config ?
For what I have read I don't need to enable a module on the XMPP server
(ejabberd) but I'm puzzled about next steps.
Can someone address me on that ?

For prosody there is a module called "turncredentials". Take a look here [0] or in the otalk github [1].

I do not know if there is a simular method/plugin for ejabberd.
The server must be capable of publishing the credentials using XEP0215[2].

I hope this information helps you further.

If you find a solution, it will be nice if you publish it :wink:

Greetings

[0] https://github.com/jitsi/jitsi-meet/pull/76/files?short_path=cd00439
[1] https://github.com/otalk/mod_turncredentials
[2] https://xmpp.org/extensions/xep-0215.html

···

----- Am 27. Apr 2015 um 18:16 schrieb Andrea Benini andreabenini@gmail.com:

--
Rainer Schuth

VNC - Virtual Network Consult GmbH
Professional Services


#3

FYI, there is no need to use neither a TURN nor a STUN server in Jitsi Meet.

Jitsi Videobridge provides you with all the NAT traversal features
that you need.

Emil

···

On Mon, Apr 27, 2015 at 11:16 PM, Andrea Benini <andreabenini@gmail.com> wrote:

Hi Dev,
I'm happily using jitsi meet for a couple of months, it works fine and it's
stable as well.
My current setup inclues:
- ejabberd (15.02)
- Apache httpd 2.x
- Videobridge (git clone)
- jitsi-meet pages served from Apache (git clone)
- jicofo (conference focus) (git clone)
- jigasi (sip gateway) (git clone)
- bind dns on a separate machine but with proper SRV records on SOA:
_xmpp-server|client._tcp|_udp, _jabber|-client._tcp|_udp, focus, callcontrol
and so on.
I'm fine with my lan environment but I'm now trying to expand it to remote
users as well.
I already have our own STUN/TURN server (with authentication) on Internet
(public and not natted obviously), it's not endorsed or part of my current
ejabberd system, I'm using rfc5766-turn-server on a separate linux machine
for that.

I have seen "useStunTurn: true" in jitsi meet configuration file (config.js)
and I'd like to use it but how can I enable it for outside users ?
To use the stun/turn server I need to specify: username/password/hostname, I
guess hostname could be specified by adding other SRV records inside my zone
(_stun* and _turn* records) but how can I specify username/password needed
for auth ?
Is there a doc a wiki or something else where I can see this kind of config
? For what I have read I don't need to enable a module on the XMPP server
(ejabberd) but I'm puzzled about next steps.
Can someone address me on that ?

Thanks
Ben

_______________________________________________
dev mailing list
dev@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/dev

--
https://jitsi.org