Colibri-ws, web socket is not working

Rashi_Saini · February 19, 2021, 8:39am

While running a meeting, I am not able to see speaker stats and getting websocket error in console. xmpp-websocket seems working. I don’t know this can be the reason behind speaker stats or not but I really need help in this.

Here is my nginx config

 # colibri (JVB) websockets for jvb1
    location ~ ^/colibri-ws/default-id/(.*) {
        proxy_pass http://127.0.0.1:9090/colibri-ws/default-id/$1$is_args$args;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        tcp_nodelay on;
    }

Here is JVB config

org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=meet-jit-si-turnrelay.jitsi.net:443
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=test.jitsi.com
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.test.jitsi.com
org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb
org.jitsi.videobridge.xmpp.user.shard.PASSWORD=12344
org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.test.jitsi.com
org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=JVB
org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true
org.jitsi.videobridge.rest.COLIBRI_WS_DISABLE=false
org.jitsi.videobridge.rest.COLIBRI_WS_DOMAIN=test.jitsi.com:443
org.jitsi.videobridge.rest.COLIBRI_WS_SERVER_ID=jvb1

gpatel-fr · February 19, 2021, 9:42am

if your speaker stats are not working, prosody config is the most likely culprit. If you use secure domain, check that everything is the main domain. Unless you are using an old version where everything should be in the anonymous domain. If you are unsure of what is an old version (I am), try both possibilities (but not at the same time ! this will not work)

Rashi_Saini · February 19, 2021, 10:17am

Hi , Here is my prosody.cfg.lua. Do you think something is missing from it

admins = { }
modules_enabled = {

    -- Generally required
            "roster"; -- Allow users to have a roster. Recommended ;)
            "saslauth"; -- Authentication for clients and servers. Recommended$
            "tls"; -- Add support for secure TLS on c2s/s2s connections
            "dialback"; -- s2s dialback support
            "disco"; -- Service discovery

    -- Not essential, but recommended
            "carbons"; -- Keep multiple clients in sync
            "pep"; -- Enables users to publish their mood, activity, playing m$
            "private"; -- Private XML storage (for room bookmarks, etc.)
            "blocklist"; -- Allow users to block communications with other use$
            "vcard"; -- Allow users to set vCards
            
            "version"; -- Replies to server version requests
            "uptime"; -- Report how long server has been running
            "time"; -- Let others know the time here on this server
            "ping"; -- Replies to XMPP pings with pongs
            "register"; -- Allow users to register on this server using a clie$               
    -- Admin interfaces
            "admin_adhoc"; -- Allows administration via an XMPP client that su$               
    -- Other specific functionality
            "posix";

}

allow_registration = false
pidfile = “/var/run/prosody/prosody.pid”;
c2s_require_encryption = false
s2s_require_encryption = true
s2s_secure_auth = false
authentication = “internal_hashed”
archive_expires_after = “1w”
log = {
– Log files (change ‘info’ to ‘debug’ for debug logs):
info = “/var/log/prosody/prosody.log”;
error = “/var/log/prosody/prosody.err”;
– Syslog:
{ levels = { “error” }; to = “syslog”; };
}
certificates = “certs”
component_interface = { “" }
Include "conf.d/.cfg.lua”

config file

plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }

– domain mapper options, must at least have domain base set to use the mapper
muc_mapper_domain_base = “test.jitsi.com”;

turncredentials_secret = “turnSecret”;

turncredentials = {
{ type = “stun”, host = “test.jitsi.com”, port = “443” },
{ type = “turn”, host = “test.jitsi.com”, port = “443”, transport = "udp$ { type = “turns”, host = “test.jitsi.com”, port = “443”, transport = "tc$};

cross_domain_websocket = true;
consider_websocket_secure = true;
cross_domain_bosh = false;
consider_bosh_secure = true;
–https_ports = { }; – Remove this line to prevent listening on port 5284

– Mozilla SSL Configuration Generatorssl = { protocol = "tlsv1_2+"; ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA}
VirtualHost “test.jitsi.com”
– enabled = false – Remove this line to enable this host
authentication = “anonymous”
– Properties below are modified by jitsi-meet-tokens package config
– and authentication above is switched to “token”
–app_id=“example_app_id”
app_id=""
app_secret=""
–app_secret=“example_app_secret”
– Assign this host a certificate for TLS, otherwise it would use the one
– set in the global section (if any).
– Note that old-style SSL on port 5223 only supports one certificate, and$ – use the global one.
ssl = {
key = “/etc/prosody/certs/test.jitsi.com.key”;
certificate = “/etc/prosody/certs/test.jitsi.com.crt”;
}
speakerstats_component = “speakerstats.test.jitsi.com”
conference_duration_component = “conferenceduration.test.jitsi.com” – we need bosh
modules_enabled = {
“bosh”;
“pubsub”;
“websocket”;
“ping”; – Enable mod_ping
“speakerstats”;
“turncredentials”;
“conference_duration”;
“muc_size”;
}

smacks_hibernation_time = 60;
smacks_max_hibernated_sessions = 1;
smacks_max_old_sessions = 1;
c2s_require_encryption = false
lobby_muc = “lobby.test.jitsi.com”
main_muc = “conference.test.jitsi.com”
muc_lobby_whitelist = { “recorder.test.jitsi.com” } – Here we can$
Component “conference.test.jitsi.com” “muc”
storage = “memory”
modules_enabled = {
“muc_meeting_id”;
“muc_domain_mapper”;
}
admins = { “focus@auth.test.jitsi.com”, “focus@test.jitsi.com”$ muc_room_locking = false
muc_room_default_public_jids = true

– internal muc component
Component “internal.auth.test.jitsi.com” “muc”
storage = “memory”
modules_enabled = {
“ping”;
}
admins = { “focus@auth.test.jitsi.com”,"jvb@auth.test.jitsi.com $ muc_room_locking = false
muc_room_default_public_jids = true

VirtualHost “auth.test.jitsi.com”
ssl = {
key = “/etc/prosody/certs/auth.test.jitsi.com.key”;
certificate = “/etc/prosody/certs/auth.test.jitsi.com.crt”;
}
authentication = “internal_plain”

VirtualHost “recorder.test.jitsi.com”
modules_enabled = {
“ping”;
}
authentication = “internal_plain”

Component “focus.test.jitsi.com”
component_secret = “4433”

Component “speakerstats.test.jitsi.com” “speakerstats_component”
muc_component = “conference.test.jitsi.com”

Component “conferenceduration.test.jitsi.com” "conference_duration_compone$ muc_component = “conference.test.jitsi.com”

Component “lobby.test.jitsi.com” “muc”
storage = “memory”
restrict_room_creation = true
muc_room_locking = false
muc_room_default_public_jids = true

gpatel-fr · February 19, 2021, 10:27am

no it’s fine, so you were right, it’s really a websocket problem. Take a look at jvb.conf.

cat jvb.conf 

videobridge {
  http-servers {
      public {
          port = 9090
      }
  }
(...)

Rashi_Saini · February 19, 2021, 11:13am

it also looks fine.

videobridge {
http-servers {
public {
port = 9090
}
}
websockets {
enabled = true
domain = “test.jitsi.com:443”
tls = true
server-id = jvb1
}
}

gpatel-fr · February 19, 2021, 11:47am

err, in your nginx configuration you have kept default-id.

Rashi_Saini · February 19, 2021, 6:14pm

I have removed it but unfortunately, it’s not working.

gpatel-fr · February 19, 2021, 6:20pm

you have removed it ? what is it ? server-id = jvb1 or did you touch at the nginx config ? and did you restart the services ?

Rashi_Saini · February 19, 2021, 6:35pm

videobridge {
http-servers {
public {
port = 9090
}
}
websockets {
enabled = true
domain = “test.jitsi.com:443”
tls = true
}
}

Now the config looks like this and it does not work

gpatel-fr · February 19, 2021, 6:59pm

what do you see in the network tab of your browser debug when you have a valid meeting ?

Rashi_Saini · February 20, 2021, 6:36am

getting error in WebSocket

gpatel-fr · February 20, 2021, 7:09am

sorry I wrote the network tab but I was thinking about the console tab

Rashi_Saini · February 20, 2021, 7:23am

Here it is, please check

gpatel-fr · February 20, 2021, 8:26am

oh, I missed that.

BTW @bbaldino : It does not seem quite right that using this in sip-communicator.properties and not setting server-id in jvb.conf should not lead to server advertising default-id to client while expecting jvb1. It could be said that old config should go away and setting inconsistent parameters in both config modes (even implicitly) is not something to do, though.

Rashi_Saini · February 21, 2021, 6:05pm

@bbaldino please help me with this.

gpatel-fr · February 21, 2021, 6:07pm

you removed the jvb1 in the sip-communicator.properties and it did not work ?

Rashi_Saini · February 21, 2021, 6:28pm

yes, here I have mentioned the current config

gpatel-fr · February 21, 2021, 6:49pm

I was talking about the sip-communicator.properties file, not the jvb.conf.

bbaldino · February 22, 2021, 5:11pm

Not sure I’m following what happened here, but if you mean validating that some feature, which has multiple configs, doesn’t have some values set in legacy config and some values in new config…then unfortunately that’s just something we considered out of scope during the transition as handling it would be complicated. If I misunderstood what you meant, though, let me know.