SIP WEBRTC Freepbx Nextcloud Nethserver

freepbx
nextcloud

(other names Tedd77/Giorgio09) #1

This message comprises 2 sections.

  1. Sharing my experience with SIP webrtc (Freepbx based) and nextcloud integration with external link
  2. Calling the community to develop a nextcloud module in order to avoid exposing the freepbx to the external internet

– to start with point 1–
after installing the freepbx 13 with Asterisk 13 , you need to install the webrtc module of freepbx
create extensions (they can be either SIP or PJSIP) I personally prefer the PJSIP for many reasons that are beyond the scope of this post.
All stated above should be straight forward with no complication until!!! trying to access the webrtc throughout the navigator.
The following are mandatory prerequisites

  1. Navigator option 1 is firefox (latest release) , it also works with Chrome but I do not have good memories so to speak.
  2. FQDN for the freepbx instance
  3. Letsencrypt certificates for the freepbx FQDN
  4. Access to Freepbx should be with https without any errors

Should all above are met some more work to be done on the main firewall (of your company or home)
Port forwarding TCP 8089 and 443 (provided you did not change any of those ports during installation)
To be clear port 8089 can be verified under /etc/asterisk/ http_additional.conf

tlsenable=yes
tlsbindaddr=0.0.0.0:8089

or from the GUI under settings—> advanced settings

Now webrtc can be accessed with the following link format : https://yourfqdn:443/ucp

failing to do so your webrtc may show that extension is registered but you will never be able to receive or establish a call.
Should your webrtc displaying a red bar on top with xml message then you need to disable the following 2 modules from freepbx
XMPP and conference pro
To be honest I did not have time to figure out what ports these 2 apps use in order to include them on my port forwarding but since my aim is to minimize my PBX exposure to the net I just disabled them.


In Nextcloud you just need to add an external link https://yourfqdn:443/ucp and try it.
Mine is perfectly working no voice issues no nating problems and the best part of it my PBX is not much exposed
I advise to change the port 443 to port say 8351 so on your firewall you forward external port 8351 to internal port 443 .

Drawback of this solution
Once the tab is closed or the focus is moved to another functionality into nextcloud then the phone will become offline

The workaround
Open another Tab for the rest of nextcloud functionalities


Now to point number 2 of my post…

I am not a developer hence I wish to call for developers in this community to help me out creating a module that can be integrated into nextcloud.
The reason for that is to eliminate the need to open ports on the main firewall.

Below are few examples already achieved that task

  1. Rainloop email module
  2. XMPP module
  3. Spreed.me
    These modules call internal ip addresses without the need to forward ports on the main firewall
    they use proxy ngix

Our desired module is necessary in order to eliminate the need to type username and password.
No need to make it so complex and link it to the LDAP, you just look at rainloop how it functions and implement the same for the webrtc Nextcloud module.

Please avoid the drawback experienced with the step 1 solution.


Finally hope someone can put together a plan for this nice feature.


Guacamole Package?
(other names Tedd77/Giorgio09) #2

Further to my earlier post I made few researches and found the following small package that could be used as a base.

This package worked on Firefox, Chrome, Opera and Microsoft Edge
In conclusion it is better than Freepbx’s integrated WEBRTC

https://collecttix.github.io/ctxSip/
What I did is git cloned it, changed the config.js file accordingly

Below is snap of my config.js file


var user = {
// User Name
"User" : “bob”,
// Password
"Pass" : “1234567894654321321321321321”,
// Auth Realm
"Realm" : “FQDN”,----------------you need to use your FQDN
// Display Name
"Display" : “99xxxxx”,
// WebSocket URL
"WSServer" : “wss://FQDN:8089/ws”-----------------------------------------you need to use your FQDN
};


It works perfectly, Audio only no video.

Now time to port it onto Nethserver Nextcloud.

For the time being the port TCP 8089 needs to be forwarded on the main Firewall.


(other names Tedd77/Giorgio09) #3

This is a better version of index.html. it loads the phone in a separate tab Popup





    

    

    
        
×Phone
<script type="text/javascript" src="https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js"></script>

(other names Tedd77/Giorgio09) #6

Here is another derivative, similar to ctxSIP but this one is JSSIP
It is possible to put the configuration in a custom.js file.
It does not work with opera.

git clone https://github.com/lrobot/tryit.jssip.net.git

This repo is with the custom,js file
git clone git://git.code.sf.net/p/halef/asterisk halef-asterisk

It works with WS straight out of the box , possibility to work with WSS however it requires some tweaking .

This one supports Video, ctxSIP does not,

Unfortunately similar to the ctxSIP above I am unable to port it into nextcloud.

Now that you have in hand 2 potential SIP WEBRTC applications , I hope someone can jump in to integrate into Nextcloud.

I have a feeling that tryit.jssip.net is much easier to implement although it is not the best however it is well developed and maintained.

Unfortunately my work stops at this stage as I am not capable to advance any further on this subject/feature.
I can help in testing and parameters only from now on!


(Stefano Fancello) #7

Hi ghost,
nethserver-freepbx and FreePBX packages has been under active development and there are a few changes already released on last packages you can find on nethserver-testing repository:

  • Now, under the tab PBX Access on NethServer Web UI you are able to easily open firewall ports for WebRTC (TCP 8089 and RTP ports UDP10000-20000)

  • FreePBX web interface can be accessd only from green interfaces by default, you can change this behaviour adding networks from same UI page

  • About WebRTC, you could also try Janus, a gateway that uses normal sip/pjsip extensions on FreePBX side and WebRTC between browser and Janus https://github.com/meetecho/janus-gateway . There is a nethserver-janus package on testing repository.


(other names Tedd77/Giorgio09) #8

@Stll0 thank you for your interaction and tip.
The project is nice but requires better documentations.

Please correct my steps

  1. Installed the nethserver-janus
  2. Copied the html directorory content to /var/www/html
    This directory now has 2 folders the freepbx and the demos folders.
    I can access the demo folder however none of the plugins work, I get a message
    "error: Is the gateway down?"

in the janus.log I see the following errors:

e[35m[FATAL]e[0m [transports/janus_http.c:janus_http_init:686] Couldn't start webserver on port 8988...
e[33m[WARN]e[0m HTTPS webserver disabled
e[33m[WARN]e[0m Admin/monitor HTTP webserver disabled
e[33m[WARN]e[0m Admin/monitor HTTPS webserver disabled
e[33m[WARN]e[0m No HTTP/HTTPS server started, giving up...
e[33m[WARN]e[0m The 'janus.transport.http' plugin could not be initialized
Loading transport plugin 'libjanus_pfunix.so'...
Configuring SOCK_SEQPACKET Unix Sockets server (Janus API)
e[33m[WARN]e[0m Unix Sockets server disabled (Admin API)
JANUS Unix Sockets transport plugin initialized!
Loading transport plugin 'libjanus_websockets.so'...
Unix Sockets thread started
libwebsockets >= 1.6 available, using new API
e[35m[FATAL]e[0m [transports/janus_websockets.c:janus_websockets_init:517] Error initializing libwebsockets...
e[33m[WARN]e[0m Secure WebSockets server disabled
e[33m[WARN]e[0m Admin WebSockets server disabled
e[33m[WARN]e[0m Secure Admin WebSockets server disabled
e[33m[WARN]e[0m No WebSockets server started, giving up...
e[33m[WARN]e[0m The 'janus.transport.websockets' plugin could not be initialized

I appreciate if you could assist in solving this issue in order for me to be able to test this module.


(Stefano Fancello) #9

in demos, janus is exposed on 8188 and 8089 ports, but those ports are closed. There is a proxypass in httpd configuration that forward /janus to 8188. You have to fix demos .js to connect to /janus instead of 8188/janus or 8089/janus (it depends on if you are using http or https).

After that, if janus-gateway is running, demos should be able to connect to it, and you can check status and errors in browser console. I still get some errors from demos, you’ll have to play a little with them

No idea on this error, it doesn’t happen for me on a fresh install. I install it with

yum --enablerepo=nethserver-testing install nethserver-freepbx nethserver-janus

Have you done something different? Have you changed something on janus configuration?


(other names Tedd77/Giorgio09) #10

@Stll0
I have just installed it on a fresh server.
yum --enablerepo=nethserver-testing install nethserver-freepbx nethserver-janus

Moved the demos folder to /var/www/html/
changed the “:8089/Janus” to “/janus” in all .js files inside the demos folder.
Still failing with message : “error: Is the gateway down?”

ps -eaf | grep janus
root 20782 1 0 19:24 ? 00:00:23 /opt/janus/bin/janus -o
root 23784 20639 0 20:18 pts/0 00:00:00 grep --color=auto janus

How to proceeed further ? could you please share ?