Installing Galène
|
by Craig Miller
Galène is open source video conferencing software that is easy to install, and run. It works with laptops/desktops using Firefox or Chrome (or derivative). The software includes the server (written in Go) and a Javascript client, which runs in the browser. No client software need be installed.
Galène is a Selective Forwarding Unit (SFU) type of video conferencing software, which puts very little load on the server, requiring the clients to do most of the video processing.
Since it is written in the Go language, it is easily compiled on any linux platform/architecture, including the Raspberry Pi. And since it is modern software, it supports both IPv4 and IPv6.
Installing Go
In order to compile Galène, one needs to install the Go language. Your distro, may have go in the repo. We will also need git for pulling down the Galène source.
sudo apt install git golang
Getting Galène from github
Naturally, since I like Linux Containers (LXD) will do the install in a container, but this isn't a requirement, just my preference.
I prefer to do compiles from an unprivilaged user, such as the pi user. Do the following as non-root:
cd
git clone http://github.com/jech/galene --branch galene-0.7.2
Compiling Galène
Compiling go projects requires some environmental variables, and compiler flags. Just copy and paste these, and it should work. As your unprivilaged user:
cd galene
CGO_ENABLED=0 go build -ldflags='-s -w'
The go compiler will pull down some additional modules, and then build a single binary in the galene directory.
Depending on the machine you are building on, you may run into an issue where the version of go is not new enough. For example, the latest version of Galène requires go compiler version 1.17 There's an excellent tutorial on how to get the latest pre-built go compiler from https://tecadmin.net/install-go-on-debian/
The Go language is a fast moving language, and many features are being added often, it is not always backwards compatible. Pre-built compilers are available for Window, MacOS (both ARM64 & AMD64), and Linux (AMD64 and ARM64).
Creating Galène groups
Groups are used by Galène, as separate meeting rooms. One must create a groups directory.
cd galene
mkdir groups
cd groups
To create a public group, add the following to a file called public.json using the editor of your choice.
{
"op": [{"username":"admin","password": "87654321"}],
"presenter": [{"password": "bc1871"}],
"public": true,
"allow-recording": true,
"allow-subgroups": true,
"max-clients": 4
}
Galène has the ability to login with any name, and require a password. In the example above, the admin user requires a password of 87654321. But a presenter does not require a name, only the password bc1871. If the public option is set to true then it will be displayed on the front webpage. This is useful for testing.
Using TLS and Galène
If you plan to use Galène in a public environment, then it is best to use a Let's Encrypt certificate for TLS. The certbot is very easy to use. The certbot by default places the Cert in /etc/letsencrypt/live/"$HOST"/ where $HOST is the Fully Qualified Domain Name of the host.
First, one must create a data directory to hold the Certs
cd galene
mkdir data
I have written a short script which will renew my cert, and place it in the ~/galene/data/ directory. Run this script after running certbot the first time:
#!/usr/bin/env sh
HOST=galene.yourdomain.ca
USER=pi
VERSION=0.99
# renew cert for galene.yourdomain.ca
echo "Running things as root, need sudo password..."
sudo certbot certonly --force-renew -d "$HOST" --standalone # --dry-run
# mv cert to Galene location
echo "moving certs to galene location"
cd /home/$USER/galene/
sudo cp /etc/letsencrypt/live/"$HOST"/fullchain.pem data/cert.pem
sudo cp /etc/letsencrypt/live/"$HOST"/privkey.pem data/key.pem
sudo chown $USER data/*.pem
sudo chmod go-rw data/key.pem
#done
echo "Pau"
Using self-signed Certs
However, if you are just going to use Galène on your own network, then you will have to use Galène's self signed certifications, which will require you to go to scary places in your browser.
Galène can be run without TLS or insecure mode (note that passwords will be passed in the clear), however there seems to be a bug that does not allow video or audio to be sent to the server.
However, one can specify the port using the -http <port> parameter.
./galene -http :8080
Running Galène
Galène by default runs on port 8443, this is fine for running your own local video conferencing, but you will probably want to change it to the standard TLS port 443 if you plan on running a public Galène.
Fortunately, it is easy to change the listening port by editing the source file galene.go. Search for 8443 and change it to 443. The line should now be:
flag.StringVar(&httpAddr, "http", ":443", "web server `address`")
If you do change the port to 443, you will have to start Galène with the sudo command.
sudo ./galene -udp-range 50000-60000
Galène has a few options, I tend to put the UDP at higher ports, seems to work with more firewalls.
Now is the time to switch to your browser and try to connect to the newly running Galène
Lab
Connect to the local Galène server, be sure to mute your Mic to avoid lots of feedback.
Try the /presentfile option in the web client to play mp3 and mp4 files.
More info
I have written a how-to use Galène. And if you want even more information about Galène, point your browser at galene.org.
28 September 2023
Updated 10 Oct 2023