projets:vroom

Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Les deux révisions précédentes Révision précédente
Prochaine révision
Révision précédente
projets:vroom [12/02/2015 18:32]
dani [Get dependencies]
projets:vroom [31/05/2017 15:08] (Version actuelle)
dani [Demo]
Ligne 1: Ligne 1:
 ====== VROOM ====== ====== VROOM ======
 +{{odt>template:template_fws.odt}}
 +
 +<note important>This page is obsolete. Please see the new documentation page instead here: https://vroom.fws.fr/documentation</note>
  
 ===== Intro ===== ===== Intro =====
Ligne 34: Ligne 37:
 ===== Demo ===== ===== Demo =====
  
-Better than a few screenshots, you can try it: https://vroom.im/ (no registration needed). The administration page isn't accessible on the demo, so here are a few screenshots:+Better than a few screenshots, you can try it: https://vroom.fws.fr/ (no registration needed). The administration page isn't accessible on the demo, so here are a few screenshots:
  
 {{ :projets:vroom_admin_list.png |The admin page lists all existing rooms}} {{ :projets:vroom_admin_list.png |The admin page lists all existing rooms}}
Ligne 50: Ligne 53:
  
   * VROOM appearence isn't very polished. Please, contribute if you can   * VROOM appearence isn't very polished. Please, contribute if you can
-  * Google Chrome is the only browser able to share your screen.+  * <del>Google Chrome is the only browser able to share your screen.</del>
   * Not all browsers are supported, including Internet Explorer and Safari. You'll have to wait for them to add WebRTC support   * Not all browsers are supported, including Internet Explorer and Safari. You'll have to wait for them to add WebRTC support
   * iOS won't work, because Apple hasn't implemented WebRTC support and forbid alternative web engine on their market   * iOS won't work, because Apple hasn't implemented WebRTC support and forbid alternative web engine on their market
Ligne 63: Ligne 66:
 Here's a list of things I'd like to add: Here's a list of things I'd like to add:
   * Enhance the general look'n'feel   * Enhance the general look'n'feel
-  * More robust text chat+  * <del>More robust text chat</del> (Looks like browsers have a better dataChannel support now, add no issue for some time)
   * <del>Find a way to send chat history to new peers (as it's totally peer to peer without any central storage, we need a way to elect one of the peer and ask him the history. Maybe the one having the longuest history ?)</del>   * <del>Find a way to send chat history to new peers (as it's totally peer to peer without any central storage, we need a way to elect one of the peer and ask him the history. Maybe the one having the longuest history ?)</del>
   * <del>Display a nice message for unsupported browser explaining why it will not work</del>   * <del>Display a nice message for unsupported browser explaining why it will not work</del>
Ligne 117: Ligne 120:
  
 <code bash> <code bash>
-yum install git nodejs npm tar wget httpd mod_ssl openssl telnet mariadb-server \+yum install git tar wget httpd mod_ssl openssl mariadb-server \
            'perl(Mojolicious)' 'perl(Mojolicious::Plugin::I18N)' 'perl(Mojolicious::Plugin::Mail)' \            'perl(Mojolicious)' 'perl(Mojolicious::Plugin::I18N)' 'perl(Mojolicious::Plugin::Mail)' \
            'perl(Crypt::SaltedHash)' 'perl(Etherpad::API)' 'perl(LWP::Protocol::https)' \            'perl(Crypt::SaltedHash)' 'perl(Etherpad::API)' 'perl(LWP::Protocol::https)' \
Ligne 136: Ligne 139:
 === Setup MySQL/MariaDB === === Setup MySQL/MariaDB ===
  
-A database will be used to share informations between the various componentsWill configure it first. +A database will be used to store rooms configuration, we must enable the server.
 <code bash> <code bash>
 systemctl enable mariadb.service systemctl enable mariadb.service
Ligne 179: Ligne 181:
 mysql-userdb "host=localhost dbname=vroom user=vroom password=MySuperPassw0rd connect_timeout=5" mysql-userdb "host=localhost dbname=vroom user=vroom password=MySuperPassw0rd connect_timeout=5"
 verbose verbose
 +syslog
 fingerprint fingerprint
 lt-cred-mech lt-cred-mech
 no-sslv2 no-sslv2
 +no-sslv3
 +no-tcp
 +no-udp
 +tls-listening-port 5349
 +alt-tls-listening-port 3478
 no-loopback-peers no-loopback-peers
-realm firewall-services.com +no-multicast-peers 
-cert /etc/pki/tls/certs/xxx.firewall-services.com.crt +realm vroom 
-pkey /etc/pki/tls/private/xxx.firewall-services.com.key+cert /etc/turnserver/cert.pem 
 +pkey /etc/turnserver/key.pem
 proc-user turnserver proc-user turnserver
 proc-group turnserver proc-group turnserver
Ligne 192: Ligne 201:
  
 <note important> <note important>
-An SSL certificate is needed for everything to work correctly (**/etc/pki/tls/certs/xxx.firewall-services.com.crt** and **/etc/pki/tls/private/xxx.firewall-services.com.key** in this example). For personal use or testing, you can use a self signed certificate. Both key and certificate must be readable by turnserver user and/or group+  * An SSL certificate is needed for everything to work correctly and securely (**/etc/turnserver/cert.pem** and **/etc/turnserver/key.pem** in this example) 
 +  * Both key and certificate must be readable by turnserver user and/or group 
 +  * You can comment no-tcp, no-udp and alt-tls-listening-port if you want to test without encryption 
 +  * If you have intermediate(s) CA, you have to put them in the cert.pem file, but **after** your certificate
 </note> </note>
  
Ligne 212: Ligne 224:
   * TCP 3478, 3479, 5349, 5350 and 49152 to 65535   * TCP 3478, 3479, 5349, 5350 and 49152 to 65535
   * UDP 3478, 3479, 5349, 5350 and 49152 to 65535   * UDP 3478, 3479, 5349, 5350 and 49152 to 65535
-</note> 
  
-=== Setup SignalMaster === +A quick note on how to open the correct port with firewalld:
- +
-This daemon is a slightly modified version of [[https://github.com/andyet/signalmaster|SignalMaster]] from &yet (the only modification is to check client auth before the handshake). To install it:+
  
 <code bash> <code bash>
-cd /opt/vroom/signalmaster +firewall-cmd --add-port 80/tcp \ 
-npm install +             --add-port 443/tcp \ 
-</code> +             --add-port 3478/tcp \ 
- +             --add-port 3479/tcp \ 
-Ok, now lets create a user to run this +             --add-port 5349/tcp \ 
-<code bash> +             --add-port 5350/tcp \ 
-useradd -r signalmaster +             --add-port 49152-65535/tcp 
-</code> +firewall-cmd --add-port 3478/udp \ 
- +             --add-port 3479/udp \ 
-Lets configure signalmaster: +             --add-port 5349/udp \ 
-<code bash> +             --add-port 5350/udp \ 
-cat <<'EOF'/opt/vroom/signalmaster/dev_config.json +             --add-port 49152-65535/udp 
-{ +firewall-cmd --permanent \ 
-    "isDev": false, +             --add-port 80/tcp \ 
-    "server":+             --add-port 443/tcp \ 
-        "port": 8888 +             --add-port 3478/tcp \ 
-    }, +             --add-port 3479/tcp \ 
-    "mysql":+             --add-port 5349/tcp \ 
-        "server": "localhost", +             --add-port 5350/tcp \ 
-        "database": "vroom", +             --add-port 49152-65535/tcp 
-        "user": "vroom", +firewall-cmd --permanent \ 
-        "password": "MySuperPassw0rd" +             --add-port 3478/udp \ 
-    } +             --add-port 3479/udp \ 
-+             --add-port 5349/udp \ 
-EOF +             --add-port 5350/udp \ 
-</code> +             --add-port 49152-65535/udp
- +
-Now, lets add our unit file so systemd will be able to manage this daemon: +
-<code bash> +
-cp /opt/vroom/conf/signalmaster.service /etc/systemd/system+
-systemctl daemon-reload +
-systemctl enable signalmaster +
-systemctl start signalmaster+
 </code> </code>
 +</note>
  
-<note important>In this how-to, the signaling server will be accessible only through Apache which will act as a proxy, so it's recommanded **not** to open the port 8888 from the outside</note> 
  
 === Setup Apache === === Setup Apache ===
Ligne 289: Ligne 291:
  
 And adapt it to your need. This file is quite small and contains comments, so you should find your way ;-) And adapt it to your need. This file is quite small and contains comments, so you should find your way ;-)
 +
 +<note important>
 +The **realm** key in **[turn]** section of the config file must match the realm setting in **/etc/turnserver/turnserver.conf**
 +</note>
  
 Then, enable and start vroom daemon Then, enable and start vroom daemon
  • projets/vroom.1423762359.txt.gz
  • Dernière modification: 12/02/2015 18:32
  • de dani