bumble-auracast

A custom Certificate Authority (CA) is generated for your organization.
Each device/server is issued a certificate signed by this CA.
Customers can import the CA certificate into their OS/browser trust store, so the device's HTTPS connection is fully trusted (no browser warnings).

Usage

Generate Certificates
- Run generate_ca_and_device_cert.sh in src/auracast/server/.
- This creates:
  - ca_cert.pem / ca_key.pem (CA cert/key)
  - device_cert.pem / device_key.pem (device/server cert/key)
- Distribute ca_cert.pem to customers for installation in their trust store.
Start the Server
- Run run_http_and_https.sh in src/auracast/server/.
- This starts:
  - HTTP Streamlit on port 8500
  - HTTPS Streamlit on port 8501 (using the signed device cert)
Client Trust Setup
- Customers should install ca_cert.pem in their operating system or browser trust store to trust the HTTPS connection.
- After this, browsers will show a secure HTTPS connection to the device (no warnings).

Why this setup?

WebRTC and other browser features require HTTPS for local devices.
Using a local CA allows trusted HTTPS without needing a public certificate or exposing devices to the internet.
HTTP is also available for compatibility/testing.

Advertise Hostname with mDNS

To make your device discoverable as your-hostname.your-domain.local (e.g., box1.auracast.local) using mDNS/Avahi, you need to:

Manual Method (Step-by-Step)

Set the Hostname (Single Label, No Dots)
- Choose a simple hostname, e.g., box1 or auracast-box1 (do not use dots).
- Set it:
```
sudo hostnamectl set-hostname <your-new-hostname>
```

Update /etc/hosts for Local Resolution

Ensure 127.0.1.1 maps to your new hostname:

sudo grep -q '^127.0.1.1' /etc/hosts && sudo sed -i 's/^127.0.1.1.*/127.0.1.1   <your-new-hostname>/' /etc/hosts || echo '127.0.1.1   <your-new-hostname>' | sudo tee -a /etc/hosts

Configure Avahi Domain Name
- Edit the Avahi config:
```
sudo nano /etc/avahi/avahi-daemon.conf
```
- In the [server] section, set or add:
```
domain-name=auracast.local
```
- Save and close the file.
- Restart Avahi:
```
sudo systemctl restart avahi-daemon
```

(Optional) One-liner for Avahi Domain

DESIRED_DOMAIN="auracast.local"; sudo sed -i -E '/^\[server\]/,/^\s*\[/{s/^\s*(#\s*)?domain-name\s*=.*/domain-name='"$DESIRED_DOMAIN"'/}' /etc/avahi/avahi-daemon.conf && sudo systemctl restart avahi-daemon

Automated Method (Recommended for Most Users)

Instead of the manual steps above, you can use the provided script to perform all actions safely and atomically:

cd src/auracast/server
sudo ./change_domain_hostname.sh <new_hostname> <new_domain>

Example:

sudo ./change_domain_hostname.sh box1 auracast.local

The script will:
- Validate your input (no dots in hostname)
- Set the system hostname
- Update /etc/hosts
- Set the Avahi domain in /etc/avahi/avahi-daemon.conf
- Restart Avahi
- Print status and error messages

Use the manual method if you want to understand or customize each step, or the script for a quick, reliable setup.

Troubleshooting & Tips

Hostnames must not contain dots (.). Only use single-label names for the system hostname.
Avahi domain can be multi-label (e.g., auracast.local).
Clients may need libnss-mdns installed and /etc/nsswitch.conf configured with mdns4_minimal and mdns4 for multi-label mDNS names.
If you have issues with mDNS name resolution, check for conflicting mDNS stacks (e.g., systemd-resolved, Bonjour, or other daemons).
Some Linux clients may not resolve multi-label mDNS names via NSS—test with avahi-resolve-host-name and try from another device if needed.

After completing these steps, your device will be discoverable as <hostname>.<domain> (e.g., box1.auracast.local) on the local network via mDNS.