Hi, could anyone help me with deployment? I have deployed OpenVidu on premises, I have only public IP, no domain name, so I generated self signed certificate and set the .env parameter to selfsigned, but how do I set the nginx in docker for this certificate?
Hi peyar!
If you set this parameter CERTIFICATE_TYPE, as selfsigned the nginx container will generate the certificate for you and you donāt need to create one or put any certificates anywhere.
So if youāre running OpenVidu CE, if I understand your deployment you only need to set this properties to run OpenVidu:
DOMAIN_OR_PUBLIC_IP=<YOUR_PUBLIC_IP>
OPENVIDU_SECRET=<YOUR_SECRET>
CERTIFICATE_TYPE=selfsigned
Thank You for the answer. However, the mentioned properties are set as You wrote, but on Win Firefox client I always get a notice about secure connaction failure with error PR_END_OF_FILE_ERROR. On other OS and other browsers there is another error, but always concerning secure connection failure. According to my search this may be caused by either missing certificate or port accessibility problems.
My environment is: OS ubuntu 16.04 xenial with older application running with apache, php, MariaDB (maybe this apache and nginx in docker port interference could be the problem?). docker and docker compose is installed and running, OpenVidu was deployed according to documentation and without errors, and it is running in docker container. ufw on ubuntu enabled and recommended ports allowed (I am not sure if all necessary ports, but I followed the documentation)
Can you try to open https://<your_public_ip>/openvidu and accept the certificate?
Also, please share your openvidu url so I can check the error by myself if it persits.
the `https://<your_public_ip>/openvidu is not accessible, no response, I can send You the public IP, I do not want to share it due to security reasons, because as I mentioned there is another application running on unsecure http on this server (port 80)
seems like there is no access to nginx in docker container at all, maybe I should check the apache settings?
It seems you have a problem with the NGINX included in OpenVidu. As is explained in the deployment instructions, 80 port should be available in the machine as NGINX uses it in case you want to use Letās Encrypt.
If you want to deploy your own application on the same server, please follow these instructions:
https://docs.openvidu.io/en/2.14.0/deployment/deploying-openvidu-apps/
Basically you have to use 5442 port in your own app so NGINX included in OpenVidu can redirect requests on port 80 to it.
Other possibility is to change HTTP_PORT in OpenVidu config to other port so you can use 80 for your app
Well, really it seems to be a problem or misconfiguration of my nginx in docker container. I have apache on my server serving tottaly different purpose and application. In apache I disabled ssl mod, I have set in .openvidu .env file parameter https_port to 5443, I have opened ufw for this port, restarted openvidu, which told me that the services of openvidu should be accessible at https://publicip:5443, but I still get same ssl certificate error in my browser. seems like thee is no access to nginx in docker at all? should be the nginx in docker also reconfigured to use port 5443?
and addtionally whe I restart the opnevidu, i can see a warning about configuring the proxy in front of openvidu
I have made another test in abuve mentioned configuration, when I stop openvidu, I cannot acces the page, when I restart openvidu, I have the SSL_ERROR_RX_RECORD_TOO_LONG message in FF (other error message in other browsers). So, according to the test, the nginx responds on the 5443 port, but the is some problem with ssl certificate or the is still some nginx port misconfiguration
Hi peyar. You canāt expose port 5443, it is used by openvidu container, can you try with another port? For example 5448?
Also to help you, we need more information about your config. Can you share with us your .env files and your nginx-logs?
To print nginx-logs you can execute:
docker-compose logs nginx
Also, be sure to not modify docker-compose.yml files, only modify .env files in your deployment
well, I have set port 5448, did not edited yml files, restarted openvidu and no response from the server on https (nor https root neither https dashboard url) (on http port there is still apache listening for another application).
my .env file - slightly shortened:
OpenVidu configuration
Domain name. If you do not have one, the public IP of the machine.
For example: 198.51.100.1, or openvidu.example.com
DOMAIN_OR_PUBLIC_IP=xxx.xxx.xx.xx
OpenVidu SECRET used for apps to connect to OpenVidu server and users to access to OpenVidu Dashboard
OPENVIDU_SECRET=xxxxxxxxxxxxx
Certificate type:
CERTIFICATE_TYPE=selfsigned
If CERTIFICATE_TYPE=letsencrypt, you need to configure a valid email for notifications
LETSENCRYPT_EMAIL=user@example.com
Proxy configuration
If you want to change the ports on which openvidu listens, uncomment the following lines
HTTP_PORT=80
Changes the port of all services exposed by OpenVidu.
SDKs, REST clients and browsers will have to connect to this port
HTTPS_PORT=5448
Access restrictions
In this section you will be able to restrict the IPs from which you can access to
Openvidu API and the Administration Panel
WARNING! If you touch this configuration you can lose access to the platform from some IPs.
Use it carefully.
This section limits access to the /dashboard (OpenVidu CE) and /inspector (OpenVidu Pro) pages.
The form for a single IP or an IP range is:
ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.1 and ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.0/24
To limit multiple IPs or IP ranges, separate by commas like this:
ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.1, 198.51.100.0/24
ALLOWED_ACCESS_TO_DASHBOARD=
This section limits access to the Openvidu REST API.
The form for a single IP or an IP range is:
ALLOWED_ACCESS_TO_RESTAPI=198.51.100.1 and ALLOWED_ACCESS_TO_RESTAPI=198.51.100.0/24
To limit multiple IPs or or IP ranges, separate by commas like this:
ALLOWED_ACCESS_TO_RESTAPI=198.51.100.1, 198.51.100.0/24
ALLOWED_ACCESS_TO_RESTAPI=
Whether to enable recording module or not
OPENVIDU_RECORDING=false
Openvidu Folder Record used for save the openvidu recording videos. Change it
with the folder you want to use from your host.
OPENVIDU_RECORDING_PATH=/opt/openvidu/recordings
System path where OpenVidu Server should look for custom recording layouts
OPENVIDU_RECORDING_CUSTOM_LAYOUT=/opt/openvidu/custom-layout
if true any client can connect to
https://OPENVIDU_SERVER_IP:OPENVIDU_PORT/recordings/any_session_file.mp4
and access any recorded video file. If false this path will be secured with
OPENVIDU_SECRET param just as OpenVidu Server dashboard at
https://OPENVIDU_SERVER_IP:OPENVIDU_PORT
Values: true | false
OPENVIDU_RECORDING_PUBLIC_ACCESS=false
Which users should receive the recording events in the client side
(recordingStarted, recordingStopped). Can be all (every user connected to
the session), publisher_moderator (users with role āPUBLISHERā or
āMODERATORā), moderator (only users with role āMODERATORā) or none
(no user will receive these events)
OPENVIDU_RECORDING_NOTIFICATION=publisher_moderator
Timeout in seconds for recordings to automatically stop (and the session involved to be closed)
when conditions are met: a session recording is started but no user is publishing to it or a session
is being recorded and last user disconnects. If a user publishes within the timeout in either case,
the automatic stop of the recording is cancelled
0 means no timeout
OPENVIDU_RECORDING_AUTOSTOP_TIMEOUT=120
Maximum video bandwidth sent from clients to OpenVidu Server, in kbps.
0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MAX_RECV_BANDWIDTH=1000
Minimum video bandwidth sent from clients to OpenVidu Server, in kbps.
0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MIN_RECV_BANDWIDTH=300
Maximum video bandwidth sent from OpenVidu Server to clients, in kbps.
0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MAX_SEND_BANDWIDTH=1000
Minimum video bandwidth sent from OpenVidu Server to clients, in kbps.
0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MIN_SEND_BANDWIDTH=300
true to enable OpenVidu Webhook service. falseā otherwise
Values: true | false
OPENVIDU_WEBHOOK=false
HTTP endpoint where OpenVidu Server will send Webhook HTTP POST messages
Must be a valid URL: http(s)://ENDPOINT
#OPENVIDU_WEBHOOK_ENDPOINT=
List of headers that OpenVidu Webhook service will attach to HTTP POST messages
#OPENVIDU_WEBHOOK_HEADERS=
List of events that will be sent by OpenVidu Webhook service
Leave blank if all events.
OPENVIDU_WEBHOOK_EVENTS=[sessionCreated,sessionDestroyed,participantJoined,participantLeft,webrtcConnectionCreated,webrtcConnectionDestroyed,recordingStatusChanged,filterEventDispatched,mediaNodeStatusChanged]
How often the garbage collector of non active sessions runs.
This helps cleaning up sessions that have been initialized through
REST API (and maybe tokens have been created for them) but have had no users connected.
Default to 900s (15 mins). 0 to disable non active sessions garbage collector
OPENVIDU_SESSIONS_GARBAGE_INTERVAL=900
Minimum time in seconds that a non active session must have been in existence
for the garbage collector of non active sessions to remove it. Default to 3600s (1 hour).
If non active sessions garbage collector is disabled
(property āOPENVIDU_SESSIONS_GARBAGE_INTERVALā to 0) this property is ignored
OPENVIDU_SESSIONS_GARBAGE_THRESHOLD=3600
Call Detail Record enabled
Whether to enable Call Detail Record or not
Values: true | false
OPENVIDU_CDR=false
Path where the cdr log files are hosted
OPENVIDU_CDR_PATH=/opt/openvidu/cdr
Kurento Media Server image
--------------------------
Docker hub kurento media server: https://hub.docker.com/r/kurento/kurento-media-server-dev
Uncomment the next line and define this variable with KMS image that you want use
KMS_IMAGE=kurento/kurento-media-server-dev:6.13
Kurento Media Server Level logs
-------------------------------
Uncomment the next line and define this variable to change
the verbosity level of the logs of KMS
KMS_DEBUG_LEVEL=3,Kurento*:4,kms*:4,sdp*:4,webrtc*:4,rtpendpoint:4,rtphandler:4,rtpsynchronizer:4,agnosticbin:4
Openvidu Server Level logs
--------------------------
Uncomment the next line and define this variable to change
the verbosity level of the logs of Openvidu Service
RECOMENDED VALUES: INFO for normal logs DEBUG for more verbose logs
OV_CE_DEBUG_LEVEL=INFO
Java Options
--------------------------
Uncomment the next line and define this to add
options to java command
JAVA_OPTIONS=-Xms2048m -Xmx4096m -Duser.timezone=UTC
and my nginx logs
Attaching to openvidu_nginx_1
nginx_1 | 2020/06/22 16:38:58 [emerg] 7#7: listen() to 0.0.0.0:80, backlog 511 failed (98: Address in use)
nginx_1 | nginx: [emerg] listen() to 0.0.0.0:80, backlog 511 failed (98: Address in use)
nginx_1 | 2020/06/22 16:38:58 [emerg] 7#7: listen() to 0.0.0.0:80, backlog 511 failed (98: Address in use)
nginx_1 | nginx: [emerg] listen() to 0.0.0.0:80, backlog 511 failed (98: Address in use)
nginx_1 | 2020/06/22 16:38:58 [emerg] 7#7: listen() to 0.0.0.0:80, backlog 511 failed (98: Address in use)
nginx_1 | nginx: [emerg] listen() to 0.0.0.0:80, backlog 511 failed (98: Address in use)
nginx_1 | 2020/06/22 16:38:58 [emerg] 7#7: listen() to 0.0.0.0:80, backlog 511 failed (98: Address in use)
nginx_1 | nginx: [emerg] listen() to 0.0.0.0:80, backlog 511 failed (98: Address in use)
nginx_1 | 2020/06/22 16:38:58 [emerg] 7#7: listen() to 0.0.0.0:80, backlog 511 failed (98: Address in use)
nginx_1 | nginx: [emerg] listen() to 0.0.0.0:80, backlog 511 failed (98: Address in use)
nginx_1 | 2020/06/22 16:38:58 [emerg] 7#7: still could not bind()
nginx_1 | nginx: [emerg] still could not bind()
nginx_1 |
nginx_1 | =======================================
nginx_1 | = INPUT VARIABLES =
nginx_1 | =======================================
nginx_1 |
nginx_1 | Config NGINX:
nginx_1 | - Http Port: 80
nginx_1 | - Https Port: 5448
nginx_1 | - Allowed Access in Openvidu Dashboard: all
nginx_1 | - Allowed Access in Openvidu API: all
nginx_1 |
nginx_1 | Config Openvidu Application:
nginx_1 | - Domain name: xxx.xxx.xx.xx
nginx_1 | - Certificated: selfsigned
nginx_1 | - Letsencrypt Email: user@example.com
nginx_1 | - Openvidu Application: true
nginx_1 | - Openvidu Application Type: CE
nginx_1 |
nginx_1 | =======================================
nginx_1 | = CONFIGURATION NGINX =
nginx_1 | =======================================
nginx_1 |
nginx_1 | Configure xxx.xxx.xxx.xxx domainā¦
nginx_1 | - New configuration: selfsigned
nginx_1 | - Old configuration: selfsigned
nginx_1 | - Selfsigned certificate already exists, using themā¦
nginx_1 |
nginx_1 | =======================================
nginx_1 | = ALLOWED ACCESS =
nginx_1 | =======================================
nginx_1 |
nginx_1 | Adding rulesā¦
nginx_1 |
nginx_1 | Finish Rules:
nginx_1 | Openvidu Dashboard:
nginx_1 | - allow all;
nginx_1 | Openvidu API:
nginx_1 | - allow all;
nginx_1 |
nginx_1 | =======================================
nginx_1 | = START OPENVIDU PROXY =
nginx_1 | =======================================
nginx_1 |
nginx_1 | 2020/06/22 16:39:00 [warn] 53#53: āssl_staplingā ignored, no OCSP responder URL in the certificate ā/etc/letsencrypt/live/xxx.xxx.xxx.xxx/fullchain.pemā
nginx_1 | nginx: [warn] āssl_staplingā ignored, no OCSP responder URL in the certificate ā/etc/letsencrypt/live/xxx.xxx.xxx.xxx/fullchain.pemā
nginx_1 | 2020/06/22 16:39:00 [notice] 53#53: signal process started
nginx_1 | 2020/06/22 16:39:00 [error] 53#53: open() ā/var/run/nginx.pidā failed (2: No such file or directory)
nginx_1 | nginx: [error] open() ā/var/run/nginx.pidā failed (2: No such file or directory)
nginx_1 | ==> /var/log/nginx/access.log <==
Please, use markdown format to share logs and configuration files. Thatās impossible to read or useā¦ Donāt paste it directly because it appears with comments as headers.
I apologize, hope this is better
# OpenVidu configuration
# ----------------------
# NOTE: This file doesnāt need to quote assignment values, like most shells do.
# All values are stored as-is, even if they contain spaces, so donāt quote them.
# Domain name. If you do not have one, the public IP of the machine.
# For example: 198.51.100.1, or
DOMAIN_OR_PUBLIC_IP=xxx.xxx.xx.xx
# OpenVidu SECRET used for apps to connect to OpenVidu server and users to access to OpenVidu Dashboard
OPENVIDU_SECRET=xxxxxxxxxxxxx
# Certificate type:
# - selfsigned: Self signed certificate. Not recommended for production use.
# Users will see an ERROR when connected to web page.
# - owncert: Valid certificate purchased in a Internet services company.
# Please put the certificates files inside folder ./owncert
# with names certificate.key and certificate.cert
# - letsencrypt: Generate a new certificate using letsencrypt. Please set the
# required contact email for Letās Encrypt in LETSENCRYPT_EMAIL
# variable.
CERTIFICATE_TYPE=selfsigned
# If CERTIFICATE_TYPE=letsencrypt, you need to configure a valid email for notifications
LETSENCRYPT_EMAIL=user@example.com
# Proxy configuration
# If you want to change the ports on which openvidu listens, uncomment the following lines
# Allows any request to http://DOMAIN_OR_PUBLIC_IP:HTTP_PORT/ to be automatically
# redirected to https://DOMAIN_OR_PUBLIC_IP:HTTPS_PORT/.
# WARNING: the default port 80 cannot be changed during the first boot
# if you have chosen to deploy with the option CERTIFICATE_TYPE=letsencrypt
# HTTP_PORT=80
# Changes the port of all services exposed by OpenVidu.
# SDKs, REST clients and browsers will have to connect to this port
HTTPS_PORT=5448
# Access restrictions
# In this section you will be able to restrict the IPs from which you can access to
# Openvidu API and the Administration Panel
# WARNING! If you touch this configuration you can lose access to the platform from some IPs.
# Use it carefully.
# This section limits access to the /dashboard (OpenVidu CE) and /inspector (OpenVidu Pro) pages.
# The form for a single IP or an IP range is:
# ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.1 and ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.0/24
# To limit multiple IPs or IP ranges, separate by commas like this:
# ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.1, 198.51.100.0/24
# ALLOWED_ACCESS_TO_DASHBOARD=
# This section limits access to the Openvidu REST API.
# The form for a single IP or an IP range is:
# ALLOWED_ACCESS_TO_RESTAPI=198.51.100.1 and ALLOWED_ACCESS_TO_RESTAPI=198.51.100.0/24
# To limit multiple IPs or or IP ranges, separate by commas like this:
# ALLOWED_ACCESS_TO_RESTAPI=198.51.100.1, 198.51.100.0/24
# ALLOWED_ACCESS_TO_RESTAPI=
# Whether to enable recording module or not
OPENVIDU_RECORDING=false
# Openvidu Folder Record used for save the openvidu recording videos. Change it
# with the folder you want to use from your host.
OPENVIDU_RECORDING_PATH=/opt/openvidu/recordings
# System path where OpenVidu Server should look for custom recording layouts
OPENVIDU_RECORDING_CUSTOM_LAYOUT=/opt/openvidu/custom-layout
# if true any client can connect to
# https://OPENVIDU_SERVER_IP:OPENVIDU_PORT/recordings/any_session_file.mp4
# and access any recorded video file. If false this path will be secured with
# OPENVIDU_SECRET param just as OpenVidu Server dashboard at
# https://OPENVIDU_SERVER_IP:OPENVIDU_PORT
# Values: true | false
OPENVIDU_RECORDING_PUBLIC_ACCESS=false
# Which users should receive the recording events in the client side
# (recordingStarted, recordingStopped). Can be all (every user connected to
# the session), publisher_moderator (users with role āPUBLISHERā or
# āMODERATORā), moderator (only users with role āMODERATORā) or none
# (no user will receive these events)
OPENVIDU_RECORDING_NOTIFICATION=publisher_moderator
# Timeout in seconds for recordings to automatically stop (and the session involved to be closed)
# when conditions are met: a session recording is started but no user is publishing to it or a session
# is being recorded and last user disconnects. If a user publishes within the timeout in either case,
# the automatic stop of the recording is cancelled
# 0 means no timeout
OPENVIDU_RECORDING_AUTOSTOP_TIMEOUT=120
# Maximum video bandwidth sent from clients to OpenVidu Server, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MAX_RECV_BANDWIDTH=1000
# Minimum video bandwidth sent from clients to OpenVidu Server, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MIN_RECV_BANDWIDTH=300
# Maximum video bandwidth sent from OpenVidu Server to clients, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MAX_SEND_BANDWIDTH=1000
# Minimum video bandwidth sent from OpenVidu Server to clients, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MIN_SEND_BANDWIDTH=300
# true to enable OpenVidu Webhook service. falseā otherwise
# Values: true | false
OPENVIDU_WEBHOOK=false
# HTTP endpoint where OpenVidu Server will send Webhook HTTP POST messages
# Must be a valid URL: http(s)://ENDPOINT
#OPENVIDU_WEBHOOK_ENDPOINT=
# List of headers that OpenVidu Webhook service will attach to HTTP POST messages
#OPENVIDU_WEBHOOK_HEADERS=
# List of events that will be sent by OpenVidu Webhook service
# Leave blank if all events.
OPENVIDU_WEBHOOK_EVENTS=[sessionCreated,sessionDestroyed,participantJoined,participantLeft,webrtcConnectionCreated,webrtcConnectionDestroyed,recordingStatusChanged,filterEventDispatched,mediaNodeStatusChanged]
# How often the garbage collector of non active sessions runs.
# This helps cleaning up sessions that have been initialized through
# REST API (and maybe tokens have been created for them) but have had no users connected.
# Default to 900s (15 mins). 0 to disable non active sessions garbage collector
OPENVIDU_SESSIONS_GARBAGE_INTERVAL=900
# Minimum time in seconds that a non active session must have been in existence
# for the garbage collector of non active sessions to remove it. Default to 3600s (1 hour).
# If non active sessions garbage collector is disabled
# (property āOPENVIDU_SESSIONS_GARBAGE_INTERVALā to 0) this property is ignored
OPENVIDU_SESSIONS_GARBAGE_THRESHOLD=3600
# Call Detail Record enabled
# Whether to enable Call Detail Record or not
# Values: true | false
OPENVIDU_CDR=false
# Path where the cdr log files are hosted
OPENVIDU_CDR_PATH=/opt/openvidu/cdr
# Kurento Media Server image
# --------------------------
# Docker hub kurento media server:
# Uncomment the next line and define this variable with KMS image that you want use
# KMS_IMAGE=kurento/kurento-media-server-dev:6.13
# Kurento Media Server Level logs
# -------------------------------
# Uncomment the next line and define this variable to change
# the verbosity level of the logs of KMS
# Documentation:
# KMS_DEBUG_LEVEL=3,Kurento*:4,kms*:4,sdp*:4,webrtc*:4,rtpendpoint:4,rtphandler:4,rtpsynchronizer:4,agnosticbin:4
# Openvidu Server Level logs
# --------------------------
# Uncomment the next line and define this variable to change
# the verbosity level of the logs of Openvidu Service
# RECOMENDED VALUES: INFO for normal logs DEBUG for more verbose logs
# OV_CE_DEBUG_LEVEL=INFO
# Java Options
# --------------------------
# Uncomment the next line and define this to add
# options to java command
# JAVA_OPTIONS=-Xms2048m -Xmx4096m -Duser.timezone=UTC
and after openvidu restart:
Stopping openvidu_app_1 ā¦ done
Stopping openvidu_coturn_1 ā¦ done
Stopping openvidu_kms_1 ā¦ done
Stopping openvidu_openvidu-server_1 ā¦ done
Stopping openvidu_redis_1 ā¦ done
Stopping openvidu_nginx_1 ā¦ done
Removing openvidu_app_1 ā¦ done
Removing openvidu_coturn_1 ā¦ done
Removing openvidu_kms_1 ā¦ done
Removing openvidu_openvidu-server_1 ā¦ done
Removing openvidu_redis_1 ā¦ done
Removing openvidu_nginx_1 ā¦ done
Removing network openvidu_default
Creating network āopenvidu_defaultā with the default driver
Creating openvidu_redis_1 ā¦ done
Creating openvidu_nginx_1 ā¦ done
Creating openvidu_app_1 ā¦ done
Creating openvidu_openvidu-server_1 ā¦ done
Creating openvidu_kms_1 ā¦ done
Creating openvidu_coturn_1 ā¦ done
Attaching to openvidu_openvidu-server_1
openvidu-server_1 |
openvidu-server_1 |
openvidu-server_1 | =======================================
openvidu-server_1 | = LAUNCH OPENVIDU-SERVER =
openvidu-server_1 | =======================================
openvidu-server_1 |
openvidu-server_1 | ______________________________________________
openvidu-server_1 | ____ __ ___ _
openvidu-server_1 | / __ \ \ \ / () | |
openvidu-server_1 | | | | | __ ___ _ \ \ / / _ | | _
openvidu-server_1 | | | | | ā \ / _ \ ā \ / / | |/ ` | | | |
openvidu-server_1 | | |__| | |) | / | | \ / | | (| | || |
openvidu-server_1 | _/| ./ __|| ||/ ||_,|_,|
openvidu-server_1 | | |
openvidu-server_1 | || version 2.14.0
openvidu-server_1 | ______________________________________________
openvidu-server_1 |
openvidu-server_1 | [INFO] 2020-06-22 21:04:18,981 [main] io.openvidu.server.OpenViduServer - Starting OpenViduServer on peyarTC with PID 19 (/openvidu-server.jar started by root in /)
openvidu-server_1 | [INFO] 2020-06-22 21:04:18,984 [main] io.openvidu.server.OpenViduServer - No active profile set, falling back to default profiles: default
openvidu-server_1 | [ERROR] 2020-06-22 21:04:19,131 [main] io.openvidu.server.config.OpenviduConfig - .env file not found at /./.env
openvidu-server_1 | [INFO] 2020-06-22 21:04:19,218 [main] io.openvidu.server.OpenViduServer - Started OpenViduServer in 1.019 seconds (JVM running for 1.419)
openvidu-server_1 | [INFO] 2020-06-22 21:04:19,221 [main] io.openvidu.server.OpenViduServer -
openvidu-server_1 |
openvidu-server_1 |
openvidu-server_1 | Configuration properties
openvidu-server_1 | ------------------------
openvidu-server_1 |
openvidu-server_1 | * CERTIFICATE_TYPE=selfsigned
openvidu-server_1 | * DOMAIN_OR_PUBLIC_IP=xx.xx.xx.xx
openvidu-server_1 | * HTTPS_PORT=443
openvidu-server_1 | * KMS_URIS=[āws://localhost:8888/kurentoā]
openvidu-server_1 | * OPENVIDU_CDR=false
openvidu-server_1 | * OPENVIDU_CDR_PATH=/opt/openvidu/cdr
openvidu-server_1 | * OPENVIDU_RECORDING=false
openvidu-server_1 | * OPENVIDU_RECORDING_AUTOSTOP_TIMEOUT=120
openvidu-server_1 | * OPENVIDU_RECORDING_COMPOSED_URL=
openvidu-server_1 | * OPENVIDU_RECORDING_CUSTOM_LAYOUT=/opt/openvidu/custom-layout
openvidu-server_1 | * OPENVIDU_RECORDING_NOTIFICATION=publisher_moderator
openvidu-server_1 | * OPENVIDU_RECORDING_PATH=/opt/openvidu/recordings
openvidu-server_1 | * OPENVIDU_RECORDING_PUBLIC_ACCESS=false
openvidu-server_1 | * OPENVIDU_RECORDING_VERSION=2.9.0
openvidu-server_1 | * OPENVIDU_SECRET=xxxxxxxxx
openvidu-server_1 | * OPENVIDU_SESSIONS_GARBAGE_INTERVAL=900
openvidu-server_1 | * OPENVIDU_SESSIONS_GARBAGE_THRESHOLD=3600
openvidu-server_1 | * OPENVIDU_STREAMS_VIDEO_MAX_RECV_BANDWIDTH=1000
openvidu-server_1 | * OPENVIDU_STREAMS_VIDEO_MAX_SEND_BANDWIDTH=1000
openvidu-server_1 | * OPENVIDU_STREAMS_VIDEO_MIN_RECV_BANDWIDTH=300
openvidu-server_1 | * OPENVIDU_STREAMS_VIDEO_MIN_SEND_BANDWIDTH=300
openvidu-server_1 | * OPENVIDU_WEBHOOK=false
openvidu-server_1 | * OPENVIDU_WEBHOOK_ENDPOINT=
openvidu-server_1 | * OPENVIDU_WEBHOOK_EVENTS=[sessionCreated,sessionDestroyed,participantJoined,participantLeft,webrtcConnectionCreated,webrtcConnectionDestroyed,recordingStatusChanged,filterEventDispatched,mediaNodeStatusChanged]
openvidu-server_1 | * OPENVIDU_WEBHOOK_HEADERS=[]
openvidu-server_1 |
openvidu-server_1 |
openvidu-server_1 |
openvidu-server_1 | [WARN] 2020-06-22 21:04:19,225 [main] io.openvidu.server.OpenViduServer - You have set property server.port (or SERVER_PORT). This will serve OpenVidu Server on your host at port 5443. But property HTTPS_PORT (443) still configures the port that should be used to connect to OpenVidu Server from outside. Bear this in mind when configuring a proxy in front of OpenVidu Server
openvidu-server_1 | [INFO] 2020-06-22 21:04:19,225 [main] io.openvidu.server.OpenViduServer - Using /dev/urandom for secure random generation
openvidu-server_1 | [INFO] 2020-06-22 21:04:19,297 [main] io.openvidu.server.OpenViduServer - Starting OpenViduServer on peyarTC with PID 19 (/openvidu-server.jar started by root in /)
openvidu-server_1 | [INFO] 2020-06-22 21:04:19,297 [main] io.openvidu.server.OpenViduServer - No active profile set, falling back to default profiles: default
openvidu-server_1 | [ERROR] 2020-06-22 21:04:20,087 [main] io.openvidu.server.config.OpenviduConfig - .env file not found at /./.env
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,299 [main] org.springframework.boot.web.embedded.tomcat.TomcatWebServer - Tomcat initialized with port(s): 5443 (http)
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,310 [main] org.apache.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler [āhttp-nio-0.0.0.0-5443ā]
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,311 [main] org.apache.catalina.core.StandardService - Starting service [Tomcat]
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,311 [main] org.apache.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.30]
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,368 [main] org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/] - Initializing Spring embedded WebApplicationContext
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,369 [main] org.springframework.web.context.ContextLoader - Root WebApplicationContext: initialization completed in 1042 ms
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,659 [main] io.openvidu.server.OpenViduServer - OpenVidu CDR service is disabled (may be enable with āOPENVIDU_CDR=trueā)
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,659 [main] io.openvidu.server.OpenViduServer - OpenVidu Webhook service is disabled (may be enabled with āOPENVIDU_WEBHOOK=trueā)
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,673 [main] io.openvidu.server.OpenViduServer - OpenVidu Server using one KMS: ws://localhost:8888/kurento
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,696 [rbeatExec-e1-t0] org.kurento.jsonrpc.client.JsonRpcClientNettyWebSocket - [KurentoClient] Connecting native client
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,696 [rbeatExec-e1-t0] org.kurento.jsonrpc.client.JsonRpcClientNettyWebSocket - [KurentoClient] Creating new NioEventLoopGroup
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,810 [ntLoopGroup-2-1] org.kurento.jsonrpc.client.JsonRpcClientNettyWebSocket - [KurentoClient] Initiating new Netty channel. Will create new handler too!
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,915 [EventExec-e2-t0] io.openvidu.server.kurento.kms.KmsManager - Kurento Client āconnectedā event for KMS ws://localhost:8888/kurento [org.kurento.client.KurentoClient@387ebcfb]
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,917 [main] io.openvidu.server.recording.service.RecordingManager - OpenVidu recording service is disabled
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,933 [main] io.openvidu.server.coturn.CoturnCredentialsService - COTURN IP: xx.xx.xx.xx
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,933 [main] io.openvidu.server.coturn.CoturnCredentialsService - COTURN Redis DB accessible with string āip=127.0.0.1 dbname=0 password=turn connect_timeout=30ā
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,933 [main] io.openvidu.server.coturn.CoturnCredentialsService - Cleaning COTURN DBā¦
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,933 [main] io.openvidu.server.coturn.CoturnCredentialsService - Path of COTURN log files: /var/log/
openvidu-server_1 | [ERROR] 2020-06-22 21:04:20,935 [main] io.openvidu.server.coturn.CoturnCredentialsService - COTURN DB is not empty
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,935 [main] io.openvidu.server.coturn.CoturnCredentialsService - Using COTURN credentials service for BASH environment
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,943 [main] io.openvidu.server.core.SessionManager - Garbage collector for non active sessions initialized. Running every 900 seconds and cleaning up non active Sessions more than 3600 seconds old
openvidu-server_1 | [INFO] 2020-06-22 21:04:20,974 [main] org.springframework.scheduling.concurrent.ThreadPoolTaskScheduler - Initializing ExecutorService ājsonrpcTaskSchedulerā
openvidu-server_1 | [INFO] 2020-06-22 21:04:21,124 [main] org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor - Initializing ExecutorService āapplicationTaskExecutorā
openvidu-server_1 | [INFO] 2020-06-22 21:04:21,227 [main] org.springframework.boot.autoconfigure.web.servlet.WelcomePageHandlerMapping - Adding welcome page: class path resource [static/index.html]
openvidu-server_1 | [INFO] 2020-06-22 21:04:21,417 [main] org.springframework.security.web.DefaultSecurityFilterChain - Creating filter chain: any request, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@34f7cfd9, org.springframework.security.web.context.SecurityContextPersistenceFilter@3541cb24, org.springframework.security.web.header.HeaderWriterFilter@5136d012, org.springframework.web.filter.CorsFilter@661972b0, org.springframework.security.web.authentication.logout.LogoutFilter@55b53d44, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@10959ece, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@40cb8df7, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@355ce81c, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@65f095f8, org.springframework.security.web.session.SessionManagementFilter@e1de817, org.springframework.security.web.access.ExceptionTranslationFilter@306cf3ea, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@49dc7102]
openvidu-server_1 | [INFO] 2020-06-22 21:04:21,454 [main] org.apache.coyote.http11.Http11NioProtocol - Starting ProtocolHandler [āhttp-nio-0.0.0.0-5443ā]
openvidu-server_1 | [INFO] 2020-06-22 21:04:21,478 [main] org.springframework.boot.web.embedded.tomcat.TomcatWebServer - Tomcat started on port(s): 5443 (http) with context path āā
openvidu-server_1 | [INFO] 2020-06-22 21:04:21,479 [main] io.openvidu.server.OpenViduServer - Started OpenViduServer in 2.24 seconds (JVM running for 3.68)
openvidu-server_1 | [INFO] 2020-06-22 21:04:21,480 [main] io.openvidu.server.OpenViduServer -
openvidu-server_1 |
openvidu-server_1 | ----------------------------------------------------
openvidu-server_1 |
openvidu-server_1 | OpenVidu is ready!
openvidu-server_1 | ---------------------------
openvidu-server_1 |
openvidu-server_1 | * OpenVidu Server: https://xx.xx.xx.xx/
openvidu-server_1 |
openvidu-server_1 | * OpenVidu Dashboard: https://xx.xx.xx.xx/dashboard/
openvidu-server_1 |
openvidu-server_1 | ----------------------------------------------------
openvidu-server_1 |
this last log is after disabling https port .env setting, leaving default 443
Iāve tried your same configuration and youāre right. Iāve launched another nginx instance using port 80, and then OpenVidu nginx canāt start. I managed to make it work by using a random HTTP_PORT value in .env file. In this way you can override the port 80 default value. You can do this in your .env file for example:
# OpenVidu configuration
# ----------------------
# NOTE: This file doesnāt need to quote assignment values, like most shells do.
# All values are stored as-is, even if they contain spaces, so donāt quote them.
# Domain name. If you do not have one, the public IP of the machine.
# For example: 198.51.100.1, or
DOMAIN_OR_PUBLIC_IP=xxx.xxx.xx.xx
# OpenVidu SECRET used for apps to connect to OpenVidu server and users to access to OpenVidu Dashboard
OPENVIDU_SECRET=xxxxxxxxxxxxx
# Certificate type:
# - selfsigned: Self signed certificate. Not recommended for production use.
# Users will see an ERROR when connected to web page.
# - owncert: Valid certificate purchased in a Internet services company.
# Please put the certificates files inside folder ./owncert
# with names certificate.key and certificate.cert
# - letsencrypt: Generate a new certificate using letsencrypt. Please set the
# required contact email for Letās Encrypt in LETSENCRYPT_EMAIL
# variable.
CERTIFICATE_TYPE=selfsigned
# If CERTIFICATE_TYPE=letsencrypt, you need to configure a valid email for notifications
LETSENCRYPT_EMAIL=user@example.com
# Proxy configuration
# If you want to change the ports on which openvidu listens, uncomment the following lines
# Allows any request to http://DOMAIN_OR_PUBLIC_IP:HTTP_PORT/ to be automatically
# redirected to https://DOMAIN_OR_PUBLIC_IP:HTTPS_PORT/.
# WARNING: the default port 80 cannot be changed during the first boot
# if you have chosen to deploy with the option CERTIFICATE_TYPE=letsencrypt
HTTP_PORT=5678 # <--- You can use anyone you want, but not 80
# Changes the port of all services exposed by OpenVidu.
# SDKs, REST clients and browsers will have to connect to this port
# HTTPS_PORT=
# Access restrictions
# In this section you will be able to restrict the IPs from which you can access to
# Openvidu API and the Administration Panel
# WARNING! If you touch this configuration you can lose access to the platform from some IPs.
# Use it carefully.
# This section limits access to the /dashboard (OpenVidu CE) and /inspector (OpenVidu Pro) pages.
# The form for a single IP or an IP range is:
# ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.1 and ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.0/24
# To limit multiple IPs or IP ranges, separate by commas like this:
# ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.1, 198.51.100.0/24
# ALLOWED_ACCESS_TO_DASHBOARD=
# This section limits access to the Openvidu REST API.
# The form for a single IP or an IP range is:
# ALLOWED_ACCESS_TO_RESTAPI=198.51.100.1 and ALLOWED_ACCESS_TO_RESTAPI=198.51.100.0/24
# To limit multiple IPs or or IP ranges, separate by commas like this:
# ALLOWED_ACCESS_TO_RESTAPI=198.51.100.1, 198.51.100.0/24
# ALLOWED_ACCESS_TO_RESTAPI=
# Whether to enable recording module or not
OPENVIDU_RECORDING=false
# Openvidu Folder Record used for save the openvidu recording videos. Change it
# with the folder you want to use from your host.
OPENVIDU_RECORDING_PATH=/opt/openvidu/recordings
# System path where OpenVidu Server should look for custom recording layouts
OPENVIDU_RECORDING_CUSTOM_LAYOUT=/opt/openvidu/custom-layout
# if true any client can connect to
# https://OPENVIDU_SERVER_IP:OPENVIDU_PORT/recordings/any_session_file.mp4
# and access any recorded video file. If false this path will be secured with
# OPENVIDU_SECRET param just as OpenVidu Server dashboard at
# https://OPENVIDU_SERVER_IP:OPENVIDU_PORT
# Values: true | false
OPENVIDU_RECORDING_PUBLIC_ACCESS=false
# Which users should receive the recording events in the client side
# (recordingStarted, recordingStopped). Can be all (every user connected to
# the session), publisher_moderator (users with role āPUBLISHERā or
# āMODERATORā), moderator (only users with role āMODERATORā) or none
# (no user will receive these events)
OPENVIDU_RECORDING_NOTIFICATION=publisher_moderator
# Timeout in seconds for recordings to automatically stop (and the session involved to be closed)
# when conditions are met: a session recording is started but no user is publishing to it or a session
# is being recorded and last user disconnects. If a user publishes within the timeout in either case,
# the automatic stop of the recording is cancelled
# 0 means no timeout
OPENVIDU_RECORDING_AUTOSTOP_TIMEOUT=120
# Maximum video bandwidth sent from clients to OpenVidu Server, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MAX_RECV_BANDWIDTH=1000
# Minimum video bandwidth sent from clients to OpenVidu Server, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MIN_RECV_BANDWIDTH=300
# Maximum video bandwidth sent from OpenVidu Server to clients, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MAX_SEND_BANDWIDTH=1000
# Minimum video bandwidth sent from OpenVidu Server to clients, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MIN_SEND_BANDWIDTH=300
# true to enable OpenVidu Webhook service. falseā otherwise
# Values: true | false
OPENVIDU_WEBHOOK=false
# HTTP endpoint where OpenVidu Server will send Webhook HTTP POST messages
# Must be a valid URL: http(s)://ENDPOINT
#OPENVIDU_WEBHOOK_ENDPOINT=
# List of headers that OpenVidu Webhook service will attach to HTTP POST messages
#OPENVIDU_WEBHOOK_HEADERS=
# List of events that will be sent by OpenVidu Webhook service
# Leave blank if all events.
OPENVIDU_WEBHOOK_EVENTS=[sessionCreated,sessionDestroyed,participantJoined,participantLeft,webrtcConnectionCreated,webrtcConnectionDestroyed,recordingStatusChanged,filterEventDispatched,mediaNodeStatusChanged]
# How often the garbage collector of non active sessions runs.
# This helps cleaning up sessions that have been initialized through
# REST API (and maybe tokens have been created for them) but have had no users connected.
# Default to 900s (15 mins). 0 to disable non active sessions garbage collector
OPENVIDU_SESSIONS_GARBAGE_INTERVAL=900
# Minimum time in seconds that a non active session must have been in existence
# for the garbage collector of non active sessions to remove it. Default to 3600s (1 hour).
# If non active sessions garbage collector is disabled
# (property āOPENVIDU_SESSIONS_GARBAGE_INTERVALā to 0) this property is ignored
OPENVIDU_SESSIONS_GARBAGE_THRESHOLD=3600
# Call Detail Record enabled
# Whether to enable Call Detail Record or not
# Values: true | false
OPENVIDU_CDR=false
# Path where the cdr log files are hosted
OPENVIDU_CDR_PATH=/opt/openvidu/cdr
# Kurento Media Server image
# --------------------------
# Docker hub kurento media server:
# Uncomment the next line and define this variable with KMS image that you want use
# KMS_IMAGE=kurento/kurento-media-server-dev:6.13
# Kurento Media Server Level logs
# -------------------------------
# Uncomment the next line and define this variable to change
# the verbosity level of the logs of KMS
# Documentation:
# KMS_DEBUG_LEVEL=3,Kurento*:4,kms*:4,sdp*:4,webrtc*:4,rtpendpoint:4,rtphandler:4,rtpsynchronizer:4,agnosticbin:4
# Openvidu Server Level logs
# --------------------------
# Uncomment the next line and define this variable to change
# the verbosity level of the logs of Openvidu Service
# RECOMENDED VALUES: INFO for normal logs DEBUG for more verbose logs
# OV_CE_DEBUG_LEVEL=INFO
# Java Options
# --------------------------
# Uncomment the next line and define this to add
# options to java command
# JAVA_OPTIONS=-Xms2048m -Xmx4096m -Duser.timezone=UTC
Keep in mind that requests to port 80 will not redirect to https OpenVidu Server if you use this configuration. Also if you will use Letās encrypt in the future, it will not work because it needs to have port 80 available.
Regards,
Carlos
Thank You very much for Your time spent with my question, Iāve tried to set another http port and it works. You saved me many hours trying to find out what is happening. And thanks for prompt responses.
Jaroslav Petras (peyar)
1 Like