Add italian to language selector #115

Merge pull request #115 from LeoSpyke/master
i18n: adds Italian locale
2026-03-11 23:39:10 +00:00 · 2023-10-22 20:00:10 +02:00 · 2023-10-22 19:56:55 +02:00 · 2023-10-20 14:35:09 +02:00 · 2023-10-20 13:31:02 +02:00 · 2023-09-15 08:17:12 +00:00
25 changed files with 1687 additions and 318 deletions
--- a/README.md
+++ b/README.md
@@ -227,6 +227,10 @@ Next to attaching the configuration file, it is also possible to override the co
 | `AGENT_KERBEROSVAULT_DIRECTORY`         | The directory, in the provider, where the recordings will be stored in.                         | ""                             |
 | `AGENT_DROPBOX_ACCESS_TOKEN`            | The Access Token from your Dropbox app, that is used to leverage the Dropbox SDK.               | ""                             |
 | `AGENT_DROPBOX_DIRECTORY`               | The directory, in the provider, where the recordings will be stored in.                         | ""                             |
+| `AGENT_ENCRYPTION`                      | Enable 'true' or disable 'false' end-to-end encryption through MQTT (recordings will follow).   | "false"                        |
+| `AGENT_ENCRYPTION_FINGERPRINT`          | The fingerprint of the keypair (public/private keys), so you know which one to use.             | ""                             |
+| `AGENT_ENCRYPTION_PRIVATE_KEY`          | The private key (assymetric/RSA) to decryptand sign requests send over MQTT.                    | ""                             |
+| `AGENT_ENCRYPTION_SYMMETRIC_KEY`        | The symmetric key (AES) to encrypt and decrypt request send over MQTT.                          | ""                             |

 ## Contribute with Codespaces

--- a/machinery/data/config/config.json
+++ b/machinery/data/config/config.json
@@ -111,5 +111,6 @@
 	"hub_key": "",
 	"hub_private_key": "",
 	"hub_site": "",
-	"condition_uri": ""
+	"condition_uri": "",
+	"encryption": {}
 }
--- a/machinery/docs/docs.go
+++ b/machinery/docs/docs.go
@@ -54,6 +54,35 @@ const docTemplate = `{
                }
            }
        },
+        "/api/camera/onvif/gotopreset": {
+            "post": {
+                "description": "Will activate the desired ONVIF preset.",
+                "tags": [
+                    "camera"
+                ],
+                "summary": "Will activate the desired ONVIF preset.",
+                "operationId": "camera-onvif-gotopreset",
+                "parameters": [
+                    {
+                        "description": "OnvifPreset",
+                        "name": "config",
+                        "in": "body",
+                        "required": true,
+                        "schema": {
+                            "$ref": "#/definitions/models.OnvifPreset"
+                        }
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "OK",
+                        "schema": {
+                            "$ref": "#/definitions/models.APIResponse"
+                        }
+                    }
+                }
+            }
+        },
        "/api/camera/onvif/login": {
            "post": {
                "description": "Try to login into ONVIF supported camera.",
@@ -112,6 +141,35 @@ const docTemplate = `{
                }
            }
        },
+        "/api/camera/onvif/presets": {
+            "post": {
+                "description": "Will return the ONVIF presets for the specific camera.",
+                "tags": [
+                    "camera"
+                ],
+                "summary": "Will return the ONVIF presets for the specific camera.",
+                "operationId": "camera-onvif-presets",
+                "parameters": [
+                    {
+                        "description": "OnvifCredentials",
+                        "name": "config",
+                        "in": "body",
+                        "required": true,
+                        "schema": {
+                            "$ref": "#/definitions/models.OnvifCredentials"
+                        }
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "OK",
+                        "schema": {
+                            "$ref": "#/definitions/models.APIResponse"
+                        }
+                    }
+                }
+            }
+        },
        "/api/camera/onvif/zoom": {
            "post": {
                "description": "Zooming in or out the camera.",
@@ -317,8 +375,15 @@ const docTemplate = `{
        "models.APIResponse": {
            "type": "object",
            "properties": {
+                "can_pan_tilt": {
+                    "type": "boolean"
+                },
+                "can_zoom": {
+                    "type": "boolean"
+                },
                "data": {},
-                "message": {}
+                "message": {},
+                "ptz_functions": {}
            }
        },
        "models.Authentication": {
@@ -621,6 +686,17 @@ const docTemplate = `{
                }
            }
        },
+        "models.OnvifPreset": {
+            "type": "object",
+            "properties": {
+                "onvif_credentials": {
+                    "$ref": "#/definitions/models.OnvifCredentials"
+                },
+                "preset": {
+                    "type": "string"
+                }
+            }
+        },
        "models.OnvifZoom": {
            "type": "object",
            "properties": {
--- a/machinery/docs/swagger.json
+++ b/machinery/docs/swagger.json
@@ -46,6 +46,35 @@
                }
            }
        },
+        "/api/camera/onvif/gotopreset": {
+            "post": {
+                "description": "Will activate the desired ONVIF preset.",
+                "tags": [
+                    "camera"
+                ],
+                "summary": "Will activate the desired ONVIF preset.",
+                "operationId": "camera-onvif-gotopreset",
+                "parameters": [
+                    {
+                        "description": "OnvifPreset",
+                        "name": "config",
+                        "in": "body",
+                        "required": true,
+                        "schema": {
+                            "$ref": "#/definitions/models.OnvifPreset"
+                        }
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "OK",
+                        "schema": {
+                            "$ref": "#/definitions/models.APIResponse"
+                        }
+                    }
+                }
+            }
+        },
        "/api/camera/onvif/login": {
            "post": {
                "description": "Try to login into ONVIF supported camera.",
@@ -104,6 +133,35 @@
                }
            }
        },
+        "/api/camera/onvif/presets": {
+            "post": {
+                "description": "Will return the ONVIF presets for the specific camera.",
+                "tags": [
+                    "camera"
+                ],
+                "summary": "Will return the ONVIF presets for the specific camera.",
+                "operationId": "camera-onvif-presets",
+                "parameters": [
+                    {
+                        "description": "OnvifCredentials",
+                        "name": "config",
+                        "in": "body",
+                        "required": true,
+                        "schema": {
+                            "$ref": "#/definitions/models.OnvifCredentials"
+                        }
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "OK",
+                        "schema": {
+                            "$ref": "#/definitions/models.APIResponse"
+                        }
+                    }
+                }
+            }
+        },
        "/api/camera/onvif/zoom": {
            "post": {
                "description": "Zooming in or out the camera.",
@@ -309,8 +367,15 @@
        "models.APIResponse": {
            "type": "object",
            "properties": {
+                "can_pan_tilt": {
+                    "type": "boolean"
+                },
+                "can_zoom": {
+                    "type": "boolean"
+                },
                "data": {},
-                "message": {}
+                "message": {},
+                "ptz_functions": {}
            }
        },
        "models.Authentication": {
@@ -613,6 +678,17 @@
                }
            }
        },
+        "models.OnvifPreset": {
+            "type": "object",
+            "properties": {
+                "onvif_credentials": {
+                    "$ref": "#/definitions/models.OnvifCredentials"
+                },
+                "preset": {
+                    "type": "string"
+                }
+            }
+        },
        "models.OnvifZoom": {
            "type": "object",
            "properties": {
--- a/machinery/docs/swagger.yaml
+++ b/machinery/docs/swagger.yaml
@@ -2,8 +2,13 @@ basePath: /
 definitions:
  models.APIResponse:
    properties:
+      can_pan_tilt:
+        type: boolean
+      can_zoom:
+        type: boolean
      data: {}
      message: {}
+      ptz_functions: {}
    type: object
  models.Authentication:
    properties:
@@ -202,6 +207,13 @@ definitions:
      tilt:
        type: number
    type: object
+  models.OnvifPreset:
+    properties:
+      onvif_credentials:
+        $ref: '#/definitions/models.OnvifCredentials'
+      preset:
+        type: string
+    type: object
  models.OnvifZoom:
    properties:
      onvif_credentials:
@@ -310,6 +322,25 @@ paths:
      summary: Will return the ONVIF capabilities for the specific camera.
      tags:
      - camera
+  /api/camera/onvif/gotopreset:
+    post:
+      description: Will activate the desired ONVIF preset.
+      operationId: camera-onvif-gotopreset
+      parameters:
+      - description: OnvifPreset
+        in: body
+        name: config
+        required: true
+        schema:
+          $ref: '#/definitions/models.OnvifPreset'
+      responses:
+        "200":
+          description: OK
+          schema:
+            $ref: '#/definitions/models.APIResponse'
+      summary: Will activate the desired ONVIF preset.
+      tags:
+      - camera
  /api/camera/onvif/login:
    post:
      description: Try to login into ONVIF supported camera.
@@ -348,6 +379,25 @@ paths:
      summary: Panning or/and tilting the camera.
      tags:
      - camera
+  /api/camera/onvif/presets:
+    post:
+      description: Will return the ONVIF presets for the specific camera.
+      operationId: camera-onvif-presets
+      parameters:
+      - description: OnvifCredentials
+        in: body
+        name: config
+        required: true
+        schema:
+          $ref: '#/definitions/models.OnvifCredentials'
+      responses:
+        "200":
+          description: OK
+          schema:
+            $ref: '#/definitions/models.APIResponse'
+      summary: Will return the ONVIF presets for the specific camera.
+      tags:
+      - camera
  /api/camera/onvif/zoom:
    post:
      description: Zooming in or out the camera.
--- a/machinery/go.mod
+++ b/machinery/go.mod
@@ -3,7 +3,7 @@ module github.com/kerberos-io/agent/machinery
 go 1.19

 // replace github.com/kerberos-io/joy4 v1.0.57 => ../../../../github.com/kerberos-io/joy4
-// replace github.com/kerberos-io/onvif v0.0.5 => ../../../../github.com/kerberos-io/onvif
+// replace github.com/kerberos-io/onvif v0.0.6 => ../../../../github.com/kerberos-io/onvif

 require (
 	github.com/InVisionApp/conjungo v1.1.0
@@ -25,7 +25,7 @@ require (
 	github.com/gorilla/websocket v1.5.0
 	github.com/kellydunn/golang-geo v0.7.0
 	github.com/kerberos-io/joy4 v1.0.58
-	github.com/kerberos-io/onvif v0.0.6
+	github.com/kerberos-io/onvif v0.0.7
 	github.com/minio/minio-go/v6 v6.0.57
 	github.com/nsmith5/mjpeg v0.0.0-20200913181537-54b8ada0e53e
 	github.com/op/go-logging v0.0.0-20160315200505-970db520ece7
--- a/machinery/go.sum
+++ b/machinery/go.sum
@@ -266,8 +266,8 @@ github.com/kellydunn/golang-geo v0.7.0 h1:A5j0/BvNgGwY6Yb6inXQxzYwlPHc6WVZR+Mrar
 github.com/kellydunn/golang-geo v0.7.0/go.mod h1:YYlQPJ+DPEzrHx8kT3oPHC/NjyvCCXE+IuKGKdrjrcU=
 github.com/kerberos-io/joy4 v1.0.58 h1:R8EECSF+bG7o2yHC6cX/lF77Z+bDVGl6OioLZ3+5MN4=
 github.com/kerberos-io/joy4 v1.0.58/go.mod h1:nZp4AjvKvTOXRrmDyAIOw+Da+JA5OcSo/JundGfOlFU=
-github.com/kerberos-io/onvif v0.0.6 h1:+nvDuxGzQgHjc7V7kiYxUIcw1bO6R9esAMcxWRiKcwA=
-github.com/kerberos-io/onvif v0.0.6/go.mod h1:Hr2dJOH2LM5SpYKk17gYZ1CMjhGhUl+QlT5kwYogrW0=
+github.com/kerberos-io/onvif v0.0.7 h1:LIrXjTH7G2W9DN69xZeJSB0uS3W1+C3huFO8kTqx7/A=
+github.com/kerberos-io/onvif v0.0.7/go.mod h1:Hr2dJOH2LM5SpYKk17gYZ1CMjhGhUl+QlT5kwYogrW0=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
 github.com/klauspost/compress v1.15.0 h1:xqfchp4whNFxn5A4XFyyYtitiWI8Hy5EW59jEwcyL6U=
--- a/machinery/main.go
+++ b/machinery/main.go
@@ -9,6 +9,8 @@ import (
 	"github.com/kerberos-io/agent/machinery/src/components"
 	"github.com/kerberos-io/agent/machinery/src/log"
 	"github.com/kerberos-io/agent/machinery/src/models"
+
+	configService "github.com/kerberos-io/agent/machinery/src/config"
 	"github.com/kerberos-io/agent/machinery/src/routers"
 	"github.com/kerberos-io/agent/machinery/src/utils"
 	"gopkg.in/DataDog/dd-trace-go.v1/ddtrace/tracer"
@@ -92,10 +94,10 @@ func main() {
 			configuration.Port = port

 			// Open this configuration either from Kerberos Agent or Kerberos Factory.
-			components.OpenConfig(configDirectory, &configuration)
+			configService.OpenConfig(configDirectory, &configuration)

 			// We will override the configuration with the environment variables
-			components.OverrideWithEnvironmentVariables(&configuration)
+			configService.OverrideWithEnvironmentVariables(&configuration)

 			// Printing final configuration
 			utils.PrintConfiguration(&configuration)
@@ -113,7 +115,7 @@ func main() {
 			if configuration.Config.Key == "" {
 				key := utils.RandStringBytesMaskImpr(30)
 				configuration.Config.Key = key
-				err := components.StoreConfig(configDirectory, configuration.Config)
+				err := configService.StoreConfig(configDirectory, configuration.Config)
 				if err == nil {
 					log.Log.Info("Main: updated unique key for agent to: " + key)
 				} else {
--- a/machinery/src/cloud/Cloud.go
+++ b/machinery/src/cloud/Cloud.go
@@ -279,6 +279,8 @@ loop:
 				onvifEnabled := "false"
 				onvifZoom := "false"
 				onvifPanTilt := "false"
+				onvifPresets := "false"
+				var onvifPresetsList []byte
 				if config.Capture.IPCamera.ONVIFXAddr != "" {
 					cameraConfiguration := configuration.Config.Capture.IPCamera
 					device, err := onvif.ConnectToOnvifDevice(&cameraConfiguration)
@@ -293,8 +295,34 @@ loop:
 							if canPanTilt {
 								onvifPanTilt = "true"
 							}
+							// Try to read out presets
+							presets, err := onvif.GetPresetsFromDevice(device)
+							if err == nil && len(presets) > 0 {
+								onvifPresets = "true"
+								onvifPresetsList, err = json.Marshal(presets)
+								if err != nil {
+									log.Log.Error("HandleHeartBeat: error while marshalling presets: " + err.Error())
+									onvifPresetsList = []byte("[]")
+								}
+							} else {
+								if err != nil {
+									log.Log.Error("HandleHeartBeat: error while getting presets: " + err.Error())
+								} else {
+									log.Log.Debug("HandleHeartBeat: no presets found.")
+								}
+								onvifPresetsList = []byte("[]")
+							}
+						} else {
+							log.Log.Error("HandleHeartBeat: error while getting PTZ configurations: " + err.Error())
+							onvifPresetsList = []byte("[]")
 						}
+					} else {
+						log.Log.Error("HandleHeartBeat: error while connecting to ONVIF device: " + err.Error())
+						onvifPresetsList = []byte("[]")
 					}
+				} else {
+					log.Log.Debug("HandleHeartBeat: ONVIF is not enabled.")
+					onvifPresetsList = []byte("[]")
 				}

 				// Check if the agent is running inside a cluster (Kerberos Factory) or as
@@ -339,6 +367,8 @@ loop:
 						"onvif" : "%s",
 						"onvif_zoom" : "%s",
 						"onvif_pantilt" : "%s",
+						"onvif_presets": "%s",
+						"onvif_presets_list": %s,
 						"cameraConnected": "%s",
 						"numberoffiles" : "33",
 						"timestamp" : 1564747908,
@@ -346,7 +376,7 @@ loop:
 						"docker" : true,
 						"kios" : false,
 						"raspberrypi" : false
-					}`, config.Key, system.Version, system.CPUId, username, key, name, isEnterprise, system.Hostname, system.Architecture, system.TotalMemory, system.UsedMemory, system.FreeMemory, system.ProcessUsedMemory, macs, ips, "0", "0", "0", uptimeString, boottimeString, config.HubSite, onvifEnabled, onvifZoom, onvifPanTilt, cameraConnected)
+					}`, config.Key, system.Version, system.CPUId, username, key, name, isEnterprise, system.Hostname, system.Architecture, system.TotalMemory, system.UsedMemory, system.FreeMemory, system.ProcessUsedMemory, macs, ips, "0", "0", "0", uptimeString, boottimeString, config.HubSite, onvifEnabled, onvifZoom, onvifPanTilt, onvifPresets, onvifPresetsList, cameraConnected)

 				var jsonStr = []byte(object)
 				buffy := bytes.NewBuffer(jsonStr)
@@ -428,19 +458,17 @@ func HandleLiveStreamSD(livestreamCursor *pubsub.QueueCursor, configuration *mod
 			// Allocate frame
 			frame := ffmpeg.AllocVideoFrame()

-			key := ""
+			hubKey := ""
 			if config.Cloud == "s3" && config.S3 != nil && config.S3.Publickey != "" {
-				key = config.S3.Publickey
+				hubKey = config.S3.Publickey
 			} else if config.Cloud == "kstorage" && config.KStorage != nil && config.KStorage.CloudKey != "" {
-				key = config.KStorage.CloudKey
+				hubKey = config.KStorage.CloudKey
 			}
 			// This is the new way ;)
 			if config.HubKey != "" {
-				key = config.HubKey
+				hubKey = config.HubKey
 			}

-			topic := "kerberos/" + key + "/device/" + config.Key + "/live"
-
 			lastLivestreamRequest := int64(0)

 			var cursorError error
@@ -461,7 +489,27 @@ func HandleLiveStreamSD(livestreamCursor *pubsub.QueueCursor, configuration *mod
 					continue
 				}
 				log.Log.Info("HandleLiveStreamSD: Sending base64 encoded images to MQTT.")
-				sendImage(frame, topic, mqttClient, pkt, decoder, decoderMutex)
+				_, err := computervision.GetRawImage(frame, pkt, decoder, decoderMutex)
+				if err == nil {
+					bytes, _ := computervision.ImageToBytes(&frame.Image)
+					encoded := base64.StdEncoding.EncodeToString(bytes)
+
+					valueMap := make(map[string]interface{})
+					valueMap["image"] = encoded
+					message := models.Message{
+						Payload: models.Payload{
+							Action:   "receive-sd-stream",
+							DeviceId: configuration.Config.Key,
+							Value:    valueMap,
+						},
+					}
+					payload, err := models.PackageMQTTMessage(configuration, message)
+					if err == nil {
+						mqttClient.Publish("kerberos/hub/"+hubKey, 0, false, payload)
+					} else {
+						log.Log.Info("HandleRequestConfig: something went wrong while sending acknowledge config to hub: " + string(payload))
+					}
+				}
 			}

 			// Cleanup the frame.
@@ -475,15 +523,6 @@ func HandleLiveStreamSD(livestreamCursor *pubsub.QueueCursor, configuration *mod
 	log.Log.Debug("HandleLiveStreamSD: finished")
 }

-func sendImage(frame *ffmpeg.VideoFrame, topic string, mqttClient mqtt.Client, pkt av.Packet, decoder *ffmpeg.VideoDecoder, decoderMutex *sync.Mutex) {
-	_, err := computervision.GetRawImage(frame, pkt, decoder, decoderMutex)
-	if err == nil {
-		bytes, _ := computervision.ImageToBytes(&frame.Image)
-		encoded := base64.StdEncoding.EncodeToString(bytes)
-		mqttClient.Publish(topic, 0, false, encoded)
-	}
-}
-
 func HandleLiveStreamHD(livestreamCursor *pubsub.QueueCursor, configuration *models.Configuration, communication *models.Communication, mqttClient mqtt.Client, codecs []av.CodecData, decoder *ffmpeg.VideoDecoder, decoderMutex *sync.Mutex) {

 	config := configuration.Config
@@ -502,25 +541,23 @@ func HandleLiveStreamHD(livestreamCursor *pubsub.QueueCursor, configuration *mod

 			if config.Capture.ForwardWebRTC == "true" {
 				// We get a request with an offer, but we'll forward it.
-				for m := range communication.HandleLiveHDHandshake {
+				/*for m := range communication.HandleLiveHDHandshake {
 					// Forward SDP
 					m.CloudKey = config.Key
 					request, err := json.Marshal(m)
 					if err == nil {
 						mqttClient.Publish("kerberos/webrtc/request", 2, false, request)
 					}
-				}
+				}*/
 			} else {
 				log.Log.Info("HandleLiveStreamHD: Waiting for peer connections.")
 				for handshake := range communication.HandleLiveHDHandshake {
 					log.Log.Info("HandleLiveStreamHD: setting up a peer connection.")
-					key := config.Key + "/" + handshake.Cuuid
-					webrtc.CandidatesMutex.Lock()
+					key := config.Key + "/" + handshake.SessionID
 					_, ok := webrtc.CandidateArrays[key]
 					if !ok {
-						webrtc.CandidateArrays[key] = make(chan string, 30)
+						webrtc.CandidateArrays[key] = make(chan string)
 					}
-					webrtc.CandidatesMutex.Unlock()
 					webrtc.InitializeWebRTCConnection(configuration, communication, mqttClient, videoTrack, audioTrack, handshake, webrtc.CandidateArrays[key])

 				}
--- a/machinery/src/components/Kerberos.go
+++ b/machinery/src/components/Kerberos.go
@@ -14,6 +14,7 @@ import (
 	"github.com/kerberos-io/agent/machinery/src/capture"
 	"github.com/kerberos-io/agent/machinery/src/cloud"
 	"github.com/kerberos-io/agent/machinery/src/computervision"
+	configService "github.com/kerberos-io/agent/machinery/src/config"
 	"github.com/kerberos-io/agent/machinery/src/log"
 	"github.com/kerberos-io/agent/machinery/src/models"
 	"github.com/kerberos-io/agent/machinery/src/onvif"
@@ -72,7 +73,7 @@ func Bootstrap(configDirectory string, configuration *models.Configuration, comm

 	// We'll create a MQTT handler, which will be used to communicate with Kerberos Hub.
 	// Configure a MQTT client which helps for a bi-directional communication
-	mqttClient := routers.ConfigureMQTT(configuration, communication)
+	mqttClient := routers.ConfigureMQTT(configDirectory, configuration, communication)

 	// Run the agent and fire up all the other
 	// goroutines which do image capture, motion detection, onvif, etc.
@@ -87,15 +88,15 @@ func Bootstrap(configDirectory string, configuration *models.Configuration, comm

 		if status == "not started" {
 			// We will re open the configuration, might have changed :O!
-			OpenConfig(configDirectory, configuration)
+			configService.OpenConfig(configDirectory, configuration)
 			// We will override the configuration with the environment variables
-			OverrideWithEnvironmentVariables(configuration)
+			configService.OverrideWithEnvironmentVariables(configuration)
 		}

 		// Reset the MQTT client, might have provided new information, so we need to reconnect.
 		if routers.HasMQTTClientModified(configuration) {
 			routers.DisconnectMQTT(mqttClient, &configuration.Config)
-			mqttClient = routers.ConfigureMQTT(configuration, communication)
+			mqttClient = routers.ConfigureMQTT(configDirectory, configuration, communication)
 		}

 		// We will create a new cancelable context, which will be used to cancel and restart.
@@ -134,6 +135,10 @@ func RunAgent(configDirectory string, configuration *models.Configuration, commu
 	width := videoStream.(av.VideoCodecData).Width()
 	height := videoStream.(av.VideoCodecData).Height()

+	// Set config values as well
+	configuration.Config.Capture.IPCamera.Width = width
+	configuration.Config.Capture.IPCamera.Height = height
+
 	var queue *pubsub.Queue
 	var subQueue *pubsub.Queue

@@ -162,6 +167,13 @@ func RunAgent(configDirectory string, configuration *models.Configuration, commu
 				time.Sleep(time.Second * 3)
 				return status
 			}
+
+			width := videoStream.(av.VideoCodecData).Width()
+			height := videoStream.(av.VideoCodecData).Height()
+
+			// Set config values as well
+			configuration.Config.Capture.IPCamera.Width = width
+			configuration.Config.Capture.IPCamera.Height = height
 		}

 		if cameraSettings.RTSP != rtspUrl || cameraSettings.SubRTSP != subRtspUrl || cameraSettings.Width != width || cameraSettings.Height != height || cameraSettings.Num != num || cameraSettings.Denum != denum || cameraSettings.Codec != videoStream.(av.VideoCodecData).Type() {
@@ -190,6 +202,7 @@ func RunAgent(configDirectory string, configuration *models.Configuration, commu
 			cameraSettings.Denum = denum
 			cameraSettings.Codec = videoStream.(av.VideoCodecData).Type()
 			cameraSettings.Initialized = true
+
 		} else {
 			log.Log.Info("RunAgent: camera settings did not change, keeping decoder")
 		}
@@ -251,7 +264,7 @@ func RunAgent(configDirectory string, configuration *models.Configuration, commu
 		}

 		// Handle livestream HD (high resolution over WEBRTC)
-		communication.HandleLiveHDHandshake = make(chan models.SDPPayload, 1)
+		communication.HandleLiveHDHandshake = make(chan models.RequestHDStreamPayload, 1)
 		if subStreamEnabled {
 			livestreamHDCursor := subQueue.Latest()
 			go cloud.HandleLiveStreamHD(livestreamHDCursor, configuration, communication, mqttClient, subStreams, subDecoder, &decoderMutex)
@@ -285,10 +298,10 @@ func RunAgent(configDirectory string, configuration *models.Configuration, commu
 		(*communication.CancelContext)()

 		// We will re open the configuration, might have changed :O!
-		OpenConfig(configDirectory, configuration)
+		configService.OpenConfig(configDirectory, configuration)

 		// We will override the configuration with the environment variables
-		OverrideWithEnvironmentVariables(configuration)
+		configService.OverrideWithEnvironmentVariables(configuration)

 		// Here we are cleaning up everything!
 		if configuration.Config.Offline != "true" {
--- a/machinery/src/computervision/main.go
+++ b/machinery/src/computervision/main.go
@@ -169,9 +169,23 @@ func ProcessMotion(motionCursor *pubsub.QueueCursor, configuration *models.Confi
 						if config.Offline != "true" {
 							if mqttClient != nil {
 								if hubKey != "" {
-									mqttClient.Publish("kerberos/"+hubKey+"/device/"+deviceKey+"/motion", 2, false, "motion")
+									message := models.Message{
+										Payload: models.Payload{
+											Action:   "motion",
+											DeviceId: configuration.Config.Key,
+											Value: map[string]interface{}{
+												"timestamp": time.Now().Unix(),
+											},
+										},
+									}
+									payload, err := models.PackageMQTTMessage(configuration, message)
+									if err == nil {
+										mqttClient.Publish("kerberos/hub/"+hubKey, 0, false, payload)
+									} else {
+										log.Log.Info("ProcessMotion: failed to package MQTT message: " + err.Error())
+									}
 								} else {
-									mqttClient.Publish("kerberos/device/"+deviceKey+"/motion", 2, false, "motion")
+									mqttClient.Publish("kerberos/agent/"+deviceKey, 2, false, "motion")
 								}
 							}
 						}
--- a/machinery/src/components/Config.go
+++ b/machinery/src/components/Config.go
@@ -1,4 +1,4 @@
-package components
+package config

 import (
 	"context"
@@ -141,8 +141,13 @@ func OpenConfig(configDirectory string, configuration *models.Configuration) {
 			},
 		)

-		// Merge Config toplevel
+		// Reset main configuration Config.
+		configuration.Config = models.Config{}
+
+		// Merge the global settings in the main config
 		conjungo.Merge(&configuration.Config, configuration.GlobalConfig, opts)
+
+		// Now we might override some settings with the custom config
 		conjungo.Merge(&configuration.Config, configuration.CustomConfig, opts)

 		// Merge Kerberos Vault settings
@@ -157,6 +162,9 @@ func OpenConfig(configDirectory string, configuration *models.Configuration) {
 		conjungo.Merge(&s3, configuration.CustomConfig.S3, opts)
 		configuration.Config.S3 = &s3

+		// Merge timetable manually because it's an array
+		configuration.Config.Timetable = configuration.CustomConfig.Timetable
+
 		// Cleanup
 		opts = nil

@@ -210,7 +218,7 @@ func OverrideWithEnvironmentVariables(configuration *models.Configuration) {
 				configuration.Config.Key = value
 				break
 			case "AGENT_NAME":
-				configuration.Config.Name = value
+				configuration.Config.FriendlyName = value
 				break
 			case "AGENT_TIMEZONE":
 				configuration.Config.Timezone = value
@@ -453,6 +461,24 @@ func OverrideWithEnvironmentVariables(configuration *models.Configuration) {
 			case "AGENT_DROPBOX_DIRECTORY":
 				configuration.Config.Dropbox.Directory = value
 				break
+
+			/* When encryption is enabled */
+			case "AGENT_ENCRYPTION":
+				if value == "true" {
+					configuration.Config.Encryption.Enabled = true
+				} else {
+					configuration.Config.Encryption.Enabled = false
+				}
+				break
+			case "AGENT_ENCRYPTION_FINGERPRINT":
+				configuration.Config.Encryption.Fingerprint = value
+				break
+			case "AGENT_ENCRYPTION_PRIVATE_KEY":
+				configuration.Config.Encryption.PrivateKey = value
+				break
+			case "AGENT_ENCRYPTION_SYMMETRIC_KEY":
+				configuration.Config.Encryption.SymmetricKey = value
+				break
 			}
 		}
 	}
--- a/machinery/src/encryption/main.go
+++ b/machinery/src/encryption/main.go
@@ -0,0 +1,148 @@
+package encryption
+
+import (
+	"bytes"
+	"crypto"
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/md5"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha256"
+	"encoding/base64"
+	"errors"
+	"hash"
+)
+
+// DecryptWithPrivateKey decrypts data with private key
+func DecryptWithPrivateKey(ciphertext string, privateKey *rsa.PrivateKey) ([]byte, error) {
+
+	// decode our encrypted string into cipher bytes
+	cipheredValue, _ := base64.StdEncoding.DecodeString(ciphertext)
+
+	// decrypt the data
+	out, err := rsa.DecryptPKCS1v15(nil, privateKey, cipheredValue)
+
+	return out, err
+}
+
+// SignWithPrivateKey signs data with private key
+func SignWithPrivateKey(data []byte, privateKey *rsa.PrivateKey) ([]byte, error) {
+
+	// hash the data with sha256
+	hashed := sha256.Sum256(data)
+
+	// sign the data
+	signature, err := rsa.SignPKCS1v15(nil, privateKey, crypto.SHA256, hashed[:])
+
+	return signature, err
+}
+
+func AesEncrypt(content string, password string) (string, error) {
+	salt := make([]byte, 8)
+	_, err := rand.Read(salt)
+	if err != nil {
+		return "", err
+	}
+	key, iv, err := DefaultEvpKDF([]byte(password), salt)
+
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return "", err
+	}
+
+	mode := cipher.NewCBCEncrypter(block, iv)
+	cipherBytes := PKCS5Padding([]byte(content), aes.BlockSize)
+	mode.CryptBlocks(cipherBytes, cipherBytes)
+
+	data := make([]byte, 16+len(cipherBytes))
+	copy(data[:8], []byte("Salted__"))
+	copy(data[8:16], salt)
+	copy(data[16:], cipherBytes)
+
+	cipherText := base64.StdEncoding.EncodeToString(data)
+	return cipherText, nil
+}
+
+func AesDecrypt(cipherText string, password string) (string, error) {
+	data, err := base64.StdEncoding.DecodeString(cipherText)
+	if err != nil {
+		return "", err
+	}
+	if string(data[:8]) != "Salted__" {
+		return "", errors.New("invalid crypto js aes encryption")
+	}
+
+	salt := data[8:16]
+	cipherBytes := data[16:]
+	key, iv, err := DefaultEvpKDF([]byte(password), salt)
+	if err != nil {
+		return "", err
+	}
+
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return "", err
+	}
+
+	mode := cipher.NewCBCDecrypter(block, iv)
+	mode.CryptBlocks(cipherBytes, cipherBytes)
+
+	result := PKCS5UnPadding(cipherBytes)
+	return string(result), nil
+}
+
+// https://stackoverflow.com/questions/27677236/encryption-in-javascript-and-decryption-with-php/27678978#27678978
+// https://github.com/brix/crypto-js/blob/8e6d15bf2e26d6ff0af5277df2604ca12b60a718/src/evpkdf.js#L55
+func EvpKDF(password []byte, salt []byte, keySize int, iterations int, hashAlgorithm string) ([]byte, error) {
+	var block []byte
+	var hasher hash.Hash
+	derivedKeyBytes := make([]byte, 0)
+	switch hashAlgorithm {
+	case "md5":
+		hasher = md5.New()
+	default:
+		return []byte{}, errors.New("not implement hasher algorithm")
+	}
+	for len(derivedKeyBytes) < keySize*4 {
+		if len(block) > 0 {
+			hasher.Write(block)
+		}
+		hasher.Write(password)
+		hasher.Write(salt)
+		block = hasher.Sum([]byte{})
+		hasher.Reset()
+
+		for i := 1; i < iterations; i++ {
+			hasher.Write(block)
+			block = hasher.Sum([]byte{})
+			hasher.Reset()
+		}
+		derivedKeyBytes = append(derivedKeyBytes, block...)
+	}
+	return derivedKeyBytes[:keySize*4], nil
+}
+
+func DefaultEvpKDF(password []byte, salt []byte) (key []byte, iv []byte, err error) {
+	// https://github.com/brix/crypto-js/blob/8e6d15bf2e26d6ff0af5277df2604ca12b60a718/src/cipher-core.js#L775
+	keySize := 256 / 32
+	ivSize := 128 / 32
+	derivedKeyBytes, err := EvpKDF(password, salt, keySize+ivSize, 1, "md5")
+	if err != nil {
+		return []byte{}, []byte{}, err
+	}
+	return derivedKeyBytes[:keySize*4], derivedKeyBytes[keySize*4:], nil
+}
+
+// https://stackoverflow.com/questions/41579325/golang-how-do-i-decrypt-with-des-cbc-and-pkcs7
+func PKCS5UnPadding(src []byte) []byte {
+	length := len(src)
+	unpadding := int(src[length-1])
+	return src[:(length - unpadding)]
+}
+
+func PKCS5Padding(src []byte, blockSize int) []byte {
+	padding := blockSize - len(src)%blockSize
+	padtext := bytes.Repeat([]byte{byte(padding)}, padding)
+	return append(src, padtext...)
+}
--- a/machinery/src/models/ApiResponse.go
+++ b/machinery/src/models/ApiResponse.go
@@ -29,3 +29,8 @@ type OnvifZoom struct {
 	OnvifCredentials OnvifCredentials `json:"onvif_credentials,omitempty" bson:"onvif_credentials"`
 	Zoom             float64          `json:"zoom,omitempty" bson:"zoom"`
 }
+
+type OnvifPreset struct {
+	OnvifCredentials OnvifCredentials `json:"onvif_credentials,omitempty" bson:"onvif_credentials"`
+	Preset           string           `json:"preset,omitempty" bson:"preset"`
+}
--- a/machinery/src/models/Communication.go
+++ b/machinery/src/models/Communication.go
@@ -26,7 +26,7 @@ type Communication struct {
 	HandleHeartBeat       chan string
 	HandleLiveSD          chan int64
 	HandleLiveHDKeepalive chan string
-	HandleLiveHDHandshake chan SDPPayload
+	HandleLiveHDHandshake chan RequestHDStreamPayload
 	HandleLiveHDPeers     chan string
 	HandleONVIF           chan OnvifAction
 	IsConfiguring         *abool.AtomicBool
--- a/machinery/src/models/Config.go
+++ b/machinery/src/models/Config.go
@@ -21,7 +21,7 @@ type Config struct {
 	AutoClean         string       `json:"auto_clean"`
 	RemoveAfterUpload string       `json:"remove_after_upload"`
 	MaxDirectorySize  int64        `json:"max_directory_size"`
-	Timezone          string       `json:"timezone,omitempty" bson:"timezone,omitempty"`
+	Timezone          string       `json:"timezone"`
 	Capture           Capture      `json:"capture"`
 	Timetable         []*Timetable `json:"timetable"`
 	Region            *Region      `json:"region"`
@@ -42,6 +42,7 @@ type Config struct {
 	HubPrivateKey     string       `json:"hub_private_key" bson:"hub_private_key"`
 	HubSite           string       `json:"hub_site" bson:"hub_site"`
 	ConditionURI      string       `json:"condition_uri" bson:"condition_uri"`
+	Encryption        *Encryption  `json:"encryption" bson:"encryption"`
 }

 // Capture defines which camera type (Id) you are using (IP, USB or Raspberry Pi camera),
@@ -70,13 +71,15 @@ type Capture struct {
 // IPCamera configuration, such as the RTSP url of the IPCamera and the FPS.
 // Also includes ONVIF integration
 type IPCamera struct {
+	Width         int    `json:"width"`
+	Height        int    `json:"height"`
+	FPS           string `json:"fps"`
 	RTSP          string `json:"rtsp"`
 	SubRTSP       string `json:"sub_rtsp"`
-	FPS           string `json:"fps"`
 	ONVIF         string `json:"onvif,omitempty" bson:"onvif"`
-	ONVIFXAddr    string `json:"onvif_xaddr,omitempty" bson:"onvif_xaddr"`
-	ONVIFUsername string `json:"onvif_username,omitempty" bson:"onvif_username"`
-	ONVIFPassword string `json:"onvif_password,omitempty" bson:"onvif_password"`
+	ONVIFXAddr    string `json:"onvif_xaddr" bson:"onvif_xaddr"`
+	ONVIFUsername string `json:"onvif_username" bson:"onvif_username"`
+	ONVIFPassword string `json:"onvif_password" bson:"onvif_password"`
 }

 // USBCamera configuration, such as the device path (/dev/video*)
@@ -155,3 +158,11 @@ type Dropbox struct {
 	AccessToken string `json:"access_token,omitempty" bson:"access_token,omitempty"`
 	Directory   string `json:"directory,omitempty" bson:"directory,omitempty"`
 }
+
+// Encryption
+type Encryption struct {
+	Enabled      bool   `json:"enabled" bson:"enabled"`
+	Fingerprint  string `json:"fingerprint" bson:"fingerprint"`
+	PrivateKey   string `json:"private_key" bson:"private_key"`
+	SymmetricKey string `json:"symmetric_key" bson:"symmetric_key"`
+}
--- a/machinery/src/models/MQTT.go
+++ b/machinery/src/models/MQTT.go
@@ -0,0 +1,151 @@
+package models
+
+import (
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/base64"
+	"encoding/json"
+	"encoding/pem"
+	"io/ioutil"
+	"strings"
+	"time"
+
+	"github.com/gofrs/uuid"
+	"github.com/kerberos-io/agent/machinery/src/encryption"
+	"github.com/kerberos-io/agent/machinery/src/log"
+)
+
+func PackageMQTTMessage(configuration *Configuration, msg Message) ([]byte, error) {
+	// Create a Version 4 UUID.
+	u2, err := uuid.NewV4()
+	if err != nil {
+		log.Log.Error("failed to generate UUID: " + err.Error())
+	}
+
+	// We'll generate an unique id, and encrypt / decrypt it using the private key if available.
+	msg.Mid = u2.String()
+	msg.DeviceId = msg.Payload.DeviceId
+	msg.Timestamp = time.Now().Unix()
+
+	// At the moment we don't do the encryption part, but we'll implement it
+	// once the legacy methods (subscriptions are moved).
+	msg.Encrypted = false
+	if configuration.Config.Encryption != nil && configuration.Config.Encryption.Enabled {
+		msg.Encrypted = true
+	}
+	msg.PublicKey = ""
+	msg.Fingerprint = ""
+
+	if msg.Encrypted {
+		pload := msg.Payload
+
+		// Pload to base64
+		data, err := json.Marshal(pload)
+		if err != nil {
+			log.Log.Error("failed to marshal payload: " + err.Error())
+		}
+
+		// Encrypt the value
+		privateKey := configuration.Config.Encryption.PrivateKey
+		r := strings.NewReader(privateKey)
+		pemBytes, _ := ioutil.ReadAll(r)
+		block, _ := pem.Decode(pemBytes)
+		if block == nil {
+			log.Log.Error("MQTTListenerHandler: error decoding PEM block containing private key")
+		} else {
+			// Parse private key
+			b := block.Bytes
+			key, err := x509.ParsePKCS8PrivateKey(b)
+			if err != nil {
+				log.Log.Error("MQTTListenerHandler: error parsing private key: " + err.Error())
+			}
+
+			// Conver key to *rsa.PrivateKey
+			rsaKey, _ := key.(*rsa.PrivateKey)
+
+			// Create a 16bit key random
+			k := configuration.Config.Encryption.SymmetricKey
+			encryptedValue, err := encryption.AesEncrypt(string(data), k)
+
+			// Sign the encrypted value
+			signature, err := encryption.SignWithPrivateKey([]byte(encryptedValue), rsaKey)
+			base64Signature := base64.StdEncoding.EncodeToString(signature)
+
+			msg.Payload.EncryptedValue = encryptedValue
+			msg.Payload.Signature = base64Signature
+			msg.Payload.Value = make(map[string]interface{})
+		}
+	}
+
+	payload, err := json.Marshal(msg)
+	return payload, err
+}
+
+// The message structure which is used to send over
+// and receive messages from the MQTT broker
+type Message struct {
+	Mid         string  `json:"mid"`
+	DeviceId    string  `json:"device_id"`
+	Timestamp   int64   `json:"timestamp"`
+	Encrypted   bool    `json:"encrypted"`
+	PublicKey   string  `json:"public_key"`
+	Fingerprint string  `json:"fingerprint"`
+	Payload     Payload `json:"payload"`
+}
+
+// The payload structure which is used to send over
+// and receive messages from the MQTT broker
+type Payload struct {
+	Action         string                 `json:"action"`
+	DeviceId       string                 `json:"device_id"`
+	Signature      string                 `json:"signature"`
+	EncryptedValue string                 `json:"encrypted_value"`
+	Value          map[string]interface{} `json:"value"`
+}
+
+// We received a recording request, we'll send it to the motion handler.
+type RecordPayload struct {
+	Timestamp int64 `json:"timestamp"` // timestamp of the recording request.
+}
+
+// We received a preset position request, we'll request it through onvif and send it back.
+type PTZPositionPayload struct {
+	Timestamp int64 `json:"timestamp"` // timestamp of the preset request.
+}
+
+// We received a request config request, we'll fetch the current config and send it back.
+type RequestConfigPayload struct {
+	Timestamp int64 `json:"timestamp"` // timestamp of the preset request.
+}
+
+// We received a update config request, we'll update the current config and send a confirmation back.
+type UpdateConfigPayload struct {
+	Timestamp int64  `json:"timestamp"` // timestamp of the preset request.
+	Config    Config `json:"config"`
+}
+
+// We received a request SD stream request
+type RequestSDStreamPayload struct {
+	Timestamp int64 `json:"timestamp"` // timestamp
+}
+
+// We received a request HD stream request
+type RequestHDStreamPayload struct {
+	Timestamp          int64  `json:"timestamp"`           // timestamp
+	HubKey             string `json:"hub_key"`             // hub key
+	SessionID          string `json:"session_id"`          // session id
+	SessionDescription string `json:"session_description"` // session description
+}
+
+// We received a receive HD candidates request
+type ReceiveHDCandidatesPayload struct {
+	Timestamp int64  `json:"timestamp"`  // timestamp
+	SessionID string `json:"session_id"` // session id
+	Candidate string `json:"candidate"`  // candidate
+}
+
+type NavigatePTZPayload struct {
+	Timestamp int64  `json:"timestamp"` // timestamp
+	DeviceId  string `json:"device_id"` // device id
+	Action    string `json:"action"`    // action
+}
--- a/machinery/src/models/Onvif.go
+++ b/machinery/src/models/Onvif.go
@@ -15,4 +15,10 @@ type OnvifActionPTZ struct {
 	X      float64 `json:"x" bson:"x"`
 	Y      float64 `json:"y" bson:"y"`
 	Z      float64 `json:"z" bson:"z"`
+	Preset string  `json:"preset" bson:"preset"`
+}
+
+type OnvifActionPreset struct {
+	Name  string `json:"name" bson:"name"`
+	Token string `json:"token" bson:"token"`
 }
--- a/machinery/src/onvif/main.go
+++ b/machinery/src/onvif/main.go
@@ -51,9 +51,58 @@ func HandleONVIFActions(configuration *models.Configuration, communication *mode
 						x := ptzAction.X
 						y := ptzAction.Y
 						z := ptzAction.Z
-						err := AbsolutePanTiltMove(device, configurations, token, x, y, z)
+
+						// Check which PTZ Space we need to use
+						functions, _, _ := GetPTZFunctionsFromDevice(configurations)
+
+						// Log functions
+						log.Log.Info("HandleONVIFActions: functions: " + strings.Join(functions, ", "))
+
+						// Check if we need to use absolute or continuous move
+						/*canAbsoluteMove := false
+						canContinuousMove := false
+
+						if len(functions) > 0 {
+							for _, function := range functions {
+								if function == "AbsolutePanTiltMove" || function == "AbsoluteZoomMove" {
+									canAbsoluteMove = true
+								} else if function == "ContinuousPanTiltMove" || function == "ContinuousZoomMove" {
+									canContinuousMove = true
+								}
+							}
+						}*/
+
+						// Ideally we should be able to use the AbsolutePanTiltMove function, but it looks like
+						// the current detection through GetPTZFuntionsFromDevice is not working properly. Therefore we will fallback
+						// on the ContinuousPanTiltMove function which is more compatible with more cameras.
+						err = AbsolutePanTiltMoveFake(device, configurations, token, x, y, z)
 						if err != nil {
-							log.Log.Error("HandleONVIFActions (AbsolutePanTitleMove): " + err.Error())
+							log.Log.Error("HandleONVIFActions (AbsolutePanTitleMoveFake): " + err.Error())
+						} else {
+							log.Log.Info("HandleONVIFActions (AbsolutePanTitleMoveFake): successfully moved camera")
+						}
+
+						/*if canAbsoluteMove {
+							err = AbsolutePanTiltMove(device, configurations, token, x, y, z)
+							if err != nil {
+								log.Log.Error("HandleONVIFActions (AbsolutePanTitleMove): " + err.Error())
+							}
+						} else if canContinuousMove {
+							err = AbsolutePanTiltMoveFake(device, configurations, token, x, y, z)
+							if err != nil {
+								log.Log.Error("HandleONVIFActions (AbsolutePanTitleMoveFake): " + err.Error())
+							}
+						}*/
+
+					} else if onvifAction.Action == "preset" {
+
+						// Execute the preset
+						preset := ptzAction.Preset
+						err := GoToPresetFromDevice(device, preset)
+						if err != nil {
+							log.Log.Error("HandleONVIFActions (GotoPreset): " + err.Error())
+						} else {
+							log.Log.Info("HandleONVIFActions (GotoPreset): successfully moved camera")
 						}

 					} else if onvifAction.Action == "ptz" {
@@ -191,11 +240,7 @@ func GetPTZConfigurationsFromDevice(device *onvif.Device) (ptz.GetConfigurations
 }

 func GetPositionFromDevice(configuration models.Configuration) (xsd.PTZVector, error) {
-
-	// We'll try to receive the PTZ configurations from the server
-	var status ptz.GetStatusResponse
 	var position xsd.PTZVector
-
 	// Connect to Onvif device
 	cameraConfiguration := configuration.Config.Capture.IPCamera
 	device, err := ConnectToOnvifDevice(&cameraConfiguration)
@@ -204,31 +249,14 @@ func GetPositionFromDevice(configuration models.Configuration) (xsd.PTZVector, e
 		// Get token from the first profile
 		token, err := GetTokenFromProfile(device, 0)
 		if err == nil {
-
 			// Get the PTZ configurations from the device
-			resp, err := device.CallMethod(ptz.GetStatus{
-				ProfileToken: token,
-			})
-
+			position, err := GetPosition(device, token)
 			if err == nil {
-				defer resp.Body.Close()
-				b, err := io.ReadAll(resp.Body)
-				if err == nil {
-					stringBody := string(b)
-					decodedXML, et, err := getXMLNode(stringBody, "GetStatusResponse")
-					if err != nil {
-						log.Log.Error("GetPositionFromDevice: " + err.Error())
-						return position, err
-					} else {
-						if err := decodedXML.DecodeElement(&status, et); err != nil {
-							log.Log.Error("GetPositionFromDevice: " + err.Error())
-							return position, err
-						}
-					}
-				}
+				return position, err
+			} else {
+				log.Log.Error("GetPositionFromDevice: " + err.Error())
+				return position, err
 			}
-			position = status.PTZStatus.Position
-			return position, err
 		} else {
 			log.Log.Error("GetPositionFromDevice: " + err.Error())
 			return position, err
@@ -239,6 +267,37 @@ func GetPositionFromDevice(configuration models.Configuration) (xsd.PTZVector, e
 	}
 }

+func GetPosition(device *onvif.Device, token xsd.ReferenceToken) (xsd.PTZVector, error) {
+	// We'll try to receive the PTZ configurations from the server
+	var status ptz.GetStatusResponse
+	var position xsd.PTZVector
+
+	// Get the PTZ configurations from the device
+	resp, err := device.CallMethod(ptz.GetStatus{
+		ProfileToken: token,
+	})
+
+	if err == nil {
+		defer resp.Body.Close()
+		b, err := io.ReadAll(resp.Body)
+		if err == nil {
+			stringBody := string(b)
+			decodedXML, et, err := getXMLNode(stringBody, "GetStatusResponse")
+			if err != nil {
+				log.Log.Error("GetPositionFromDevice: " + err.Error())
+				return position, err
+			} else {
+				if err := decodedXML.DecodeElement(&status, et); err != nil {
+					log.Log.Error("GetPositionFromDevice: " + err.Error())
+					return position, err
+				}
+			}
+		}
+	}
+	position = status.PTZStatus.Position
+	return position, err
+}
+
 func AbsolutePanTiltMove(device *onvif.Device, configuration ptz.GetConfigurationsResponse, token xsd.ReferenceToken, pan float64, tilt float64, zoom float64) error {

 	absolutePantiltVector := xsd.Vector2D{
@@ -265,11 +324,255 @@ func AbsolutePanTiltMove(device *onvif.Device, configuration ptz.GetConfiguratio
 	}

 	bs, _ := ioutil.ReadAll(res.Body)
-	log.Log.Debug("AbsoluteMove: " + string(bs))
+	log.Log.Info("AbsoluteMove: " + string(bs))

 	return err
 }

+// This function will simulate the AbsolutePanTiltMove function.
+// However the AboslutePanTiltMove function is not working on all cameras.
+// So we'll use the ContinuousMove function to simulate the AbsolutePanTiltMove function using the position polling.
+func AbsolutePanTiltMoveFake(device *onvif.Device, configuration ptz.GetConfigurationsResponse, token xsd.ReferenceToken, pan float64, tilt float64, zoom float64) error {
+	position, err := GetPosition(device, token)
+	if position.PanTilt.X >= pan-0.01 && position.PanTilt.X <= pan+0.01 && position.PanTilt.Y >= tilt-0.01 && position.PanTilt.Y <= tilt+0.01 && position.Zoom.X >= zoom-0.01 && position.Zoom.X <= zoom+0.01 {
+		log.Log.Debug("AbsolutePanTiltMoveFake: already at position")
+	} else {
+
+		// The speed of panning, the higher the faster we'll pan the camera
+		// value is a range between 0 and 1.
+		speed := 0.6
+		wait := 100 * time.Millisecond
+
+		// We'll move quickly to the position (might be inaccurate)
+		err = ZoomOutCompletely(device, configuration, token)
+		err = PanUntilPosition(device, configuration, token, pan, zoom, speed, wait)
+		err = TiltUntilPosition(device, configuration, token, tilt, zoom, speed, wait)
+
+		// Now we'll move a bit slower to make sure we are ok (will be more accurate)
+		speed = 0.1
+		wait = 200 * time.Millisecond
+
+		err = PanUntilPosition(device, configuration, token, pan, zoom, speed, wait)
+		err = TiltUntilPosition(device, configuration, token, tilt, zoom, speed, wait)
+		err = ZoomUntilPosition(device, configuration, token, zoom, speed, wait)
+
+		return err
+	}
+	return err
+}
+
+func ZoomOutCompletely(device *onvif.Device, configuration ptz.GetConfigurationsResponse, token xsd.ReferenceToken) error {
+	// Zoom out completely!!!
+	zoomOut := xsd.Vector1D{
+		X:     -1,
+		Space: configuration.PTZConfiguration.DefaultContinuousZoomVelocitySpace,
+	}
+	_, err := device.CallMethod(ptz.ContinuousMove{
+		ProfileToken: token,
+		Velocity: xsd.PTZSpeedZoom{
+			Zoom: zoomOut,
+		},
+	})
+	for {
+		position, _ := GetPosition(device, token)
+		if position.Zoom.X == 0 {
+			break
+		}
+		time.Sleep(250 * time.Millisecond)
+	}
+
+	device.CallMethod(ptz.Stop{
+		ProfileToken: token,
+		Zoom:         true,
+	})
+	return err
+}
+
+func PanUntilPosition(device *onvif.Device, configuration ptz.GetConfigurationsResponse, token xsd.ReferenceToken, pan float64, zoom float64, speed float64, wait time.Duration) error {
+	position, err := GetPosition(device, token)
+
+	if position.PanTilt.X >= pan-0.01 && position.PanTilt.X <= pan+0.01 {
+
+	} else {
+
+		// We'll need to determine if we need to move CW or CCW.
+		// Check the current position and compare it with the desired position.
+		directionX := speed
+		if position.PanTilt.X > pan {
+			directionX = speed * -1
+		}
+
+		panTiltVector := xsd.Vector2D{
+			X:     directionX,
+			Y:     0,
+			Space: configuration.PTZConfiguration.DefaultContinuousPanTiltVelocitySpace,
+		}
+		res, err := device.CallMethod(ptz.ContinuousMove{
+			ProfileToken: token,
+			Velocity: xsd.PTZSpeedPanTilt{
+				PanTilt: panTiltVector,
+			},
+		})
+
+		if err != nil {
+			log.Log.Error("ContinuousPanTiltMove (Pan): " + err.Error())
+		}
+
+		bs, _ := ioutil.ReadAll(res.Body)
+		log.Log.Debug("ContinuousPanTiltMove (Pan): " + string(bs))
+
+		// While moving we'll check if we reached the desired position.
+		// or if we overshot the desired position.
+
+		// Break after 3seconds
+		now := time.Now()
+		for {
+			position, _ := GetPosition(device, token)
+			if position.PanTilt.X == -1 || position.PanTilt.X == 1 || (directionX > 0 && position.PanTilt.X >= pan) || (directionX < 0 && position.PanTilt.X <= pan) || (position.PanTilt.X >= pan-0.01 && position.PanTilt.X <= pan+0.01) {
+				break
+			}
+			if time.Since(now) > 3*time.Second {
+				break
+			}
+			time.Sleep(wait)
+		}
+
+		_, errStop := device.CallMethod(ptz.Stop{
+			ProfileToken: token,
+			PanTilt:      true,
+			Zoom:         true,
+		})
+
+		if errStop != nil {
+			log.Log.Error("ContinuousPanTiltMove (Pan): " + errStop.Error())
+		}
+	}
+	return err
+}
+
+func TiltUntilPosition(device *onvif.Device, configuration ptz.GetConfigurationsResponse, token xsd.ReferenceToken, tilt float64, zoom float64, speed float64, wait time.Duration) error {
+	position, err := GetPosition(device, token)
+
+	if position.PanTilt.Y >= tilt-0.005 && position.PanTilt.Y <= tilt+0.005 {
+
+	} else {
+
+		// We'll need to determine if we need to move CW or CCW.
+		// Check the current position and compare it with the desired position.
+		directionY := speed
+		if position.PanTilt.Y > tilt {
+			directionY = speed * -1
+		}
+
+		panTiltVector := xsd.Vector2D{
+			X:     0,
+			Y:     directionY,
+			Space: configuration.PTZConfiguration.DefaultContinuousPanTiltVelocitySpace,
+		}
+		res, err := device.CallMethod(ptz.ContinuousMove{
+			ProfileToken: token,
+			Velocity: xsd.PTZSpeedPanTilt{
+				PanTilt: panTiltVector,
+			},
+		})
+
+		if err != nil {
+			log.Log.Error("ContinuousPanTiltMove (Tilt): " + err.Error())
+		}
+
+		bs, _ := ioutil.ReadAll(res.Body)
+		log.Log.Debug("ContinuousPanTiltMove (Tilt) " + string(bs))
+
+		// While moving we'll check if we reached the desired position.
+		// or if we overshot the desired position.
+
+		// Break after 3seconds
+		now := time.Now()
+		for {
+			position, _ := GetPosition(device, token)
+			if position.PanTilt.Y == -1 || position.PanTilt.Y == 1 || (directionY > 0 && position.PanTilt.Y >= tilt) || (directionY < 0 && position.PanTilt.Y <= tilt) || (position.PanTilt.Y >= tilt-0.005 && position.PanTilt.Y <= tilt+0.005) {
+				break
+			}
+			if time.Since(now) > 3*time.Second {
+				break
+			}
+			time.Sleep(wait)
+		}
+
+		_, errStop := device.CallMethod(ptz.Stop{
+			ProfileToken: token,
+			PanTilt:      true,
+			Zoom:         true,
+		})
+
+		if errStop != nil {
+			log.Log.Error("ContinuousPanTiltMove (Tilt): " + errStop.Error())
+		}
+	}
+	return err
+}
+
+func ZoomUntilPosition(device *onvif.Device, configuration ptz.GetConfigurationsResponse, token xsd.ReferenceToken, zoom float64, speed float64, wait time.Duration) error {
+	position, err := GetPosition(device, token)
+
+	if position.Zoom.X >= zoom-0.005 && position.Zoom.X <= zoom+0.005 {
+
+	} else {
+
+		// We'll need to determine if we need to move CW or CCW.
+		// Check the current position and compare it with the desired position.
+		directionZ := speed
+		if position.Zoom.X > zoom {
+			directionZ = speed * -1
+		}
+
+		zoomVector := xsd.Vector1D{
+			X:     directionZ,
+			Space: configuration.PTZConfiguration.DefaultContinuousZoomVelocitySpace,
+		}
+		res, err := device.CallMethod(ptz.ContinuousMove{
+			ProfileToken: token,
+			Velocity: xsd.PTZSpeedZoom{
+				Zoom: zoomVector,
+			},
+		})
+
+		if err != nil {
+			log.Log.Error("ContinuousPanTiltMove (Zoom): " + err.Error())
+		}
+
+		bs, _ := ioutil.ReadAll(res.Body)
+		log.Log.Debug("ContinuousPanTiltMove (Zoom) " + string(bs))
+
+		// While moving we'll check if we reached the desired position.
+		// or if we overshot the desired position.
+
+		// Break after 3seconds
+		now := time.Now()
+		for {
+			position, _ := GetPosition(device, token)
+			if position.Zoom.X == -1 || position.Zoom.X == 1 || (directionZ > 0 && position.Zoom.X >= zoom) || (directionZ < 0 && position.Zoom.X <= zoom) || (position.Zoom.X >= zoom-0.005 && position.Zoom.X <= zoom+0.005) {
+				break
+			}
+			if time.Since(now) > 3*time.Second {
+				break
+			}
+			time.Sleep(wait)
+		}
+
+		_, errStop := device.CallMethod(ptz.Stop{
+			ProfileToken: token,
+			PanTilt:      true,
+			Zoom:         true,
+		})
+
+		if errStop != nil {
+			log.Log.Error("ContinuousPanTiltMove (Zoom): " + errStop.Error())
+		}
+	}
+	return err
+}
+
 func ContinuousPanTilt(device *onvif.Device, configuration ptz.GetConfigurationsResponse, token xsd.ReferenceToken, pan float64, tilt float64) error {

 	panTiltVector := xsd.Vector2D{
@@ -292,7 +595,7 @@ func ContinuousPanTilt(device *onvif.Device, configuration ptz.GetConfigurations
 	bs, _ := ioutil.ReadAll(res.Body)
 	log.Log.Debug("ContinuousPanTiltMove: " + string(bs))

-	time.Sleep(500 * time.Millisecond)
+	time.Sleep(200 * time.Millisecond)

 	res, errStop := device.CallMethod(ptz.Stop{
 		ProfileToken: token,
@@ -365,6 +668,89 @@ func GetCapabilitiesFromDevice(device *onvif.Device) []string {
 	return capabilities
 }

+func GetPresetsFromDevice(device *onvif.Device) ([]models.OnvifActionPreset, error) {
+	var presets []models.OnvifActionPreset
+	var presetsResponse ptz.GetPresetsResponse
+
+	// Get token from the first profile
+	token, err := GetTokenFromProfile(device, 0)
+	if err == nil {
+		resp, err := device.CallMethod(ptz.GetPresets{
+			ProfileToken: token,
+		})
+
+		defer resp.Body.Close()
+		b, err := io.ReadAll(resp.Body)
+		if err == nil {
+			stringBody := string(b)
+			decodedXML, et, err := getXMLNode(stringBody, "GetPresetsResponse")
+			if err != nil {
+				log.Log.Error("GetPresetsFromDevice: " + err.Error())
+				return presets, err
+			} else {
+				if err := decodedXML.DecodeElement(&presetsResponse, et); err != nil {
+					log.Log.Error("GetPresetsFromDevice: " + err.Error())
+					return presets, err
+				}
+
+				for _, preset := range presetsResponse.Preset {
+					p := models.OnvifActionPreset{
+						Name:  string(preset.Name),
+						Token: string(preset.Token),
+					}
+
+					presets = append(presets, p)
+				}
+
+				return presets, err
+			}
+		} else {
+			log.Log.Error("GetPresetsFromDevice: " + err.Error())
+		}
+	} else {
+		log.Log.Error("GetPresetsFromDevice: " + err.Error())
+	}
+
+	return presets, err
+}
+
+func GoToPresetFromDevice(device *onvif.Device, presetName string) error {
+	var goToPresetResponse ptz.GotoPresetResponse
+
+	// Get token from the first profile
+	token, err := GetTokenFromProfile(device, 0)
+	if err == nil {
+
+		resp, err := device.CallMethod(ptz.GotoPreset{
+			ProfileToken: token,
+			PresetToken:  xsd.ReferenceToken(presetName),
+		})
+
+		defer resp.Body.Close()
+		b, err := io.ReadAll(resp.Body)
+		if err == nil {
+			stringBody := string(b)
+			decodedXML, et, err := getXMLNode(stringBody, "GotoPresetResponses")
+			if err != nil {
+				log.Log.Error("GoToPresetFromDevice: " + err.Error())
+				return err
+			} else {
+				if err := decodedXML.DecodeElement(&goToPresetResponse, et); err != nil {
+					log.Log.Error("GoToPresetFromDevice: " + err.Error())
+					return err
+				}
+				return err
+			}
+		} else {
+			log.Log.Error("GoToPresetFromDevice: " + err.Error())
+		}
+	} else {
+		log.Log.Error("GoToPresetFromDevice: " + err.Error())
+	}
+
+	return err
+}
+
 func getXMLNode(xmlBody string, nodeName string) (*xml.Decoder, *xml.StartElement, error) {
 	xmlBytes := bytes.NewBufferString(xmlBody)
 	decodedXML := xml.NewDecoder(xmlBytes)
--- a/machinery/src/routers/http/Methods.go
+++ b/machinery/src/routers/http/Methods.go
@@ -250,3 +250,105 @@ func DoOnvifZoom(c *gin.Context) {
 		})
 	}
 }
+
+// GetOnvifPresets godoc
+// @Router /api/camera/onvif/presets [post]
+// @ID camera-onvif-presets
+// @Tags camera
+// @Param config body models.OnvifCredentials true "OnvifCredentials"
+// @Summary Will return the ONVIF presets for the specific camera.
+// @Description Will return the ONVIF presets for the specific camera.
+// @Success 200 {object} models.APIResponse
+func GetOnvifPresets(c *gin.Context) {
+	var onvifCredentials models.OnvifCredentials
+	err := c.BindJSON(&onvifCredentials)
+
+	if err == nil && onvifCredentials.ONVIFXAddr != "" {
+
+		configuration := &models.Configuration{
+			Config: models.Config{
+				Capture: models.Capture{
+					IPCamera: models.IPCamera{
+						ONVIFXAddr:    onvifCredentials.ONVIFXAddr,
+						ONVIFUsername: onvifCredentials.ONVIFUsername,
+						ONVIFPassword: onvifCredentials.ONVIFPassword,
+					},
+				},
+			},
+		}
+
+		cameraConfiguration := configuration.Config.Capture.IPCamera
+		device, err := onvif.ConnectToOnvifDevice(&cameraConfiguration)
+		if err == nil {
+			presets, err := onvif.GetPresetsFromDevice(device)
+			if err == nil {
+				c.JSON(200, gin.H{
+					"presets": presets,
+				})
+			} else {
+				c.JSON(400, gin.H{
+					"data": "Something went wrong: " + err.Error(),
+				})
+			}
+		} else {
+			c.JSON(400, gin.H{
+				"data": "Something went wrong: " + err.Error(),
+			})
+		}
+	} else {
+		c.JSON(400, gin.H{
+			"data": "Something went wrong: " + err.Error(),
+		})
+	}
+}
+
+// GoToOnvifPReset godoc
+// @Router /api/camera/onvif/gotopreset [post]
+// @ID camera-onvif-gotopreset
+// @Tags camera
+// @Param config body models.OnvifPreset true "OnvifPreset"
+// @Summary Will activate the desired ONVIF preset.
+// @Description Will activate the desired ONVIF preset.
+// @Success 200 {object} models.APIResponse
+func GoToOnvifPreset(c *gin.Context) {
+	var onvifPreset models.OnvifPreset
+	err := c.BindJSON(&onvifPreset)
+
+	if err == nil && onvifPreset.OnvifCredentials.ONVIFXAddr != "" {
+
+		configuration := &models.Configuration{
+			Config: models.Config{
+				Capture: models.Capture{
+					IPCamera: models.IPCamera{
+						ONVIFXAddr:    onvifPreset.OnvifCredentials.ONVIFXAddr,
+						ONVIFUsername: onvifPreset.OnvifCredentials.ONVIFUsername,
+						ONVIFPassword: onvifPreset.OnvifCredentials.ONVIFPassword,
+					},
+				},
+			},
+		}
+
+		cameraConfiguration := configuration.Config.Capture.IPCamera
+		device, err := onvif.ConnectToOnvifDevice(&cameraConfiguration)
+		if err == nil {
+			err := onvif.GoToPresetFromDevice(device, onvifPreset.Preset)
+			if err == nil {
+				c.JSON(200, gin.H{
+					"data": "Camera preset activated: " + onvifPreset.Preset,
+				})
+			} else {
+				c.JSON(400, gin.H{
+					"data": "Something went wrong: " + err.Error(),
+				})
+			}
+		} else {
+			c.JSON(400, gin.H{
+				"data": "Something went wrong: " + err.Error(),
+			})
+		}
+	} else {
+		c.JSON(400, gin.H{
+			"data": "Something went wrong: " + err.Error(),
+		})
+	}
+}
--- a/machinery/src/routers/http/Routes.go
+++ b/machinery/src/routers/http/Routes.go
@@ -12,6 +12,7 @@ import (

 	"github.com/kerberos-io/agent/machinery/src/cloud"
 	"github.com/kerberos-io/agent/machinery/src/components"
+	configService "github.com/kerberos-io/agent/machinery/src/config"
 	"github.com/kerberos-io/agent/machinery/src/log"
 	"github.com/kerberos-io/agent/machinery/src/models"
 	"github.com/kerberos-io/agent/machinery/src/utils"
@@ -40,7 +41,7 @@ func AddRoutes(r *gin.Engine, authMiddleware *jwt.GinJWTMiddleware, configDirect
 		var config models.Config
 		err := c.BindJSON(&config)
 		if err == nil {
-			err := components.SaveConfig(configDirectory, config, configuration, communication)
+			err := configService.SaveConfig(configDirectory, config, configuration, communication)
 			if err == nil {
 				c.JSON(200, gin.H{
 					"data": "☄ Reconfiguring",
@@ -165,7 +166,7 @@ func AddRoutes(r *gin.Engine, authMiddleware *jwt.GinJWTMiddleware, configDirect
 			var config models.Config
 			err := c.BindJSON(&config)
 			if err == nil {
-				err := components.SaveConfig(configDirectory, config, configuration, communication)
+				err := configService.SaveConfig(configDirectory, config, configuration, communication)
 				if err == nil {
 					c.JSON(200, gin.H{
 						"data": "☄ Reconfiguring",
@@ -215,7 +216,7 @@ func AddRoutes(r *gin.Engine, authMiddleware *jwt.GinJWTMiddleware, configDirect
 				// We will only send an image once per second.
 				time.Sleep(time.Second * 1)
 				log.Log.Info("AddRoutes (/stream): reading from MJPEG stream")
-				img, err := components.GetImageFromFilePath(configDirectory)
+				img, err := configService.GetImageFromFilePath(configDirectory)
 				return img, err
 			}
 			h := components.StartMotionJPEG(imageFunction, 80)
@@ -227,6 +228,8 @@ func AddRoutes(r *gin.Engine, authMiddleware *jwt.GinJWTMiddleware, configDirect
 		// the camera.
 		api.POST("/camera/onvif/login", LoginToOnvif)
 		api.POST("/camera/onvif/capabilities", GetOnvifCapabilities)
+		api.POST("/camera/onvif/presets", GetOnvifPresets)
+		api.POST("/camera/onvif/gotopreset", GoToOnvifPreset)
 		api.POST("/camera/onvif/pantilt", DoOnvifPanTilt)
 		api.POST("/camera/onvif/zoom", DoOnvifZoom)
 		api.POST("/camera/verify/:streamType", capture.VerifyCamera)
--- a/machinery/src/routers/mqtt/main.go
+++ b/machinery/src/routers/mqtt/main.go
@@ -1,38 +1,26 @@
 package mqtt

 import (
+	"crypto/rsa"
+	"crypto/x509"
 	"encoding/json"
+	"encoding/pem"
 	"fmt"
+	"io/ioutil"
 	"math/rand"
 	"strconv"
+	"strings"
 	"time"

 	mqtt "github.com/eclipse/paho.mqtt.golang"
+	configService "github.com/kerberos-io/agent/machinery/src/config"
+	"github.com/kerberos-io/agent/machinery/src/encryption"
 	"github.com/kerberos-io/agent/machinery/src/log"
 	"github.com/kerberos-io/agent/machinery/src/models"
 	"github.com/kerberos-io/agent/machinery/src/onvif"
 	"github.com/kerberos-io/agent/machinery/src/webrtc"
 )

-// The message structure which is used to send over
-// and receive messages from the MQTT broker
-type Message struct {
-	Mid         string  `json:"mid"`
-	Timestamp   int64   `json:"timestamp"`
-	Encrypted   bool    `json:"encrypted"`
-	PublicKey   string  `json:"public_key"`
-	Fingerprint string  `json:"fingerprint"`
-	Payload     Payload `json:"payload"`
-}
-
-// The payload structure which is used to send over
-// and receive messages from the MQTT broker
-type Payload struct {
-	Action   string                 `json:"action"`
-	DeviceId string                 `json:"device_id"`
-	Value    map[string]interface{} `json:"value"`
-}
-
 // We'll cache the MQTT settings to know if we need to reinitialize the MQTT client connection.
 // If we update the configuration but no new MQTT settings are provided, we don't need to restart it.
 var PREV_MQTTURI string
@@ -54,51 +42,18 @@ func HasMQTTClientModified(configuration *models.Configuration) bool {
 	return false
 }

-func PackageMQTTMessage(msg Message) ([]byte, error) {
-	// We'll generate an unique id, and encrypt it using the private key.
-	msg.Mid = "0123456789+1"
-	msg.Timestamp = time.Now().Unix()
-	msg.Encrypted = false
-	msg.PublicKey = ""
-	msg.Fingerprint = ""
-	payload, err := json.Marshal(msg)
-	return payload, err
-}
-
 // Configuring MQTT to subscribe for various bi-directional messaging
 // Listen and reply (a generic method to share and retrieve information)
 //
-// !!! NEW METHOD TO COMMUNICATE: only create a single subscription for all communication.
-// and an additional publish messages back
-//
 // - [SUBSCRIPTION] kerberos/agent/{hubkey} 		(hub -> agent)
 // - [PUBLISH] kerberos/hub/{hubkey}  		(agent -> hub)
 //
 // !!! LEGACY METHODS BELOW, WE SHOULD LEVERAGE THE ABOVE METHOD!
-//
-// [SUBSCRIPTIONS]
-//
-// SD Streaming (Base64 JPEGs)
-// - kerberos/{hubkey}/device/{devicekey}/request-live: use for polling of SD live streaming (as long the user requests stream, we'll send JPEGs over).
-//
-// HD Streaming (WebRTC)
-// - kerberos/register: use for receiving HD live streaming requests.
-// - candidate/cloud: remote ICE candidates are shared over this line.
-// - kerberos/webrtc/keepalivehub/{devicekey}: use for polling of HD streaming (as long the user requests stream, we'll send it over).
-// - kerberos/webrtc/peers/{devicekey}: we'll keep track of the number of peers (we can have more than 1 concurrent listeners).
-//
-// ONVIF capabilities
-// - kerberos/onvif/{devicekey}: endpoint to execute ONVIF commands such as (PTZ, Zoom, IO, etc)
-//
 // [PUBlISH]
 // Next to subscribing to various topics, we'll also publish messages to various topics, find a list of available Publish methods.
-//
-// - kerberos/webrtc/packets/{devicekey}: use for forwarding WebRTC (RTP Packets) over MQTT -> Complex firewall.
-// - kerberos/webrtc/keepalive/{devicekey}: use for keeping alive forwarded WebRTC stream
-// - {devicekey}/{sessionid}/answer: once a WebRTC request is received through (kerberos/register), we'll draft an answer and send it back to the remote WebRTC client.
 // - kerberos/{hubkey}/device/{devicekey}/motion: a motion signal

-func ConfigureMQTT(configuration *models.Configuration, communication *models.Communication) mqtt.Client {
+func ConfigureMQTT(configDirectory string, configuration *models.Configuration, communication *models.Communication) mqtt.Client {

 	config := configuration.Config

@@ -174,25 +129,7 @@ func ConfigureMQTT(configuration *models.Configuration, communication *models.Co
 				log.Log.Info("ConfigureMQTT: " + mqttClientID + " connected to " + mqttURL)

 				// Create a susbcription for listen and reply
-				MQTTListenerHandler(c, hubKey, configuration, communication)
-
-				// Create a subscription to know if send out a livestream or not.
-				MQTTListenerHandleLiveSD(c, hubKey, configuration, communication)
-
-				// Create a subscription for the WEBRTC livestream.
-				MQTTListenerHandleLiveHDHandshake(c, hubKey, configuration, communication)
-
-				// Create a subscription for keeping alive the WEBRTC livestream.
-				MQTTListenerHandleLiveHDKeepalive(c, hubKey, configuration, communication)
-
-				// Create a subscription to listen to the number of WEBRTC peers.
-				MQTTListenerHandleLiveHDPeers(c, hubKey, configuration, communication)
-
-				// Create a subscription to listen for WEBRTC candidates.
-				MQTTListenerHandleLiveHDCandidates(c, hubKey, configuration, communication)
-
-				// Create a susbcription to listen for ONVIF actions: e.g. PTZ, Zoom, etc.
-				MQTTListenerHandleONVIF(c, hubKey, configuration, communication)
+				MQTTListenerHandler(c, hubKey, configDirectory, configuration, communication)
 			}
 		}
 		mqc := mqtt.NewClient(opts)
@@ -207,7 +144,7 @@ func ConfigureMQTT(configuration *models.Configuration, communication *models.Co
 	return nil
 }

-func MQTTListenerHandler(mqttClient mqtt.Client, hubKey string, configuration *models.Configuration, communication *models.Communication) {
+func MQTTListenerHandler(mqttClient mqtt.Client, hubKey string, configDirectory string, configuration *models.Configuration, communication *models.Communication) {
 	if hubKey == "" {
 		log.Log.Info("MQTTListenerHandler: no hub key provided, not subscribing to kerberos/hub/{hubkey}")
 	} else {
@@ -223,50 +160,99 @@ func MQTTListenerHandler(mqttClient mqtt.Client, hubKey string, configuration *m
 			//	 payload: Payload, "a json object which might be encrypted"
 			// }

-			var message Message
+			var message models.Message
 			json.Unmarshal(msg.Payload(), &message)
-			if message.Mid != "" && message.Timestamp != 0 {
+
+			// We will receive all messages from our hub, so we'll need to filter to the relevant device.
+			if message.Mid != "" && message.Timestamp != 0 && message.DeviceId == configuration.Config.Key {
 				// Messages might be encrypted, if so we'll
 				// need to decrypt them.
-				var payload Payload
-				if message.Encrypted {
-					// We'll find out the key we use to decrypt the message.
-					// TODO -> still needs to be implemented.
-					// Use to fingerprint to act accordingly.
+				var payload models.Payload
+				if message.Encrypted && configuration.Config.Encryption != nil && configuration.Config.Encryption.Enabled {
+					encryptedValue := message.Payload.EncryptedValue
+					if len(encryptedValue) > 0 {
+						symmetricKey := configuration.Config.Encryption.SymmetricKey
+						privateKey := configuration.Config.Encryption.PrivateKey
+						r := strings.NewReader(privateKey)
+						pemBytes, _ := ioutil.ReadAll(r)
+						block, _ := pem.Decode(pemBytes)
+						if block == nil {
+							log.Log.Error("MQTTListenerHandler: error decoding PEM block containing private key")
+							return
+						} else {
+							// Parse private key
+							b := block.Bytes
+							key, err := x509.ParsePKCS8PrivateKey(b)
+							if err != nil {
+								log.Log.Error("MQTTListenerHandler: error parsing private key: " + err.Error())
+								return
+							} else {
+								// Conver key to *rsa.PrivateKey
+								rsaKey, _ := key.(*rsa.PrivateKey)
+
+								// Get encrypted key from message, delimited by :::
+								encryptedKey := strings.Split(encryptedValue, ":::")[0]   // encrypted with RSA
+								encryptedValue := strings.Split(encryptedValue, ":::")[1] // encrypted with AES
+								// Convert encrypted value to []byte
+								decryptedKey, err := encryption.DecryptWithPrivateKey(encryptedKey, rsaKey)
+								if decryptedKey != nil {
+									if string(decryptedKey) == symmetricKey {
+										// Decrypt value with decryptedKey
+										decryptedValue, err := encryption.AesDecrypt(encryptedValue, string(decryptedKey))
+										if err != nil {
+											log.Log.Error("MQTTListenerHandler: error decrypting message: " + err.Error())
+											return
+										}
+										json.Unmarshal([]byte(decryptedValue), &payload)
+									} else {
+										log.Log.Error("MQTTListenerHandler: error decrypting message, assymetric keys do not match.")
+										return
+									}
+								} else if err != nil {
+									log.Log.Error("MQTTListenerHandler: error decrypting message: " + err.Error())
+									return
+								}
+							}
+						}
+					}
 				} else {
 					payload = message.Payload
 				}

-				// We will receive all messages from our hub, so we'll need to filter to the relevant device.
-				if payload.DeviceId != configuration.Config.Key {
-					// Not relevant for this device, so we'll ignore it.
-				} else {
-					// We'll find out which message we received, and act accordingly.
-					switch payload.Action {
-					case "record":
-						HandleRecording(mqttClient, hubKey, payload, configuration, communication)
-					case "get-ptz-position":
-						HandleGetPTZPosition(mqttClient, hubKey, payload, configuration, communication)
-					case "update-ptz-position":
-						HandleUpdatePTZPosition(mqttClient, hubKey, payload, configuration, communication)
-					}
+				// We'll find out which message we received, and act accordingly.
+				log.Log.Info("MQTTListenerHandler: received message with action: " + payload.Action)
+				switch payload.Action {
+				case "record":
+					go HandleRecording(mqttClient, hubKey, payload, configuration, communication)
+				case "get-ptz-position":
+					go HandleGetPTZPosition(mqttClient, hubKey, payload, configuration, communication)
+				case "update-ptz-position":
+					go HandleUpdatePTZPosition(mqttClient, hubKey, payload, configuration, communication)
+				case "navigate-ptz":
+					go HandleNavigatePTZ(mqttClient, hubKey, payload, configuration, communication)
+				case "request-config":
+					go HandleRequestConfig(mqttClient, hubKey, payload, configuration, communication)
+				case "update-config":
+					go HandleUpdateConfig(mqttClient, hubKey, payload, configDirectory, configuration, communication)
+				case "request-sd-stream":
+					go HandleRequestSDStream(mqttClient, hubKey, payload, configuration, communication)
+				case "request-hd-stream":
+					go HandleRequestHDStream(mqttClient, hubKey, payload, configuration, communication)
+				case "receive-hd-candidates":
+					go HandleReceiveHDCandidates(mqttClient, hubKey, payload, configuration, communication)
 				}
+
 			}
 		})
 	}
 }

-// We received a recording request, we'll send it to the motion handler.
-type RecordPayload struct {
-	Timestamp int64 `json:"timestamp"` // timestamp of the recording request.
-}
-
-func HandleRecording(mqttClient mqtt.Client, hubKey string, payload Payload, configuration *models.Configuration, communication *models.Communication) {
+func HandleRecording(mqttClient mqtt.Client, hubKey string, payload models.Payload, configuration *models.Configuration, communication *models.Communication) {
 	value := payload.Value

 	// Convert map[string]interface{} to RecordPayload
 	jsonData, _ := json.Marshal(value)
-	var recordPayload RecordPayload
+	var recordPayload models.RecordPayload
 	json.Unmarshal(jsonData, &recordPayload)

 	if recordPayload.Timestamp != 0 {
@@ -277,17 +263,12 @@ func HandleRecording(mqttClient mqtt.Client, hubKey string, payload Payload, con
 	}
 }

-// We received a preset position request, we'll request it through onvif and send it back.
-type PTZPositionPayload struct {
-	Timestamp int64 `json:"timestamp"` // timestamp of the preset request.
-}
-
-func HandleGetPTZPosition(mqttClient mqtt.Client, hubKey string, payload Payload, configuration *models.Configuration, communication *models.Communication) {
+func HandleGetPTZPosition(mqttClient mqtt.Client, hubKey string, payload models.Payload, configuration *models.Configuration, communication *models.Communication) {
 	value := payload.Value

 	// Convert map[string]interface{} to PTZPositionPayload
 	jsonData, _ := json.Marshal(value)
-	var positionPayload PTZPositionPayload
+	var positionPayload models.PTZPositionPayload
 	json.Unmarshal(jsonData, &positionPayload)

 	if positionPayload.Timestamp != 0 {
@@ -298,8 +279,8 @@ func HandleGetPTZPosition(mqttClient mqtt.Client, hubKey string, payload Payload
 		} else {
 			// Needs to wrapped!
 			posString := fmt.Sprintf("%f,%f,%f", pos.PanTilt.X, pos.PanTilt.Y, pos.Zoom.X)
-			message := Message{
-				Payload: Payload{
+			message := models.Message{
+				Payload: models.Payload{
 					Action:   "ptz-position",
 					DeviceId: configuration.Config.Key,
 					Value: map[string]interface{}{
@@ -308,7 +289,7 @@ func HandleGetPTZPosition(mqttClient mqtt.Client, hubKey string, payload Payload
 					},
 				},
 			}
-			payload, err := PackageMQTTMessage(message)
+			payload, err := models.PackageMQTTMessage(configuration, message)
 			if err == nil {
 				mqttClient.Publish("kerberos/hub/"+hubKey, 0, false, payload)
 			} else {
@@ -318,7 +299,7 @@ func HandleGetPTZPosition(mqttClient mqtt.Client, hubKey string, payload Payload
 	}
 }

-func HandleUpdatePTZPosition(mqttClient mqtt.Client, hubKey string, payload Payload, configuration *models.Configuration, communication *models.Communication) {
+func HandleUpdatePTZPosition(mqttClient mqtt.Client, hubKey string, payload models.Payload, configuration *models.Configuration, communication *models.Communication) {
 	value := payload.Value

 	// Convert map[string]interface{} to PTZPositionPayload
@@ -336,130 +317,167 @@ func HandleUpdatePTZPosition(mqttClient mqtt.Client, hubKey string, payload Payl
 	}
 }

-func DisconnectMQTT(mqttClient mqtt.Client, config *models.Config) {
-	if mqttClient != nil {
-		// Cleanup all subscriptions
+func HandleRequestConfig(mqttClient mqtt.Client, hubKey string, payload models.Payload, configuration *models.Configuration, communication *models.Communication) {
+	value := payload.Value

-		// New methods
-		mqttClient.Unsubscribe("kerberos/agent/" + PREV_HubKey)
+	// Convert map[string]interface{} to RequestConfigPayload
+	jsonData, _ := json.Marshal(value)
+	var configPayload models.RequestConfigPayload
+	json.Unmarshal(jsonData, &configPayload)

-		// Legacy methods
-		mqttClient.Unsubscribe("kerberos/" + PREV_HubKey + "/device/" + PREV_AgentKey + "/request-live")
-		mqttClient.Unsubscribe(PREV_AgentKey + "/register")
-		mqttClient.Unsubscribe("kerberos/webrtc/keepalivehub/" + PREV_AgentKey)
-		mqttClient.Unsubscribe("kerberos/webrtc/peers/" + PREV_AgentKey)
-		mqttClient.Unsubscribe("candidate/cloud")
-		mqttClient.Unsubscribe("kerberos/onvif/" + PREV_AgentKey)
+	if configPayload.Timestamp != 0 {
+		// Get Config from the device

-		mqttClient.Disconnect(1000)
-		mqttClient = nil
-		log.Log.Info("DisconnectMQTT: MQTT client disconnected.")
+		key := configuration.Config.Key
+		name := configuration.Config.Name
+
+		if key != "" && name != "" {
+
+			var configMap map[string]interface{}
+			inrec, _ := json.Marshal(configuration.Config)
+			json.Unmarshal(inrec, &configMap)
+
+			message := models.Message{
+				Payload: models.Payload{
+					Action:   "receive-config",
+					DeviceId: configuration.Config.Key,
+					Value:    configMap,
+				},
+			}
+			payload, err := models.PackageMQTTMessage(configuration, message)
+			if err == nil {
+				mqttClient.Publish("kerberos/hub/"+hubKey, 0, false, payload)
+			} else {
+				log.Log.Info("HandleRequestConfig: something went wrong while sending config to hub: " + string(payload))
+			}
+
+		} else {
+			log.Log.Info("HandleRequestConfig: no config available")
+		}
+
+		log.Log.Info("HandleRequestConfig: Received a request for the config")
 	}
 }

-// #################################################################################################
-// Below you'll find legacy methods, as of now we'll have a single subscription, which scales better
+func HandleUpdateConfig(mqttClient mqtt.Client, hubKey string, payload models.Payload, configDirectory string, configuration *models.Configuration, communication *models.Communication) {
+	value := payload.Value

-func MQTTListenerHandleLiveSD(mqttClient mqtt.Client, hubKey string, configuration *models.Configuration, communication *models.Communication) {
-	config := configuration.Config
-	topicRequest := "kerberos/" + hubKey + "/device/" + config.Key + "/request-live"
-	mqttClient.Subscribe(topicRequest, 0, func(c mqtt.Client, msg mqtt.Message) {
+	// Convert map[string]interface{} to UpdateConfigPayload
+	jsonData, _ := json.Marshal(value)
+	var configPayload models.UpdateConfigPayload
+	json.Unmarshal(jsonData, &configPayload)
+
+	if configPayload.Timestamp != 0 {
+
+		config := configPayload.Config
+		err := configService.SaveConfig(configDirectory, config, configuration, communication)
+		if err == nil {
+			log.Log.Info("HandleUpdateConfig: Config updated")
+			message := models.Message{
+				Payload: models.Payload{
+					Action:   "acknowledge-update-config",
+					DeviceId: configuration.Config.Key,
+				},
+			}
+			payload, err := models.PackageMQTTMessage(configuration, message)
+			if err == nil {
+				mqttClient.Publish("kerberos/hub/"+hubKey, 0, false, payload)
+			} else {
+				log.Log.Info("HandleRequestConfig: something went wrong while sending acknowledge config to hub: " + string(payload))
+			}
+		} else {
+			log.Log.Info("HandleUpdateConfig: Config update failed")
+		}
+	}
+}
+
+func HandleRequestSDStream(mqttClient mqtt.Client, hubKey string, payload models.Payload, configuration *models.Configuration, communication *models.Communication) {
+	value := payload.Value
+	// Convert map[string]interface{} to RequestSDStreamPayload
+	jsonData, _ := json.Marshal(value)
+	var requestSDStreamPayload models.RequestSDStreamPayload
+	json.Unmarshal(jsonData, &requestSDStreamPayload)
+
+	if requestSDStreamPayload.Timestamp != 0 {
 		if communication.CameraConnected {
 			select {
 			case communication.HandleLiveSD <- time.Now().Unix():
 			default:
 			}
-			log.Log.Info("MQTTListenerHandleLiveSD: received request to livestream.")
+			log.Log.Info("HandleRequestSDStream: received request to livestream.")
 		} else {
-			log.Log.Info("MQTTListenerHandleLiveSD: received request to livestream, but camera is not connected.")
+			log.Log.Info("HandleRequestSDStream: received request to livestream, but camera is not connected.")
 		}
-		msg.Ack()
-	})
+	}
 }

-func MQTTListenerHandleLiveHDHandshake(mqttClient mqtt.Client, hubKey string, configuration *models.Configuration, communication *models.Communication) {
-	config := configuration.Config
-	topicRequestWebRtc := config.Key + "/register"
-	mqttClient.Subscribe(topicRequestWebRtc, 0, func(c mqtt.Client, msg mqtt.Message) {
+func HandleRequestHDStream(mqttClient mqtt.Client, hubKey string, payload models.Payload, configuration *models.Configuration, communication *models.Communication) {
+	value := payload.Value
+	// Convert map[string]interface{} to RequestHDStreamPayload
+	jsonData, _ := json.Marshal(value)
+	var requestHDStreamPayload models.RequestHDStreamPayload
+	json.Unmarshal(jsonData, &requestHDStreamPayload)
+
+	if requestHDStreamPayload.Timestamp != 0 {
 		if communication.CameraConnected {
-			var sdp models.SDPPayload
-			json.Unmarshal(msg.Payload(), &sdp)
+			// Set the Hub key, so we can send back the answer.
+			requestHDStreamPayload.HubKey = hubKey
 			select {
-			case communication.HandleLiveHDHandshake <- sdp:
+			case communication.HandleLiveHDHandshake <- requestHDStreamPayload:
 			default:
 			}
-			log.Log.Info("MQTTListenerHandleLiveHDHandshake: received request to setup webrtc.")
+			log.Log.Info("HandleRequestHDStream: received request to setup webrtc.")
 		} else {
-			log.Log.Info("MQTTListenerHandleLiveHDHandshake: received request to setup webrtc, but camera is not connected.")
+			log.Log.Info("HandleRequestHDStream: received request to setup webrtc, but camera is not connected.")
 		}
-		msg.Ack()
-	})
+	}
 }

-func MQTTListenerHandleLiveHDKeepalive(mqttClient mqtt.Client, hubKey string, configuration *models.Configuration, communication *models.Communication) {
-	config := configuration.Config
-	topicKeepAlive := fmt.Sprintf("kerberos/webrtc/keepalivehub/%s", config.Key)
-	mqttClient.Subscribe(topicKeepAlive, 0, func(c mqtt.Client, msg mqtt.Message) {
+func HandleReceiveHDCandidates(mqttClient mqtt.Client, hubKey string, payload models.Payload, configuration *models.Configuration, communication *models.Communication) {
+	value := payload.Value
+	// Convert map[string]interface{} to ReceiveHDCandidatesPayload
+	jsonData, _ := json.Marshal(value)
+	var receiveHDCandidatesPayload models.ReceiveHDCandidatesPayload
+	json.Unmarshal(jsonData, &receiveHDCandidatesPayload)
+
+	if receiveHDCandidatesPayload.Timestamp != 0 {
 		if communication.CameraConnected {
-			alive := string(msg.Payload())
-			communication.HandleLiveHDKeepalive <- alive
-			log.Log.Info("MQTTListenerHandleLiveHDKeepalive: Received keepalive: " + alive)
+			channel := webrtc.CandidateArrays[receiveHDCandidatesPayload.SessionID]
+			log.Log.Info("HandleReceiveHDCandidates: " + receiveHDCandidatesPayload.Candidate)
+			channel <- receiveHDCandidatesPayload.Candidate
 		} else {
-			log.Log.Info("MQTTListenerHandleLiveHDKeepalive: received keepalive, but camera is not connected.")
+			log.Log.Info("HandleReceiveHDCandidates: received candidate, but camera is not connected.")
 		}
-	})
+	}
 }

-func MQTTListenerHandleLiveHDPeers(mqttClient mqtt.Client, hubKey string, configuration *models.Configuration, communication *models.Communication) {
-	config := configuration.Config
-	topicPeers := fmt.Sprintf("kerberos/webrtc/peers/%s", config.Key)
-	mqttClient.Subscribe(topicPeers, 0, func(c mqtt.Client, msg mqtt.Message) {
-		if communication.CameraConnected {
-			peerCount := string(msg.Payload())
-			communication.HandleLiveHDPeers <- peerCount
-			log.Log.Info("MQTTListenerHandleLiveHDPeers: Number of peers listening: " + peerCount)
-		} else {
-			log.Log.Info("MQTTListenerHandleLiveHDPeers: received peer count, but camera is not connected.")
-		}
-	})
-}
+func HandleNavigatePTZ(mqttClient mqtt.Client, hubKey string, payload models.Payload, configuration *models.Configuration, communication *models.Communication) {
+	value := payload.Value
+	jsonData, _ := json.Marshal(value)
+	var navigatePTZPayload models.NavigatePTZPayload
+	json.Unmarshal(jsonData, &navigatePTZPayload)

-func MQTTListenerHandleLiveHDCandidates(mqttClient mqtt.Client, hubKey string, configuration *models.Configuration, communication *models.Communication) {
-	config := configuration.Config
-	topicCandidates := "candidate/cloud"
-	mqttClient.Subscribe(topicCandidates, 0, func(c mqtt.Client, msg mqtt.Message) {
-		if communication.CameraConnected {
-			var candidate models.Candidate
-			json.Unmarshal(msg.Payload(), &candidate)
-			if candidate.CloudKey == config.Key {
-				key := candidate.CloudKey + "/" + candidate.Cuuid
-				candidatesExists := false
-				var channel chan string
-				for !candidatesExists {
-					webrtc.CandidatesMutex.Lock()
-					channel, candidatesExists = webrtc.CandidateArrays[key]
-					webrtc.CandidatesMutex.Unlock()
-				}
-				log.Log.Info("MQTTListenerHandleLiveHDCandidates: " + string(msg.Payload()))
-				channel <- string(msg.Payload())
-			}
-		} else {
-			log.Log.Info("MQTTListenerHandleLiveHDCandidates: received candidate, but camera is not connected.")
-		}
-	})
-}
-
-func MQTTListenerHandleONVIF(mqttClient mqtt.Client, hubKey string, configuration *models.Configuration, communication *models.Communication) {
-	config := configuration.Config
-	topicOnvif := fmt.Sprintf("kerberos/onvif/%s", config.Key)
-	mqttClient.Subscribe(topicOnvif, 0, func(c mqtt.Client, msg mqtt.Message) {
+	if navigatePTZPayload.Timestamp != 0 {
 		if communication.CameraConnected {
+			action := navigatePTZPayload.Action
 			var onvifAction models.OnvifAction
-			json.Unmarshal(msg.Payload(), &onvifAction)
+			json.Unmarshal([]byte(action), &onvifAction)
 			communication.HandleONVIF <- onvifAction
-			log.Log.Info("MQTTListenerHandleONVIF: Received an action - " + onvifAction.Action)
+			log.Log.Info("HandleNavigatePTZ: Received an action - " + onvifAction.Action)
+
 		} else {
-			log.Log.Info("MQTTListenerHandleONVIF: received action, but camera is not connected.")
+			log.Log.Info("HandleNavigatePTZ: received action, but camera is not connected.")
 		}
-	})
+	}
+}
+
+func DisconnectMQTT(mqttClient mqtt.Client, config *models.Config) {
+	if mqttClient != nil {
+		// Cleanup all subscriptions
+		// New methods
+		mqttClient.Unsubscribe("kerberos/agent/" + PREV_HubKey)
+		mqttClient.Disconnect(1000)
+		mqttClient = nil
+		log.Log.Info("DisconnectMQTT: MQTT client disconnected.")
+	}
 }
--- a/machinery/src/webrtc/main.go
+++ b/machinery/src/webrtc/main.go
@@ -87,19 +87,22 @@ func (w WebRTC) CreateOffer(sd []byte) pionWebRTC.SessionDescription {
 	return offer
 }

-func InitializeWebRTCConnection(configuration *models.Configuration, communication *models.Communication, mqttClient mqtt.Client, videoTrack *pionWebRTC.TrackLocalStaticSample, audioTrack *pionWebRTC.TrackLocalStaticSample, handshake models.SDPPayload, candidates chan string) {
+func InitializeWebRTCConnection(configuration *models.Configuration, communication *models.Communication, mqttClient mqtt.Client, videoTrack *pionWebRTC.TrackLocalStaticSample, audioTrack *pionWebRTC.TrackLocalStaticSample, handshake models.RequestHDStreamPayload, candidates chan string) {

 	config := configuration.Config
-
 	deviceKey := config.Key
 	stunServers := []string{config.STUNURI}
 	turnServers := []string{config.TURNURI}
 	turnServersUsername := config.TURNUsername
 	turnServersCredential := config.TURNPassword

+	// Set variables
+	hubKey := handshake.HubKey
+	sessionDescription := handshake.SessionDescription
+
 	// Create WebRTC object
 	w := CreateWebRTC(deviceKey, stunServers, turnServers, turnServersUsername, turnServersCredential)
-	sd, err := w.DecodeSessionDescription(handshake.Sdp)
+	sd, err := w.DecodeSessionDescription(sessionDescription)

 	if err == nil {

@@ -122,7 +125,6 @@ func InitializeWebRTCConnection(configuration *models.Configuration, communicati
 						Credential: w.TurnServersCredential,
 					},
 				},
-				//ICETransportPolicy: pionWebRTC.ICETransportPolicyRelay,
 			},
 		)

@@ -143,7 +145,7 @@ func InitializeWebRTCConnection(configuration *models.Configuration, communicati
 			peerConnection.OnICEConnectionStateChange(func(connectionState pionWebRTC.ICEConnectionState) {
 				if connectionState == pionWebRTC.ICEConnectionStateDisconnected {
 					atomic.AddInt64(&peerConnectionCount, -1)
-					peerConnections[handshake.Cuuid] = nil
+					peerConnections[handshake.SessionID] = nil
 					close(candidates)
 					close(w.PacketsCount)
 					if err := peerConnection.Close(); err != nil {
@@ -152,9 +154,12 @@ func InitializeWebRTCConnection(configuration *models.Configuration, communicati
 				} else if connectionState == pionWebRTC.ICEConnectionStateConnected {
 					atomic.AddInt64(&peerConnectionCount, 1)
 				} else if connectionState == pionWebRTC.ICEConnectionStateChecking {
+					// Iterate over the candidates and send them to the remote client
+					// Non blocking channel
 					for candidate := range candidates {
 						log.Log.Info("InitializeWebRTCConnection: Received candidate.")
 						if candidateErr := peerConnection.AddICECandidate(pionWebRTC.ICECandidateInit{Candidate: string(candidate)}); candidateErr != nil {
+							log.Log.Error("InitializeWebRTCConnection: something went wrong while adding candidate: " + candidateErr.Error())
 						}
 					}
 				}
@@ -167,7 +172,6 @@ func InitializeWebRTCConnection(configuration *models.Configuration, communicati
 				panic(err)
 			}

-			//gatherCompletePromise := pionWebRTC.GatheringCompletePromise(peerConnection)
 			answer, err := peerConnection.CreateAnswer(nil)
 			if err != nil {
 				panic(err)
@@ -175,37 +179,64 @@ func InitializeWebRTCConnection(configuration *models.Configuration, communicati
 				panic(err)
 			}

-			// When an ICE candidate is available send to the other Pion instance
-			// the other Pion instance will add this candidate by calling AddICECandidate
-			var candidatesMux sync.Mutex
+			// When an ICE candidate is available send to the other peer using the signaling server (MQTT).
+			// The other peer will add this candidate by calling AddICECandidate
 			peerConnection.OnICECandidate(func(candidate *pionWebRTC.ICECandidate) {
-
 				if candidate == nil {
 					return
 				}

-				candidatesMux.Lock()
-				defer candidatesMux.Unlock()
-
-				topic := fmt.Sprintf("%s/%s/candidate/edge", deviceKey, handshake.Cuuid)
-				log.Log.Info("InitializeWebRTCConnection: Send candidate to " + topic)
-				candiInit := candidate.ToJSON()
+				//  Create a config map
+				valueMap := make(map[string]interface{})
+				candateJSON := candidate.ToJSON()
 				sdpmid := "0"
-				candiInit.SDPMid = &sdpmid
-				candi, err := json.Marshal(candiInit)
+				candateJSON.SDPMid = &sdpmid
+				candateBinary, err := json.Marshal(candateJSON)
 				if err == nil {
-					log.Log.Info("InitializeWebRTCConnection:" + string(candi))
-					token := mqttClient.Publish(topic, 2, false, candi)
-					token.Wait()
+					valueMap["candidate"] = string(candateBinary)
+				} else {
+					log.Log.Info("HandleRequestConfig: something went wrong while marshalling candidate: " + err.Error())
+				}
+
+				// We'll send the candidate to the hub
+				message := models.Message{
+					Payload: models.Payload{
+						Action:   "receive-hd-candidates",
+						DeviceId: configuration.Config.Key,
+						Value:    valueMap,
+					},
+				}
+				payload, err := models.PackageMQTTMessage(configuration, message)
+				if err == nil {
+					mqttClient.Publish("kerberos/hub/"+hubKey, 0, false, payload)
+				} else {
+					log.Log.Info("HandleRequestConfig: something went wrong while sending acknowledge config to hub: " + string(payload))
 				}
 			})

-			peerConnections[handshake.Cuuid] = peerConnection
+			// Create a channel which will be used to send candidates to the other peer
+			peerConnections[handshake.SessionID] = peerConnection

 			if err == nil {
-				topic := fmt.Sprintf("%s/%s/answer", deviceKey, handshake.Cuuid)
-				log.Log.Info("InitializeWebRTCConnection: Send SDP answer to " + topic)
-				mqttClient.Publish(topic, 2, false, []byte(base64.StdEncoding.EncodeToString([]byte(answer.SDP))))
+				//  Create a config map
+				valueMap := make(map[string]interface{})
+				valueMap["sdp"] = []byte(base64.StdEncoding.EncodeToString([]byte(answer.SDP)))
+				log.Log.Info("InitializeWebRTCConnection: Send SDP answer")
+
+				// We'll send the candidate to the hub
+				message := models.Message{
+					Payload: models.Payload{
+						Action:   "receive-hd-answer",
+						DeviceId: configuration.Config.Key,
+						Value:    valueMap,
+					},
+				}
+				payload, err := models.PackageMQTTMessage(configuration, message)
+				if err == nil {
+					mqttClient.Publish("kerberos/hub/"+hubKey, 0, false, payload)
+				} else {
+					log.Log.Info("HandleRequestConfig: something went wrong while sending acknowledge config to hub: " + string(payload))
+				}
 			}
 		}
 	} else {
@@ -358,16 +389,9 @@ func WriteToTrack(livestreamCursor *pubsub.QueueCursor, configuration *models.Co
 					pkt.Data = append(codecData.(h264parser.CodecData).SPS(), pkt.Data...)
 					pkt.Data = append(annexbNALUStartCode(), pkt.Data...)
 					log.Log.Info("WriteToTrack: Sending keyframe")
-
-					if config.Capture.ForwardWebRTC == "true" {
-						log.Log.Info("WriteToTrack: Sending keep a live to remote broker.")
-						topic := fmt.Sprintf("kerberos/webrtc/keepalive/%s", config.Key)
-						mqttClient.Publish(topic, 2, false, "1")
-					}
 				}

 				if start {
-
 					sample := pionMedia.Sample{Data: pkt.Data, Duration: bufferDuration}
 					if config.Capture.ForwardWebRTC == "true" {
 						samplePacket, err := json.Marshal(sample)
--- a/ui/public/locales/it/translation.json
+++ b/ui/public/locales/it/translation.json
@@ -0,0 +1,215 @@
+{
+  "breadcrumb": {
+    "watch_recordings": "Guarda registrazioni",
+    "configure": "Configura"
+  },
+  "buttons": {
+    "save": "Salva",
+    "verify_connection": "Verifica connessione"
+  },
+  "navigation": {
+    "profile": "Profilo",
+    "admin": "admin",
+    "management": "Gestione",
+    "dashboard": "Dashboard",
+    "recordings": "Registrazioni",
+    "settings": "Impostazioni",
+    "help_support": "Aiuto e supporto",
+    "swagger": "Swagger API",
+    "documentation": "Documentazione",
+    "ui_library": "Biblioteca UI",
+    "layout": "Lingua e layout",
+    "choose_language": "Scegli lingua"
+  },
+  "dashboard": {
+    "title": "Dashboard",
+    "heading": "Panoramica della videosorveglianza",
+    "number_of_days": "Numero di giorni",
+    "total_recordings": "Registrazioni totali",
+    "connected": "Connesso",
+    "not_connected": "Non connesso",
+    "offline_mode": "Modalità offline",
+    "latest_events": "Ultimi eventi",
+    "configure_connection": "Configura connessione",
+    "no_events": "Nessun evento",
+    "no_events_description": "Non sono state trovate registrazioni, assicurati che il Kerberos Agent sia configurato correttamente.",
+    "motion_detected": "Movimento rilevato",
+    "live_view": "Vista in diretta",
+    "loading_live_view": "Caricamento vista in diretta",
+    "loading_live_view_description": "Attendi mentre viene caricata la vista in diretta. Se non l'hai ancora fatto, configura la connessione con la videocamera nelle pagine di impostazione.",
+    "time": "Ora",
+    "description": "Descrizione",
+    "name": "Nome"
+  },
+  "recordings": {
+    "title": "Registrazioni",
+    "heading": "Tutte le tue registrazioni in un posto solo",
+    "search_media": "Cerca video"
+  },
+  "settings": {
+    "title": "Impostazioni",
+    "heading": "Panoramica impostazioni videocamera e Agent",
+    "submenu": {
+      "all": "All",
+      "overview": "Panoramica",
+      "camera": "Videocamera",
+      "recording": "Registrazione",
+      "streaming": "Streaming",
+      "conditions": "Criteri",
+      "persistence": "Persistenza"
+    },
+    "info": {
+      "kerberos_hub_demo": "Dai un'occhiata al nostro ambiente demo di Kerberos Hub per vederlo in azione!",
+      "configuration_updated_success": "La configurazione è stata aggiornata con successo.",
+      "configuration_updated_error": "Si è verificato un problema durante il salvataggio.",
+      "verify_hub": "Controllo delle impostazioni di Kerberos Hub.",
+      "verify_hub_success": "Impostazioni di Kerberos Hub verificate correttamente.",
+      "verify_hub_error": "Si è verificato un problema durante la verifica delle impostazioni di Kerberos Hub",
+      "verify_persistence": "Controlla le impostazioni della persistenza.",
+      "verify_persistence_success": "Impostazioni della persistenza verificate correttamente.",
+      "verify_persistence_error": "Si è verificato un problema durante la verifica delle impostazioni della persistenza",
+      "verify_camera": "Controlla le impostazioni della videocamera.",
+      "verify_camera_success": "Impostazioni videocamera verificate correttamente.",
+      "verify_camera_error": "Si è verificato un problema durante la verifica delle impostazioni della videocamera",
+      "verify_onvif": "Controlla le impostazioni ONVIF.",
+      "verify_onvif_success": "Impostazioni ONVIF verificate correttamente.",
+      "verify_onvif_error": "Si è verificato un problema durante la verifica delle impostazioni ONVIF"
+    },
+    "overview": {
+      "general": "Generale",
+      "description_general": "Impostazioni generali del Kerberos Agent",
+      "key": "Chiave",
+      "camera_name": "Nome videocamera",
+      "timezone": "Fuso orario",
+      "select_timezone": "Seleziona un fuso orario",
+      "advanced_configuration": "Configurazione avanzata",
+      "description_advanced_configuration": "Opzioni di configurazione dettagliate per abilitare o disabilitare parti specifiche del Kerberos Agent",
+      "offline_mode": "Modalità offline",
+      "description_offline_mode": "Disabilita traffico in uscita"
+    },
+    "camera": {
+      "camera": "Videocamera",
+      "description_camera": "Le impostazioni della fotocamera sono necessarie per stabilire una connessione con la videocamera scelta.",
+      "only_h264": "Al momento sono supportati solo streams RTSP H264.",
+      "rtsp_url": "Url RTSP",
+      "rtsp_h264": "Connessione RTSP H264 alla videocamera.",
+      "sub_rtsp_url": "Sub-url RTSP (per lo streaming in diretta)",
+      "sub_rtsp_h264": "URL RTSP supplementare della videocamera con risoluzione inferiore per lo streaming in diretta.",
+      "onvif": "ONVIF",
+      "description_onvif": "Credenziali per interagire con le funzionalità ONVIF come PTZ o altre funzioni fornite dalla videocamera.",
+      "onvif_xaddr": "ONVIF xaddr",
+      "onvif_username": "ONVIF username",
+      "onvif_password": "ONVIF password",
+      "verify_connection": "Verifica connessione",
+      "verify_sub_connection": "Verifica sub-connessione"
+    },
+    "recording": {
+      "recording": "Registrazione",
+      "description_recording": "Specificare se effettuare le registrazioni con un'impostazione continua 24/7 oppure basata sulla rilevazione di movimento.",
+      "continuous_recording": "Registrazione continua",
+      "description_continuous_recording": "Effettuare registrazioni 24/7 o basate sul movimento.",
+      "max_duration": "massima durata video (in secondi)",
+      "description_max_duration": "Durata massima della registrazione.",
+      "pre_recording": "pre registrazione (buffering dei key frames)",
+      "description_pre_recording": "Secondi prima del verificarsi di un evento.",
+      "post_recording": "post registrazione (in)",
+      "description_post_recording": "Secondi dopo il verificarsi di un evento.",
+      "threshold": "Soglia di registrazione (in pixel)",
+      "description_threshold": "Numero di pixel modificati per avviare la registrazione",
+      "autoclean": "Cancellazione automatica",
+      "description_autoclean": "Specificare se l'Agente Kerberos può cancellare le registrazioni quando viene raggiunta una specifica capacità di archiviazione (in MB). Questo rimuoverà le registrazioni più vecchie quando la capacità viene raggiunta.",
+      "autoclean_enable": "Abilita cancellazione automatica",
+      "autoclean_description_enable": "Rimuovere la registrazione più vecchia al raggiungimento della capacità.",
+      "autoclean_max_directory_size": "Dimensione massima della cartella (in MB)",
+      "autoclean_description_max_directory_size": "Dimensione massima in MB delle registrazioni salvate.",
+      "fragmentedrecordings": "Registrazioni frammentate",
+      "description_fragmentedrecordings": "Quando le registrazioni sono frammentate, sono adatte ad uno stream HLS. Se attivato, il contenitore MP4 avrà un aspetto leggermente diverso.",
+      "fragmentedrecordings_enable": "Abilita frammentazione",
+      "fragmentedrecordings_description_enable": "Per utilizzare gli stream HLS sono necessarie registrazioni frammentate.",
+      "fragmentedrecordings_duration": "durata frammento",
+      "fragmentedrecordings_description_duration": "Durata del singolo frammento."
+    },
+    "streaming": {
+      "stun_turn": "STUN/TURN per WebRTC",
+      "description_stun_turn": "Per lo streaming in diretta a massima risoluzione viene impiegato WebRTC. Una delle sue funzionalità chiave è la ICE-candidate, che consente di attraversare il NAT utilizzando i concetti di STUN/TURN.",
+      "stun_server": "STUN server",
+      "turn_server": "TURN server",
+      "turn_username": "Username",
+      "turn_password": "Password",
+      "stun_turn_forward": "Inoltro e transcodifica",
+      "stun_turn_description_forward": "Ottimizzazioni e miglioramenti per la comunicazione TURN/STUN.",
+      "stun_turn_webrtc": "Inoltro al broker WebRTC",
+      "stun_turn_description_webrtc": "Inoltro dello stream h264 via MQTT",
+      "stun_turn_transcode": "Transcodifica stream",
+      "stun_turn_description_transcode": "Conversione dello stream in una risoluzione inferiore",
+      "stun_turn_downscale": "Riduzione della risoluzione (in % o risoluzione originale)",
+      "mqtt": "MQTT",
+      "description_mqtt": "Un broker MQTT è usato per comunicare da",
+      "description2_mqtt": "al Kerberos Agent, per ottenere, ad esempio, funzionalità di livestreaming o ONVIF (PTZ).",
+      "mqtt_brokeruri": "Uri Broker",
+      "mqtt_username": "Username",
+      "mqtt_password": "Password"
+    },
+    "conditions": {
+      "timeofinterest": "Periodo di interesse",
+      "description_timeofinterest": "Effettua registrazioni solamente all'interno di specifici intervalli orari (basato sul fuso orario).",
+      "timeofinterest_enabled": "Abilitato",
+      "timeofinterest_description_enabled": "Se abilitato, è possibile specificare una finestra temporale",
+      "sunday": "Domenica",
+      "monday": "Lunedì",
+      "tuesday": "Martedì",
+      "wednesday": "Mercoledì",
+      "thursday": "Giovedì",
+      "friday": "Venerdì",
+      "saturday": "Sabato",
+      "externalcondition": "Condizione esterna",
+      "description_externalcondition": "È possibile attivare o disattivare la dipendenza da un servizio esterno di registrazione.",
+      "regionofinterest": "Regione di interesse",
+      "description_regionofinterest": "Definendo una o più regioni, il movimento verrà tracciato solo al loro interno."
+    },
+    "persistence": {
+      "kerberoshub": "Kerberos Hub",
+      "description_kerberoshub": "Kerberos Agents can send heartbeats to a central",
+      "description2_kerberoshub": "installation. Heartbeats and other relevant information are synced to Kerberos Hub to show realtime information about your video landscape.",
+      "persistence": "Persistenza",
+      "saasoffering": "Kerberos Hub (soluzione SAAS)",
+      "description_persistence": "La possibilità di poter salvare le tue registrazioni rappresenta l'inizio di tutto. Puoi scegliere tra il nostro",
+      "description2_persistence": ", oppure un provider di terze parti",
+      "select_persistence": "Seleziona una persistenza",
+      "kerberoshub_proxyurl": "URL Proxy Kerberos Hub",
+      "kerberoshub_description_proxyurl": "Endpoint del Proxy per l'upload delle registrazioni.",
+      "kerberoshub_apiurl": "API URL Kerberos Hub",
+      "kerberoshub_description_apiurl": "Endpoint API per l'upload delle registrazioni.",
+      "kerberoshub_publickey": "Chiave pubblica",
+      "kerberoshub_description_publickey": "Chiave pubblica dell'account Kerberos Hub.",
+      "kerberoshub_privatekey": "Chiave privata",
+      "kerberoshub_description_privatekey": "Chiave privata dell'account Kerberos Hub.",
+      "kerberoshub_site": "Sito",
+      "kerberoshub_description_site": "ID del sito a cui appartengono i Kerberos Agents in Kerberos Hub.",
+      "kerberoshub_region": "Regione",
+      "kerberoshub_description_region": "La regione in cui memorizziamo le registrazioni.",
+      "kerberoshub_bucket": "Bucket",
+      "kerberoshub_description_bucket": "Bucket in cui memorizziamo le registrazioni.",
+      "kerberoshub_username": "Username/Cartella (dovrebbe essere uguale allo username di Kerberos Hub)",
+      "kerberoshub_description_username": "Username del tuo account Kerberos Hub.",
+      "kerberosvault_apiurl": "API URL Kerberos Vault",
+      "kerberosvault_description_apiurl": "API di Kerberos Vault",
+      "kerberosvault_provider": "Provider",
+      "kerberosvault_description_provider": "Provider al quale saranno inviate le registrazioni.",
+      "kerberosvault_directory": "Cartella (dovrebbe essere uguale allo username di Kerberos Hub)",
+      "kerberosvault_description_directory": "Sotto cartella in cui saranno memorizzate le tue registrazioni nel provider.",
+      "kerberosvault_accesskey": "Access key",
+      "kerberosvault_description_accesskey": "Access key del tuo account Kerberos Vault.",
+      "kerberosvault_secretkey": "Secret key",
+      "kerberosvault_description_secretkey": "Secret key del tuo account Kerberos Vault.",
+      "dropbox_directory": "Cartella",
+      "dropbox_description_directory": "Sottcartella dell'account Dropbox in cui saranno salvate le registrazioni.",
+      "dropbox_accesstoken": "Access token",
+      "dropbox_description_accesstoken": "Access token del tuo account/app Dropbox.",
+      "verify_connection": "Verifica connessione",
+      "remove_after_upload": "Una volta che le registrazioni sono state caricate su una certa persistenza, si potrebbe volerle rimuovere dal Kerberos Agent locale.",
+      "remove_after_upload_description": "Cancella le registrazioni dopo che sono state caricate correttamente.",
+      "remove_after_upload_enabled": "Abilita cancellazione al caricamento"
+    }
+  }
+}
--- a/ui/src/components/LanguageSelect/LanguageSelect.jsx
+++ b/ui/src/components/LanguageSelect/LanguageSelect.jsx
@@ -20,6 +20,7 @@ const LanguageSelect = () => {
    fr: { label: 'Francais', dir: 'ltr', active: false },
    pl: { label: 'Polski', dir: 'ltr', active: false },
    de: { label: 'Deutsch', dir: 'ltr', active: false },
+    it: { label: 'Italiano', dir: 'ltr', active: false },
    pt: { label: 'Português', dir: 'ltr', active: false },
    es: { label: 'Español', dir: 'ltr', active: false },
    ja: { label: '日本', dir: 'rlt', active: false },
Author	SHA1	Message	Date
Cedric Verstraeten	38247ac9f6	Add italian to language selector #115	2023-10-22 20:00:10 +02:00
Cédric Verstraeten	580f17028a	Merge pull request #115 from LeoSpyke/master i18n: adds Italian locale	2023-10-22 19:56:55 +02:00
Cedric Verstraeten	48d933a561	backwards compatible when no encryption key was added in previous config	2023-10-20 14:35:09 +02:00
Cedric Verstraeten	0c70ab6158	Refactor MQTT endpoints + Introduce End-to-End encryption using RSA and AES keys + finetune PTZ	2023-10-20 13:31:02 +02:00
LeoSpyke	ba6cdef9d5	i18n(it): translate persistence and bugfix	2023-09-15 08:17:12 +00:00
LeoSpyke	bedb3c0d7f	Merge branch 'kerberos-io:master' into master	2023-09-14 12:47:46 +02:00
Leonardo Papini	2539255940	i18n: Italian translations	2023-09-14 12:47:28 +02:00
Cedric Verstraeten	24136f8b15	we didn't reset the main configuration, causing some config vars still to be set	2023-09-14 10:47:18 +02:00
Cedric Verstraeten	910bb3c079	merging timetable was giving issues	2023-09-14 10:13:50 +02:00
Cedric Verstraeten	47f4c19617	Update Config.go	2023-09-13 08:14:25 +02:00
Cedric Verstraeten	280a81809a	Update Config.go	2023-09-12 22:38:26 +02:00
Cedric Verstraeten	59358acb30	add logging + empty friendly name	2023-09-12 15:17:56 +02:00
Cedric Verstraeten	ebd655ac73	Allow remote configuration through MQTT + restructure config method	2023-09-12 10:50:36 +02:00
Cedric Verstraeten	6325e37aae	empty presets caused hub connection failing	2023-09-07 08:16:46 +02:00
Cedric Verstraeten	ecabc47847	integrate ondevice configurated presets	2023-08-30 14:12:07 +02:00
Cedric Verstraeten	31cc3d8939	Rely on continuous move will fix the PTZFunctions later	2023-08-29 14:53:48 +02:00
Cedric Verstraeten	c71cb71d08	We should reenable debugging, modifying to Info for now	2023-08-29 14:43:14 +02:00
Cedric Verstraeten	65a739ea75	logging PTZ functions	2023-08-29 14:30:25 +02:00
Cedric Verstraeten	410a62e9ef	Some cameras do not support AbsoluteMovement, therefore we'll simulate it with ContinuousMove and a polling mechanism	2023-08-28 09:30:08 +02:00