* [Galene] Message from KOS @ 2023-12-20 12:19 KOS 2023-12-20 13:57 ` [Galene] " Juliusz Chroboczek 0 siblings, 1 reply; 7+ messages in thread From: KOS @ 2023-12-20 12:19 UTC (permalink / raw) To: galene Hello, I have compiled Galene for Windows 10 and it works perfectly. Thanks so much about this amazing and lightweight program! I am using it for family usage, under a static IP address on ADSL. Because of family usage, I do not need a certificate, the self-signed certificate is enough for me. I accept this certificate on the family browsers and everything runs well. The problem is that when the Galene server restarts, a new self-signed certificate is created (probably) and all the family members have to accept again the new certificate in their browsers. Is there any way to make this certificate sticky in Galene, so that no new certificate is generated on every Galene server restart? Thank you KOS ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Galene] Re: Message from KOS 2023-12-20 12:19 [Galene] Message from KOS KOS @ 2023-12-20 13:57 ` Juliusz Chroboczek 2023-12-20 18:20 ` KOS 0 siblings, 1 reply; 7+ messages in thread From: Juliusz Chroboczek @ 2023-12-20 13:57 UTC (permalink / raw) To: KOS; +Cc: galene > I have compiled Galene for Windows 10 and it works perfectly. Thanks so > much about this amazing and lightweight program! Thanks for the kind words. > The problem is that when the Galene server restarts, a new self-signed > certificate is created (probably) and all the family members have to > accept again the new certificate in their browsers. > Is there any way to make this certificate sticky in Galene, so that no new > certificate is generated on every Galene server restart? Just generate a self-sigend certificate, and put it in the "data" directory. If you have a copy of openssl, chdir into the data directory, then do: openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out cert.pem If you don't have openssl, the simplest is probably to use the "generate_cert.go" program, which is included in the Go distribution under "src/rypto/tls". You may download a copy here: https://github.com/golang/go/raw/master/src/crypto/tls/generate_cert.go -- Juliusz ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Galene] Re: Message from KOS 2023-12-20 13:57 ` [Galene] " Juliusz Chroboczek @ 2023-12-20 18:20 ` KOS 2023-12-20 22:22 ` Juliusz Chroboczek 0 siblings, 1 reply; 7+ messages in thread From: KOS @ 2023-12-20 18:20 UTC (permalink / raw) To: galene > [Galene] Re: Message from KOS – Thanks for the kind words. > > > The problem is that when the Galene server restarts, a new self-signed > > certificate is created (probably) and all the family members have to > > accept again the new certificate in their browsers. > > Is there any way to make this certificate sticky in Galene, so that > no new > > certificate is generated on every Galene server restart? > > Just generate a self-sigend certificate, and put it in the "data" directory. > > If you have a copy of openssl, chdir into the data directory, then do: > > openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 > -out cert.pem > > If you don't have openssl, the simplest is probably to use the > "generate_cert.go" program, which is included in the Go distribution under > "src/rypto/tls". You may download a copy here: > > https://github.com/golang/go/raw/master/src/crypto/tls/generate_cert.go > > -- Juliusz [...] Thanks so much! Just for the reference of the members of the list: There was no data directory, so I created one in the same directory as the galene.exe I had to run the next command to generate the certificates go run generate_cert.go --host example.com,127.0.0.1,::1 --ecdsa-curve P256 --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h by changing the "example.com" accordingly of course. Then I put the generated cert.pem and key.pem into the data directory. Another hint in windows 10 that allows for running the galene.exe on startup without any window appearing (hidden). 1. Create a .vbs file, eg start.vbs with the next code in it: Dim WinScriptHost Set WinScriptHost = CreateObject("WScript.Shell") WinScriptHost.Run Chr(34) & "start.bat" & Chr(34), 0 Set WinScriptHost = Nothing 2. Make a shortcut of thie start.vbs to the "start-up" menu of the windoes. 3. Create a start.bat file, in the same directory as the start.vbs, and put the next code in: cd C:\Program Files (x86)\galene (edit accordingly) galene -turn "<your-external-router-static-IP>:1194" 4. Set your router NAT (port forwarding) to route the 1194 and 8443 ports in your lan, in the PC that runs the galene.exe 5. Configure the groups. Put a home.json (or whatever group name you want) in the "groups" folder, after you create this folder. In my case, I wanted things to be as easy for the family as possible to I did not setup any username. The code in the home.json was this { "op": [{"username": "the-admin-username-here", "password": "the-admin-password-here"}], "presenter": [{"password": "I-put-my-mobile-phone-here-that-all-family-members-know"}], "allow-anonymous": true, "allow-recording": true, "max-clients": 8, "public": false } 6. Optionally you can edit the static/galene.html to translate the login form to your language or set as default the camera and microphone radio button, just to make it easier (less clicks) for the family to access it. 7. In the mobile phones of the family members, access the channel page directly (no home page) from chrome only (sorry firefox did not work for me, no matter if I click allow to use the camera). Then from the chrome options, place a shortcut of the channel page to the desktop of the mobile phones. Each time the member wants to get in the conference, he just clicks the icon on his desktop. With the self-signed solution at the beginning of the message, the members only need to accept the security risk once and it is no more annoying to them anymore. 8. If you have a wifi at home, you need to make 2 desktop shortcuts in your mobile phone. One of them, will have a URL that has your domain name (if you have one), or static external IP in it. This shortcut will be clicked if the member wants to access galene from 4G/5G (i.e outside of your home network). The second shortcut will have the internal static LAN IP address of the server the galene runs in, instead of the domain name or external IP. You will use this if you connect to the galene from your home WIFI (i.e. locally) I hope these steps are a complete guide of how to run galene from windows 10 at home, behind a router, if you have a static IP. Feel free to shate this information with the community or in your website. I do not have the time to do so. Regards to all the members of the list. KOS ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Galene] Re: Message from KOS 2023-12-20 18:20 ` KOS @ 2023-12-20 22:22 ` Juliusz Chroboczek 2023-12-20 22:28 ` KOS 0 siblings, 1 reply; 7+ messages in thread From: Juliusz Chroboczek @ 2023-12-20 22:22 UTC (permalink / raw) To: KOS; +Cc: galene > 1. Create a .vbs file, eg start.vbs with the next code in it: > Dim WinScriptHost > Set WinScriptHost = CreateObject("WScript.Shell") > WinScriptHost.Run Chr(34) & "start.bat" & Chr(34), 0 > Set WinScriptHost = Nothing Or simply recompile with "-ldflags -H=windowsgui". But then, you won't be able to see the logs. > 4. Set your router NAT (port forwarding) to route the 1194 and 8443 ports > in your lan, in the PC that runs the galene.exe 1194 needs both TCP and UDP for best performance. > 8. If you have a wifi at home, you need to make 2 desktop shortcuts in > your mobile phone. [...] > The second shortcut will have the internal static LAN IP address of the > server the galene runs in, instead of the domain name or external IP. That's only needed if your NAT doesn't do hairpinning, and that's going to cause all sorts of other trouble. Please try to configure your NAT so hairpinning works. https://en.wikipedia.org/wiki/Network_address_translation#NAT_hairpinning -- Juliusz ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Galene] Re: Message from KOS 2023-12-20 22:22 ` Juliusz Chroboczek @ 2023-12-20 22:28 ` KOS 2024-01-23 10:24 ` KOS 0 siblings, 1 reply; 7+ messages in thread From: KOS @ 2023-12-20 22:28 UTC (permalink / raw) To: galene > [Galene] Re: Message from KOS – Or simply recompile with "-ldflags -H=windowsgui". > But then, you won't be > able to see the logs. > > > 4. Set your router NAT (port forwarding) to route the 1194 and 8443 > ports > > in your lan, in the PC that runs the galene.exe > > 1194 needs both TCP and UDP for best performance. > > > 8. If you have a wifi at home, you need to make 2 desktop shortcuts > in > > your mobile phone. [...] > > The second shortcut will have the internal static LAN IP address of > the > > server the galene runs in, instead of the domain name or external IP. > > That's only needed if your NAT doesn't do hairpinning, and that's going > to > cause all sorts of other trouble. Please try to configure your NAT so > hairpinning works. > > https://en.wikipedia.org/wiki/Network_address_translation#NAT_hairpinning > > -- Juliusz [...] I am not sure if my router supports that. It is the ZXHN H108N V2.5. I haven't found any option named hairpinning. Perhaps this is not an option but a set of settings to enable this feature? ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Galene] Re: Message from KOS 2023-12-20 22:28 ` KOS @ 2024-01-23 10:24 ` KOS 2024-01-23 14:11 ` Juliusz Chroboczek 0 siblings, 1 reply; 7+ messages in thread From: KOS @ 2024-01-23 10:24 UTC (permalink / raw) To: galene Hello, I have created in Galene a channel accessed publicly without username, but with a password. I wonder if there is the ability (or how it can be done), every time a user joins this channel, galene to be able to send an email notification to a list of predefined emails? "A new user whas joined the channel" ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Galene] Re: Message from KOS 2024-01-23 10:24 ` KOS @ 2024-01-23 14:11 ` Juliusz Chroboczek 0 siblings, 0 replies; 7+ messages in thread From: Juliusz Chroboczek @ 2024-01-23 14:11 UTC (permalink / raw) To: KOS; +Cc: galene > Hello, I have created in Galene a channel accessed publicly without > username, but with a password. > > I wonder if there is the ability (or how it can be done), every time > a user joins this channel, galene to be able to send an email notification > to a list of predefined emails? https://en.wikipedia.org/wiki/Jamie_Zawinski#Zawinski's_Law It should be quite easy to write a bot that monitors the channel and sends an email whenever somebody joins. You could start with the code here: https://github.com/jech/galene-file-transfer/blob/master/galene-file-transfer.go and remove all of the code in the main loop, and send an email when you receive a message of type "user" with kind "add": https://github.com/jech/galene-file-transfer/blob/master/galene-file-transfer.go#L291 Please let me know if you need help. -- Juliusz ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2024-01-23 14:11 UTC | newest] Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2023-12-20 12:19 [Galene] Message from KOS KOS 2023-12-20 13:57 ` [Galene] " Juliusz Chroboczek 2023-12-20 18:20 ` KOS 2023-12-20 22:22 ` Juliusz Chroboczek 2023-12-20 22:28 ` KOS 2024-01-23 10:24 ` KOS 2024-01-23 14:11 ` Juliusz Chroboczek
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox