Adds a dedicated deploy bundle under deploy/truenas/core/ so the
real root Core binary — with the M2 WebRTC subsystem wired in —
can replace the M1 webrtc-poc stack on the TrueNAS host.
- Dockerfile: two-stage build on golang:1.24-alpine3.20 + alpine:3.20
runtime. FFmpeg is bundled so restream processes have their
subprocess path ready. Copies the core binary from core/core
(Go places the output file inside the core/ package directory
because it can't overwrite a directory with a file) plus import
and ffmigrate from the repo root.
- docker-compose.yml: host-networked Core service, env-driven
config (CORE_ADDRESS, CORE_API_AUTH_*, CORE_WEBRTC_ENABLE,
CORE_WEBRTC_PUBLIC_IP), with config/ and data/ bind mounts.
- README.md: M1→M2 cutover notes, one-time setup, JWT smoke test
against /api/v3/whep/:id, and teardown.
Verified: make release + make import + make ffmigrate all
cross-compile cleanly for linux/amd64; go build ./... and
go test ./... pass on the branch.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- core/webrtc: NewSourceOn(streamID, host, port) allows binding the
RTP UDP socket on something other than 127.0.0.1, required when the
PoC runs in a container and must accept RTP from LAN publishers.
NewSource(streamID, port) stays as a convenience wrapper on
127.0.0.1 for existing tests and tight local tests.
- cmd/webrtc-poc: new -rtp-host flag (default 127.0.0.1 for safety).
- deploy/docker/Dockerfile: two-stage build, scratch runtime, ~14 MB.
- deploy/truenas/docker-compose.yml: host-networked stack template
driven by a .env file. Host networking is required for WebRTC ICE
to work without NAT rewriting per-candidate.
- deploy/truenas/README.md: operator runbook with port picking,
bring-up, verification curls, and security notes.
