Browser client microphone redirect not working
Closed this issue · 5 comments
Describe the issue:
- Trying to use Guacamole instead of Windows RDP Client for bidirectional audio fails at the client level. Remote machine is able to receive and send audio. Connections flowing through Guacamole have only incoming audio to the local machine. Browser never requests permissions for microphone usage. Providing the permission manually does not resolve the issue (Firefox). In Chrome can't even apply manual permissions, microphone permissions are grayed out.
Steps to reproduce the issue:
- Set up a Deb12 Linux host with xrdp. For installing xrdp installation used https://c-nergy.be/blog/?p=19228
- Installed Guacamole on a separate OpenNebula VM using the script from this repo
- Establish a connection from a Windows VM with Windows RDP Client. Check sound working both ways.
- Estalish a connection through Guacamole, sound works only one way and network latency is terrible
Describe the software environment:
- OS & version
- Debian12 Bookworm, xrdp, PipeWire platform OpenNebula VM
- Dedicated VM
- Tried running Guacamole in two types of containers previously (simplified one container version, official 3 container version)
Logs / screenshots / error outputs etc
TypeError: undefined has no properties
RawAudioRecorder all.min.js:10
getInstance all.min.js:9
t guacamole.c99aa30d916181eec243.js:17203
onstatechange guacamole.c99aa30d916181eec243.js:17341
Angular 2
$digest
$apply
onsync guacamole.c99aa30d916181eec243.js:17411
sync all.min.js:36
oninstruction all.min.js:38
oninstruction all.min.js:153
receive all.min.js:117
onmessage all.min.js:153
connect all.min.js:153
a all.min.js:156
connect all.min.js:156
connect all.min.js:38
connect guacamole.c99aa30d916181eec243.js:17596
Angular 13
k
$digest
$apply
k
v
onload
Pg
s
b
k
$digest
$apply
get
jQuery 2
dispatch
handle
angular.min.js:129:202
Angular 4
e
get
$digest
$apply
onsync guacamole.c99aa30d916181eec243.js:17411
sync all.min.js:36
oninstruction all.min.js:38
oninstruction all.min.js:153
receive all.min.js:117
onmessage all.min.js:153
(Async: EventHandlerNonNull)
connect all.min.js:153
a all.min.js:156
connect all.min.js:156
connect all.min.js:38
connect guacamole.c99aa30d916181eec243.js:17596
Angular 13
k
$digest
$apply
k
v
onload
(Async: EventHandlerNonNull)
Pg
s
b
k
$digest
$apply
get
jQuery 2
dispatch
handle
Troubleshooting steps already taken?:
- Extensively checked the remote Linux machine configuration for xrdp, but got confirmation that side is working by using a Windows RDP client, which had bidirectional audio working fine and latency was fine
- Checked for any issues from guacd logs. No specific issues present in the connection side logs. Audio streams seem to be created, xrdp ready to support incoming audio. The only apparent error is the client side.
Thanks for taking the time to assemble that info, give me a little time to absorb your issue here's my suggestion to start with:
Would you be able to assemble the same config in a Debian 11 system? This will help shorten the number of things and places to look at, as you can appreciate there's a lot of moving parts to Guac. Also, with your current system, eliminate the Nginx proxy and connect directly on port 8080 if you have not done this already. (check firewall as the script adds this) It is important to look at each step in the chain to figure where to head next.
also, just checking the obvious - have you checked the audio input setting in guacamole?
You may need to enble the sound server too. - A little down the page is some helpful decriptions:
https://docs.keeper.io/keeper-connection-manager/supported-protocols/rdp
Thanks for taking the time to asseble that info, give me a little time to absorb your issue here's my suggestion to start with:
Would you be able to assemble the same config in a Debian 11 system? This will help shorten the number of things and places to look at, as you can appreciate there's a lot of moving parts to Guac. Also, with your current system, eliminate the Nginx proxy and connect directly on port 8080 if you have not done this already. (check firewall as the script adds this) It is important to look at each step in the chain to figure where to head next.
I do have a xrdp on a Deb11 machine, but that one isn't running gnome and seems to have troubles related to the xrdp installer. I'll see if I can set up another machine with a more vanilla Deb11. I skipped setting up the Nginx proxy for now in an attempt to keep things simpler so I'm already connecting directly to port 8080 atm. I also avoided adding any other optional extras for now.
Enable audio input(microphone) has been enabled, and even tried disabling and re-enabling, but to no effect yet. I'll take a look at the sound server enabling, which I haven't seen before
SOLVED
I had just had a brainwave and ran up a final test... Doh! Broswers will not redirect microphones and other peripherals if not using encrypted channels.
I'd earlier noticed that if using just port 8080 and manually forcing the mic permissions in chrome it still does not work as the broswer kept reporting the following rule below that actually gets added to the mic, which is how I twigged:
If you install with Debian 11 or 12 and Nginx with the self signed TLS option, it all works fine and even prompts for the mic access in Chrome, Brave requires you hit a slider.
If you are still having issues make sure to clear out any mic access rules leftover (even for the same IP and machine name, clear browser cache too, restart broswer etc.
I found that Debian 12's recorded sound quality was was FAR better than with Debian 11, but your particular xrdp milage may vary of course.
SOLVED WITHOUT TLS
I had another think, and it turns out the there is a way in Chrome to access devices insecurely without Nginx and TLS. You need to be prepared to use Chrome though as I cant see that Firefox has this feature, but maybe you can find out more:
chrome://flags/#unsafely-treat-insecure-origin-as-secure
I've tested this and bidrectional audio works fine on http 8080 with this setting and no Nginx/TLS, really simple actually!