chore: shift all ports by +40000 to avoid defaults

8080->48080, 8889->48889, 8888->48888, 9997->49997, 8189->48189 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-05 20:52:50 -04:00
parent b217cbbc0f
commit c23e8799fe
5 changed files with 40 additions and 40 deletions
@@ -4,7 +4,7 @@ Configures NPM to:

 1. Serve `https://stream.hetherman.cloud` with TLS + Authentik forward auth,
   reverse-proxying HTTP traffic to the Windows gaming PC.
-2. Forward public UDP 8189 (WebRTC media) to the gaming PC via an NPM
+2. Forward public UDP 48189 (WebRTC media) to the gaming PC via an NPM
   **Stream** (L4 UDP proxy).

 Replace `<PC-LAN-IP>` with the LAN IP of the Windows gaming PC
@@ -22,9 +22,9 @@ Make sure your router forwards these to NPM (not to the PC directly):
 | Proto | External port | Internal target   |
 |-------|--------------|-------------------|
 | TCP   | 443          | NPM host, 443     |
-| UDP   | 8189         | NPM host, 8189    |
+| UDP   | 48189         | NPM host, 48189    |

-(TCP 443 is probably already forwarded for your other services; UDP 8189 is
+(TCP 443 is probably already forwarded for your other services; UDP 48189 is
 the new one for this app.)

 ## 3. NPM Proxy Host (HTTP)
@@ -38,7 +38,7 @@ In NPM, **Hosts -> Proxy Hosts -> Add Proxy Host**.
 | Domain Names     | `stream.hetherman.cloud`           |
 | Scheme           | `http`                             |
 | Forward Hostname | `<PC-LAN-IP>`                      |
-| Forward Port     | `8080`                             |
+| Forward Port     | `48080`                             |
 | Cache Assets     | off                                |
 | Block Common Exploits | on                            |
 | Websockets Support | **on** (WebRTC signaling works without this, but it costs nothing) |
@@ -49,9 +49,9 @@ forward-auth gating).

 | Location | Scheme | Forward Hostname | Forward Port |
 |----------|--------|------------------|--------------|
-| `/whep`  | `http` | `<PC-LAN-IP>`    | `8889`       |
-| `/hls`   | `http` | `<PC-LAN-IP>`    | `8888`       |
-| `/v3`    | `http` | `<PC-LAN-IP>`    | `9997`       |
+| `/whep`  | `http` | `<PC-LAN-IP>`    | `48889`       |
+| `/hls`   | `http` | `<PC-LAN-IP>`    | `48888`       |
+| `/v3`    | `http` | `<PC-LAN-IP>`    | `49997`       |

 **SSL tab:**

@@ -72,13 +72,13 @@ In NPM, **Hosts -> Streams -> Add Stream**.

 | Field             | Value         |
 |-------------------|---------------|
-| Incoming Port     | `8189`        |
+| Incoming Port     | `48189`        |
 | Forward Host      | `<PC-LAN-IP>` |
-| Forward Port      | `8189`        |
+| Forward Port      | `48189`        |
 | TCP               | **off**       |
 | UDP               | **on**        |

-Save. NPM (nginx `stream` module) now forwards public UDP 8189 to MediaMTX
+Save. NPM (nginx `stream` module) now forwards public UDP 48189 to MediaMTX
 on the gaming PC. This is the path WebRTC media takes after ICE negotiation.

 ## 5. Verify
@@ -95,7 +95,7 @@ on the gaming PC. This is the path WebRTC media takes after ICE negotiation.
   `/hls/game/index.m3u8`, and `/v3/paths/get/game` all return 200 (and not
   401/302).
 4. **UDP stream:** with OBS streaming, tail the NPM container logs - you
-   should see entries from the stream module for UDP connections on 8189.
+   should see entries from the stream module for UDP connections on 48189.
   Alternatively, from the NPM host run
-   `tcpdump -n -i any udp port 8189` and confirm packets flow while a
+   `tcpdump -n -i any udp port 48189` and confirm packets flow while a
   viewer is connected.
@@ -8,7 +8,7 @@ Prerequisites:

 - OBS Studio 30.0 or newer (WHIP output is built in from 30.x onward).
 - You already ran `.\scripts\install.ps1` in an elevated PowerShell, so
-  `bin\mediamtx.exe` exists and the `GameStream-UDP-8189` firewall rule is
+  `bin\mediamtx.exe` exists and the `GameStream-UDP-48189` firewall rule is
  registered (in the disabled state).

 ## 1. Load the OBS script
@@ -22,10 +22,10 @@ Prerequisites:
   | MediaMTX binary       | `<repo>\bin\mediamtx.exe`                                     |
   | MediaMTX config       | `<repo>\config\mediamtx.yml`                                  |
   | Frontend directory    | `<repo>\frontend`                                             |
-   | Frontend HTTP port    | `8080` (default)                                              |
-   | Firewall rule name    | `GameStream-UDP-8189` (must match the rule created by install.ps1) |
+   | Frontend HTTP port    | `48080` (default)                                              |
+   | Firewall rule name    | `GameStream-UDP-48189` (must match the rule created by install.ps1) |
   | Public URL            | `https://stream.hetherman.cloud`                              |
-   | MediaMTX API URL      | `http://127.0.0.1:9997`                                       |
+   | MediaMTX API URL      | `http://127.0.0.1:49997`                                       |

 4. Check the **Script Log** at the bottom - you should see
   `[game_stream] game_stream.py loaded`.
@@ -79,7 +79,7 @@ generous headroom. Push to 12000-15000 Kbps if you want higher quality.
 |----------|-----------------------------------------------|
 | Service  | Custom                                        |
 | Protocol | **WHIP**                                      |
-| Server   | `http://localhost:8889/game/whip`             |
+| Server   | `http://localhost:48889/game/whip`             |
 | Bearer Token | (leave blank)                             |

 Save.
@@ -88,9 +88,9 @@ Save.

 1. Click **Start Streaming**.
 2. Check the OBS Script Log - you should see:
-   - `Firewall rule 'GameStream-UDP-8189' ENABLED`
+   - `Firewall rule 'GameStream-UDP-48189' ENABLED`
   - `MediaMTX started (pid=...)`
-   - `Frontend HTTP server listening on 0.0.0.0:8080`
+   - `Frontend HTTP server listening on 0.0.0.0:48080`
   - `Viewers can watch at: https://stream.hetherman.cloud`
 3. Open `https://stream.hetherman.cloud` from another device, log in with
   Authentik, and verify video plays.
@@ -101,12 +101,12 @@ Click **Stop Streaming** in OBS. The script will:

 - Stop the MediaMTX subprocess
 - Stop the frontend HTTP server
- Disable the firewall rule (`GameStream-UDP-8189` -> disabled)
+- Disable the firewall rule (`GameStream-UDP-48189` -> disabled)

 Verify the firewall state from PowerShell:

 ```powershell
-Get-NetFirewallRule -DisplayName "GameStream-UDP-8189" | Select-Object Enabled
+Get-NetFirewallRule -DisplayName "GameStream-UDP-48189" | Select-Object Enabled
 ```

 Should report `False` while not streaming, `True` while streaming.
@@ -116,17 +116,17 @@ Should report `False` while not streaming, `True` while streaming.
 - **"MediaMTX binary not found"** in the script log: the path in the script
  properties panel is wrong. Re-select it with the file picker.
 - **OBS cannot connect to WHIP**: MediaMTX did not start. Check the script
-  log for the actual reason; most commonly a port conflict on 8889 or 8189
+  log for the actual reason; most commonly a port conflict on 48889 or 48189
  (another process is already using them).
 - **Viewers see "Stream offline"** even after you click Start Streaming:
  - Check that the MediaMTX API returns `ready: true`:
-    `curl http://localhost:9997/v3/paths/get/game`
+    `curl http://localhost:49997/v3/paths/get/game`
  - Check OBS's own streaming indicator - if it's red, OBS is not actually
    sending to WHIP. Verify the URL and that the custom service / WHIP
    protocol is selected.
 - **Viewers connect but playback freezes after a few seconds:** the UDP port
  path is broken. Verify the firewall rule is enabled (`Get-NetFirewallRule`),
-  the router port-forward to NPM for UDP 8189 is correct, and the NPM Stream
-  entry points at `<PC-LAN-IP>:8189`.
+  the router port-forward to NPM for UDP 48189 is correct, and the NPM Stream
+  entry points at `<PC-LAN-IP>:48189`.
 - **Autoplay is blocked / no audio:** browsers start the video muted so
  autoplay works. There is a "Click to unmute" button in the status bar.