Video conferencing

Pursim team introduced me to Jitsi https://jitsi.org/ and I was wondering if there is a FreedomBox solution for video conferencing. If not, maybe ability to self host Jitsi server is worth considering for inclusion in FreedomBox.

Are there superior alternatives? Would this likely be suitable for FreedomBox?

2 Likes

The Riot client for Matrix Synapse supports one-to-one video calling. This is WebRTC-based P2P calling from what I know. This would require both the participants to be reachable by each other which usually means having public IP addresses. Since most devices are behind NAT these days, a TURN server on the FreedomBox would be necessary to relay the call to the clients. One of the two participants’ home server should have a TURN server. For example, you can call someone on matrix.org from your FreedomBox Matrix account since they’re hosting a TURN server.

TURN server for Matrix Synapse is currently being implemented in FreedomBox.

Riot app has a Jitsi integration which uses the Jitsi server jitsi.riot.im. Jitsi supports video conferencing with multiple participants unlike Riot’s native video calls. This comes with the privacy risks of using a third-party server since Jitsi calls are not end-to-end encrypted (only encrypted using TLS during transit).

Hosting a Jitsi server on FreedomBox is not currently on our radar, but the TURN server for Matrix Synapse is an easy win for video calling and will be supported soon.

3 Likes

Hi, I have installed NextCloud’s voice chat app, Talk, (alongside Freedombox). As part of the Talk installation I had to configure it’s TURN settings.

Would it be possible to use the installed Talk TURN server for a Matrix Synapse setup on the same machine? (in my case a Raspberry Pi3B. I am still trying to figure out how to get Matrix Synapse running on the RPi3B… I have just asked for help with this!)?

Hello @ScottishFreedom,

If you want to try to setup a TURN server yourself, you may have a look at TTRSS install Problem and Matrix Synapse Server Problem where I documented some of my late experiences on setting up coturn.

I even use it for a Nextcloud instance on some other network and it seems to work well.

I even tried to setup the jitsi-video-bridge for the ejabberd on my FB but ran into some other port forwarding and similar annoying problems again. So I decided to give it up for the while. At least to not mess up my working servers on my odroidxu4.

If you don’t have an xmpp server running on your box you could give a complete jitsiMeet installation a try.

But remember that you will definitely have to open the necessary ports in firewalld before that will work. And I guess you will need the TURN server for it also.

Hi @homer77, thanks for your reply and help. I have read your post.

So I have followed all the steps below and TURN seems to be working - I can make voice calls between my Android phone and Ubuntu/Linux desktop using two users I have set up on Freedombox! I can also connect to external Rooms outside my network.

But I still can not make video calls. I have since found this is because of an issue of hardware compatibility on my laptop - the web cam is not being found by the OS!

Before setting up TURN I was already able to make voice calls between my two accounts, so I am not sure if setting up TURN has helped anything an I’m not sure how to test TURN.

The only thing I haven’t done is change my Freedombox FireWall settings. But everything seems to work, so I am guessing that I don;t need to.

Any ideas with how to test my setup are very welcome, as our any other comments you might have?

So here’s what I found:

  • yes, the NextCloud text, voice and video chat app called, Talk, does install the open source STUN/TURN server called Coturn onto the Raspberry Pi, as part of the installation of Talk. The following post helped me to locate the TURN server config file on my RPi3B/Freedombox (Raspbian Buster (with Freedombox install from the repos) set up and it provides settings for Matrix-Synapse : https://drwho.virtadpt.net/archive/2020-01-18/making-a-matrix-server-stun-enabled

  • as indicated in the above link, the config file for the Coturn STUN/TURN server on my setup is: sudo nano /etc/turnserver.conf (although I didn’t make any changes, but it was interesting to see the settings!);

  • I got the turn_shared_secret from the NextCloud, Talk settings page - this is required, see below;

  • and the config file for Matrix-Synapse is: `sudo nano /etc/matrix-synapse/homeserver.yaml

  • I made a copy of this before making any changes and I did need to refer back to it: sudo cp /etc/matrix-synapse/homeserver.yaml /etc/matrix-synapse/BACKUP-homeserver.yaml

  • the only changes I made are to the sections below, in CAPITALS:

    turn_allow_guests: TRUE
    turn_shared_secret: SHARED-SECRET-FOM-NEXTCLOUD-SETTINGS
    turn_uris: [ “turn:YOUR-DOMAIN-NAME:3478?transport=tcp”, “turn:YOUR-DOMAIN-NAME:3478?transport=udp” ]
    turn_user_lifetime: 1h
    url_preview_enabled: TRUE

Save and exit with Ctrl + X, then Y and Enter.

To reload matrix-synapse:

systemctl daemon-reload

Thanks for your help.

UPDATE:

After some testing I haven’t managed to get Coturn TURN server to work. I can make voice calls with Riot/Matrix from my Android phone to my Ubuntu laptop if both are on the same local network, but if I route my phone through a VPN then the call rings through to the laptop, but then doesn’t connect when answered. And the phone eventually automatically drops the call after a 20 secs or so. So it looks like the TURN server is not working. Also, when I test the TURN server with code at the following page it reports that the TURN server is not working! https://stackoverflow.com/questions/28772212/stun-turn-server-connectivity-test

So I’m a bit stuck. I have tried all sorts of changes to the configurations and followed a load of different tutorials. I guess I’ll pick this up on a Coturn/TURN forum.

1 Like

I tried opening up the Coturn TURN server ports in the Freedombox firewall (I have them port forwarded by my home router already), using following commands, but still no joy:

sudo firewall-cmd --permanent --add-port=3478/tcp
sudo firewall-cmd --permanent --add-port=3478/udp
sudo firewall-cmd --permanent --add-port=5349/udp
sudo firewall-cmd --permanent --add-port=5349/tcp

sudo firewall-cmd --reload

Info from Firewalld commands: https://www.liquidweb.com/kb/an-introduction-to-firewalld

You also need to specify the zone, see https://wiki.debian.org/FreedomBox/Manual/Firewall.

Thanks @jvalleroy. Do I understanding correctly from the guidance (reproduced below) that for Coturn I need to add the open ports to the external zone?

“There are primarily two firewall zones used. The internal zone is meant for services that are provided to all machines on the local network. This may include services such as streaming media and simple file sharing. The external zone is meant for services that are provided publicly on the Internet. This may include services such as blog, website, email web client etc.”

Yes, I think you want the external zone.

But I’ll admit, I don’t know exactly how TURN servers work.