nextcloud

Enable Spreed.ME in Nextcloud

© 2016, c-rieger.deEnable and configure Spreed.Me in Nextcloud 10.1 running on Raspberry PI3 or oDroid C2 based on Ubuntu 16.04.x LTS, nginx 1.11.5, mariaDB 10.0.27 and PHP 7.0.12.

First switch the current user to root and add the Spreed.ME repository to your server:

sudo -s
apt-add-repository ppa:strukturag/spreed-webrtc

Update your system and install spreed-webrtc:

apt-get update
sudo apt-get install spreed-webrtc

Change the current directory to Nextcloud’s app-folder:

cd /var/www/nextcloud/apps

Download the Spreed.ME app, unzip the package, rename it to spreedme and remove the master.zip:

wget https://github.com/strukturag/nextcloud-spreedme/archive/master.zip
unzip master.zip
mv nextcloud-spreedme-master spreedme
rm master.zip

Logon to your Nextcloud as Administrator and activate Spreed.Me in the App-Menu:

© 2016, c-rieger.de

Then generate your webrtc configuration directly from administration page -> additional settings:

© 2016, c-rieger.de

Copy and paste (substitute) the generated configuration information from Nextcloud into the file “/etc/spreed/webrtc.conf” and in addition add “stunURIs = stun:stun.spreed.me:443” in the [app]-section:

vi /etc/spreed/webrtc.conf
[http]
...
listen = 127.0.0.1:8080
...
basePath = /webrtc/
...
[https]
...
[app]
...
sessionSecret = a9d7cb27b8007f72c407d21e6b86ce7247be469967c1808b3212c54fea3620bb
...
encryptionSecret = 194fe31f33498cdf8cbae57a99e86a3235a6016081cf781d68a67422cf228617
...
authorizeRoomJoin = true
...
serverToken = 1aa9a9996a9bec802480b9a7aa0c90203787c7d112a43d3e274f1fb6ceecbcbc
...
serverRealm = local
...
extra = /var/www/nextcloud/apps/spreedme/extra
...
plugin = extra/static/owncloud.js
...
stunURIs = stun:stun.spreed.me:443
...
[modules]
...
[log]
...
[users]
...
enabled = true
...
mode = sharedsecret
...
sharedsecret_secret = 31a8aa8f315c631e574a3efcf6faab6f714b9648d727aa59aeaf529fe855fc2d
...
[nats]
...

Save and quit the configuration file (:wq!) and edit the nginx.conf file:

vi /etc/nginx/nginx.conf

Add the red part to your configuration:

user www-data;
worker_processes  4;
error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;
events {
    worker_connections  1024;
    multi_accept        on;
    use                 epoll;
}
http {
    geoip_country /usr/share/GeoIP/GeoIP.dat;
    map $geoip_country_code $allowed_country {
    default no;
    DE yes;
    }
    geo $exclusions {
    default 0;
    192.168.178.0/24 1;
    }
    map $http_upgrade $connection_upgrade {
        default upgrade;
        ''      close;
    }
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;
    server_tokens off;
    include /etc/nginx/conf.d/*.conf;
}

Save and quit the file (:wq!) and edit the gateway.conf :

vi /etc/nginx/conf.d/gateway.conf

Paste the red lines to the end of the file but above the last square bracket (‘}’)

...
}
# Spreed WebRTC   # Spreed WebRTC
    location ^~ /webrtc {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_buffering             on;
        proxy_ignore_client_abort   off;
        proxy_redirect              off;
        proxy_connect_timeout       90;
        proxy_send_timeout          90;
        proxy_read_timeout          90;
        proxy_buffer_size           4k;
        proxy_buffers               4 32k;
        proxy_busy_buffers_size     64k;
        proxy_temp_file_write_size  64k;
        proxy_next_upstream         error timeout invalid_header http_502 http_503 http_504;
    }
}

Save and quit the file (:wq!) and restart both services: nginx and spreed-webrtc

service nginx restart && service spreed-webrtc restart

© 2016, c-rieger.de

If you want to use temporary passwords (TP) for Spreed.ME you have to create a Nextcloud-Usergroup called ‘Spreed.ME’ and add users to this group. Also declare these  users as ‘Spreed.ME’-Group-Admins.

© 2016, c-rieger.de

Then activate Temporary Passwords and create the signing key in the advanced settings of Spreed.ME.

© 2016, c-rieger.de © 2016, c-rieger.de

A new icon (key) will appear in the Spreed.Me-App and you will be able to generate temporary passwords and send invitation emails to any participants:

© 2016, c-rieger.de © 2016, c-rieger.de © 2016, c-rieger.de

Finished! Enjoy Nextcloud and Spreed.ME!

Many thanks to Pseud!