Audio + video blocked & authentication not enforced

Dear Jitsi community,

I had a droplet approx a year ago at Digital Ocean with Jitsi and authentication using Prosody working really well. I recently destroyed the droplet and installed Jitsi on a new droplet with more RAM. I followed the exact same Digital Ocean documentation as I did last year.

For some unknown reason, audio and video are blocked. I didn’t have this issue with the instance on the old droplet. I checked all configs and even spun up another droplet to do the install again, but the issue persists.

I did a bit of research and after adding these firewall rules 3478 UDP, 5349 TCP and 10000 UDP, as per the self-hosted Jitsi documentation, as well as looking at a similar thread here, it’s all to no avail :frowning:

Next to having persistently blocked audio and video, authentication I set up with Prosody is also not enforced, which is weird as it was working fine on my old droplet.

I then decided to use the Digital Ocean Marketplace Jitsi server template in case I missed something stupid, but both issues persist, and I wonder what could be wrong.

I’m using Brave but the issues are also in Chrome and Firefox.

I hope someone here knows what is wrong! It’s kinda sorta driving me insane :slight_smile:

/etc/jitsi/jicofo/sip-communicator.properties has these two entries:
org.jitsi.jicofo.auth.URL=XMPP:jitsi-my-domain.nl
org.jitsi.jicofo.jibri.SIP_BREWERY=TheSipBrewery@conference.my-domain.nl

Many thanks in advance and best,
Deborah

You used an old how to with a recent Jitsi version and it did not work.
I’d suggest to using a recent, up-to-date how-to. instead.

Okay, that probably explains everything. I’ll destroy the droplet and start anew with the self-hosted guide. Not great that Digital Ocean offers this Marketplace template with old instructions / version issues. If I indeed succeed with a clean install I’ll notify them. Thank you!

You may also try this installer if this is a Debian 10 Buster or Ubuntu 20.04 droplet

1 Like

Hello again, alright, I have a new droplet up and running and followed all the steps, including setting up a secure domain. When I open a room I get the “unfortunately, something went wrong” notification and after counting down to reconnect it continues to go in a loop. I’m not behind a NAT so that can’t be it. Perhaps I’ve missed something or made an error somewhere? Thanks again, much obliged!

Thank you! I just finished the installation using the self-hosted guide. If I cannot resolve the error I just reported, I’ll try it with your installer, as I indeed run a droplet with Ubuntu 20.04.

Check your borwser’s js console logs for when that happens, it should clue you on what’s going on.

I see the following (I used “my-domain.nl” to obfuscate my domain)

Logger.js:154 2021-09-13T13:56:49.981Z [JitsiMeetJS.js] <Object.getGlobalOnErrorHandler>: UnhandledError: Focus error, retry after 1000 Script: null Line: null Column: null StackTrace: Error: Focus error, retry after 1000

and

Logger.js:154 2021-09-13T13:56:49.982Z [modules/xmpp/moderator.js] <l._allocateConferenceFocusError>: Focus error, retry after 1000 <iq xmlns=​"jabber:​client" from=​"focus.my-domain.nl" to=​"eixgy8fpadoyocv6@guest.my-domain.nl/​wpqBVpv0" type=​"error" id=​"f3cdc665-e914-4d74-848c-28d1f4c1bde0:​sendIQ">​…​​

and

Logger.js:154 2021-09-13T13:56:50.007Z [features/overlay] <Object.componentDidMount>: The conference will be reloaded after 22 seconds.
Logger.js:154 2021-09-13T13:56:50.026Z [conference.js] <ae._onConferenceFailed>: CONFERENCE FAILED: conference.focusDisconnected focus.my.domain.nl 1

No idea what this means (too noob), could there be an error in the Jicofo configuration?

Thank you!

Are the services running?

systemctl status prosody
systemctl status jicofo
systemctl status jitsi-videobridge2

Yes, all running:

prosody.service: active (running) since Mon 2021-09-13 14:09:09 UTC; 8s ago
jicofo.service: active (exited) since Mon 2021-09-13 14:09:09 UTC; 13s ago
jitsi-videobridge2.service: active (running) since Mon 2021-09-13 14:09:10 UTC; 19s ago

It does look like there’s something off with jicofo due to the “exited” label?

Did you customize anything related with jicofo?

Yes, I did. I followed the secure domain section and added a section. I have the feeling the issue lies there, but unsure what it could be. For a minute I though the two entries were conflicting with each other, but I tested this by removing the existing section leaving the new section. Restarted the services but to no avail, the issue persists. Here’s (with obfuscated domain) what I currently have there:

jicofo {
authentication: {
enabled: true
type: XMPP
login-url: my.domain.nl
}

jicofo {
xmpp: {
client: {
client-proxy: focus.my.domain.nl
}
trusted-domains: [ “recorder.my.domain.nl” ]
}
bridge: {
brewery-jid: “JvbBrewery@internal.auth.my.domain.nl”
}
}

Thanks again, I truly appreciate the help and swift reponses <3

There should be only one “jicofo { }” block. Delete customization and add the XMPP config as the following post

I deleted the customization and left the jicofo block that was in the original config. I added your 3 lines to the config as well, but the issue still persists… I must be doing something wrong or misinterpreting the solution. I also tried it with no jicofo block at all and only the 3 lines as per your instructions. That didn’t work either, also after restarting the service. so sorry for the hassle! I think I’m nearly there but not just yet -

At the end, /etc/jitsi/jicofo/jicofo.conf should be like that

# Jicofo HOCON configuration. See /usr/share/jicofo/jicofo.jar/reference.conf for
#available options, syntax, and default values.
jicofo {
  xmpp: {
    client: {
      client-proxy: focus.jitsi.yourdomain.com
    }
    trusted-domains: [ "recorder.jitsi.yourdomain.com" ]
  }
  bridge: {
    brewery-jid: "JvbBrewery@internal.auth.jitsi.yourdomain.com"
  }
  conference: {
    enable-auto-owner: true
  }
  authentication: {
    enabled: true
    type: XMPP
    login-url: jitsi.yourdomain.com
  }
}
1 Like

I just fixed it!! I saw my error - it works now - super mega thanks, really appreciate all your help. Amazing! Thanks, also for your patience

1 Like

FYI: I’m going to let Digital Ocean know their Jitsi stuff is outdated / not working as expected - thanks again dear Jitsi community! <3