You must setup Podman first.
Steps
- create screego directory in $HOME/podman
mkdir -p ~/podman/screego && cd ~/podman/screego - copy from compose.yml
nano compose.yml - copy from server.config
nano server.config - start screego
podman-compose -f ~/podman/screego/compose.yml systemd -a register systemctl --user enable --now podman-compose@screego
compose.yml
version: "3"
services:
screego:
image: docker.io/screego/server:amd64-1
container_name: screego
networks:
- traefik
volumes:
- ./server.config:/etc/screego/server.config
restart: unless-stopped
labels:
- "io.containers.autoupdate=registry"
networks:
traefik:
external: true
server.config
# The external ip of the server.
# When using a dual stack setup define both IPv4 & IPv6 separated by a comma.
# Execute the following command on the server you want to host Screego
# to find your external ip.
# curl 'https://api.ipify.org'
# Example:
# 192.168.178.2,2a01:c22:a87c:e500:2d8:61ff:fec7:f92a
#SCREEGO_EXTERNAL_IP=
# A secret which should be unique. Is used for cookie authentication.
SCREEGO_SECRET="<secret>"
# If TLS should be enabled for HTTP requests. Screego requires TLS,
# you either have to enable this setting or serve TLS via a reverse proxy.
SCREEGO_SERVER_TLS=false
# The TLS cert file (only needed if TLS is enabled)
#SCREEGO_TLS_CERT_FILE=
# The TLS key file (only needed if TLS is enabled)
#SCREEGO_TLS_KEY_FILE=
# The address the http server will listen on.
SCREEGO_SERVER_ADDRESS=0.0.0.0:5080
# The address the TURN server will listen on.
#SCREEGO_TURN_ADDRESS=0.0.0.0:3478
# Limit the ports that TURN will use for data relaying.
# Format: min:max
# Example:
# 50000:55000
#SCREEGO_TURN_PORT_RANGE=
# If true, the TURN server will compare the remote IP of the request with the
# remote ip of the existing WebSocket connection and deny access if it doesn't
# match. Disable this feature, if you use some kind of proxy which changes the
# remote ip.
SCREEGO_TURN_STRICT_AUTH=true
# If set, screego will not start TURN server and instead use an external TURN server.
# When using a dual stack setup define both IPv4 & IPv6 separated by a comma.
# Execute the following command on the server where you host TURN server
# to find your external ip.
# curl 'https://api.ipify.org'
# Example:
# 192.168.178.2,2a01:c22:a87c:e500:2d8:61ff:fec7:f92a
SCREEGO_TURN_EXTERNAL_IP=<ip>
# The port the external TURN server listens on.
SCREEGO_TURN_EXTERNAL_PORT=5000
# Authentication secret for the external TURN server.
SCREEGO_TURN_EXTERNAL_SECRET=<secret>
# If reverse proxy headers should be trusted.
# Screego uses ip whitelisting for authentication
# of TURN connections. When behind a proxy the ip is always the proxy server.
# To still allow whitelisting this setting must be enabled and
# the `X-Real-Ip` header must be set by the reverse proxy.
SCREEGO_TRUST_PROXY_HEADERS=true
# Defines when a user login is required
# Possible values:
# all: User login is always required
# turn: User login is required for TURN connections
# none: User login is never required
SCREEGO_AUTH_MODE=none
# Defines origins that will be allowed to access Screego (HTTP + WebSocket)
# The default value is sufficient for most use-cases.
# Example Value: https://screego.net,https://sub.gotify.net
#SCREEGO_CORS_ALLOWED_ORIGINS=
# Defines the location of the users file.
# File Format:
# user1:bcrypt_password_hash
# user2:bcrypt_password_hash
#
# Example:
# user1:$2a$12$WEfYCnWGk0PDzbATLTNiTuoZ7e/43v6DM/h7arOnPU6qEtFG.kZQy
#
# The user password pair can be created via
# screego hash --name "user1" --pass "your password"
#SCREEGO_USERS_FILE=/root/users.txt
# Defines the default value for the checkbox in the room creation dialog to select
# if the room should be closed when the room owner leaves
SCREEGO_CLOSE_ROOM_WHEN_OWNER_LEAVES=true
# The loglevel (one of: debug, info, warn, error)
SCREEGO_LOG_LEVEL=debug
# If screego should expose a prometheus endpoint at /metrics. The endpoint
# requires basic authentication from a user in the users file.
SCREEGO_PROMETHEUS=false