Opened 4 years ago

Last modified 8 months ago

#12442 assigned Bug/Something is broken

test use of mumble.mayfirst.org to hold large meetings with simultaneous interpretation.

Reported by: Jamie McClelland Owned by: Jamie McClelland
Priority: Medium Component: Tech
Keywords: Cc:
Sensitive: no

Description

I'm interested in doing some work on our muble install, to experimentally see if it is able to handle some of the features we currently use mexcla for, namely:

  • Simultaneous interpretation: Seems possible using the whisper function. Each meeting would have a sub-group called "Hear Interpretation". The interpreter would configure their client so that pressing one key-combination would allow them to speak into the main room and a second key combination would allow them to "whisper" into the "Hear Interpretation" Room. Users would drag their username back and forth between the main room and the hear interpretation room.
  • Web client: I think we could setup a listen-only web client using mumblerecbot which is designed to save a recording but could easily be re-configured to send a recording to icecast. It could send both the main recording and the hear interpretation recording as separate streams, allowing a single web page to have both of them playing, but with controls that would turn the volume down on english and up on spanish or vice versa (it's important that both streams continue playing at all times to stay in sync).
  • Phone call in. There is a promising sip to mumble gateway but I'm not sure we will ever get this working because:
    • No way to switch between rooms
    • Currently only supports one caller

Change History (8)

comment:1 Changed 4 years ago by Jamie McClelland

Owner: set to Jamie McClelland
Status: newassigned

comment:2 Changed 4 years ago by Jamie McClelland

So far it is going well, but still has a big latency problem to figure out.

I've updated murmur with changes I've made (which describes the use of obot and ibot to stream to icecast).

And I've created https://participate.mayfirst.org/ for the user side of things.

The main problem is lag times of over a minute, which makes switching between the original voices stream and the interpretation stream a bit sketchy.

I'm reviewing http://linux-audio.4202.n7.nabble.com/Tuning-icecast-ices-for-low-latency-td4682.html to work on reducing latency (and trying to figure out how to reduce latency in the html5 audio tag).

comment:3 Changed 4 years ago by Jamie McClelland

FYI, I went down a bit of rabbit hole setting up b.stream.mayfirst.org so I could test with an publicly-accessible icecast server that was not in active use.

I initially setup nginx to be a proxy so I could use https, but it was buggy. Rather than fight the bugs, I installed the libssl-dev package on sankarar and then rebuilt icecast2 from source, which got around the bug preventing us from running icecast2 via 443.

I made the following config changes:

  • Changed /etc/default/icecast2 to indicate that icecast2 should run as root (this allows icecast2 to open a privileged port and then drop privileges). Note: if we wrote a proper systemd file we could probably avoid this.
  • Ran mf-cerbot b.stream.mayfirst.org (e.g. in standalone mode which means it sets up a temporary web server on port 80 to verify the cert).
  • Installed new puppet define m_x509::pem_updater (see sankara.pp). It runs on a cron job and detects when a new LE cert has been issued and if so, it rebuilds /etc/icecast2/icecast.pem with both the new key and new cert and restarts icecast (this is required because icecast insists on one file with both the key and the cert).
  • Made the following config changes in /etc/icecast2/icecast.xml:
    • In paths section added:
              <ssl-certificate>/etc/icecast2/icecast.pem</ssl-certificate>
              <ssl-allowed-ciphers>ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS</ssl-allowed-ciphers>
      
    • In general section added:
          <listen-socket>
            <port>443</port>
            <ssl>1</ssl>
          </listen-socket>
      

comment:4 Changed 4 years ago by Daniel Kahn Gillmor

It looks to me like sankara now has a few extra packages that it doesn't need to have installed here:

Calculating upgrade... The following packages were automatically installed and are no longer required:
  libgd3 libxpm4 nginx-common nginx-full
Use 'apt-get autoremove' to remove them.
Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

If you're doing a rebuild, is there a reason to do it on the live server? doing that kind of work in a dedicated vm that's specifically for building might be a better choice. It shouldn't trigger the gpl's redistribution clauses to do such a transfer between machines operated by the same party, fwiw.

(and yes, icecast should use a different, gpl-compatible TLS library if it's going to be GPL)

Is it ok to purge these other packages?

comment:5 Changed 4 years ago by Jamie McClelland

Thanks for the review dkg - just autoremoved those packages.

We have two icecast servers - toussaint provides a.stream.mayfirst.org which is the primary one used by members. sankara provides b.stream.mayfirst.org which is a good candidate for this kind of development work.

comment:6 Changed 19 months ago by updater

Sensitive: set

Changed to sensitive as part of leadership decision to make all tickets sensitive.

comment:7 Changed 8 months ago by Jamie McClelland

Sensitive: unset

comment:8 Changed 8 months ago by Jamie McClelland

The sip to muble gateway code seems to be abandoned (says: "I do not maintain this project and mumlib any longer, but some new features and bugfixes have been implemented in the forks. Check them out!" - but the forks also seem to be abandoned).

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.