chore: shift all ports by +40000 to avoid defaults

8080->48080, 8889->48889, 8888->48888, 9997->49997, 8189->48189 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-05 20:52:50 -04:00
parent b217cbbc0f
commit c23e8799fe
5 changed files with 40 additions and 40 deletions
@@ -4,7 +4,7 @@ Configures NPM to:

 1. Serve `https://stream.hetherman.cloud` with TLS + Authentik forward auth,
   reverse-proxying HTTP traffic to the Windows gaming PC.
-2. Forward public UDP 8189 (WebRTC media) to the gaming PC via an NPM
+2. Forward public UDP 48189 (WebRTC media) to the gaming PC via an NPM
   **Stream** (L4 UDP proxy).

 Replace `<PC-LAN-IP>` with the LAN IP of the Windows gaming PC
@@ -22,9 +22,9 @@ Make sure your router forwards these to NPM (not to the PC directly):
 | Proto | External port | Internal target   |
 |-------|--------------|-------------------|
 | TCP   | 443          | NPM host, 443     |
-| UDP   | 8189         | NPM host, 8189    |
+| UDP   | 48189         | NPM host, 48189    |

-(TCP 443 is probably already forwarded for your other services; UDP 8189 is
+(TCP 443 is probably already forwarded for your other services; UDP 48189 is
 the new one for this app.)

 ## 3. NPM Proxy Host (HTTP)
@@ -38,7 +38,7 @@ In NPM, **Hosts -> Proxy Hosts -> Add Proxy Host**.
 | Domain Names     | `stream.hetherman.cloud`           |
 | Scheme           | `http`                             |
 | Forward Hostname | `<PC-LAN-IP>`                      |
-| Forward Port     | `8080`                             |
+| Forward Port     | `48080`                             |
 | Cache Assets     | off                                |
 | Block Common Exploits | on                            |
 | Websockets Support | **on** (WebRTC signaling works without this, but it costs nothing) |
@@ -49,9 +49,9 @@ forward-auth gating).

 | Location | Scheme | Forward Hostname | Forward Port |
 |----------|--------|------------------|--------------|
-| `/whep`  | `http` | `<PC-LAN-IP>`    | `8889`       |
-| `/hls`   | `http` | `<PC-LAN-IP>`    | `8888`       |
-| `/v3`    | `http` | `<PC-LAN-IP>`    | `9997`       |
+| `/whep`  | `http` | `<PC-LAN-IP>`    | `48889`       |
+| `/hls`   | `http` | `<PC-LAN-IP>`    | `48888`       |
+| `/v3`    | `http` | `<PC-LAN-IP>`    | `49997`       |

 **SSL tab:**

@@ -72,13 +72,13 @@ In NPM, **Hosts -> Streams -> Add Stream**.

 | Field             | Value         |
 |-------------------|---------------|
-| Incoming Port     | `8189`        |
+| Incoming Port     | `48189`        |
 | Forward Host      | `<PC-LAN-IP>` |
-| Forward Port      | `8189`        |
+| Forward Port      | `48189`        |
 | TCP               | **off**       |
 | UDP               | **on**        |

-Save. NPM (nginx `stream` module) now forwards public UDP 8189 to MediaMTX
+Save. NPM (nginx `stream` module) now forwards public UDP 48189 to MediaMTX
 on the gaming PC. This is the path WebRTC media takes after ICE negotiation.

 ## 5. Verify
@@ -95,7 +95,7 @@ on the gaming PC. This is the path WebRTC media takes after ICE negotiation.
   `/hls/game/index.m3u8`, and `/v3/paths/get/game` all return 200 (and not
   401/302).
 4. **UDP stream:** with OBS streaming, tail the NPM container logs - you
-   should see entries from the stream module for UDP connections on 8189.
+   should see entries from the stream module for UDP connections on 48189.
   Alternatively, from the NPM host run
-   `tcpdump -n -i any udp port 8189` and confirm packets flow while a
+   `tcpdump -n -i any udp port 48189` and confirm packets flow while a
   viewer is connected.