May 19, 2020

Setup nextcloud-spreed-signaling standalone server on Ubuntu

Thanks to struktur AG, which released the open source version of the standalone signaling server for Nextcloud Talk, you can now run your own version of the Talk High Performance Backend. Awesome work and good move!

I’ve grabbed the sources immediately and built a HPB on one of my tiny VPS (VPS 200 G8 hosted by netcup).

Notice: Your setup might differ a lot (or won’t apply at all as your’re using different OS, Webserver, …). This is just a writeup of steps i took to make it work.

There’s also a pull request containing a dockerized setup.


  • a Ubuntu server (despite the software should be available for other systems too, i’ll only cover Ubuntu)
  • Nextcloud with Talk installed and enabled (not necessarily the machine you want to run HPB on, my NC server is private while the signaling server is public)
  • a server with a public network interface (port forwarding works too)


Janus WebRTC Server

  • install the janus package from the repo (up to date backports for Ubuntu Bionic/Focal can be found here):
    • sudo apt install janus
  • create a random api key for turn server usage: openssl rand -base64 16 (will be used in nextcloud-spreed-signaling later)
  • edit /etc/janus/janus.jcfg (.cfg in older versions), search for turn_rest_api_key and insert the generated key
  • search for the line full_trickle = true and uncomment
  • edit /etc/janus/janus.transport.http.jcfg and set interface = "lo" in the general section
  • edit /etc/janus/janus.transport.websockets.jcfg and set interface = "lo" in the general section
  • restart janus service: systemctl restart janus (do not forget to enable on boot: systemctl enable janus)

Janus is listening on localhost interface and will be hidden by the HBP.

Coturn TURN Server

Follow Nextcloud HowTo.

NATS server

The NATS messaging server can be installed in various ways. I’ve also created apt packages here which i’m using.

nextcloud-spreed-signaling server (HPB)

Either build the binary yourself (see here) or use my prebuilt ubuntu packages.

  • create /etc/signaling/server.conf and copy content from the example
  • create 2 random hex keys:
    • openssl rand -hex 16
  • adjust config file:
    • uncomment the http listener
    • add first random hex key to parameter hashkey below [sessions]
    • add second random hex key to parameter blockkey below [sessions]
    • add the apikey from janus first step to [turn] section’s apikey parameter
    • add the turn server (e.g. servers = turn:your.public.fqdn:3478?transport=tcp)
    • add url = ws:// to [mcu] sections url parameter

Start the standalone signaling server: systemctl restart signaling.

It is advised to listen on localhost and put a reverse proxy in front of the gateway. I’m using Caddy, see next section.

Caddy Reverse Proxy

  • grab latest debian package from Caddy releases
  • install caddy package apt-get -y install ./caddy_2.0.0_linux_<arch>.deb
  • edit /etc/caddy/Caddyfile and insert sections for janus and signaling server:
your.public.fqdn {
  route /standalone-signaling/* {
    uri strip_prefix /standalone-signaling


  • 2020-06-06: revert janus to localhost without reverse proxy
  • 2020-05-26: added NATS server section