Whip ingest from OBS

[urlocalguru]

Internally I am having no issues with publishing to a blank temporary stream and no authenticaiton

----CONFIG----

streams:
  UrLocalGuru:
    - UrLocalGuru

----OBS Whip Server----
http://unraidbox:1984/api/webrtc?dst=UrLocalGuru

I am trying to provide a self-hosted low latency input stream for my friends to stream to me, where I then consolidate multi-view into a single stream.

Once I add authentication

----CONFIG----

api:
  username: "admin"  # default "", Basic auth for WebUI
  password: "pass"   # default "", Basic auth for WebUI

I can no longer publish from OBS using the above URL interally.
I do not want to present the API publically without some level of authentication on it - I also plan on placeing this behind SWAG mostly for the public HTTPS (.

Ideally I would be able to have my friends stream to https://publicIP:1984 and use a BearerToken to hit their stream feed. I could then keep the API interface authenticated with single or multiple credentials allowing me to manage and them to tune into private high quality streams.

Not sure if I just havent read the right part of the documetnation and am simply missing something crutcial.. but help would be appreciated

[AlexxIT]

You should add auth to OBS link - http://admin:pass@unraidbox:1984/api/webrtc?dst=UrLocalGuru
Or use some reverse proxy, like nginx, and share WebUI via auth only outside your network.

[urlocalguru]

So have been doing some playing and that does indeed work when the connection is internal, appreciate the info.

I configured my router to portforward 1984(tcp), 8554(tcp), 8555(tcp&udp) from internet to the docker instance. Externally hitting the web page is a non issue, but OBS is failing to send media.. figured this was due to the lack of the following config entry.. derp on my part

webrtc:
candidates:
- stun:8555

The next fun hurdle was my Unifi system flagged their connection as an attempted intrusion with the threat 'GPL WEB_SERVER DELETE attempt'.. I have told it to white list their IP's so hopefully thats no longer a problem. Initial testing looks good, will do some additional testing tomorrow again.

I am all for a better implementation and have both NGINX and Home Assist OS avalaible to me if those are better paths. I initially tried it behind HASS but failed to get an internal connection working with Browser as source or via the OBS WHIP config similar to above, but it immediatly fails..
http://HASSBox:8123/api/hassio_ingress//webrtc.html?dst=UrLocalGuru
not sure if I should be trying some version of http://HASSadmin:HASSpass@hassbox etc

With NGINX I havent done anything yet as I wanted to verify functinoality before I complicated things.. Can I use NGINX for auth? If so what methods are supported, and are the OBS connection strings similar?

[AlexxIT]

You can't use links to /hassio_ingress/. They locked over special HA auth.
If you want using one nginx for HA and go2rtc on same public port - you should use two different hostnames for routing.