doomtube/beeta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
106 commits 1 branch 0 tags 4.2 MiB
Find a file
doomtube 3c67397b7d
Some checks failed
Build and Push / build-all (push) Failing after 7m2s
Details
Add public pyramid API routes to nginx config 
The pyramid state, colors, face, and pixel info endpoints need
to be accessible without JWT authentication for loading the canvas.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-11 17:12:10 -05:00
.forgejo/workflows fixes lol 2026-01-08 02:14:02 -05:00
backend Add PyramidController to CMakeLists.txt 2026-01-11 17:08:41 -05:00
bot-sdk Initial commit - realms platform 2026-01-05 22:54:27 -05:00
chat-service fixes lol 2026-01-10 01:50:20 -05:00
database fixes lol 2026-01-11 14:54:44 -05:00
devops Add automatic SSL certificate generation 2026-01-06 04:53:46 -05:00
frontend fixes lol 2026-01-11 15:52:17 -05:00
nakama fixes lol 2026-01-09 00:49:07 -05:00
openresty Add public pyramid API routes to nginx config 2026-01-11 17:12:10 -05:00
ovenmediaengine fixes lol 2026-01-10 18:51:18 -05:00
terraform fixes lol 2026-01-07 03:29:05 -05:00
.env.example Initial commit - realms platform 2026-01-05 22:54:27 -05:00
.gitignore Fix: Force pull images in deploy workflow 2026-01-06 23:20:31 -05:00
docker-compose.prod.yml fixes lol 2026-01-08 02:08:39 -05:00
docker-compose.yml fixes lol 2026-01-08 01:57:40 -05:00
README.md fixes lol 2026-01-07 03:06:39 -05:00

README.md

realms.india

A self-hosted live streaming and gaming platform with real-time chat, game server integration, and media management.

Features

  • Live Streaming - RTMP, SRT, and WebRTC ingest with HLS/LLHLS output
  • Real-time Chat - WebSocket-based chat with moderation tools
  • Game Server - Nakama-powered multiplayer games and social features
  • Media Library - E-book hosting and audio/video management
  • User Authentication - JWT-based auth with optional PGP key support

System Requirements

Minimum

  • 4GB RAM
  • 2 CPU cores
  • 20GB storage

Recommended

  • 8GB+ RAM
  • 4+ CPU cores
  • 100GB+ SSD storage

Software

  • Docker 24+
  • Docker Compose v2+
  • Git

Operating System

  • Linux (Ubuntu 22.04 recommended) - best for production
  • macOS
  • Windows with WSL2

Quick Start (Development)

# Clone the repository
git clone <repository-url>
cd realms.india

# Copy environment template
cp .env.example .env

# Generate secrets and edit .env (see Configuration section below)
nano .env

# Build and start all services
docker-compose up --build

Access the application at http://localhost

Configuration

Required Environment Variables

Copy .env.example to .env and configure these required variables:

Variable Description How to Generate
DB_PASSWORD PostgreSQL database password openssl rand -base64 24
JWT_SECRET Secret key for JWT token signing openssl rand -base64 32
OME_API_TOKEN OvenMediaEngine API authentication openssl rand -hex 32
REDIS_PASSWORD Redis authentication password openssl rand -base64 24
NAKAMA_SERVER_KEY Nakama client authentication key openssl rand -hex 16
NAKAMA_CONSOLE_PASSWORD Nakama admin console password Choose a strong password
VITE_NAKAMA_SERVER_KEY Frontend Nakama key (must match NAKAMA_SERVER_KEY) Same as NAKAMA_SERVER_KEY

Optional Environment Variables

Variable Default Description
DB_HOST postgres PostgreSQL host
DB_NAME streaming Database name
DB_USER streamuser Database user
DB_PORT 5432 PostgreSQL port
REDIS_HOST redis Redis host
REDIS_PORT 6379 Redis port
REDIS_DB 0 Redis database number
CHAT_REDIS_DB 1 Chat service Redis database
APP_ENV production Environment mode (development or production)
VITE_NAKAMA_HOST localhost Nakama host for frontend
VITE_NAKAMA_PORT 80 Nakama port for frontend
VITE_NAKAMA_USE_SSL false Enable SSL for Nakama connection

Generate All Secrets at Once

echo "DB_PASSWORD=$(openssl rand -base64 24)"
echo "JWT_SECRET=$(openssl rand -base64 32)"
echo "OME_API_TOKEN=$(openssl rand -hex 32)"
echo "REDIS_PASSWORD=$(openssl rand -base64 24)"
NAKAMA_KEY=$(openssl rand -hex 16)
echo "NAKAMA_SERVER_KEY=$NAKAMA_KEY"
echo "VITE_NAKAMA_SERVER_KEY=$NAKAMA_KEY"
echo "NAKAMA_CONSOLE_PASSWORD=<choose-a-strong-password>"

Services Overview

Service Description Internal Port
postgres PostgreSQL 16 database for persistent storage 5432
redis Redis 7 for caching, sessions, and message queues 6379
drogon-backend Main API server (C++ Drogon) - streaming, users, realms 8080
chat-service Real-time chat WebSocket server (C++ Drogon) 8081
nakama Game server for multiplayer features 7350
ovenmediaengine Media streaming server (RTMP/SRT/WebRTC ingest, HLS output) 8081 (API)
openresty Nginx-based reverse proxy with Lua scripting 80, 443
sveltekit SvelteKit web frontend 3000
certbot Automatic SSL certificate management -

Exposed Ports

Web Traffic

Port Protocol Description
80 TCP HTTP
443 TCP HTTPS
8088 TCP HLS/LLHLS streaming proxy

Streaming Ingest

Port Protocol Description
1935 TCP RTMP ingest
9999 UDP SRT ingest

WebRTC

Port Protocol Description
3333 TCP WebRTC signaling
3478 UDP STUN/TURN server
10000-10009 UDP WebRTC ICE candidates

Streaming Setup

OBS Studio Configuration

  1. Open OBS Studio and go to Settings > Stream
  2. Set Service to "Custom..."
  3. Configure your stream:

RTMP:

Server: rtmp://your-domain:1935/app
Stream Key: <your-stream-key>

SRT:

Server: srt://your-domain:9999

Getting Your Stream Key

Stream keys are generated per-realm in the application. After creating a realm, you can find your stream key in the realm settings.

Production Deployment

Prerequisites

  1. A server with the recommended specifications
  2. A domain name pointed to your server
  3. Ports 80, 443, 1935, 9999, 3333, 3478, and 10000-10009 open in your firewall

Deployment Steps

1. Prepare the Server

# Create application directory
sudo mkdir -p /opt/realms
cd /opt/realms

# Copy required files
# - docker-compose.prod.yml (rename to docker-compose.yml)
# - .env (configured with your secrets)
# - init.sql (from database/init.sql)
# - Server.xml (from ovenmediaengine/Server.xml)
# - config.json (from backend/config.json.example)

2. Configure Environment

# Copy and configure environment
cp .env.example .env
nano .env

# Update these for production:
# - Set all secrets (see Configuration section)
# - Set VITE_NAKAMA_HOST to your domain
# - Set VITE_NAKAMA_USE_SSL=true
# - Set APP_ENV=production

3. Configure SSL

The Certbot container handles automatic SSL certificate generation. Ensure:

  • Your domain's DNS A record points to your server
  • Ports 80 and 443 are accessible from the internet
# Set your email for Let's Encrypt notifications
export CERTBOT_EMAIL=admin@your-domain.com

4. Start Services

# Pull images and start
docker-compose -f docker-compose.prod.yml up -d

# Check status
docker-compose -f docker-compose.prod.yml ps

# View logs
docker-compose -f docker-compose.prod.yml logs -f

Firewall Configuration (UFW)

# Allow web traffic
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

# Allow streaming
sudo ufw allow 1935/tcp   # RTMP
sudo ufw allow 9999/udp   # SRT
sudo ufw allow 8088/tcp   # HLS proxy

# Allow WebRTC
sudo ufw allow 3333/tcp   # Signaling
sudo ufw allow 3478/udp   # STUN/TURN
sudo ufw allow 10000:10009/udp  # ICE candidates

# Enable firewall
sudo ufw enable

Updating

cd /opt/realms

# Pull latest images
docker-compose -f docker-compose.prod.yml pull

# Restart with new images
docker-compose -f docker-compose.prod.yml up -d

Troubleshooting

Health Checks

Check if services are healthy:

# View service status
docker-compose ps

# Check specific service health
docker inspect --format='{{.State.Health.Status}}' realms-drogon-backend-1

Health Check Endpoints

Service Endpoint
Backend API http://localhost:8080/api/health
Chat Service http://localhost:8081/
Nakama http://localhost:7350/healthcheck

Viewing Logs

# All services
docker-compose logs -f

# Specific service
docker-compose logs -f drogon-backend
docker-compose logs -f chat-service
docker-compose logs -f nakama

# Last 100 lines
docker-compose logs --tail=100 drogon-backend

Common Issues

Services won't start

# Check for port conflicts
sudo lsof -i :80
sudo lsof -i :443

# Verify .env file exists and has all required variables
cat .env | grep -v "^#" | grep -v "^$"

# Rebuild containers
docker-compose down
docker-compose up --build

Database connection errors

# Check PostgreSQL is healthy
docker-compose logs postgres

# Verify database credentials match .env
docker-compose exec postgres psql -U streamuser -d streaming -c "SELECT 1"

Stream not working

# Check OvenMediaEngine logs
docker-compose logs ovenmediaengine

# Verify stream key is correct
# Check that RTMP port 1935 is accessible
nc -zv your-domain 1935

SSL certificate issues

# Check Certbot logs
docker-compose logs certbot

# Manually request certificate
docker-compose exec certbot certbot certonly --webroot \
  --webroot-path=/var/www/certbot \
  -d your-domain.com

Reset Everything

# Stop all containers and remove volumes (WARNING: deletes all data)
docker-compose down -v

# Remove all images
docker-compose down --rmi all

# Fresh start
docker-compose up --build

Security Notes

  1. Never commit .env - Keep your secrets out of version control
  2. Rotate secrets regularly - Recommended every 90 days
  3. Restrict file permissions - chmod 600 .env
  4. Use strong passwords - Minimum 16 characters with mixed case, numbers, and symbols
  5. Keep Docker updated - Regularly update Docker and base images
  6. Enable firewall - Only expose necessary ports
  7. Use HTTPS - Always use SSL in production

License

See LICENSE file for details.