Nextcloud Talk video not opening

ℹ️ Support 💬 Talk (spreed)
, ,
1

Support Ticket Summary: Nextcloud Talk Signaling & Video Issue

1. Business Problem:

Video calling via Nextcloud Talk was not functioning. Users received errors when initiating calls. Guest users in particular were unable to establish video connections. This impacted real-time communication for internal and external users.

2. Observed Errors:

  • Browser Console: “Failed to establish signaling connection. Something might be wrong in the signaling server configuration.”
  • Console Logs repeatedly showed:
Connecting to wss://www.scalenowai.com.au/spreed/spreed
Hello response received { id: "1", type: "error", error: {...} }
Close code: 1005
  • Apache logs showed repeated proxy_fcgi rejections:
mod_proxy_fcgi.c(1068): declining URL ws://127.0.0.1:8089/spreed
  • Browser security warnings:
Content Security Policy directive 'connect-src' contains an invalid source: 'turn:www.scalenowai.com.au:3478'. It will be ignored.

3. Root Cause:

  • The configured signaling server URL had an incorrect path (/spreed/spreed instead of /spreed).
  • Content Security Policy (CSP) headers did not allow TURN URLs to be used by the browser.
  • Apache reverse proxy rules were not correctly handling WebSocket upgrades for the signaling server.

4. Steps Taken to Fix the Issue:

Step 1: Fixed signaling server path in Nextcloud config

sudo -u www-data php /var/www/nextcloud/occ config:app:delete spreed signaling_server
sudo -u www-data php /var/www/nextcloud/occ config:app:set spreed signaling_server --value="wss://www.scalenowai.com.au/spreed"

Step 2: Ensured coturn was running and listening on UDP 3478

sudo systemctl status coturn
sudo netstat -tulnp | grep 3478

Step 3: Updated Apache CSP headers in scalenow.conf

Header set Content-Security-Policy "default-src 'self'; connect-src 'self' wss://www.scalenowai.com.au/spreed turn:scalenowai.com.au:3478?transport=udp turn:scalenowai.com.au:3478?transport=tcp; ..."

Step 4: Validated Apache proxy rules for WebSocket

<Location /spreed>
    ProxyPass "ws://127.0.0.1:8089"
    ProxyPassReverse "ws://127.0.0.1:8089"
    ProxyPreserveHost On
</Location>

Step 5: Restarted relevant services

sudo systemctl restart apache2
sudo systemctl restart php8.1-fpm

5. Result:

  • WebSocket signaling connection now succeeds.
  • Users can connect to wss://www.scalenowai.com.au/spreed without errors.
  • Video calls work for registered users.

6. Remaining Issue:

  • Guest users can join but their video is not visible.
  • Likely causes: WebRTC permissions, firewall/NAT traversal, or TURN server authentication.
  • Further debugging of TURN server credentials and permissions may be needed.
  • Any advise external fraternity