From 92e58640d8e11f65d056cd953f783f9e40aaa25c Mon Sep 17 00:00:00 2001 From: yalh76 Date: Fri, 19 Jun 2020 04:34:21 +0200 Subject: [PATCH] No error in logs but still unable to connect even with two user using chrome --- conf/jitsi-jicofo-sip-communicator.properties | 1 + conf/jitsi-jicofo.config | 10 +++--- conf/jitsi-videobridge.config | 8 ++--- conf/jitsi-videobridge.service | 2 +- conf/metronome.cfg.lua | 33 ++++++++++++------- conf/nginx.conf | 6 ++-- scripts/install | 15 +++++++-- scripts/restore | 2 +- scripts/upgrade | 7 ++-- 9 files changed, 53 insertions(+), 31 deletions(-) diff --git a/conf/jitsi-jicofo-sip-communicator.properties b/conf/jitsi-jicofo-sip-communicator.properties index 8ca1252..a30f768 100644 --- a/conf/jitsi-jicofo-sip-communicator.properties +++ b/conf/jitsi-jicofo-sip-communicator.properties @@ -1 +1,2 @@ org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.__DOMAIN__ +org.jitsi.jicofo.health.ENABLE_HEALTH_CHECKS=true diff --git a/conf/jitsi-jicofo.config b/conf/jitsi-jicofo.config index 08eebf6..326a32d 100644 --- a/conf/jitsi-jicofo.config +++ b/conf/jitsi-jicofo.config @@ -5,18 +5,18 @@ JICOFO_HOST=127.0.0.1 # sets the XMPP domain (default: none) JICOFO_HOSTNAME=__DOMAIN__ -# sets the secret used to authenticate as an XMPP component -JICOFO_SECRET=__FOCUS_SECRET__ - # sets the port to use for the XMPP component connection JICOFO_PORT=__PORT_COMPONENT__ -# sets the XMPP domain name to use for XMPP user logins -JICOFO_AUTH_DOMAIN=auth.__DOMAIN__ +# sets the secret used to authenticate as an XMPP component +JICOFO_SECRET=__FOCUS_SECRET__ # sets the username to use for XMPP user logins JICOFO_AUTH_USER=__FOCUS_USER__ +# sets the XMPP domain name to use for XMPP user logins +JICOFO_AUTH_DOMAIN=auth.__DOMAIN__ + # sets the password to use for XMPP user logins JICOFO_AUTH_PASSWORD=__FOCUS_PASSWORD__ diff --git a/conf/jitsi-videobridge.config b/conf/jitsi-videobridge.config index 8dd4059..f8ad055 100644 --- a/conf/jitsi-videobridge.config +++ b/conf/jitsi-videobridge.config @@ -1,11 +1,11 @@ # Jitsi Videobridge settings +# sets the hostname of the XMPP server (default: domain if set, 127.0.0.1 otherwise) +JVB_HOST=127.0.0.1 + # sets the XMPP domain (default: none) JVB_HOSTNAME=__DOMAIN__ -# sets the hostname of the XMPP server (default: domain if set, localhost otherwise) -JVB_HOST= - # sets the port of the XMPP server (default: 5275) JVB_PORT=__PORT_COMPONENT__ @@ -13,7 +13,7 @@ JVB_PORT=__PORT_COMPONENT__ JVB_SECRET=__VIDEOBRIDGE_SECRET__ # extra options to pass to the JVB daemon -JVB_OPTS="--apis=," +JVB_OPTS="–apis=xmpp,rest" # adds java system props that are passed to jvb (default are for home and logging config file) diff --git a/conf/jitsi-videobridge.service b/conf/jitsi-videobridge.service index bc93d5f..4341d1a 100644 --- a/conf/jitsi-videobridge.service +++ b/conf/jitsi-videobridge.service @@ -18,7 +18,7 @@ TasksMax=65000 LimitNPROC=65000 LimitNOFILE=65000 WorkingDirectory=__FINALPATH__/jitsi-videobridge/ -ExecStart=/bin/bash -c "exec __FINALPATH__/jitsi-videobridge/jvb.sh --host=$${JVB_HOST:-127.0.0.1} --domain=${JVB_HOSTNAME} --port=${JVB_PORT} --secret=${JVB_SECRET} ${JVB_OPTS} < /dev/null >> ${LOGFILE} 2>&1" +ExecStart=/bin/bash -c "exec __FINALPATH__/jitsi-videobridge/jvb.sh --host=${JVB_HOST} --domain=${JVB_HOSTNAME} --port=${JVB_PORT} --secret=${JVB_SECRET} ${JVB_OPTS} < /dev/null >> ${LOGFILE} 2>&1" ExecStartPost=/bin/bash -c "echo $MAINPID > /var/run/jitsi-videobridge/jitsi-videobridge.pid" [Install] diff --git a/conf/metronome.cfg.lua b/conf/metronome.cfg.lua index e77e213..824a977 100644 --- a/conf/metronome.cfg.lua +++ b/conf/metronome.cfg.lua @@ -1,12 +1,13 @@ component_ports = { __PORT_COMPONENT__ } + +-- Make the focus user a global administrator +admins = { "__FOCUS_USER__@auth.__DOMAIN__" } + -- c2s_require_encryption = false --Why would it be needed? -- s2s_secure_auth = false plugin_paths = { "__FINAL_PATH__/jitsi-meet-prosody/" } --- Make the focus user a global administrator -admins = { "__FOCUS_USER__@auth.__DOMAIN__" } - -- domain mapper options, must at least have domain base set to use the mapper muc_mapper_domain_base = "__DOMAIN__"; @@ -15,10 +16,10 @@ consider_bosh_secure = true; VirtualHost "__DOMAIN__" authentication = "anonymous" - -- Properties below are modified by jitsi-meet-tokens package config - -- and authentication above is switched to "token" - --app_id="example_app_id" - --app_secret="example_app_secret" + -- Properties below are modified by jitsi-meet-tokens package config + -- and authentication above is switched to "token" + --app_id="example_app_id" + --app_secret="example_app_secret" -- Assign this host a certificate for TLS, otherwise it would use the one -- set in the global section (if any). -- Note that old-style SSL on port 5223 only supports one certificate, and will always @@ -31,9 +32,11 @@ VirtualHost "__DOMAIN__" conference_duration_component = "conferenceduration.__DOMAIN__" -- we need bosh modules_enabled = { + "bosh"; "pubsub"; "ping"; -- Enable mod_ping "speakerstats"; + -- "turncredentials"; "conference_duration"; "extdisco"; } @@ -48,35 +51,43 @@ VirtualHost "__DOMAIN__" } Component "conference.__DOMAIN__" "muc" + storage = "internal" modules_enabled = { "muc_meeting_id"; - -- "muc_domain_mapper"; # Disable because it make p2p failed + "muc_domain_mapper"; -- "token_verification"; } admins = { "__FOCUS_USER__@auth.__DOMAIN__" } allow_anonymous_creation = true instant_room_on_creation = true - room_default_whois = "anyone" + room_default_config = { + whois = "anyone"; + } -- internal muc component Component "internal.auth.__DOMAIN__" "muc" + storage = "internal" modules_enabled = { "ping"; } admins = { "__FOCUS_USER__@auth.__DOMAIN__", "__VIDEOBRIDGE_USER__@auth.__DOMAIN__" } instant_room_on_creation = true - room_default_whois = "anyone" + room_default_config = { + whois = "anyone"; + } VirtualHost "auth.__DOMAIN__" ssl = { key = "/etc/yunohost/certs/auth.__DOMAIN__/key.pem"; certificate = "/etc/yunohost/certs/auth.__DOMAIN__/crt.pem"; } - storage = "internal" authentication = "internal_plain" Component "focus.__DOMAIN__" component_secret = "__FOCUS_SECRET__" + +Component "jitsi-videobridge.__DOMAIN__" + component_secret = "__VIDEOBRIDGE_SECRET__" Component "speakerstats.__DOMAIN__" "speakerstats_component" muc_component = "conference.__DOMAIN__" diff --git a/conf/nginx.conf b/conf/nginx.conf index fc29336..586a961 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -24,9 +24,11 @@ location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|. # BOSH location = /http-bind { - proxy_pass http://127.0.0.1:5290/http-bind; + proxy_pass http://127.0.0.1:5290/http-bind; + proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header Host $http_host; + proxy_buffering off; + tcp_nodelay on; } # xmpp websockets diff --git a/scripts/install b/scripts/install index 32a978a..2471d61 100644 --- a/scripts/install +++ b/scripts/install @@ -35,6 +35,9 @@ videobridge_secret=$(ynh_string_random --length=8) #YOURSECRET2 focus_secret=$(ynh_string_random --length=8) +#OTHER SECRET +turn_secret=$(ynh_string_random --length=8) + focus_user="focus" videobridge_user="jvb" @@ -60,6 +63,7 @@ ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=focus_password --value=$focus_password ynh_app_setting_set --app=$app --key=videobridge_secret --value=$videobridge_secret ynh_app_setting_set --app=$app --key=focus_secret --value=$focus_secret +ynh_app_setting_set --app=$app --key=turn_secret --value=$turn_secret ynh_app_setting_set --app=$app --key=focus_user --value=$focus_user ynh_app_setting_set --app=$app --key=videobridge_user --value=$videobridge_user @@ -136,6 +140,9 @@ for directory in $final_path/jitsi-meet-prosody/*/; do done done +# workaround for mod_muc_domain_mapper +ynh_replace_string --match_string="module:log(\"debug\"" --replace_string="-- module:log(\"debug\"" --target_file="$final_path/jitsi-meet-prosody/mod_muc_domain_mapper.lua" + #================================================= # NGINX CONFIGURATION #================================================= @@ -173,9 +180,11 @@ ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_c ynh_replace_string --match_string="__FINAL_PATH__" --replace_string="$final_path" --target_file="$metronome_conf" ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$metronome_conf" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$metronome_conf" +ynh_replace_string --match_string="__TURN_SECRET__" --replace_string="$turn_secret" --target_file="$metronome_conf" ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$metronome_conf" ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user" --target_file="$metronome_conf" ynh_replace_string --match_string="__VIDEOBRIDGE_USER__" --replace_string="$videobridge_user" --target_file="$metronome_conf" +ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$metronome_conf" touch "/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua" @@ -262,8 +271,8 @@ ynh_script_progression --message="Configuring Jitsi-Meet..." mkdir -p "/etc/$app/meet" jitsi_meet_conf="/etc/$app/meet/$domain-config.js" -cp ../conf/config.js "$jitsi_meet_conf" -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$jitsi_meet_conf" +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/config.js" +cpp -undef -P ../conf/config.js -o "$jitsi_meet_conf" #================================================= # CREATE LOG DIR @@ -330,8 +339,8 @@ yunohost service add $app-jicofo --description "$app jitsi-jicofo for jitsi" --l ynh_script_progression --message="Starting a systemd service..." # Start a systemd service -ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log" +ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" #================================================= # SETUP SSOWAT diff --git a/scripts/restore b/scripts/restore index 523384c..10c76f1 100644 --- a/scripts/restore +++ b/scripts/restore @@ -165,8 +165,8 @@ yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log" #================================================= ynh_script_progression --message="Starting a systemd service..." -ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log" +ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" #================================================= # RESTORE THE LOGROTATE CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index 2c6673a..3417659 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -274,13 +274,12 @@ fi #================================================= ynh_script_progression --message="Configuring Jitsi-Meet..." - if [ "$upgrade_type" == "UPGRADE_APP" ] then jitsi_meet_conf="/etc/$app/meet/config.js" ynh_backup_if_checksum_is_different --file="$jitsi_meet_conf" - cp ../conf/config.js "$jitsi_meet_conf" - ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$jitsi_meet_conf" + ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/config.js" + cpp -undef -P ../conf/config.js -o "$jitsi_meet_conf" ynh_store_file_checksum --file="$jitsi_meet_conf" fi @@ -327,8 +326,8 @@ yunohost service add $app-jicofo --description "$app jitsi-jicofo for jitsi" --l #================================================= ynh_script_progression --message="Starting a systemd service..." -ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log" +ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" #================================================= # SETUP SSOWAT