make XMPP audio/video works with at least conversations

[larchange]

I've enable audio video on my yunohost instance with the following changes. I believe these configuration are enough to make A/V work even on 3G/different wifi etc.

Configure /etc/metronome/metronome.cfg.lua

enable module

"extdisco";  -- XEP 215
"jingle_nodes";

Add config:

You need to replace domain.tld with your own, and replace the some passphrase.

external_services = {
    ["domain.tld"] = {
        [1] = {
            port = "3478",
            transport = "udp",
            type = "stun"
        },

        [2] = {
            port = "3478",
            transport = "tcp",
            type = "stun"
        },

        [3] = {
            port = "5349",
            transport = "tcp",
            type = "stuns"
        },
        [4] = {
            port = "3478",
            transport = "tcp",
            type = "turn",
            turn_secret = "Some passphrase",
            turn_ttl = 300
        },

        [5] = {
            port = "3478",
            transport = "udp",
            type = "turn",
            turn_secret = "Some passphrase",
            turn_ttl = 7200
        },

        [6] = {
            port = "5349",
            transport = "tcp",
            type = "turns",
            turn_secret = "Some passphrase",
            turn_ttl = 7200
        }
    }
};

jingle_nodes_turn_credentials = true;
jingle_nodes_turn_secret = "Some passphrase";
jingle_nodes_turn_credentials_ttl = 86400;
jingle_nodes_restricted = false;

Install coturn And create config file /etc/turnserver.conf

You need to fill your server ipv4 and ipv6 Set the domain.tld to your own Put the same passphrase you chose above

listening-port=3478
tls-listening-port=5349
listening-ip=0.0.0.0
listening-ip=<ipv4>
listening-ip=<ipv6>
min-port=49152
max-port=65535
verbose
fingerprint
use-auth-secret
static-auth-secret="Some passphrase"
realm=domain.tld
max-allocate-lifetime=7200
cert=/etc/yunohost/certs/domain.tld/crt.pem
pkey=/etc/yunohost/certs/domain.tld/key.pem
syslog
prod
no-cli
cli-ip=127.0.0.1
cli-port=5766
cli-password=clipassword
secure-stun

Open corresponding ports

yunohost firewall allow UDP -4 49152:65535
yunohost firewall allow Both 3478
yunohost firewall allow Both 5349
yunohost firewall allow Both 3479
yunohost firewall allow Both 5350

Add turnserver to the group ssl-cert

addgroup turnserver ssl-cert

Restart coturn service

service coturn restart

I'm open to make some changes, but I'm completely new on the project and will welcome some help.

[maranda]

@larchange you forgot to load the jingle_nodes module

Since you added the configuration for jingle relay nodes.

[larchange]

@larchange you forgot to load the jingle_nodes module

Since you added the configuration for jingle relay nodes.

Updated

[colmoneill]

It would be soo great to have this working with Conversations on the stable versions of YNH. Not much of a developer, but thought I would comment to show my interest and enthusiasm for this feature. Cheers !

[SilverViper]

I have tried to do this and first issue I got was the cert files are not readable by user turnserver. I made a copy to work around that but calls still fail. I do not see any logs from Conversations clients and trying with TrickleICE does gives me a 401 on port 5349 but that could be just me using the wrong credentials/URIs and stays blank when using 3478. Calls work on LAN though.

[SilverViper]

Fixed it by moving the externalservices and jingle* settings higher in the metronome.cfg.lua file... AV calls work now. :)

[larchange]

I haven't made a PR as i dont know the interactions with other ynh apps that need a turn server. And how to make it isolated.

@SilverViper good that you successfully setup your xmpp server (welcome to the club)

[zamentur]

Feel free to create a PR this one will be discussed and tested

[colmoneill]

Really great to see this working for a few people. Following this one closely, thanks for all the work! All the best,

[tootbrute]

I've enable audio video on my yunohost instance with the following changes. I believe these configuration are enough to make A/V work even on 3G/different wifi etc.

Configure /etc/metronome/metronome.cfg.lua

enable module

Wow! That's great. Do you know, will these changes be overwritten by upgrades to metronome? or other parts of Yunohost?

I'd love to see Conversations work 'out of the box' for audio/video calls.

Thanks in advance to any programming geniuses who can make that happen :D

[larchange]

Wow! That's great. Do you know, will these changes be overwritten by upgrades to metronome? or other parts of Yunohost?

It will not be overwritten but you will not have the new changes on the config file if any

[tootbrute]

Wow! That's great. Do you know, will these changes be overwritten by upgrades to metronome? or other parts of Yunohost?

It will not be overwritten but you will not have the new changes on the config file if any

i gave it a try following the post at the top, but it didn't work for me.

that's too bad. this is a thing I would fund to have working. does Yunohost have like bounties? I know some opensource things you can vote with your dollars for features? anyways, off-topic but I would definitely kick in $10 to get this going. i'm sure others would really like phone & video to work like this too :+1:

i will regen conf this back now

[anubister]

I would try to help in transferring this trick inside YunoHost, but I think there is no easy nor perfect solution, here would be my proposal, similar to BOSH :

• Load extdisco and jingle_nodes in the default metronome configuration, at YunoHost installation (in https://github.com/YunoHost/yunohost/blob/stretch-unstable/data/templates/metronome/metronome.cfg.lua )
• Enable / make it effective through a dedicated app :
  • to be installed on a dedicated subdomain (likely stun.xxxxx.xxx)
  • installing the coturn Debian package, applying the above recommanded conf
  • configuring extdisco inside /etc/metronome/conf.d/stun.xxxxx.xxx.cfg.lua
  • configuring the firewall as above

Do you think this is a good way ?

[imattau]

Thanks for this! Finally got audio/video working. Just want to mention something that slowed me for a bit.. If your server is not directly connected to the internet e.g running behind a NAT.. Don't forget to turn on the port forwarding on your router!

Took me ages to figure out that's why my calls weren't connecting... Too busy looking for the complicated solution :)

[alexAubin]

(Flagging as important because apparently that's a regularly-requested feature ...)

[glougloumoute]

I love yunohost and I love XMPP, and I do think this feature is a must-have in yunohost. If nobody is currently working on this, I'll start working on a PR in a few days.

[alexAubin]

Hell yeah, feel free to come chat with us (c.f. https://yunohost.org/#/chat_rooms ) if you need help on how to get started with a dev env and all the basic stuff to edit/test things

("Funnily" we currently have a DDOS ongoing so idk if our XMPP room is working correctly :/ but anyway it's bridged with matrix/irc ...)

[anubister]

(the XMPP room is working well :)) @glougloumoute : feel free to hl me in the room if you need help / testing. I had some though (see above), but didn't started yet.

[glougloumoute]

@anubister I didn't see you anywhere. I'm on the IRC room #yunohost-dev. I'll try your suggestions.

[glougloumoute]

Work in progress here: glougloumoute/coturn_ynh

[ericgaspar]

@glougloumoute There is already a package for Coturn... you may want to test it and/or improve it https://github.com/YunoHost-Apps/coturn_ynh

[glougloumoute]

damned, I did search for existing coturn package before starting my own, but it seems I search at the wrong place: https://yunohost.org/#/apps :(

[larchange]

@glougloumoute Do you need any help ? beta tester ? testers to make the calls ...

[glougloumoute]

Actually, I need more time. My spare time is not as extensible as I thought. I'll work on this issue next Saturday.

[testbird]

The packagers of Galène also seem to work on stun/turn on yunohost (in parallel). https://github.com/YunoHost-Apps/galene_ynh/issues/10 Maybe you could arrange for a shared package.

[tootbrute]

The packagers of Galène also seem to work on stun/turn on yunohost (in parallel). YunoHost-Apps/galene_ynh#10 Maybe you could arrange for a shared package.

yes this seems to be the package they are making/using https://github.com/YunoHost-Apps/coturn_ynh

[testbird]

Wondering if there may be some news here, or are there other options for a/v?

[larchange]

I'm available on XMPP: Gabriel at skazki.fr to talk about this feature and implementation in yunohost framework.

@testbird if you follow the procedure it works.

[mooseyboots]

i managed to get this working from behind a NAT, after some headscratching/pain.

some things i ran into:

• the turn client ports suggested above might clash with some existing ynh ones (my transmission-daemon was using a port within the client connection range). so port forwarding needs to get around that.
• i'm not sure if it is just my set up, but on this ynh server and on another one behind a different NAT in the past, i found i had to comment out the listening-ip statements in the turnserver.conf file, which apparently makes coturn search for/find the ip to use itself. (no matter what i set manually, i cdn't get it to work.)
• the snikket client was recently released on ios. i had calls working with conversations--snikket through the ynh server (on diff networks.)

[LPS-github]

So, if I follow this correctly, I just need to add these enable module Add config: to the metronome.cfg.lua only updated the "domain.tld" to my own domain.

Should I be adding anything to the passphrase portion, or can it remain as is?

I then installed coturn and created a config turnserver.conf with the relevant lines only replacing "domain.tld" with my own domain? I've backed it up previous edits/versions in the same folder, will this cause issues?

I've restarted the server, opened all the relevant ports but still no luck .... is there something I'm missing? When I try to make calls it hangs on "discovering devices" ... not sure if that gives a clue.

Lastly, will this work with Synapse as well? I'm considering trying Matrix to see if that will be easier.

I'd appreciate if someone could point out which fields exactly need to be adjusted, thanks:)

[tootbrute]

I followed all instructions above and got XMPP working on my local network. Still having difficulty with one client on my network and one on a mobile device. I'm so close!

Some notes:

• coturn_ynh app gets you to install the coturn server on a separate domain name (i used turn.domain.com) but the config above uses the cert/key from domain.com. I tried using the doman.com key files but it also didn't work.
• log-file=/var/log/coturn/turnserver.log this log doesn't exist. /var/log/coturn is empty.
• XMPP wants ports 49152-65555 but transmission needs port 51413. i guess the chance of collision is low.
• i commented out the listener ports as mooseyboots suggested.

Any other things I might be missing to get this working? I checked syslog but nothing useful there. I forwarded all ports listed by sudo yunohost firewall list except port 53.

The video call connects but my phone keeps ringing, then eventually it says it can't connect.

[ppibburr]

+1

[kirkpsmith]

Just want to say I followed these instructions with my yunohost install and got voice/video chat working (with my initial tests), by using Conversations on android and Dino on linux desktop.

[larchange]

I updated the post to have ssl and made some minor changes to the turnserver config. Also something to consider is to use a different port than the default stun/turn server

I left the verbose in the config, but it's only for debugging remove it once it's working.

[alexAubin]

Closing because metronome is to become an app in Bookworm / YunoHost 12.x : https://github.com/YunoHost-Apps/metronome_ynh