Skip to content

Live Streaming Integration Guide

1. Overview

This guide provides detailed instructions to deploy the Meet Altegon Live Streaming Platform in a Dockerized environment, integrating:

  • Frontend (Meet Altegon)
  • API Server (altegon-meet-api) for business logic and security (via X_API_KEY)
  • Recording Socket (for recording)
  • HLS (handling real-time video/audio streams and rooms)

The architecture uses Docker for deployment and is secured with HTTPS via Nginx.

2. Network and Firewall Requirements

Ensure the following ports are open:

Port Protocol Purpose Service
80 TCP HTTP (Redirect to HTTPS) Nginx
443 TCP HTTPS Frontend & API Nginx → altegon-meet-api (8000)
8000 or /api TCP API Backend (/api, /socket.io.backend/) Nginx → localhost:8000
/recording-socket TCP Recording Socket (/recording-socket/ & /recording-socket/socket.io/) Nginx → localhost:3006 (Docker)

3. Prerequisites & System Requirements

Required Utilities

  • bash, curl, wget, tar, xz-utils

Required Packages

  • Docker Engine – For containerization
  • Docker Compose – For managing multi-container applications
  • Node.js & npm – For running the API services
  • Nginx – Reverse proxy & HTTPS configuration
  • Certbot – For SSL certificate generation & renewal
  • MongoDB & Redis – Required for Recording Socket service
  • FFmpeg – For video/audio processing
  • Redis - Used for session management, signaling, and as a message broker between services

Redis Configuration

Ensure Redis is configured as master and accessible.

Edit redis.conf: 

# Allow external access
bind 0.0.0.0

# Require authentication
requirepass securedpassword

# Always master (don’t accept replication)
replica-serve-stale-data no
replica-read-only no

FFmpeg Setup

Install FFmpeg and ensure consistent version across systems.

cd /usr/local/bin
wget https://github.com/BtbN/FFmpeg-Builds/releases/download/latest/ffmpeg-master-latest-linux64-gpl.tar.xz
tar -xf ffmpeg-master-latest-linux64-gpl.tar.xz
cp ffmpeg-master-latest-linux64-gpl/bin/ffmpeg /usr/local/bin/
cp ffmpeg-master-latest-linux64-gpl/bin/ffprobe /usr/local/bin/

Verify: 

ffmpeg -version
ffmpeg -filters | grep drawtext

4. Setup Instructions

Backend Server Setup

Purpose:

  • Provides X-API-Key based authentication
  • Implements business logic
  • Manages client-specific features
  • Adds a secure layer between clients and core video engine

Steps:

Clone the Repository
git clone git@github.com:Altegon/altegon-meet-apis.git
cd altegon-meet-apis
git checkout dev
Create the Dockerfile
FROM node:18
WORKDIR /usr/src/app
RUN apt-get update && apt-get install -y nano curl bash && rm -rf /var/lib/apt/lists/*
COPY package*.json ./
RUN npm install --production --legacy-peer-deps
COPY . .
EXPOSE 8000
CMD ["node", "app.js"]
Build the Docker Image
sudo docker build -t altegon/altegon-meet-apis:latest .
Run the Docker Container
- Ensure /opt/altegon-meet-apis/.env exists with MongoDB, Redis, and JWT credentials.

bash sudo docker run -d --restart always \ -v /opt/altegon-meet-apis/.env:/usr/src/app/.env \ -v /opt/altegon-meet-apis/public:/usr/src/app/public \ -p 8000:8000 \ --name altegon-meet-apis \ altegon/altegon-meet-apis:latest

HLS Server Setup

Purpose:

Handles live streaming data generation.

Prerequisites

Before deployment, ensure the following dependencies are installed on your system:

Dependency Version (Recommended)
Node.js v18.x or higher
npm v9.x or higher
MongoDB v5.x or higher
PM2 (for production) latest
Git latest
FFmpeg Latest GPL build from BtbN repository
Server Access SSH access to the target server with sudo/root privileges

Steps:

Clone the Repository

SSH into the deployment server and navigate to the desired working directory (e.g., /opt):

cd /opt
git clone git@github.com:Altegon/stream-apis.git
Checkout the Streaming Branch

Switch to the go-live-meet branch which contains the live streaming configuration:

cd stream-apis
git checkout go-live-meet
Configure Environment Variables

Create a .env file in the project root directory (/opt/Boxzed-star-apis/.env) and add the following content:

SERVER_PORT=3046
MONGO_URL=Your_MongoDB_URL
DATABASE_NAME=YOUR_DB_NAME

Note:
Ensure MongoDB is running and accessible.

Start the Application

You can start the Altegon Live Streaming server in one of the following ways:

Option 1: Development Mode

For testing or development:

npm run dev

Option 2: Production Mode with PM2

For production deployments, use PM2 to manage and persist the process:

npm install -g pm2
pm2 start app.js --name altegon-stream

To monitor and manage the app:

pm2 status
pm2 logs altegon-stream
Verify the Deployment

Once the service is running, verify it by checking if the server responds:

curl http://Your_Server_IP:3046

Expected Output:
You should receive a response indicating that the API is active.

Deployment Complete!

Your Altegon Live Streaming Server should now be running successfully.

SSL Certificate Setup (Certbot)

Setup:

sudo apt install certbot python3-certbot-nginx
sudo certbot certonly --nginx -d domain-name

Auto-renew SSL:

sudo crontab -e
0 0 * * * certbot renew --quiet

5. Post-Setup Configuration

MongoDB “services” Collection

{
  "name": "superService",
  "key": "any5DigitKey",
  "rooms": []
}

Update Nuve Config

config.nuve.dataBaseURL = "YourMongoDbConnectionString";
config.nuve.dataBaseName = "DBName";
config.nuve.superserviceID = "serviceID";
config.nuve.superserviceKey = "ServiceKey";

WebRTC ICE Servers

config.erizoController.iceServers = [
  { url: 'stun:stun.l.google.com:19302' },
  { url: 'turn:yourDomain:3478?transport=tcp', username: 'coturn_user', credential: 'yourPassword' },
  { url: 'turn:yourDomain:3478?transport=udp', username: 'coturn_user', credential: 'yourPassword' },
  { url: 'turns:relay.sawt.app:5349?transport=tcp', username: 'coturn_user', credential: 'yourPassword' }
];

Example Nginx Configuration

# Redirect HTTP to HTTPS
server {
    listen 80;
    listen [::]:80;
    server_name yourDomainNameHere;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name yourDomainNameHere;

    ssl_certificate /etc/ssl/altegon/yourDomainNameHere.pem;
    ssl_certificate_key /etc/ssl/altegon/yourDomainNameHere.key.pem;

    # Altegon Meet API service
    location /api/ {
        proxy_pass http://localhost:8000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    # WebSocket handling
    location /socket.io/ {
        proxy_pass http://localhost:8000/socket.io/;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
    }

    # Video Engine Controller (Nuve)
    location /nuve/ {
        proxy_pass http://localhost:3010/;
        proxy_http_version 1.1;
    }

    # Secondary Video Engine
    location /nuve2/ {
        proxy_pass http://localhost:3011/;
        add_header 'Access-Control-Allow-Origin' '*';
    }

    # WebSocket for Video Engine
    location /socket.io.nuve/ {
        proxy_pass http://localhost:8081/socket.io/;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 86400;
    }

    # Recording Socket Service
    location /recording-socket/ {
        proxy_pass http://localhost:3006/;
        add_header 'Access-Control-Allow-Origin' '*';
    }

    location /recording-socket/socket.io/ {
        proxy_pass http://localhost:3006/socket.io/;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }

    access_log /var/log/nginx/access_prod.altegon.com.log;
    error_log /var/log/nginx/error_prod.altegon.com.log;
}

6. Recording Server Setup

Clone the Project

git clone git@github.com:Altegon/recording-socket.git
cd recording-socket
git checkout live

Create Host Folders

sudo mkdir -p /opt/altegon-meet-apis/public
sudo chmod -R 777 /opt/altegon-meet-apis/public

Create .env File

/opt/recording-socket/.env

PORT=3006
RECORDING_DIR_PATH=/opt/altegon-meet-apis/public
SERVER_URL=https://demo.altegon.com
X_API_KEY=YourXApiKey

Dockerfile

FROM node:20-slim
WORKDIR /app
RUN apt-get update && apt-get install -y wget xz-utils ca-certificates && rm -rf /var/lib/apt/lists/*
RUN cd /usr/local/bin && \
    wget https://github.com/BtbN/FFmpeg-Builds/releases/download/latest/ffmpeg-master-latest-linux64-gpl.tar.xz && \
    tar -xf ffmpeg-master-latest-linux64-gpl.tar.xz && \
    cp ffmpeg-master-latest-linux64-gpl/bin/ffmpeg /usr/local/bin/ && \
    cp ffmpeg-master-latest-linux64-gpl/bin/ffprobe /usr/local/bin/ && \
    rm -rf ffmpeg-master-latest-linux64-gpl*
COPY package*.json ./
RUN npm install --legacy-peer-deps
COPY . .
EXPOSE 3006
CMD ["node", "index.js"]

Build and Run

sudo docker build -t altegon/recording-socket:latest .
sudo docker run -d \
  --restart always \
  -v /opt/recording-socket/.env:/app/.env \
  -v /opt/altegon-meet-apis/public:/app/public \
  -p 3006:3006 \
  --name recording-socket \
  altegon/recording-socket:latest

7. Azure Blob Storage Setup

Overview

Azure Blob Storage is used for storing recorded meetings. This section guides you through creating and configuring an Azure Blob Storage account.

Prerequisites

  • Active Azure subscription
  • Access to Azure Portal

Create Storage Account via Azure Portal

Steps:

1. Sign in to Azure Portal
Navigate to: https://portal.azure.com
2. Create a New Storage Account
  1. Click "Create a resource"
  2. Search for "Storage account"
  3. Click "Create"
3. Configure Basic Settings
Field Value Description
Subscription Select your subscription Choose active Azure subscription
Resource Group Create new or select existing Logical container for resources
Storage Account Name altegonmeetingstorage Must be globally unique, 3-24 lowercase letters/numbers
Region Select closest region Choose region nearest to your deployment
Performance Standard Use Premium only for high IOPS requirements
Redundancy LRS or GRS LRS for cost-effective, GRS for geo-redundancy
4. Advanced Settings
  • Security:
  • Enable secure transfer (HTTPS): Required
  • Enable blob public access: Disabled (for security)

  • Enable storage account key access: Enabled

  • Blob Storage:

  • Access tier: Hot (for frequently accessed data)
  • Enable hierarchical namespace: Optional (for Data Lake Gen2)
5. Networking
  • Connectivity method:
  • Public endpoint (all networks) - for initial setup
  • Consider Private endpoint for production
6. Review and Create
  • Review all settings
  • Click "Create"
  • Wait for deployment to complete (usually 1-2 minutes)

Create Blob Container

Steps:

1. Navigate to Storage Account
Portal → Storage Accounts → Select your storage account
2. Create Container
  1. In the left menu, click "Containers"
  2. Click "+ Container"
  3. Configure:
  4. Name: recordings
  5. Public access level: Private (no anonymous access)
  6. Click "Create"

Retrieve Connection Credentials

Access Keys

Via Azure Portal:
Storage Account → Security + networking → Access keys

Copy the following:

  • Storage account name: altegonmeetingstorage

  • Key1 or Key2: Long base64 string

  • Connection string: Complete connection string

Connection String Format:

DefaultEndpointsProtocol=https;
AccountName=altegonmeetingstorage;
AccountKey=your-account-key-here;
EndpointSuffix=core.windows.net

Environment Configuration

Update Backend .env File

Add the following to /opt/altegon-meet-apis/.env:

# Azure Blob Storage Configuration
AZURE_STORAGE_CONNECTION_STRING=your-connection-string-here
AZURE_STORAGE_CONTAINER_NAME=recordings

Restart Backend Service

sudo docker restart altegon-meet-apis

Security Best Practices

1. Use Shared Access Signatures (SAS)

Generate time-limited SAS tokens instead of using account keys:

# Via Azure CLI
az storage container generate-sas \
  --account-name altegonmeetingstorage \
  --name recordings \
  --permissions rwdl \
  --expiry 2024-12-31T23:59:59Z \
  --https-only

2. Enable Versioning

Track changes to blobs:

Storage Account → Data protection → Enable versioning for blobs

3. Configure Network Rules

Restrict access to specific IPs or VNets:

Storage Account → Security + networking → Networking
→ Selected networks
→ Add your server IP addresses

4. Enable Azure Defender

Monitor for security threats:

Storage Account → Security + networking → Microsoft Defender for Cloud
→ Enable Microsoft Defender for Storage

CLI Alternative Setup

For automated provisioning via Azure CLI:

# Login to Azure
az login

# Create Resource Group
az group create --name altegon-resources --location eastus

# Create Storage Account
az storage account create \
  --name altegonmeetingstorage \
  --resource-group altegon-resources \
  --location eastus \
  --sku Standard_LRS \
  --kind StorageV2 \
  --https-only true \
  --min-tls-version TLS1_2

# Create Container
az storage container create \
  --name recordings \
  --account-name altegonmeetingstorage \
  --public-access off

# Get Connection String
az storage account show-connection-string \
  --name altegonmeetingstorage \
  --resource-group altegon-resources \
  --output tsv

Verify Configuration

Test Upload via Azure Portal:

  1. Navigate to Container
  2. Click "Upload"
  3. Select a test file
  4. Verify successful upload

Test via Backend Service:

Check backend logs for Azure Storage connectivity:

docker logs altegon-meet-apis | grep -i azure

Test File Operations:

Ensure the backend can: - Upload files to blob storage - Generate SAS tokens for secure access - List files in containers - Delete files when needed

8. Dockerized Altegon Frontend

Overview

Frontend Repo: git@github.com:Altegon/meet.git (branch: qa/live) RTC Library: git@github.com:Altegon/rtc-lib.git (branch: meet-altegon)

Directory Structure

/opt/
 └── meet/
      ├── rtc-lib/
          ├── dist/rtc-lib/
          └── package.json
      ├── src/
      ├── package.json
      ├── Dockerfile
      ├── nginx.conf
      └── angular.json

Build RTC Library

cd /opt/meet/rtc-lib
npm install --legacy-peer-deps
npm run build

Dockerfile

FROM node:18 AS build
WORKDIR /app
COPY package.json package-lock.json ./
RUN npm install --legacy-peer-deps
COPY . .
WORKDIR /app/rtc-lib/dist/rtc-lib
RUN npm link
WORKDIR /app
RUN npm link rtc-lib
RUN npm run build --prod

FROM nginx:alpine
COPY --from=build /app/dist/my-app /usr/share/nginx/html
COPY nginx.conf /etc/nginx/conf.d/default.conf
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]

.dockerignore

node_modules
dist
rtc-lib/node_modules
rtc-lib/dist
.git
.gitignore
Dockerfile
.dockerignore
tmp
.env
*.log

nginx.conf

server {
    listen 80;
    server_name localhost;

    root /usr/share/nginx/html;
    index index.html;

    location / {
        try_files $uri $uri/ /index.html;
    }

    location = /robots.txt {}
    location = /favicon.ico {}
}

Build and Run

docker build -t altegon-meet .
docker run -d --name altegon-meet -p 4200:80 altegon-meet

Access: 

http://<your-server-ip>:4200

Check logs: 

docker logs altegon-meet