Galène videoconferencing server discussion list archives
 help / color / mirror / Atom feed
* [Galene] Docker image
@ 2020-12-27 17:03 Cell
  2020-12-28  8:36 ` [Galene] " Jeroen van Veen
                   ` (2 more replies)
  0 siblings, 3 replies; 16+ messages in thread
From: Cell @ 2020-12-27 17:03 UTC (permalink / raw)
  To: galene

I couldn't find any info about a docker image for a docker image of galene. I saw something from Jeroen van Veen. Any news on that?

I have some knowledge I could offer. And if I run galene on my server it will be in a docker image anyway (behind a traefik).

^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2020-12-27 17:03 [Galene] Docker image Cell
@ 2020-12-28  8:36 ` Jeroen van Veen
  2020-12-28  9:21   ` Antonin Décimo
                     ` (2 more replies)
  2020-12-28 10:11 ` Cell
  2020-12-28 10:41 ` Cell
  2 siblings, 3 replies; 16+ messages in thread
From: Jeroen van Veen @ 2020-12-28  8:36 UTC (permalink / raw)
  To: Cell; +Cc: galene

Hi,

I made a minimal docker image from the compiled version of Galene, but am not sure
of the quality yet. Docker images I made before were always using an interpreted
language(python/node) and a base image. This one is from scratch and is only
10mb, but more difficult to inspect. I'm using dive(https://github.com/wagoodman/dive)
to inspect the image.

I have some questions about its portability and security because it only contains the binary:

* Does the image run properly on other Linux OS? (it's supposed to be statically linked I think?)
* Would the image also run on a different OS (MacOS/Windows)?
* Is there a way to garantuee the safety of a binary, e.g. proof that its built from
a snapshot of the Galene source-tree.

The image itself is at https://hub.docker.com/r/garage44/galene
The Dockerfile is from https://github.com/garage44/galene/blob/master/Dockerfile

The config(data/groups dir) is kinda hard-coded for now. Any feedback is welcome.

Jeroen


‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
Op zondag, december 27, 2020 6:03 PM, Cell <galene.org@kn1ght.org> schreef:

> I couldn't find any info about a docker image for a docker image of galene. I saw something from Jeroen van Veen. Any news on that?
>
> I have some knowledge I could offer. And if I run galene on my server it will be in a docker image anyway (behind a traefik).
>
> Galene mailing list -- galene@lists.galene.org
> To unsubscribe send an email to galene-leave@lists.galene.org



^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2020-12-28  8:36 ` [Galene] " Jeroen van Veen
@ 2020-12-28  9:21   ` Antonin Décimo
  2020-12-28  9:57     ` Cell
                       ` (3 more replies)
  2020-12-28  9:56   ` Cell
  2020-12-28 10:27   ` Juliusz Chroboczek
  2 siblings, 4 replies; 16+ messages in thread
From: Antonin Décimo @ 2020-12-28  9:21 UTC (permalink / raw)
  To: Jeroen van Veen, Cell; +Cc: galene

Hi!

If your image is using a pre-compiled version of Galène, you’ll lack
portability across distributions and architectures. You should build
Galène and run it inside the Dockerfile. You could even use a layered
Dockerfile so that Galène is build in one image, then copied in the
second image and run from there.

Starting from scratch is a bad idea.

I’d use instead the Golang Docker image. It is well documented:

    https://hub.docker.com/_/golang

A simple workflow would be to have the Dockerfile inside the Galène
repo and use the example Dockerfile:

    FROM golang:1.15

    WORKDIR /go/src/galene
    COPY . .
    
    RUN go get -d -v ./...
    RUN go install -v ./...
    
    CMD ["galene"]

Or you could build a "self-hosting" Dockerfile that download the
package and its dependencies itself (this one is untested, I don't
have the bandwidth right now):

    FROM golang:1.15
    
    WORKDIR /go/src/galene
    COPY data groups static ./
    
    RUN go get -d -v github.com/jech/galene
    RUN go install -v github.com/jech/galene
    
    CMD ["galene"]

The Golang project provides images for Linux, Windows, macOS, and
various architectures that you can use as base images.

Once an image is build, it is *not* portable to other systems or
architectures; but the build script (the Dockerfile) may be portable.
For Windows, nanoserver is the lightest image, windowsservercore is a
bit more featured.

-- Antonin

^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2020-12-28  8:36 ` [Galene] " Jeroen van Veen
  2020-12-28  9:21   ` Antonin Décimo
@ 2020-12-28  9:56   ` Cell
  2020-12-28 10:27   ` Juliusz Chroboczek
  2 siblings, 0 replies; 16+ messages in thread
From: Cell @ 2020-12-28  9:56 UTC (permalink / raw)
  To: Jeroen van Veen, Cell; +Cc: galene

[-- Attachment #1: Type: text/plain, Size: 1747 bytes --]

Ok thx  I forked your repo this morning and will try to open a PR this afternoon.

On 28 December 2020 09:36:28 CET, Jeroen van Veen <jvanveen@protonmail.com> wrote:
>Hi,
>
>I made a minimal docker image from the compiled version of Galene, but
>am not sure
>of the quality yet. Docker images I made before were always using an
>interpreted
>language(python/node) and a base image. This one is from scratch and is
>only
>10mb, but more difficult to inspect. I'm using
>dive(https://github.com/wagoodman/dive)
>to inspect the image.
>
>I have some questions about its portability and security because it
>only contains the binary:
>
>* Does the image run properly on other Linux OS? (it's supposed to be
>statically linked I think?)
>* Would the image also run on a different OS (MacOS/Windows)?
>* Is there a way to garantuee the safety of a binary, e.g. proof that
>its built from
>a snapshot of the Galene source-tree.
>
>The image itself is at https://hub.docker.com/r/garage44/galene
>The Dockerfile is from
>https://github.com/garage44/galene/blob/master/Dockerfile
>
>The config(data/groups dir) is kinda hard-coded for now. Any feedback
>is welcome.
>
>Jeroen
>
>
>‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
>Op zondag, december 27, 2020 6:03 PM, Cell <galene.org@kn1ght.org>
>schreef:
>
>> I couldn't find any info about a docker image for a docker image of
>galene. I saw something from Jeroen van Veen. Any news on that?
>>
>> I have some knowledge I could offer. And if I run galene on my server
>it will be in a docker image anyway (behind a traefik).
>>
>> Galene mailing list -- galene@lists.galene.org
>> To unsubscribe send an email to galene-leave@lists.galene.org

[-- Attachment #2: Type: text/html, Size: 2318 bytes --]

^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2020-12-28  9:21   ` Antonin Décimo
@ 2020-12-28  9:57     ` Cell
  2020-12-28 10:30     ` Juliusz Chroboczek
                       ` (2 subsequent siblings)
  3 siblings, 0 replies; 16+ messages in thread
From: Cell @ 2020-12-28  9:57 UTC (permalink / raw)
  To: Antonin Décimo, Jeroen van Veen, Cell; +Cc: galene

[-- Attachment #1: Type: text/plain, Size: 1672 bytes --]

Yep. That's my plan. Work in progress :)

On 28 December 2020 10:21:16 CET, "Antonin Décimo" <antonin.decimo@gmail.com> wrote:
>Hi!
>
>If your image is using a pre-compiled version of Galène, you’ll lack
>portability across distributions and architectures. You should build
>Galène and run it inside the Dockerfile. You could even use a layered
>Dockerfile so that Galène is build in one image, then copied in the
>second image and run from there.
>
>Starting from scratch is a bad idea.
>
>I’d use instead the Golang Docker image. It is well documented:
>
>    https://hub.docker.com/_/golang
>
>A simple workflow would be to have the Dockerfile inside the Galène
>repo and use the example Dockerfile:
>
>    FROM golang:1.15
>
>    WORKDIR /go/src/galene
>    COPY . .
>    
>    RUN go get -d -v ./...
>    RUN go install -v ./...
>    
>    CMD ["galene"]
>
>Or you could build a "self-hosting" Dockerfile that download the
>package and its dependencies itself (this one is untested, I don't
>have the bandwidth right now):
>
>    FROM golang:1.15
>    
>    WORKDIR /go/src/galene
>    COPY data groups static ./
>    
>    RUN go get -d -v github.com/jech/galene
>    RUN go install -v github.com/jech/galene
>    
>    CMD ["galene"]
>
>The Golang project provides images for Linux, Windows, macOS, and
>various architectures that you can use as base images.
>
>Once an image is build, it is *not* portable to other systems or
>architectures; but the build script (the Dockerfile) may be portable.
>For Windows, nanoserver is the lightest image, windowsservercore is a
>bit more featured.
>
>-- Antonin

[-- Attachment #2: Type: text/html, Size: 2016 bytes --]

^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2020-12-27 17:03 [Galene] Docker image Cell
  2020-12-28  8:36 ` [Galene] " Jeroen van Veen
@ 2020-12-28 10:11 ` Cell
  2020-12-28 10:41 ` Cell
  2 siblings, 0 replies; 16+ messages in thread
From: Cell @ 2020-12-28 10:11 UTC (permalink / raw)
  To: Jeroen van Veen; +Cc: galene

Ok thx I forked your repo this morning and will try to open a PR this afternoon.

(sorry for sending again my response but my phone sent it from a wrong email address)

December 28, 2020 9:36 AM, "Jeroen van Veen" <jvanveen@protonmail.com> wrote:

> Hi,
> 
> I made a minimal docker image from the compiled version of Galene, but am not sure
> of the quality yet. Docker images I made before were always using an interpreted
> language(python/node) and a base image. This one is from scratch and is only
> 10mb, but more difficult to inspect. I'm using dive(https://github.com/wagoodman/dive)
> to inspect the image.
> 
> I have some questions about its portability and security because it only contains the binary:
> 
> * Does the image run properly on other Linux OS? (it's supposed to be statically linked I think?)
> * Would the image also run on a different OS (MacOS/Windows)?
> * Is there a way to garantuee the safety of a binary, e.g. proof that its built from
> a snapshot of the Galene source-tree.
> 
> The image itself is at https://hub.docker.com/r/garage44/galene
> The Dockerfile is from https://github.com/garage44/galene/blob/master/Dockerfile
> 
> The config(data/groups dir) is kinda hard-coded for now. Any feedback is welcome.
> 
> Jeroen
> 
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> Op zondag, december 27, 2020 6:03 PM, Cell <galene.org@kn1ght.org> schreef:
> 
>> I couldn't find any info about a docker image for a docker image of galene. I saw something from
>> Jeroen van Veen. Any news on that?
>> 
>> I have some knowledge I could offer. And if I run galene on my server it will be in a docker image
>> anyway (behind a traefik).
>> 
>> Galene mailing list -- galene@lists.galene.org
>> To unsubscribe send an email to galene-leave@lists.galene.org
> 
> _______________________________________________
> Galene mailing list -- galene@lists.galene.org
> To unsubscribe send an email to galene-leave@lists.galene.org

^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2020-12-28  8:36 ` [Galene] " Jeroen van Veen
  2020-12-28  9:21   ` Antonin Décimo
  2020-12-28  9:56   ` Cell
@ 2020-12-28 10:27   ` Juliusz Chroboczek
  2 siblings, 0 replies; 16+ messages in thread
From: Juliusz Chroboczek @ 2020-12-28 10:27 UTC (permalink / raw)
  To: Jeroen van Veen; +Cc: Cell, galene

> * Does the image run properly on other Linux OS? (it's supposed to be
>   statically linked I think?)

Yes, if you compile with "CGO_ENABLED=0".

> * Would the image also run on a different OS (MacOS/Windows)?

No.  You'll need to cross-compile, e.g.

  GOARCH=amd64 GOOS=windows CGO_ENABLED=0 go build ...

> * Is there a way to garantuee the safety of a binary, e.g. proof that
>   its built from a snapshot of the Galene source-tree.

  https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf

-- Juliusz

^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2020-12-28  9:21   ` Antonin Décimo
  2020-12-28  9:57     ` Cell
@ 2020-12-28 10:30     ` Juliusz Chroboczek
  2020-12-28 10:42     ` Cell
  2020-12-28 18:08     ` Jeroen van Veen
  3 siblings, 0 replies; 16+ messages in thread
From: Juliusz Chroboczek @ 2020-12-28 10:30 UTC (permalink / raw)
  To: Antonin Décimo; +Cc: Jeroen van Veen, galene

>     RUN go get -d -v github.com/jech/galene

Please use a tag or a git hash.


^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2020-12-27 17:03 [Galene] Docker image Cell
  2020-12-28  8:36 ` [Galene] " Jeroen van Veen
  2020-12-28 10:11 ` Cell
@ 2020-12-28 10:41 ` Cell
  2 siblings, 0 replies; 16+ messages in thread
From: Cell @ 2020-12-28 10:41 UTC (permalink / raw)
  To: Cell, Jeroen van Veen; +Cc: galene

Here is a first draft: https://github.com/Cellophan/galene/blob/master/Dockerfile

>> * Is there a way to garantuee the safety of a binary, e.g. proof that its built from
>> a snapshot of the Galene source-tree.

The binary is compiled inside during the image creation process thus it should add some trust about the version of the binary.

If you need more, I would add the git hash of the commit used to build as a label to the image. This would need to be provided to docker, I've done it with a Makefile if needed (an other project I have).


>> * Does the image run properly on other Linux OS? (it's supposed to be statically linked I think?)

I can't test for now as I don't know how galene works. I'll work on that.

>> * Would the image also run on a different OS (MacOS/Windows)?

I work on linux so I can't test for real this image works on Mac nor Windows but linux containers should be able to run on the three systems perhaps with a less performance compared to system dedicated images but I think it's good for a first step. 

>> The config(data/groups dir) is kinda hard-coded for now. Any feedback is welcome.

Is galene taking default values by itself? If yes, then I would consider that no default file should be provided. If not, then I think the spirit of the binary should be respected and none should be provided. So I'm against :)

To help to bootstrap projects faster, I would try to convince the author to add an example of the defaults to its repo. Then we add a `docker-compose,yml` to show a way to start the image with the defaults.


What do you think?


December 28, 2020 11:11 AM, "Cell" <galene.org@kn1ght.org> wrote:

> Ok thx I forked your repo this morning and will try to open a PR this afternoon.
> 
> (sorry for sending again my response but my phone sent it from a wrong email address)
> 
> December 28, 2020 9:36 AM, "Jeroen van Veen" <jvanveen@protonmail.com> wrote:
> 
>> Hi,
>> 
>> I made a minimal docker image from the compiled version of Galene, but am not sure
>> of the quality yet. Docker images I made before were always using an interpreted
>> language(python/node) and a base image. This one is from scratch and is only
>> 10mb, but more difficult to inspect. I'm using dive(https://github.com/wagoodman/dive)
>> to inspect the image.
>> 
>> I have some questions about its portability and security because it only contains the binary:
>> 
>> * Does the image run properly on other Linux OS? (it's supposed to be statically linked I think?)
>> * Would the image also run on a different OS (MacOS/Windows)?
>> * Is there a way to garantuee the safety of a binary, e.g. proof that its built from
>> a snapshot of the Galene source-tree.
>> 
>> The image itself is at https://hub.docker.com/r/garage44/galene
>> The Dockerfile is from https://github.com/garage44/galene/blob/master/Dockerfile
>> 
>> The config(data/groups dir) is kinda hard-coded for now. Any feedback is welcome.
>> 
>> Jeroen
>> 
>> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
>> Op zondag, december 27, 2020 6:03 PM, Cell <galene.org@kn1ght.org> schreef:
>> 
>>> I couldn't find any info about a docker image for a docker image of galene. I saw something from
>>> Jeroen van Veen. Any news on that?
>>> 
>>> I have some knowledge I could offer. And if I run galene on my server it will be in a docker image
>>> anyway (behind a traefik).
>>> 
>>> Galene mailing list -- galene@lists.galene.org
>>> To unsubscribe send an email to galene-leave@lists.galene.org
>> 
>> _______________________________________________
>> Galene mailing list -- galene@lists.galene.org
>> To unsubscribe send an email to galene-leave@lists.galene.org
> 
> _______________________________________________
> Galene mailing list -- galene@lists.galene.org
> To unsubscribe send an email to galene-leave@lists.galene.org

^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2020-12-28  9:21   ` Antonin Décimo
  2020-12-28  9:57     ` Cell
  2020-12-28 10:30     ` Juliusz Chroboczek
@ 2020-12-28 10:42     ` Cell
  2020-12-28 18:08     ` Jeroen van Veen
  3 siblings, 0 replies; 16+ messages in thread
From: Cell @ 2020-12-28 10:42 UTC (permalink / raw)
  To: Juliusz Chroboczek, Antonin Décimo; +Cc: Jeroen van Veen, galene

> Please use a tag or a git hash.

Do you know any best practices? What could be the LABEL name?

December 28, 2020 11:30 AM, "Juliusz Chroboczek" <jch@irif.fr> wrote:

>> RUN go get -d -v github.com/jech/galene
> 
> Please use a tag or a git hash.
> 
> _______________________________________________
> Galene mailing list -- galene@lists.galene.org
> To unsubscribe send an email to galene-leave@lists.galene.org

^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2020-12-28  9:21   ` Antonin Décimo
                       ` (2 preceding siblings ...)
  2020-12-28 10:42     ` Cell
@ 2020-12-28 18:08     ` Jeroen van Veen
  2021-01-26 16:58       ` Jeroen van Veen
  3 siblings, 1 reply; 16+ messages in thread
From: Jeroen van Veen @ 2020-12-28 18:08 UTC (permalink / raw)
  To: Antonin Décimo; +Cc: Cell, galene

Hi Antonin,

Thanks for the detailed description! I'll give it a try with
the golang base-image instead.

cheers,

Jeroen


‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
Op maandag, december 28, 2020 10:21 AM, Antonin Décimo <antonin.decimo@gmail.com> schreef:

> Hi!
>
> If your image is using a pre-compiled version of Galène, you’ll lack
> portability across distributions and architectures. You should build
> Galène and run it inside the Dockerfile. You could even use a layered
> Dockerfile so that Galène is build in one image, then copied in the
> second image and run from there.
>
> Starting from scratch is a bad idea.
>
> I’d use instead the Golang Docker image. It is well documented:
>
> https://hub.docker.com/_/golang
>
> A simple workflow would be to have the Dockerfile inside the Galène
> repo and use the example Dockerfile:
>
> FROM golang:1.15
>
> WORKDIR /go/src/galene
> COPY . .
>
> RUN go get -d -v ./...
> RUN go install -v ./...
>
> CMD ["galene"]
>
> Or you could build a "self-hosting" Dockerfile that download the
> package and its dependencies itself (this one is untested, I don't
> have the bandwidth right now):
>
> FROM golang:1.15
>
> WORKDIR /go/src/galene
> COPY data groups static ./
>
> RUN go get -d -v github.com/jech/galene
> RUN go install -v github.com/jech/galene
>
> CMD ["galene"]
>
> The Golang project provides images for Linux, Windows, macOS, and
> various architectures that you can use as base images.
>
> Once an image is build, it is not portable to other systems or
> architectures; but the build script (the Dockerfile) may be portable.
> For Windows, nanoserver is the lightest image, windowsservercore is a
> bit more featured.
>
> -- Antonin
>
> Galene mailing list -- galene@lists.galene.org
> To unsubscribe send an email to galene-leave@lists.galene.org



^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2020-12-28 18:08     ` Jeroen van Veen
@ 2021-01-26 16:58       ` Jeroen van Veen
  2021-01-26 19:55         ` Juliusz Chroboczek
  2021-01-26 21:01         ` [Galene] " Juliusz Chroboczek
  0 siblings, 2 replies; 16+ messages in thread
From: Jeroen van Veen @ 2021-01-26 16:58 UTC (permalink / raw)
  To: Antonin Décimo; +Cc: Cell, galene

I've updated the image with the Dockerfile additions you suggested.
The groups and config are mounted using docker-compose. The image is at:

https://github.com/garage44/pyrite/blob/main/docker/galene/Dockerfile
https://hub.docker.com/r/garage44/galene

Locally it works fine, but Galene gives a warning (TURN: no public addresses),
which suggests I still lack some config.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
Op maandag, december 28, 2020 7:08 PM, Jeroen van Veen <jvanveen@protonmail.com> schreef:

> Hi Antonin,
>
> Thanks for the detailed description! I'll give it a try with
> the golang base-image instead.
>
> cheers,
>
> Jeroen
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> Op maandag, december 28, 2020 10:21 AM, Antonin Décimo antonin.decimo@gmail.com schreef:
>
> > Hi!
> > If your image is using a pre-compiled version of Galène, you’ll lack
> > portability across distributions and architectures. You should build
> > Galène and run it inside the Dockerfile. You could even use a layered
> > Dockerfile so that Galène is build in one image, then copied in the
> > second image and run from there.
> > Starting from scratch is a bad idea.
> > I’d use instead the Golang Docker image. It is well documented:
> > https://hub.docker.com/_/golang
> > A simple workflow would be to have the Dockerfile inside the Galène
> > repo and use the example Dockerfile:
> > FROM golang:1.15
> > WORKDIR /go/src/galene
> > COPY . .
> > RUN go get -d -v ./...
> > RUN go install -v ./...
> > CMD ["galene"]
> > Or you could build a "self-hosting" Dockerfile that download the
> > package and its dependencies itself (this one is untested, I don't
> > have the bandwidth right now):
> > FROM golang:1.15
> > WORKDIR /go/src/galene
> > COPY data groups static ./
> > RUN go get -d -v github.com/jech/galene
> > RUN go install -v github.com/jech/galene
> > CMD ["galene"]
> > The Golang project provides images for Linux, Windows, macOS, and
> > various architectures that you can use as base images.
> > Once an image is build, it is not portable to other systems or
> > architectures; but the build script (the Dockerfile) may be portable.
> > For Windows, nanoserver is the lightest image, windowsservercore is a
> > bit more featured.
> > -- Antonin
> > Galene mailing list -- galene@lists.galene.org
> > To unsubscribe send an email to galene-leave@lists.galene.org



^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2021-01-26 16:58       ` Jeroen van Veen
@ 2021-01-26 19:55         ` Juliusz Chroboczek
       [not found]           ` <OzDUklERX684nOGvtcdQ3NxZ5VBZumpDhMugrcaN69JCKflO-rnwI_4DJjcVPPYUUj_Hrw6kRao3SUsHzD3i9yoc1_TF_OuRyrRSNmBAc7Y=@protonmail.com>
  2021-01-26 21:01         ` [Galene] " Juliusz Chroboczek
  1 sibling, 1 reply; 16+ messages in thread
From: Juliusz Chroboczek @ 2021-01-26 19:55 UTC (permalink / raw)
  To: Jeroen van Veen; +Cc: Antonin Décimo, Cell, galene

> Locally it works fine, but Galene gives a warning (TURN: no public addresses),
> which suggests I still lack some config.

This means that Galène is being run behind NAT, and has disabled the
built-in TURN server.  Galène will still work, but connectivity might be
erratic.

To fix the issue, you need to find the public address of the image and
pass it to Galène using the "-turn" command-line option.  I'm not sure if
docker provides a way to do this from the container, but you could
probably ask galene.org for your address:

  turnutils_stunclient -p 1194 galene.org

I'm half-tempted to have Galène do it automatically.  Toke, can you see
any reason why it's a bad idea?

-- Juliusz

^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2021-01-26 16:58       ` Jeroen van Veen
  2021-01-26 19:55         ` Juliusz Chroboczek
@ 2021-01-26 21:01         ` Juliusz Chroboczek
  2021-01-27  8:40           ` Jeroen van Veen
  1 sibling, 1 reply; 16+ messages in thread
From: Juliusz Chroboczek @ 2021-01-26 21:01 UTC (permalink / raw)
  To: Jeroen van Veen; +Cc: Antonin Décimo, Cell, galene

> Locally it works fine, but Galene gives a warning (TURN: no public addresses),
> which suggests I still lack some config.

Jeroen, what network mode are you using in your container?  You should
probably be using "host", not the default "bridge".

^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Fw: Re: Re: Docker image
       [not found]           ` <OzDUklERX684nOGvtcdQ3NxZ5VBZumpDhMugrcaN69JCKflO-rnwI_4DJjcVPPYUUj_Hrw6kRao3SUsHzD3i9yoc1_TF_OuRyrRSNmBAc7Y=@protonmail.com>
@ 2021-01-27  8:37             ` Jeroen van Veen
  0 siblings, 0 replies; 16+ messages in thread
From: Jeroen van Veen @ 2021-01-27  8:37 UTC (permalink / raw)
  To: galene






‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
Op woensdag, januari 27, 2021 9:36 AM, Jeroen van Veen <jvanveen@protonmail.com> schreef:

> Thank you for the help. Adding coturn to the image would be a possibility.
> Would it be a good alternative to have a commandline option in galene that
> does the same trick as turnutils_stunclient?
>
> -- Jeroen
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> Op dinsdag, januari 26, 2021 8:55 PM, Juliusz Chroboczek jch@irif.fr schreef:
>
> > > Locally it works fine, but Galene gives a warning (TURN: no public addresses),
> >
> > > which suggests I still lack some config.
> >
> > This means that Galène is being run behind NAT, and has disabled the
> > built-in TURN server. Galène will still work, but connectivity might be
> > erratic.
> > To fix the issue, you need to find the public address of the image and
> > pass it to Galène using the "-turn" command-line option. I'm not sure if
> > docker provides a way to do this from the container, but you could
> > probably ask galene.org for your address:
> > turnutils_stunclient -p 1194 galene.org
> > I'm half-tempted to have Galène do it automatically. Toke, can you see
> > any reason why it's a bad idea?
> > -- Juliusz
> > Galene mailing list -- galene@lists.galene.org
> > To unsubscribe send an email to galene-leave@lists.galene.org



^ permalink raw reply	[flat|nested] 16+ messages in thread

* [Galene] Re: Docker image
  2021-01-26 21:01         ` [Galene] " Juliusz Chroboczek
@ 2021-01-27  8:40           ` Jeroen van Veen
  0 siblings, 0 replies; 16+ messages in thread
From: Jeroen van Veen @ 2021-01-27  8:40 UTC (permalink / raw)
  To: Juliusz Chroboczek; +Cc: Antonin Décimo, Cell, galene

Its using bridge. I would rather use host, but that wouldn't work on MacOS/Windows hosts.
I could make the network mode configurable, but I figured that it has to support bridge
mode anyway, or it would be limited to Linux hosts.


‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
Op dinsdag, januari 26, 2021 10:01 PM, Juliusz Chroboczek <jch@irif.fr> schreef:

> > Locally it works fine, but Galene gives a warning (TURN: no public addresses),
>
> > which suggests I still lack some config.
>
> Jeroen, what network mode are you using in your container? You should
> probably be using "host", not the default "bridge".
>
> Galene mailing list -- galene@lists.galene.org
> To unsubscribe send an email to galene-leave@lists.galene.org



^ permalink raw reply	[flat|nested] 16+ messages in thread

end of thread, other threads:[~2021-01-27  8:41 UTC | newest]

Thread overview: 16+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-12-27 17:03 [Galene] Docker image Cell
2020-12-28  8:36 ` [Galene] " Jeroen van Veen
2020-12-28  9:21   ` Antonin Décimo
2020-12-28  9:57     ` Cell
2020-12-28 10:30     ` Juliusz Chroboczek
2020-12-28 10:42     ` Cell
2020-12-28 18:08     ` Jeroen van Veen
2021-01-26 16:58       ` Jeroen van Veen
2021-01-26 19:55         ` Juliusz Chroboczek
     [not found]           ` <OzDUklERX684nOGvtcdQ3NxZ5VBZumpDhMugrcaN69JCKflO-rnwI_4DJjcVPPYUUj_Hrw6kRao3SUsHzD3i9yoc1_TF_OuRyrRSNmBAc7Y=@protonmail.com>
2021-01-27  8:37             ` [Galene] Fw: " Jeroen van Veen
2021-01-26 21:01         ` [Galene] " Juliusz Chroboczek
2021-01-27  8:40           ` Jeroen van Veen
2020-12-28  9:56   ` Cell
2020-12-28 10:27   ` Juliusz Chroboczek
2020-12-28 10:11 ` Cell
2020-12-28 10:41 ` Cell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox