Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente | ||
projets:vroom [12/02/2015 12:04] dani [Setup VROOM] |
projets:vroom [31/05/2017 15:08] (Version actuelle) dani [Demo] |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
====== VROOM ====== | ====== VROOM ====== | ||
+ | {{odt> | ||
+ | |||
+ | <note important> | ||
===== Intro ===== | ===== Intro ===== | ||
Ligne 34: | Ligne 37: | ||
===== Demo ===== | ===== Demo ===== | ||
- | Better than a few screenshots, | + | Better than a few screenshots, |
{{ : | {{ : | ||
Ligne 50: | Ligne 53: | ||
* VROOM appearence isn't very polished. Please, contribute if you can | * VROOM appearence isn't very polished. Please, contribute if you can | ||
- | * Google Chrome is the only browser able to share your screen. | + | * <del>Google Chrome is the only browser able to share your screen.</ |
* Not all browsers are supported, including Internet Explorer and Safari. You'll have to wait for them to add WebRTC support | * Not all browsers are supported, including Internet Explorer and Safari. You'll have to wait for them to add WebRTC support | ||
* iOS won't work, because Apple hasn't implemented WebRTC support and forbid alternative web engine on their market | * iOS won't work, because Apple hasn't implemented WebRTC support and forbid alternative web engine on their market | ||
Ligne 63: | Ligne 66: | ||
Here's a list of things I'd like to add: | Here's a list of things I'd like to add: | ||
* Enhance the general look' | * Enhance the general look' | ||
- | * More robust text chat | + | * <del>More robust text chat</ |
* < | * < | ||
* < | * < | ||
Ligne 117: | Ligne 120: | ||
<code bash> | <code bash> | ||
- | yum install git nodejs npm tar wget httpd mod_ssl openssl | + | yum install git tar wget httpd mod_ssl openssl mariadb-server \ |
' | ' | ||
' | ' | ||
- | ' | + | ' |
+ | ' | ||
</ | </ | ||
==== Clone the repo ==== | ==== Clone the repo ==== | ||
Ligne 135: | Ligne 139: | ||
=== Setup MySQL/ | === Setup MySQL/ | ||
- | A database will be used to share informations between | + | A database will be used to store rooms configuration, |
<code bash> | <code bash> | ||
systemctl enable mariadb.service | systemctl enable mariadb.service | ||
Ligne 178: | Ligne 181: | ||
mysql-userdb " | mysql-userdb " | ||
verbose | verbose | ||
+ | syslog | ||
fingerprint | fingerprint | ||
lt-cred-mech | lt-cred-mech | ||
no-sslv2 | no-sslv2 | ||
+ | no-sslv3 | ||
+ | no-tcp | ||
+ | no-udp | ||
+ | tls-listening-port 5349 | ||
+ | alt-tls-listening-port 3478 | ||
no-loopback-peers | no-loopback-peers | ||
- | realm firewall-services.com | + | no-multicast-peers |
- | cert /etc/pki/tls/ | + | realm vroom |
- | pkey /etc/pki/tls/ | + | cert /etc/turnserver/cert.pem |
+ | pkey /etc/turnserver/key.pem | ||
proc-user turnserver | proc-user turnserver | ||
proc-group turnserver | proc-group turnserver | ||
Ligne 191: | Ligne 201: | ||
<note important> | <note important> | ||
- | An SSL certificate is needed for everything to work correctly (**/etc/pki/tls/ | + | * An SSL certificate is needed for everything to work correctly |
+ | * Both key and certificate must be readable by turnserver user and/or group | ||
+ | * You can comment no-tcp, no-udp and alt-tls-listening-port if you want to test without encryption | ||
+ | * If you have intermediate(s) CA, you have to put them in the cert.pem file, but **after** your certificate | ||
</ | </ | ||
Ligne 211: | Ligne 224: | ||
* TCP 3478, 3479, 5349, 5350 and 49152 to 65535 | * TCP 3478, 3479, 5349, 5350 and 49152 to 65535 | ||
* UDP 3478, 3479, 5349, 5350 and 49152 to 65535 | * UDP 3478, 3479, 5349, 5350 and 49152 to 65535 | ||
- | </ | ||
- | === Setup SignalMaster === | + | A quick note on how to open the correct port with firewalld: |
- | + | ||
- | This daemon is a slightly modified version of [[https:// | + | |
<code bash> | <code bash> | ||
- | cd /opt/vroom/signalmaster | + | firewall-cmd --add-port 80/tcp \ |
- | npm install | + | |
- | </code> | + | |
- | + | --add-port 3479/tcp \ | |
- | Ok, now lets create a user to run this | + | --add-port 5349/tcp \ |
- | <code bash> | + | --add-port 5350/tcp \ |
- | useradd | + | --add-port 49152-65535/ |
- | </code> | + | firewall-cmd --add-port 3478/udp \ |
- | + | | |
- | Lets configure signalmaster: | + | --add-port 5349/udp \ |
- | <code bash> | + | --add-port 5350/udp \ |
- | cat <<' | + | --add-port 49152-65535/ |
- | { | + | firewall-cmd --permanent \ |
- | " | + | --add-port 80/tcp \ |
- | " | + | |
- | "port": 8888 | + | |
- | }, | + | |
- | " | + | --add-port 5349/tcp \ |
- | " | + | --add-port 5350/tcp \ |
- | " | + | --add-port 49152-65535/ |
- | " | + | firewall-cmd --permanent \ |
- | " | + | --add-port 3478/udp \ |
- | } | + | --add-port 3479/udp \ |
- | } | + | --add-port 5349/udp \ |
- | EOF | + | |
- | </code> | + | --add-port 49152-65535/ |
- | + | ||
- | Now, lets add our unit file so systemd will be able to manage this daemon: | + | |
- | <code bash> | + | |
- | cp / | + | |
- | systemctl daemon-reload | + | |
- | systemctl enable signalmaster | + | |
- | systemctl start signalmaster | + | |
</ | </ | ||
+ | </ | ||
- | <note important> | ||
=== Setup Apache === | === Setup Apache === | ||
Ligne 288: | Ligne 291: | ||
And adapt it to your need. This file is quite small and contains comments, so you should find your way ;-) | And adapt it to your need. This file is quite small and contains comments, so you should find your way ;-) | ||
+ | |||
+ | <note important> | ||
+ | The **realm** key in **[turn]** section of the config file must match the realm setting in **/ | ||
+ | </ | ||
Then, enable and start vroom daemon | Then, enable and start vroom daemon | ||
Ligne 300: | Ligne 307: | ||
The admin interface is available on /admin. There' | The admin interface is available on /admin. There' | ||
- | ==== ETherpad-Lite integration ==== | + | ==== Etherpad-Lite integration ==== |
You don't have to run etherpad-lite on the same server as VROOM itself. The only requirement is that vroom can reach etherpad API. Here' | You don't have to run etherpad-lite on the same server as VROOM itself. The only requirement is that vroom can reach etherpad API. Here' | ||
Ligne 313: | Ligne 320: | ||
cp -a etherpad-lite/ | cp -a etherpad-lite/ | ||
</ | </ | ||
+ | |||
+ | <note important> | ||
+ | |||
<code bash> | <code bash> | ||
mysql | mysql | ||
Ligne 344: | Ligne 354: | ||
_EOF | _EOF | ||
systemctl daemon-reload | systemctl daemon-reload | ||
- | systemctl enable | + | systemctl enable |
- | systemctl start etherpad.service | + | systemctl start etherpad |
</ | </ | ||
And uncomment the corresponding lines in your httpd configuration | And uncomment the corresponding lines in your httpd configuration |