Hello,

I’ve attached a diagram of the setup I’m trying to achieve. Hopefully its clearer than trying to explain it with text…

Basically I’m trying to stream the camera to a selfhosted webpage.

The camera is connected to the VPN server

The stream is picked up on the Media Server (MediaMTX)

The stream is available from anywhere on the local network via whatever protocol MediaMTX offers. All good here.

The webserver set up is Nginx. Works fine.

A basic Wordpress site is set up and I can access it via a domain name over the internet with HTTPS.

What I’m struggling with is getting the “local stream” (read local IP) in to the website. I have WP plugins that let me embed streams, but I suspect the issue is the local IP is not available over the internet so you cant just point it to 192.X.X.X. Saying that though, even on my local network I cant see the stream.

So the questions are,

  1. how can I serve the stream to nginx/ wordpress and
  2. can I somehow have nginx treat the stream as a locally hosted resource that can proxy the stream to remote web browsers?

Ideally I dont want to open up a port on the LAN for a direct streaming to the internet which the website then points to as it seems a unsafe… But if that’s the only way then I guess it can’'t be helped.

Happy to provide more info if needed.

TIA

Edit: Wordpress is for a separate website project outside of the scope of this post. Only 1 page will be for the video player/ stream but there will be other uses for the website. Not just streaming

Edit 2: Seems the general consensus is that I do need to publicise my video stream.

I’ve just made my website accessible through its local IP and gotten embedded HLS and WebRTC streams working. Putting the domain back no longer plays the videos so its certainly a networking access issue or even a https issue as the streams are currently http.

I didn’t realise you could reverse proxy a video stream! (Even though i did once upon a time use the nginx rtmp server).

I’ve also been made aware of tailscale + funnel which does a similar thing without exposing my own domain.

I’ll have a go at reverse proxying it, which should also sort out the https issue and hopefully be done 🤞

You guys rock!

    • abominable_panda@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      3 days ago

      Reverse proxy the stream and reference itself in the reverse proxied website? Is there no way to do it internally in nginx?

      • EarMaster@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        3 days ago

        That’s the way to do it. The problem is that the request originates from the browser of you website visitor. You need to open a path for them to you media server. Nginx and it’s reverse proxy functionality is exactly what you need for that.

        • abominable_panda@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 days ago

          Seems this is the way to go amongst all the replies. Didn’t realise i could reverse proxy a camera stream! Thank you

      • Baggins [he/him]@lemmy.ca
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 days ago

        You do that in your nginx config, it’s only a few lines. Basically define the endpoint that you want to forward to the internal service then setup the destination IP and port.

  • Onomatopoeia@lemmy.cafe
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    2
    ·
    edit-2
    3 days ago

    Not seeing why you need WordPress.

    The safest way I can see to make a secure connection across an untrusted network is to use a VPN of some sort, specifically a mesh network like Wireguard or Tailscale.

    Tailscale has the advantage of being almost zero config, plus has the Serve and Funnel features which provide a mechanism to allow specific traffic into your Tailscale network.

    Edit: Tailscale Serve is probably what I’d use.

    • abominable_panda@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 days ago

      I need the website to serve to public users but the website itself is out of scope of this post.

      One of the pages will be a video player

      • Onomatopoeia@lemmy.cafe
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 days ago

        Yea, if you use Tailscale with Funnel, you get a secure connection with no config required by the web user.

        • abominable_panda@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          3 days ago

          Ooh i see. So Funnel provides an encrypted tunnel and proxy URL for the camera stream out of my network?

          So i point the video player to that “public” address and its good to go?

          Interesting!

  • lordnikon@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    2
    ·
    3 days ago

    Why Wordpress seems like a heavy solution for a basic web page and lots of maintenance and security vulnerabilities.

    • abominable_panda@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      3 days ago

      Free, self hostable, not subscription based, and lots of support. I’m making a whole website of which one page will be a “live stream”. Happy to explore other options though!

      Edit: It won’t be a high traffic production website btw. Just a basic one for a select few users

    • abominable_panda@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 days ago

      Seems this is the way to go amongst all the replies Didn’t realise i could reverse proxy a camera stream! Thank you

      • Lem453@lemmy.ca
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 days ago

        Most reverse proxies can only do http traffic. Traefik can do TCP and UDP, the camera is probably UDP

        • i_am_not_a_robot@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 days ago

          Mediamtx will receive video from the camera using whatever protocol the camera supports and make it accessible over HTTP.

          Make sure if you’re using an infinite file HTTP stream instead of DASH or HLS that you configure the timeouts on the reverse proxy appropriately or else your proxy might interrupt the video after some number of seconds. I’ve wasted a lot of troubleshooting time on proxy misconfiguration like that.

  • just_another_person@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    2
    ·
    3 days ago

    You can either connect whatever the WordPress host is on to your VPN and access the camera that way, or create a reverse proxy off of something connecting to the VPN. There’s no other way to transport a live video stream like this between points except by direct connection though.

    • abominable_panda@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 days ago

      Is that just to bring the webserver/ WordPress on to the same subnet? Because they already are at this point… everything’s on the 192.X subnet.

      At this point we can ignore the VPN and just assume I’m trying to pick the stream up from mediaMTX

      • just_another_person@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 days ago

        I’m missing something in your post then.

        Are you asking exactly what the mechanism for getting a direct video stream from a camera is? Depends on your camera, but it’s almost always RTSP.

        Are you sure your camera even supports streaming off camera? You can try opening an RTSP stream from the camera with VLC as a quick and simple test to find out.

        • abominable_panda@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          3 days ago

          Apologies if it wasn’t clear.

          Yes, I have an RTSP stream all the way to my local network. I can pick up the RTSP stream and also HLS, WebRTC etc. all locally. For all intents and purposes I have a stream ready to go on the local network at 192.168.X.A

          The webserver is also on 192.168.X.Y and serves wordpress just fine.

          I just dont know how to make the two talk. When I go to https:// website. com the embedded stream looking for 192.168.X.A doesn’t work

          However if I go directly to 192.168.X.A in my browser the stream works just fine (I’ve ommited ports in this comment)

          • just_another_person@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 days ago

            Then you need to go looking in your logs. You mentioned nginx, so go check those logs, or the WordPress logs and see if you can get any info. Wouldn’t hurt to also check your browser console output and see if there are any errors there when attempting to load the page.

    • abominable_panda@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      3 days ago

      I dont know… you tell us! There is a market for all sorts of things

      In any case this isn’t an OF/ kink kind of website, rest assured :)