Skip to content

Glossary

TermDefinitionContext
SyncTV single binaryOne process hosts HTTP, public gRPC, WebSocket, management, providers, proxying, livestreaming, and cluster logicArchitecture, deployment, ports
PostgreSQLDurable business data store for users, rooms, permissions, provider instances, preferences, and audit dataAll deployments
RedisShared short-lived state and distributed coordination layerProduction, rate limits, OAuth2, multi-replica, cluster
data_dirRoot directory for runtime-owned local filesmanagement socket, logs, HLS, slice cache
ProviderAdapter that resolves external media into a playable URL or SyncTV proxy URLMedia integration and playback debugging
Provider credentialsTokens, cookies, API keys, or accounts needed by providersProvider administration and security
Provider headerUpstream request headers explicitly selected by a provider, such as User-Agent, Referer, or RangeMedia proxying and Range playback
proxyControlled forwarding layer where SyncTV fetches upstream media for clientsClients cannot direct-fetch or set required headers
slice cacheProxy cache for Range slices only, not full filesseeking, Range, media performance
HLSHTTP Live Streaming using playlists and segmentslivestreaming, multi-replica HLS storage
RTMPLivestream ingest protocolpublishing and firewall rules
HTTP-FLVLow-latency livestream playback formatlivestream playback
STUNWebRTC NAT assistance serviceWebRTC and built-in STUN
management gRPCControl plane used by CLI and operations commandsadministration and production security
public gRPCBusiness gRPC API usable by clients and SDKsSDKs and typed internal clients
WebSocket ticketShort-lived, one-time, room-bound credential for WebSocket authenticationbrowser realtime room connections
OPAQUEPassword authentication protocol where the server does not receive plaintext password verification materiallocal password login and security
OPAQUE setup secretLong-lived server secret for OPAQUE; keep stable across restarts and upgradesproduction secrets and login failures
JWT secretKey used to sign access, refresh, and guest tokenslogin and token rotation
credential encryption key64-character hex key used to encrypt provider credentialsprovider credential storage
CORS originBrowser origin consisting of scheme, host, and port, without a pathsplit frontend/API deployments
trusted proxyReverse proxy or Ingress trusted to provide real client IPrate limits, audit, security
runtime settingsDatabase-backed settings changed through management API/CLIOAuth2 providers and hot-updated system settings
cluster secretShared secret used to authenticate inter-node gRPC callsmulti-replica clusters
leader electionMechanism that selects one node to run certain background jobscluster and background tasks
Redis Stream catch-upMechanism for replaying missed events after a short node disconnectcluster realtime events
publisher-node proxyHLS model where non-publisher nodes read segments from the publishing node over gRPCmulti-replica livestreaming
fail-closedRejecting a business request when a critical dependency or event write fails, avoiding split database/cache statewrite operations, realtime events, transactional outbox
fanoutDistributing one business change to local connections, nodes, or subscribersWebSocket and cluster realtime events