Skip to content

Configure LiveKit media and signaling in nginx #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
muhammadIdhamMaarif wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Configure LiveKit media and signaling in nginx #4

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 55 additions & 0 deletions src/nginx/nginx.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,16 @@ stream {
server mf.tailaa9bf1.ts.net:25565;
}

# Atlas voice chat — LiveKit WebRTC media (UDP Mux + TCP fallback).
# Both protocols ride a single port (7882) on this VPS. Traffic is
# forwarded over Tailscale to the LiveKit container on keikaku, which
# multiplexes all sessions onto its own :7882 listener (rtc.udp_port
# / rtc.tcp_port in services/livekit/livekit.yaml). The VPS firewall
# must allow UDP/TCP 7882 inbound for this to work.
upstream atlas_livekit_media {
server keikaku.tailce5c0d.ts.net:7882;
}

server {
listen 2424;
proxy_pass git_labmgm_org;
Expand All @@ -63,6 +73,23 @@ stream {
proxy_timeout 10m;
proxy_connect_timeout 5m;
}

# LiveKit media UDP — single port carries every room's media via
# UDP Mux. Long timeouts: a live call must not be cut by the proxy.
server {
listen 7882 udp;
proxy_pass atlas_livekit_media;
proxy_timeout 60m;
proxy_responses 0; # streaming media — never close after N replies
}

# LiveKit media TCP fallback for clients on UDP-blocked networks.
server {
listen 7882;
proxy_pass atlas_livekit_media;
proxy_timeout 60m;
proxy_connect_timeout 5s;
}
}

http {
Expand Down Expand Up @@ -440,6 +467,16 @@ http {
server keikaku.tailce5c0d.ts.net:1234;
}

# LiveKit signaling (Atlas voice chat — Phase 0). Proxied under
# /livekit/ on atlas.labmgm.org. The container listens on 7880 on
# keikaku (Tailscale) and serves HTTP API + WebSocket signaling there.
# WebRTC media is NOT proxied through HTTP — it goes through the
# stream {} block on port 7882 (UDP Mux + TCP fallback). See the
# top of this file for the stream upstream + listener.
upstream atlas_labmgm_org_livekit {
server keikaku.tailce5c0d.ts.net:7880;
}

upstream atlas-staging_labmgm_org_frontend {
server syafa-testing.tailce5c0d.ts.net:3001;
}
Expand Down Expand Up @@ -1795,6 +1832,24 @@ http {
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
}

# LiveKit signaling for Atlas voice chat (Phase 0). Trailing
# slash on proxy_pass strips the /livekit/ prefix so the path
# reaches the SFU as / (the root signaling endpoint). Long
# read/send timeouts because LiveKit signaling is a long-lived
# WS that must survive over the proxy.
location /livekit/ {
proxy_pass http://atlas_labmgm_org_livekit/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
}
}

server {
Expand Down