WebRTC Client <-> Server

Hey, anyone good with webrtc that can help me demystify this issue. So we have an app that sort of looks like this (1 server and many clients who want to send their real time audio stream to that server) and the pseudo code of how they connect. this works in localhost but fails when deployed behind nginx, haven't dug into stun and turn servers but is that necessary here? it's not really a normal "peer-to-peer" but more like "peer-to-server" i guess, isn't exchanging sdp's enough in that case?
No description
108 Replies
Finn
Finn•14mo ago
Is nginx your reverse proxy of choice?
julius
juliusOP•14mo ago
what do you mean of choice
Finn
Finn•14mo ago
the one you want to use is webrtc the one that gives you a string that tells other clients how to connect to eachother?
julius
juliusOP•14mo ago
yea the big sdp blob
No description
Finn
Finn•14mo ago
So, you want a P2P connection? Or do you want to use web rtc to connect to the server ?
julius
juliusOP•14mo ago
p2p but the server is one of the peers i guess haha but none of the clients need to know about one another
Finn
Finn•14mo ago
I'm sure nginx makes NAT traversal hard Right
julius
juliusOP•14mo ago
is there another one i can use? im so bad with everything network related lol
Finn
Finn•14mo ago
Websockets? Or are you sending big amounts of data
julius
juliusOP•14mo ago
i can't send an audio stream through websocket can i?
Finn
Finn•14mo ago
Ah I see suposedly this nginx config works
cation /[base url]/ { proxy_pass http://[base url]:[port]/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; # Allow downstream sites to know who's connecting proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; }
cation /[base url]/ { proxy_pass http://[base url]:[port]/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; # Allow downstream sites to know who's connecting proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; }
no idea though. everyone round here tells me nginx is trash
julius
juliusOP•14mo ago
we got all of that set and it doesn't lo
Finn
Finn•14mo ago
sounds like what you need yeah its lua, who knows how it works Or dosent in this case
julius
juliusOP•14mo ago
i don't understand why i need that though, i thought that was only needed for client-client p2p
Finn
Finn•14mo ago
If you want it P2P you can do that. Aprantly it can be flaky though
julius
juliusOP•14mo ago
i just wanna send the clients audio stream to the server
Finn
Finn•14mo ago
Yeah then that diagram should work
julius
juliusOP•14mo ago
it does - for localhost 🙂
julius
juliusOP•14mo ago
when deployed it's just stuck on connecting and checking before eventually disconnecing
No description
Finn
Finn•14mo ago
Where did I get the word nginx from ? Is it behind an nginx server?
julius
juliusOP•14mo ago
server is ye it's a nuxt server on a vps behind nginx
Finn
Finn•14mo ago
That's probably the issue then @Anna | DevMiner (Rustular CCO) what should Julius use? Nginx or something else
julius
juliusOP•14mo ago
😫
Finn
Finn•14mo ago
GitHub
my-webrtc-app/nginx.config at master · gornostal/my-webrtc-app
Simple WebRTC App. Contribute to gornostal/my-webrtc-app development by creating an account on GitHub.
Finn
Finn•14mo ago
im guessing that config works
Anna | DevMiner
Anna | DevMiner•14mo ago
remind me to respond in 30min
Finn
Finn•14mo ago
Wait are they just using websockets??? Misleading gh name @julius can you take nginx out of the equation and see if that works by any chance?
julius
juliusOP•14mo ago
Easiest way to run on ssl without?
Finn
Finn•14mo ago
lmfao ughh use aws kekcry anna probbaly has some amazing replacement
julius
juliusOP•14mo ago
Actually i did deploy to vercel (should still work to establish connection on serveriess even if it dies right) before and it behaved the same
Finn
Finn•14mo ago
kekflex estabolsh
julius
juliusOP•14mo ago
Öööö
Finn
Finn•14mo ago
vercel probbaly does not play well with rtc connections
julius
juliusOP•14mo ago
Yea i mean you’d need a running server for it but i figured just the connection part should work no?
Anna | DevMiner
Anna | DevMiner•14mo ago
did you enable websocket compatibility in nginx?
julius
juliusOP•14mo ago
Do i need that? We’re not using websockets
Finn
Finn•14mo ago
location @proxy {
# NOTE: only Nginx 1.3.13 or higher support WebSocket protocol
# more info here: https://github.com/LearnBoost/socket.io/wiki/Nginx-and-Socket.io
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;

proxy_pass http://webrtc-app;
proxy_redirect off;
}
location @proxy {
# NOTE: only Nginx 1.3.13 or higher support WebSocket protocol
# more info here: https://github.com/LearnBoost/socket.io/wiki/Nginx-and-Socket.io
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;

proxy_pass http://webrtc-app;
proxy_redirect off;
}
this part i think
Anna | DevMiner
Anna | DevMiner•14mo ago
ye, that
Nestor
Nestor•14mo ago
ah so it was nginx at the end of the day ?
Finn
Finn•14mo ago
probbaly about tos ee
julius
juliusOP•14mo ago
IDK IM SO LOST HAHA
Nestor
Nestor•14mo ago
OMEGALUL
julius
juliusOP•14mo ago
I hate every second of getting this to work
Finn
Finn•14mo ago
you hate nginx
Nestor
Nestor•14mo ago
understandable
julius
juliusOP•14mo ago
so where do i put this
Finn
Finn•14mo ago
paste this into your config and chnage the proxypass part
Nestor
Nestor•14mo ago
We made some TCP sniffing yday @Finn ( CLOwn )
julius
juliusOP•14mo ago
nginx.conf ?
Finn
Finn•14mo ago
ya you have one already right?
julius
juliusOP•14mo ago
yea there's a nginx.conf and some files in sites_enabled
Finn
Finn•14mo ago
it goes within the server block or whatever you might need this aswell, but no one knows enough about nginx config to tell you what the path should be
location / {
try_files $uri $uri/ @proxy;
}
location / {
try_files $uri $uri/ @proxy;
}
at work i wrote a js script that modifies our nginx config at startup based of some env vars. nginx is literally the worst
julius
juliusOP•14mo ago
did this and same as before
No description
julius
juliusOP•14mo ago
never gets pass the connecting phase
No description
Finn
Finn•14mo ago
No description
Nestor
Nestor•14mo ago
I see Perl mega based
Finn
Finn•14mo ago
this should be your url i think
No description
Finn
Finn•14mo ago
and here
No description
Finn
Finn•14mo ago
and put that in
julius
juliusOP•14mo ago
that broke everything
Nestor
Nestor•14mo ago
that config looks fine without the new location
Finn
Finn•14mo ago
sounds about right
Nestor
Nestor•14mo ago
@julius remove that part indentation matters there as well
julius
juliusOP•14mo ago
without which
Nestor
Nestor•14mo ago
2nd one also if you can show the nginx.conf file at the root of the nginx folder
Anna | DevMiner
Anna | DevMiner•14mo ago
I use traefik for reverse proxying btw
Nestor
Nestor•14mo ago
idk he can do that
julius
juliusOP•14mo ago
doesn't look like any secrets in there
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
worker_connections 768;
# multi_accept on;
}

http {

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# SSL Settings
##

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;

# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

##
# Virtual Host Configs
##

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}


#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}

stream {
server {

listen 5732;
# server_name socrateslab.softhouselabs.com;

proxy_pass localhost:5432;
proxy_connect_timeout 60s;
proxy_socket_keepalive on;
}

}
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
worker_connections 768;
# multi_accept on;
}

http {

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# SSL Settings
##

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;

# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

##
# Virtual Host Configs
##

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}


#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}

stream {
server {

listen 5732;
# server_name socrateslab.softhouselabs.com;

proxy_pass localhost:5432;
proxy_connect_timeout 60s;
proxy_socket_keepalive on;
}

}
Anna | DevMiner
Anna | DevMiner•14mo ago
if you wanna call, Julius, im ready in 5min
Finn
Finn•14mo ago
take that offer if you want to stay sane
Nestor
Nestor•14mo ago
yeah
Finn
Finn•14mo ago
and give anna vscode live share. then go make a coffe
julius
juliusOP•14mo ago
t3ggLove
Anna | DevMiner
Anna | DevMiner•14mo ago
aight, I'm ready ( in #sub-hangouts )
julius
juliusOP•14mo ago
julius
juliusOP•14mo ago
julius
juliusOP•14mo ago
Finn
Finn•14mo ago
GitHub
GitHub - node-webrtc/node-webrtc: node-webrtc is a Node.js Native A...
node-webrtc is a Node.js Native Addon that provides bindings to WebRTC M87 - GitHub - node-webrtc/node-webrtc: node-webrtc is a Node.js Native Addon that provides bindings to WebRTC M87
Anna | DevMiner
Anna | DevMiner•14mo ago
mediasoup
Cutting Edge WebRTC Video Conferencing
Finn
Finn•14mo ago
@Nestea (Rustular CDO) was his vpc provider
Anna | DevMiner
Anna | DevMiner•14mo ago
Problem: UDP ports weren't forwarded Repro: Deploy on AWS, it works there, block UDP ports, it doesn't work anymore Solution: Blame provider
Nestor
Nestor•14mo ago
yikes that's amazing I have never ran into providers that didn't allow me UDP traffic
julius
juliusOP•14mo ago
Wasted way too much time on this shit Thanks y’all So just to confirm, this isnt nginx but the provider right?
Anna | DevMiner
Anna | DevMiner•14mo ago
yep nginx doesn't do UDP, if you don't configure it this is a firewall issue somewhere
julius
juliusOP•14mo ago
hmm i just did ec2 + nginx and got stuck at checking again 😫
julius
juliusOP•14mo ago
this security looks correct right?
No description
julius
juliusOP•14mo ago
or do i need to do something for inbound nvm ofc i do
Anna | DevMiner
Anna | DevMiner•14mo ago
inbound needs 0.0.0.0 udp
julius
juliusOP•14mo ago
works now
No description
Anna | DevMiner
Anna | DevMiner•14mo ago
nice
julius
juliusOP•14mo ago
so i can yell some more at the client then he said he opened up udp he also said we should verify that there was no block on the OS - what does that mean
Finn
Finn•14mo ago
On a base Ubuntu install it shouldn't be an issue
Anna | DevMiner
Anna | DevMiner•14mo ago
check if ufw is enabled idk, we can call later again, if you want
julius
juliusOP•14mo ago
it's inactive dw - got plenty of help yesterday. we got a meeting with client on thursday so i'll bug him then 🙂
Anna | DevMiner
Anna | DevMiner•14mo ago
kk
julius
juliusOP•14mo ago
Haha we’re changing to ec2 Couldnt get the vps to work
Nestor
Nestor•14mo ago
Sadge
Anna | DevMiner
Anna | DevMiner•14mo ago
Ekekw gonna cost you a lot x d
Nestor
Nestor•14mo ago
Funny enought I'm dealing with turn server today lol
julius
juliusOP•14mo ago
not my problem, works flawlessly
Anna | DevMiner
Anna | DevMiner•14mo ago
kek
Finn
Finn•14mo ago
Make sure your teraform it And actually set up your networking in a non hacky way kekflex
julius
juliusOP•14mo ago
Open it all sounds good to me
Finn
Finn•14mo ago
All udp I think Unless there's a port range for web rtc ( don't think there is )
julius
juliusOP•14mo ago
I can set one i think
Finn
Finn•14mo ago
Ohhh. Interesting
Want results from more Discord servers?
Add your server