Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente | ||
projets:vroom [15/02/2015 21:35] dani [Setup rfc5766-turn-server] |
projets:vroom [31/05/2017 15:08] (Version actuelle) dani [Demo] |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
====== VROOM ====== | ====== VROOM ====== | ||
+ | {{odt> | ||
+ | |||
+ | <note important> | ||
===== Intro ===== | ===== Intro ===== | ||
Ligne 34: | Ligne 37: | ||
===== Demo ===== | ===== Demo ===== | ||
- | Better than a few screenshots, | + | Better than a few screenshots, |
{{ : | {{ : | ||
Ligne 117: | Ligne 120: | ||
<code bash> | <code bash> | ||
- | yum install git nodejs npm tar wget httpd mod_ssl openssl | + | yum install git tar wget httpd mod_ssl openssl mariadb-server \ |
' | ' | ||
' | ' | ||
Ligne 136: | Ligne 139: | ||
=== Setup MySQL/ | === Setup MySQL/ | ||
- | A database will be used to share informations between | + | A database will be used to store rooms configuration, |
<code bash> | <code bash> | ||
systemctl enable mariadb.service | systemctl enable mariadb.service | ||
Ligne 179: | Ligne 181: | ||
mysql-userdb " | mysql-userdb " | ||
verbose | verbose | ||
+ | syslog | ||
fingerprint | fingerprint | ||
lt-cred-mech | lt-cred-mech | ||
no-sslv2 | no-sslv2 | ||
+ | no-sslv3 | ||
+ | no-tcp | ||
+ | no-udp | ||
+ | tls-listening-port 5349 | ||
+ | alt-tls-listening-port 3478 | ||
no-loopback-peers | no-loopback-peers | ||
- | realm firewall-services.com | + | no-multicast-peers |
- | cert /etc/pki/tls/ | + | realm vroom |
- | pkey /etc/pki/tls/ | + | cert /etc/turnserver/cert.pem |
+ | pkey /etc/turnserver/key.pem | ||
proc-user turnserver | proc-user turnserver | ||
proc-group turnserver | proc-group turnserver | ||
Ligne 192: | Ligne 201: | ||
<note important> | <note important> | ||
- | An SSL certificate is needed for everything to work correctly (**/etc/pki/tls/ | + | * An SSL certificate is needed for everything to work correctly |
+ | * Both key and certificate must be readable by turnserver user and/or group | ||
+ | * You can comment no-tcp, no-udp and alt-tls-listening-port if you want to test without encryption | ||
+ | * If you have intermediate(s) CA, you have to put them in the cert.pem file, but **after** your certificate | ||
</ | </ | ||
Ligne 245: | Ligne 257: | ||
</ | </ | ||
- | === Setup SignalMaster === | ||
- | |||
- | This daemon is a slightly modified version of [[https:// | ||
- | |||
- | <code bash> | ||
- | cd / | ||
- | npm install | ||
- | </ | ||
- | |||
- | Ok, now lets create a user to run this | ||
- | <code bash> | ||
- | useradd -r signalmaster | ||
- | </ | ||
- | |||
- | Lets configure signalmaster: | ||
- | <code bash> | ||
- | cat <<' | ||
- | { | ||
- | " | ||
- | " | ||
- | " | ||
- | }, | ||
- | " | ||
- | " | ||
- | " | ||
- | " | ||
- | " | ||
- | } | ||
- | } | ||
- | EOF | ||
- | </ | ||
- | |||
- | Now, lets add our unit file so systemd will be able to manage this daemon: | ||
- | <code bash> | ||
- | cp / | ||
- | systemctl daemon-reload | ||
- | systemctl enable signalmaster | ||
- | systemctl start signalmaster | ||
- | </ | ||
- | |||
- | <note important> | ||
=== Setup Apache === | === Setup Apache === | ||
Ligne 320: | Ligne 291: | ||
And adapt it to your need. This file is quite small and contains comments, so you should find your way ;-) | And adapt it to your need. This file is quite small and contains comments, so you should find your way ;-) | ||
+ | |||
+ | <note important> | ||
+ | The **realm** key in **[turn]** section of the config file must match the realm setting in **/ | ||
+ | </ | ||
Then, enable and start vroom daemon | Then, enable and start vroom daemon |