search

jech / galene

The Galène videoconference server
https://galene.org
MIT License
899 stars 119 forks source link

Feature request: Profiles & TEN OTHERs #200

Closed ytr8 closed 2 months ago

ytr8 commented 2 months ago

  1. I'd suggest profiles to quickly test and switch the key config like ./data/profiles.json

    {
"profiles":
 "active":"profile2",
 {"profile1":{"params":"insecure"}},
 {"profile2":
      {"params":"-turn turn.host.here:3478"},
      "canonicalHost": "some.domain.here"
 }
}

  2. As systemd files would be replaced on package updates any customisations there will be lost - more need for profiles. At very least as the command line switch...

  3. I'm on Arch and there is incosistencies right from galene-git PKGBUILD dated 2021: export CGO_ENABLED=0 is incompatible with -ldflags "-s -w -**linkmode external** -extldflags \"${LDFLAGS}\"" Cutting to -ldflags='-s -w' works.

  4. Currently static dir is in /usr/share while the rest in /var/lib, that's not very intuitive so I did cd ~galene && sudo -u galene ln -s /usr/share/galene/static static Probably should be done in PKGBUILD.

  5. Also cd ~galene could be skipped if runtime would set working directory for the galene user automagically or at least a single -homedir (or -rootdir) parameter could be invented (instead or to complement the current 3 or 4 paths).

  6. There is problem with running as galene user on port 443: AmbientCapabilities=CAP_NET_BIND_SERVICE && cd /var/lib/galene && sudo /usr/bin/galene -http ":443" -turn "" -static "/usr/share/galene/static" works fine as root, but cd ~galene && sudo -u galene /usr/bin/galene "AmbientCapabilities=CAP_NET_BIND_SERVICE -http :443 -turn ":1194" shows as working but in reality galene responds on localhost:8443 (!) Ideally requirement for AmbientCapabilities should be detected by galene internally when configured port is < 1024. So far NAT port translation works, hope that's not a performance hit.

  7. I lost 2 days trying to resolve non-sense defaults in codecs with OBS (only the whip user mic icon shown; and yes had to saw it in RTFM) - What's wrong to have "codecs": ["vp8", "vp9", "av1", "h264", "opus"] as the sane default, does the order matter?

  8. Root/admin user's password in data/config.json can't be hidden from plain text by "type":"pbkdf2" as in groups - at least it doesn't succeed on login last time I tried.

  9. What is the rule of thumb on the amount of TURN UDP ports? Could they be set to trigger from internal 8443 (or 1194?) to activate them if router supports ports triggering?

  10. Where are the server logs and log control params?

  11. Thanks you for the great clean package!

jech commented 2 months ago

I find your bug report, since you're mixing up bugs in the Arch packaging of Galene, issues with Galene, and general usage question. This issue tracker is for upstream Galene. For issues with the Arch packaging, please contact the Arch packager. For general usage questions, please join the maling-list at https://lists.galene.org.

Ideally requirement for AmbientCapabilities should be detected by galene internally when configured port is < 1024.

It does:

2024/05/03 22:03:35 Server: listen tcp :443: bind: permission denied
exit status 1

so it looks like an operator error.

What's wrong to have "codecs": ["vp8", "vp9", "av1", "h264", "opus"] as the sane default, does the order matter?

The codecs have different levels of support. Only VP8 is fully supported on all browsers, VP9 SVC is broken on Firefox (bug in Firefox), and we don't support SVC at all in H.264. I recommend sticking to VP8 unless you know that none of your users use Firefox, and I recommend avoiding H.264 unless you have a good reason to enable it.

Hopefully this mess will be gone once everyone implements AV1.

Root/admin user's password in data/config.json can't be hidden from plain text by "type":"pbkdf2" as in groups

This is fixed in Galene 0.9 (current master).

If you have an actual issue that you can reproduce with upstream Galene, please open a new report with just a single issue. If you want to report a bug with the Arch packaging, please contact the Arch packager. If you need help with deploying Galene, please join the maling list at https://lists.galene.org.

ytr8 commented 2 months ago
  1. Looks like you aren't interested in configuration profiles or just busy with another priority tasks, OK.
  2. Same!
  3. Are there flags that do enable logs?
  4. I just notified you as Arch is one of prime distros. The package has not touched there by its maintainer since 2021.
  5. Can Galene detect its home dir by itself or provide the parameter?
  6. Sure the operator error, didn't find a solution, what would be the right alias to run it on 443 for user galene?
  7. OBS can't be run without h264, what are nagatives of adding it by default? How the order of codecs in list matters?
  8. Confirmed to work, although I don't get a single user group named admin - probably several admins supposed to coordinate somehow.
  9. Apparently no need for NAT port triggering (for TURN UDP port range when behind NAT), would 1194 work from outgoing 443?
  10. Logs seem missing - related to 3?
  11. email listings are awful to list/check, additionally email notifications either too much or nothing - don't you have a simple free BBS/forum/bugtracker instead?