From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wr1-x42f.google.com (mail-wr1-x42f.google.com [IPv6:2a00:1450:4864:20::42f]) by mail.toke.dk (Postfix) with ESMTPS id 722C082AA8B for ; Mon, 12 Apr 2021 16:40:17 +0200 (CEST) Authentication-Results: mail.toke.dk; dkim=pass (2048-bit key) header.d=rouillier-fr.20150623.gappssmtp.com header.i=@rouillier-fr.20150623.gappssmtp.com header.b=zIz50MeO Received: by mail-wr1-x42f.google.com with SMTP id f12so13247574wro.0 for ; Mon, 12 Apr 2021 07:40:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rouillier-fr.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=tZhBls8rL7dxexW/lfBeKecWVvvGHfma0Q0GhsDYyQ8=; b=zIz50MeOq7jJ5TXXK24hrcGqPfTWxCldGbhWxMFpxCkJvx8IeVdK77MWQpSkDoxXjV buxEobAHWw+m1CH8cjuygWvJWyksMPJIO36iXQn29ukglgwKRBwW3X1CpiHpuCV4zjxN 4q8NY94RTlks6OlEQ3OZ/tqEAja73yBEXK8Rc4zaeizJx/58xJxpdorUPRQDnb2jHQzx RkVT2XMrp6vPFv/0K5Xff926YGrEXjL3/Va8P5sdke5WrodAEbnC4L1Yvefx3pRTmo+s I0xSYB6wpCL9SDBvOjHO3ur9NrsqMZctWO37kTzOup9P1/6PRWWf66964v2pswVlTYq2 rBYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=tZhBls8rL7dxexW/lfBeKecWVvvGHfma0Q0GhsDYyQ8=; b=DVvLaO6QvaOV8g4rXYl37F8hpYIRkYS8w7J/dmDIWazGbnybrvHjfDkmMNCi0136QK Oe7Uy6xqRqY/9eVNvpCj0yJ0nZjDZcmKfpHcZ772Llc7mzJlkt7xJjZkLjXHE6H4hqBo pgjIRHi8wNXBBKsP0XoWWlsx3NoS6ftxtZPcM878MqqWWFfOg2Oz6EioRfUKlQEKlNfL NLk88UpPEvCFnsg+9jSn31l/4SkcxwbOjx0hYAOWIpmxqaqWlC52vkCfxVi+Bq3DUhCi qjDSiExRSCAUo3ZA0sOB93egBVkIGnJNeoZRQtQTb+SC+2J/DZc7Tjqwxeyc1HtYyxw+ CPMA== X-Gm-Message-State: AOAM530Jto2plV7lnnnTDEuaCsf0dYQD6+0bZmClO9fquYW2mUMRgQp1 tDAS8WFJv3o+ipV/otPUaXKigw== X-Google-Smtp-Source: ABdhPJzAH8GHTMsOlLKA8apmZcQ2mJoDQttvu2RLnyG6nzplXIe2aVmuISlXC1Tw72GZshXP2rPK3g== X-Received: by 2002:a5d:484d:: with SMTP id n13mr32513259wrs.71.1618238414968; Mon, 12 Apr 2021 07:40:14 -0700 (PDT) Received: from ?IPv6:2a01:e0a:29d:45e0:442f:6b60:f390:e182? ([2a01:e0a:29d:45e0:442f:6b60:f390:e182]) by smtp.gmail.com with ESMTPSA id s20sm10634617wmp.48.2021.04.12.07.40.13 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 12 Apr 2021 07:40:14 -0700 (PDT) From: Fabrice Rouillier Message-Id: <9A33A220-E732-4284-9159-34391BDD78A6@rouillier.fr> Content-Type: multipart/alternative; boundary="Apple-Mail=_0CA50882-33F3-4627-8978-365017D029B7" Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\)) Date: Mon, 12 Apr 2021 16:40:13 +0200 In-Reply-To: <87im4rrb84.wl-jch@irif.fr> To: Juliusz Chroboczek References: <6AF7B2D8-D370-432F-BCB8-C714C1DED4CC@rouillier.fr> <2bf5e895-c758-62d4-68a1-1c747268bb26@crans.org> <09B3386F-42F0-4A30-A1F9-B65CCC106A4E@rouillier.fr> <2540d5d9-6ac8-d6f6-f468-565e98853d43@crans.org> <21640176-922A-4715-A0E3-DE5BEFECD720@rouillier.fr> <87v98uz0fv.wl-jch@irif.fr> <87im4rrb84.wl-jch@irif.fr> X-Mailer: Apple Mail (2.3654.60.0.2.21) Message-ID-Hash: GX23GMN7F7CMFG3H2B6IBTB57KH4PU6R X-Message-ID-Hash: GX23GMN7F7CMFG3H2B6IBTB57KH4PU6R X-MailFrom: fabrice@rouillier.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: galene@lists.galene.org X-Mailman-Version: 3.3.4 Precedence: list Subject: [Galene] Re: Installation Script List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --Apple-Mail=_0CA50882-33F3-4627-8978-365017D029B7 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi Juliusz > 1. I could easily add an option to Gal=C3=A8ne to restrict the range = of > ephemeral ports used =E2=80=94 for example, you could set the range = of ports to > 50000-60000, and only these ports would need to be forwarded. Let = me > know if you think this is useful. >=20 It might be useful to make possible the use of 2 distincts coturn = servers=20 In my case I would like one for nextcloud and one for Gal=C3=A8ne. Nextcloud uses the use-auth-secret=20 Authentification and it turns out that I was unable to use it with = Galene, event setting "credentialType": "hmac-sha1 =C2=BB as described = in your README file. I can easily modify the script adding the two ports.=20 > 2. If you're using the built-in TURN server behind NAT (not = recommended), > you need to set up hairpinning in your NAT. I don't see any good = way > around it. Please mention it in the README. >=20 The installation script do not the use the built-in turn but install = and configure coturn. Galene is launched with the =C2=AB -turn auto =C2=BB= option.=20 Would you like me to add this information ? > Thanks again, >=20 I am very pleased to contribute to the collective effort. Fabrice. --Apple-Mail=_0CA50882-33F3-4627-8978-365017D029B7 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8
Hi Juliusz

1. I could = easily add an option to Gal=C3=A8ne to restrict the range of
  ephemeral ports used =E2=80=94 for example, you = could set the range of ports to
  50000-60000, = and only these ports would need to be forwarded.  Let me
  know if you think this is useful.

It might be useful to = make possible the use of 2 distincts coturn servers 
In = my case I would like one for nextcloud and one for = Gal=C3=A8ne.

Nextcloud uses = the use-auth-secret

Authentification and it turns out that I was = unable to use it with Galene, event setting "credentialType": "hmac-sha1 =C2=BB = as described in your README file.

I can easily modify the script adding = the two ports. 

2. If you're = using the built-in TURN server behind NAT (not recommended),
  you need to set up hairpinning in your NAT. =  I don't see any good way
  around it. =  Please mention it in the README.

The installation script  do not = the use the built-in  turn but install and configure coturn. Galene = is launched with the =C2=AB -turn auto =C2=BB = option. 
Would you like me to add this information = ?

Thanks again,
I am very pleased to contribute to = the collective effort.


Fabrice.

= --Apple-Mail=_0CA50882-33F3-4627-8978-365017D029B7--