diff --git a/addons/example/selkies-gstreamer-entrypoint.sh b/addons/example/selkies-gstreamer-entrypoint.sh index e944a543..5130507b 100755 --- a/addons/example/selkies-gstreamer-entrypoint.sh +++ b/addons/example/selkies-gstreamer-entrypoint.sh @@ -138,7 +138,7 @@ server { client_max_body_size 10M; - proxy_pass http$(if [ \"$(echo ${SELKIES_ENABLE_HTTPS} | tr '[:upper:]' '[:lower:]')\" = \"true\" ]; then echo -n "s"; fi)://localhost:9081; + proxy_pass http$(if [ \"$(echo ${SELKIES_ENABLE_HTTPS} | tr '[:upper:]' '[:lower:]')\" = \"true\" ]; then echo -n "s"; fi)://localhost:${SELKIES_METRICS_HTTP_PORT:-9081}; } error_page 500 502 503 504 /50x.html; diff --git a/addons/example/supervisord.conf b/addons/example/supervisord.conf index fb5e19de..3948d4fa 100644 --- a/addons/example/supervisord.conf +++ b/addons/example/supervisord.conf @@ -62,7 +62,7 @@ autorestart=true priority=20 [program:nginx] -command=bash -c "until nc -z localhost 8081; do sleep 0.5; done; /usr/sbin/nginx -g \"daemon off;\"" +command=bash -c "until nc -z localhost ${SELKIES_PORT:-8081}; do sleep 0.5; done; /usr/sbin/nginx -g \"daemon off;\"" stdout_logfile=/tmp/nginx.log stdout_logfile_maxbytes=5MB stdout_logfile_backups=0 diff --git a/docs/component.md b/docs/component.md index a75b361c..2d84e4fc 100644 --- a/docs/component.md +++ b/docs/component.md @@ -231,7 +231,7 @@ If UDP cannot be used, at the cost of higher latency and lower performance, omit All these ports must be exposed to the internet if you need access over the internet. If you need use TURN within a local network, add `-e SELKIES_TURN_HOST={YOUR_INTERNAL_IP}` with `{YOUR_INTERNAL_IP}` to the internal hostname or IP of the local network. IPv6 addresses must be enclosed with square brackets such as `[::1]`. -Otherwise, to enable host networking, add `--network=host` to the Docker® command to enable host networking and work around this requirement if your server is not behind a firewall. Note that running multiple desktop containers in one host under this configuration may be problematic and is not recommended. You must also pass new environment variables such as `-e DISPLAY=:22`, `-e NGINX_PORT=8082`, `-e SELKIES_PORT=8083`, and `-e SELKIES_METRICS_HTTP_PORT=9083` into the container, all not overlapping with any other X11 server or container in the same host. +Otherwise, to enable host networking, add `--network=host` to the Docker® command to enable host networking and work around this requirement if your server is not behind a firewall. Note that running multiple desktop containers in one host under this configuration may be problematic and is not recommended. You must also pass new environment variables such as `-e DISPLAY=:22`, `-e NGINX_PORT=8082`, `-e SELKIES_PORT=8083`, and `-e SELKIES_METRICS_HTTP_PORT=9083` into the container, all not overlapping with any other X11 server or container in the same host. Access the container using the specified `NGINX_PORT`. If you are behind a reverse proxy or can only expose one HTTP port, you will need to use an external STUN/TURN server capable of `srflx` or `relay` type ICE connections if you use this in a container WITHOUT host networking. diff --git a/docs/firewall.md b/docs/firewall.md index ec01a27e..cd85fc96 100644 --- a/docs/firewall.md +++ b/docs/firewall.md @@ -20,7 +20,7 @@ A configuration in your internet router called `Full Cone NAT` (otherwise called For an easy fix for containers, add the option `--network=host` to your Docker® command, or add `hostNetwork: true` under your Kubernetes YAML configuration file's pod `spec:` entry, which should be indented in the same depth as `containers:` (note that your cluster may have not allowed this, resulting in an error). -**Note that running multiple desktop containers in one host under this configuration may be problematic and is not recommended. You must also pass new environment variables such as `-e DISPLAY=:22`, `-e NGINX_PORT=8082`, `-e SELKIES_PORT=8083`, and `-e SELKIES_METRICS_HTTP_PORT=9083` into the container, all not overlapping with any other X11 server or container in the same host.** +**Note that running multiple desktop containers in one host under this configuration may be problematic and is not recommended. You must also pass new environment variables such as `-e DISPLAY=:22`, `-e NGINX_PORT=8082`, `-e SELKIES_PORT=8083`, and `-e SELKIES_METRICS_HTTP_PORT=9083` into the container, all not overlapping with any other X11 server or container in the same host. Access the container using the specified `NGINX_PORT`.** This exposes your container to the host network, which disables container network isolation.