search

ct-Open-Source / team-container

A collection of containers to prepare a server for collaboration.
117 stars 39 forks source link

Which STUN-Servers does Jitsi use? #5

Open chjohn22 opened 4 years ago

chjohn22 commented 4 years ago

Sadly Jitsi uses Googles STUN-Servers by default. Do you know if this containerized version of Jitsi replaced them with more privacy respecting ones?

For example: stun.nextcloud.com:443 stun.stunprotocol.org:3478 stun.services.mozilla.com:3478

jamct commented 4 years ago

By default we are using the Google servers. But I can add a parameter to values.yaml so you would be free to change them. If you want to change them manually: deploy_jvb.yaml (line 52).

chjohn22 commented 4 years ago

This would be a great enhancement! I changed the entries in the template-file and it works like a charm, thanks! Edit: I manually set up a STUN-Server with coturn on a different VPS this weekend, the proposed inclusion of coturn in a container would be favorable to reduce the amount of manual configuration needed.

janklostermann commented 4 years ago

Why not adding a coturn STUN/TURN server to the whole setup (usable for jitsi and NC Talk)? At best you could then easily configure that you want to use coturn and it would set up the respective container and configure the others to use it. This would allow to keep things really "local" without hidden external dependencies (as to google, etc.), which people would not expect after reading the article.

jamct commented 4 years ago

@janklostermann Nice idea. I will have a look at STUN/TURN implementations.

jamct commented 4 years ago

I added a new branch to test the new feature: Custom STUN servers. Check out branch feature-custom-stun.

You can add custom STUN servers in values.yaml:

stun:
  server: yourserver:port,secondserver:port

@janklostermann and @chjohn22 Please test and give feedback.

I'm still working on a self hosted STUN server.

chjohn22 commented 4 years ago

Thanks, I will test it soon when I have some time for it. Some days ago, Mike Kuketz posted some other privacy related settings on his microblog: See https://www.kuketz-blog.de/jitsi-meet-server-einstellungen-fuer-einen-datenschutzfreundlichen-betrieb/ Especially the removal of Gravatar and the change of the Logging-Level from INFO to WARNING could be included easily.

janklostermann commented 4 years ago

https://decatec.de/home-server/nextcloud-talk-mit-eigenem-turn-server-coturn/ might be helpful for a COTURN solution as self-hosted STUN server. There is a dockerized version of coturn available, too: https://github.com/coturn/coturn/tree/master/docker

ghost commented 4 years ago

coturn would help Nextcloud Talk too...

chjohn22 commented 4 years ago

@janklostermann Do you know how to install coturn on the same VPS as team-container?

ghost commented 4 years ago

I'm working on a team-coturn integration - but honestly the coturn package is very small and the setup is easy... just install it (Debian/Ubuntu: apt-get install coturn) and edit the config: 

# /etc/turnserver.conf:
listening-port=3478
fingerprint
no-tcp-relay
realm=your.coturnserver.name
use-auth-secret
static-auth-secret=# generate it with: pwgen -s 64 1 | base64 -w0
user-quota=100
bps-capacity=0
stale-nonce
no-multicast-peers