Bug in new release of ubuntu packages for jitsi (nginx part)

With the switch to nginx what i think is great btw. i found that there is bug in /etc/nginx/modules-enabled/60-jitsi-meet.conf

Nginx would not start becouse it could not bind to port 443
i found dat the config supplied by jitsie set to listeners on 443 that doesn’t work

what i did to fix this:

I had to comment out this section from /etc/nginx/modules-enabled/60-jitsi-meet.conf

server {

listen 443;

# since 1.11.5

ssl_preread on;

# Increase buffer to serve video

proxy_buffer_size 10m;

}

The question is what is purpus of this setion and is this a goed fix ?

Hi,

same here with a new installation on a brand new Debian Buster Sys.

Thanks in advance for any hints on solving the “issue”.

Icey

Did you already had nginx listening on port 443?

This is to be able to run turnserver listening on port 443. So nginx multiplex and servers either the web or send the tcp media traffic to the turnserver.

Hey damencho,
no there was nothing listening in the forehand. So it was a clean installation of Debian Buster minimal. So there is no webserver or anything else included. The first thing then was the installation of jitsi meet out of the repo. With the last release there where no probs at all, everything run smooth. The install of the actual release went smooth also, but nginx was not running because of the error:

[emerg] 5442#5442: bind() to 0.0.0.0:443 failed (98: Address already in use)

With fuser i had a look and 443 was not used by anything else.
Hope that helps a little further.
Thanks,
Icey

I’ve got the same issue, with a pre installed nginx with some virtual hosts.
Didn’t try to disable them before the installation to see if it creates an improvement, but if i change the port from 443 in the nginx module and change from the site-available to 443, bug seems to disappear, but obviously can’t reach turn server…

Ok, I will try that tomorrow.

1 Like

Same on ubuntu 18.04 LTS

1 Like

Notice, today i rent a relatively slow vserver with 2 cores and 4Gbyte Ram. The vserver is exact same clean Debian 10.3 and the installation from quick-install works very well. On the fast standalone Server 4Ghz i7 with 32Gbyte ram i have this issue. Strange.

After upgrade with pre installed Nginx I have to set the port in /etc/nginx/sites-available/your_domain.conf from 443 to 4444. This resolves the the conflict with port 443 /etc/nginx/modules-enabled/60-jitsi-meet.conf. Web traffic is forwarded to port 4444 and turn to port 4445. Now it works.

	server.patch
	--- /etc/nginx/sites-available/your_domain.de-auto.conf	2020-03-29 19:43:33.298411309 +0200
	+++ /etc/nginx/sites-available/your_domain.de.conf	2020-03-29 19:43:12.802208389 +0200
	@@ -17,8 +17,8 @@
	     }
	 }
	 server {
	-    listen 443 ssl;
	-    listen [::]:443 ssl;
	+    listen 4444 ssl;
	+    listen [::]:4444 ssl;
	     server_name your_domain.de;

Nginx starts now but no video and audio. I think the turnserver doesnt work.

For me the following modification did the trick on a fresh Debian 10.3 Server. Noticeable is, this is only necessary on a fast Debian 10.3 System (i7 32GB). On a slow Debian 10.3 vServer (2vC 4GB) the install scripts works fine without any modification.

change in /etc/nginx/sites-available/meet.my-server.de.conf
Server from 443 to 4444

server {
listen 4444 ssl;
listen [::]:4444 ssl;
server_name meet.my-server.de;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;

add in a delay /lib/systemd/system/jitsi-videobridge2.service
ExecStartPre=/bin/sleep 30

I just installed a fresh debian buster. The ports in the /etc/nginx/sites-available/jitsi.XXXXX.de.conf where already correctly shwoing 4444. Everything worked fine.

However there is still the issue that the port 443 is in use by the multiplexer. Thus no additional pages can be hostet with this nginx, as a listen 443 in any server directive results in:

[emerg] 5442#5442: bind() to 0.0.0.0:443 failed (98: Address already in use)

Here ist the solution for anyone who wants to host anything at 443 beside jitsi:
Simply use listen 4444 instead of listen 443 in any additional server directive.