add Nat Hairpinning deployment to docs #378.
This commit is contained in:
parent
0c9055e4f6
commit
26af1dc7f5
@ -87,7 +87,48 @@ GHCR images are built using GitHub actions for every tag.
|
|||||||
### Networking:
|
### Networking:
|
||||||
- If you want to use n.eko in **external** network, you can omit `NEKO_NAT1TO1`. It will automatically get your Public IP.
|
- If you want to use n.eko in **external** network, you can omit `NEKO_NAT1TO1`. It will automatically get your Public IP.
|
||||||
- If you want to use n.eko in **internal** network, set `NEKO_NAT1TO1` to your local IP address (e.g. `NEKO_NAT1TO1: 192.168.1.20`)-
|
- If you want to use n.eko in **internal** network, set `NEKO_NAT1TO1` to your local IP address (e.g. `NEKO_NAT1TO1: 192.168.1.20`)-
|
||||||
- Currently, it is not supported to supply multiple NAT addresses (see https://github.com/m1k1o/neko/issues/47).
|
|
||||||
|
Currently, it is not supported to supply multiple NAT addresses directly to neko (see https://github.com/m1k1o/neko/issues/47).
|
||||||
|
|
||||||
|
But it can be acheived by deploying own turn server alongside neko that is accessible from your LAN:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
version: "3.4"
|
||||||
|
services:
|
||||||
|
neko:
|
||||||
|
image: "m1k1o/neko:firefox"
|
||||||
|
restart: "unless-stopped"
|
||||||
|
shm_size: "2gb"
|
||||||
|
ports:
|
||||||
|
- "8080:8080"
|
||||||
|
- "52000-52100:52000-52100/udp"
|
||||||
|
environment:
|
||||||
|
NEKO_SCREEN: 1920x1080@30
|
||||||
|
NEKO_PASSWORD: neko
|
||||||
|
NEKO_PASSWORD_ADMIN: admin
|
||||||
|
NEKO_EPR: 52000-52100
|
||||||
|
NEKO_ICESERVERS: '[{ "urls": [ "turn:192.168.1.60:3478" ], "username":"neko", "credential":"neko" }, { "urls": [ "stun:stun.nextcloud.com:3478" ] }]'
|
||||||
|
coturn:
|
||||||
|
image: 'coturn/coturn:latest'
|
||||||
|
network_mode: "host"
|
||||||
|
command: |
|
||||||
|
-n
|
||||||
|
--realm=localhost
|
||||||
|
--fingerprint
|
||||||
|
--listening-ip=0.0.0.0
|
||||||
|
--external-ip=192.168.1.60
|
||||||
|
--listening-port=3478
|
||||||
|
--min-port=49160
|
||||||
|
--max-port=49200
|
||||||
|
--log-file=stdout
|
||||||
|
--user=neko:neko
|
||||||
|
--lt-cred-mech
|
||||||
|
```
|
||||||
|
|
||||||
|
- Replace `192.168.1.60` with your LAN IP address, and allow ports `49160-49200/udp` and `3478/tcp` in your LAN.
|
||||||
|
- Make sure you don't use `NEKO_ICELITE: true` because ICE LITE does not support TURN servers.
|
||||||
|
|
||||||
|
This setup adds local turn server to neko. It won't be reachable by your remote clients and your own IP won't be reachable from your lan. So it effectively just adds local candidate and allows connections from LAN.
|
||||||
|
|
||||||
### Why so many ports?
|
### Why so many ports?
|
||||||
- WebRTC needs UDP ports in order to transfer Audio/Video towards user and Mouse/Keyboard events to the server in real time.
|
- WebRTC needs UDP ports in order to transfer Audio/Video towards user and Mouse/Keyboard events to the server in real time.
|
||||||
|
@ -129,6 +129,7 @@ Example for pfsense with truecharts docker container:
|
|||||||
- Test externally to confirm it works.
|
- Test externally to confirm it works.
|
||||||
- Internally you have to access it using `<your-public-ip>:port`
|
- Internally you have to access it using `<your-public-ip>:port`
|
||||||
|
|
||||||
|
If your router does not support NAT Loopback (NAT Hairpinning), you can use turn servers to overcome this issue. See [more details here](https://neko.m1k1o.net/#/getting-started/?id=networking) on how to setup local coturn instance.
|
||||||
|
|
||||||
### Neko works locally, but not externally
|
### Neko works locally, but not externally
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user