Skip to content

mediamtx whip ingest behind caddy v2 reverse proxy #4504

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
sloev opened this issue May 7, 2025 · 0 comments
Open

mediamtx whip ingest behind caddy v2 reverse proxy #4504

sloev opened this issue May 7, 2025 · 0 comments

Comments

@sloev
Copy link

sloev commented May 7, 2025

Which version are you using?

image: bluenviron/mediamtx:latest-ffmpeg

Which operating system are you using?

Linux amd64 Docker

Describe how to replicate the issue

i am trying to have
js browser client (vue app) WHIP -> caddy (reverse proxy) -> mediamtx

but i continously get cors errors
has anybody succeded in publishing whip to mediamtx behind a reverse proxy?
caddyfile:


{
    admin off
    layer4 {
        tcp/:4242 {
            route {
                proxy {
                    upstream tcp/{$IP_RETICULUM}:4242
                }
            }
        }
        udp/:8189 {
            route {
                proxy {
                    upstream udp/{$IP_MEDIAMTX}:8189
                }
            }
        }
    }
}




# Serve your app
mediamtx.buro.example {



	reverse_proxy {$IP_MEDIAMTX}:8889
}

mediamtx config


# Enable publishing and reading streams with the WebRTC protocol.
webrtc: yes
# Address of the WebRTC HTTP listener.
webrtcAddress: :8889
# Enable TLS/HTTPS on the WebRTC server.
webrtcEncryption: no
# Path to the server key.
# This can be generated with:
# openssl genrsa -out server.key 2048
# openssl req -new -x509 -sha256 -key server.key -out server.crt -days 3650
webrtcServerKey: server.key
# Path to the server certificate.
webrtcServerCert: server.crt
# Value of the Access-Control-Allow-Origin header provided in every HTTP response.
# This allows to play the WebRTC stream from an external website.
webrtcAllowOrigin: '*'
# List of IPs or CIDRs of proxies placed before the WebRTC server.
# If the server receives a request from one of these entries, IP in logs
# will be taken from the X-Forwarded-For header.
webrtcTrustedProxies: []
# Address of a local UDP listener that will receive connections.
# Use a blank string to disable.
webrtcLocalUDPAddress: :8189
# Address of a local TCP listener that will receive connections.
# This is disabled by default since TCP is less efficient than UDP and
# introduces a progressive delay when network is congested.
webrtcLocalTCPAddress: ''
# WebRTC clients need to know the IP of the server.
# Gather IPs from interfaces and send them to clients.
webrtcIPsFromInterfaces: yes
# List of interfaces whose IPs will be sent to clients.
# An empty value means to use all available interfaces.
webrtcIPsFromInterfacesList: []
# List of additional hosts or IPs to send to clients.
webrtcAdditionalHosts: ["buro.example", "mediamtx.buro.example"]
# ICE servers. Needed only when local listeners can't be reached by clients.
# STUN servers allows to obtain and share the public IP of the server.
# TURN/TURNS servers forces all traffic through them.
webrtcICEServers2: []
  # - url: stun:stun.l.google.com:19302
  # if user is "AUTH_SECRET", then authentication is secret based.
  # the secret must be inserted into the password field.
  # username: ''
  # password: ''
  # clientOnly: false
# Time to wait for the WebRTC handshake to complete.
webrtcHandshakeTimeout: 10s
# Maximum time to gather video tracks.
webrtcTrackGatherTimeout: 2s
# The maximum time to gather STUN candidates.
webrtcSTUNGatherTimeout: 5s

Server logs

No response

Network dump

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sloev