dataforge/fn_registry
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity
Files
1cbbad9ff9cb361479b51437057ad74db9141f1a
fn_registry/dev/issues/0168-matrix-livekit-udp-range-expand.md
T
egutierrez 1cbbad9ff9 feat(matrix): 4 synapse quick wins applied + 6 follow-up issues 
Server-side homeserver.yaml on organic-machine VPS:
- encryption_enabled_by_default_for_room_type: invite -> all
- presence.enabled: false (block EDU metadata leak)
- url_preview_enabled: false (block SSRF + IP leak)
- msc4108 rendezvous endpoint uncommented (QR login)

Synapse restarted, /versions shows e2ee_forced.* + msc4108 unstable
features active. Backup at synapse_data/homeserver.yaml.bak.1779659423.

Issues opened for remaining gaps:
- 0165 LUKS for media_store (at-rest encryption)
- 0166 LiveKit TURN deploy (NAT traversal gap)
- 0167 STUN leak to Google (hardcode external_ip)
- 0168 UDP range expand 200 -> 500
- 0169 LIVEKIT_SECRET rotation (audit exposure)
- 0170 livekit.example.yaml rename hygiene

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-24 23:53:37 +02:00

1.7 KiB
Raw Blame History

id, title, status, type, domain, scope, priority, depends, blocks, related, created, updated, tags
id title status type domain scope priority depends blocks related created updated tags
0168 Ampliar UDP range LiveKit de 200 a 500 ports pendiente infra
matrix
app:element_matrix_chat baja
0166
2026-05-24 2026-05-24
matrix
livekit
scaling
webrtc

0168 — Ampliar UDP range LiveKit de 200 a 500 ports

Status: pendiente Created: 2026-05-24 Type: infra Priority: baja Domain: matrix Scope: app:element_matrix_chat Depends:Blocks:

Problema

LiveKit configurado con port_range_start: 50000, port_range_end: 50200 (200 ports UDP). Cada participante usa ~2 ports → cap ~100 participantes concurrentes sumando TODAS las calls del server. OK para uso personal hoy, justo si se anaden grupos simultaneos o reuniones >10 personas.

Objetivo

Sostener al menos 250 participantes concurrentes sin port exhaustion.

Plan

  1. Editar configs/livekit/livekit.yaml: port_range_end: 50500.
  2. Actualizar docker-compose.yml para exponer rango ampliado (300 puertos UDP adicionales).
  3. Abrir rango en firewall VPS (UFW/iptables).
  4. Restart stack LiveKit.
  5. Smoke test: call funciona.

Acceptance

  • docker port element_matrix_chat-livekit-1 muestra 50000-50500 UDP.
  • ss -lun | grep -c "0.0.0.0:50" >= 500 tras restart.
  • Call test OK.

Definition of Done

  • Repetibilidad: stack reinicia limpio.

Notas

docker-compose.yml actualmente lista los 200 ports uno a uno (verboso pero explicito). Considerar usar sintaxis "50000-50500:50000-50500/udp" para legibilidad.

NO incrementar a >1000 sin medir consumo memoria LiveKit — cada port asignado tiene overhead minimo pero acumula.

Reference in New Issue View Git Blame Copy Permalink