U-Boot -> UEFI (with Secure Boot if desired) -> Systemd Boot (or Linux EFI Boot Stub) -> Debian (or other distro)
That same layout should be doable on any U-Boot¹ supported device. "permanent":true
that automatically generates/updates the config for you. You can substitute srtp (secure) for regular rtp for testing, but I prefer to use the secure variant since it goes out to a public VPS and doesn't really incur any overhead for my source devices. #!/bin/sh
server="https://[YOUR_JANUS_SERVER_HOST]/janus"
token(){ dd if=/dev/urandom bs=6 count=1 status=none|openssl base64;}
post_jo(){ first="$1";shift;wget --quiet --output-document - --post-data "$(jo -- "$@")" "$server$first";}
tx(){ post_jo "$@" transaction="$(token)";}
data_id(){ jq ".data.id//(null|halt_error(1))";}
message()( set -e
id="$(tx / janus=create|data_id)" # create janus session and store id
hn="$(tx "/$id" janus=attach plugin=janus.plugin.streaming|data_id)" # create plugin session and store id
tx "/$id/$hn" janus=message body="$(jo -- "$@")"
tx "/$id" janus=destroy >/dev/null
)
# example usage:
# list all streams
message request=list|jq .plugindata.data.list
# remove stream with id 666
message request=destroy id=666 secret=adminpwd permanent=true|jq
# create new stream
message request=create id=666 secret=adminpwd permanent=true name=[YOUR_STREAM_NAME] type=rtp media=["$(
jo type=video mid=v1 codec=h264 pt=96 simulcast=true svc=false port=5010 port2=5020 port3=5030 \
fmtp=level-asymmetry-allowed=1\;packetization-mode=1\;profile-level-id=42c01f
)","$(
jo type=video mid=v2 codec=vp8 pt=96 simulcast=true svc=false port=5012 port2=5022 port3=5032
)","$(
jo type=audio mid=a codec=opus pt=97 port=5000
)"] srtpsuite=80 srtpcrypto=zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz|jq # your srtp token needs to match your source
# show new stream info to verify configuration
message request=info id=666 secret=adminpwd|jq
# on streaming source device
ffmpeg [YOUR_INPUT_CONFIG HERE] -f rtp -srtp_out_suite SRTP_AES128_CM_HMAC_SHA1_80 -srtp_out_params zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz srtp://[YOUR_JANUS_SERVER_HOST]/:[PORT]
# for gstreamer, showing alternative key format
gst-launch-1.0 [YOUR_INPUT_CONFIG HERE] ! rtpav1pay ! srtpenc key=cf3cf3cf3cf3cf3cf3cf3cf3cf3cf3cf3cf3cf3cf3cf3cf3cf3cf3cf3cf3 ! udpsink host=[YOUR_JANUS_SERVER_HOST] port=[PORT] media.peerconnection.ice.obfuscate_host_addresses = false
which will show the actual deobfuscated candidates host addresses. Here is a tool you can run on your client to see the stun candidates received. wss://tracker.openwebtorrent.com
wss://tracker.files.fm:7073
wss://tracker.webtorrent.dev
---> Usage stats for the last one: https://tracker.webtorrent.dev stun:stun.cloudflare.com
stun:stun.l.google.com:19302
¹ https://en.wikipedia.org/wiki/GUID_Partition_Table#Features