How to change authentication and storage after quick install

I did a quick install and now I am manually configuring/customizing it to my requirements or my previous installation.
now I want to use “mysql” instead of default “internal” for storage and “internal_plain” instead of default “internal_hashed” for authentication. but as every component is already configured it didn’t just work after I changed the authentication/storage from prosody.cfg.lua rather it ran into error, even mysql login isn’t working after prosody restart though I installed the required package for prosody mysql. what should I do or how should I approach to change authentication/storage in a existing system?

Thanks in advance :heartbeat:

now I tried t revert the changes I made to add secure domain auth with mysql, but now everything seems breaking and I am confused what to do as normal room was working after quick installation.
prosody error :

May 11 10:49:33 portmanager	error	Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281
May 11 10:49:33 portmanager	error	Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281
May 11 10:55:05 portmanager	error	Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281

prosody.log :

May 11 10:56:06 c2s5600587407c0	info	Client disconnected: connection closed
May 11 10:56:08 c2s56005874bbc0	info	Client connected
May 11 10:56:08 c2s56005874bbc0	info	Stream encrypted (TLSv1.2 with ECDHE-RSA-AES128-GCM-SHA256)
May 11 10:56:08 c2s56005874bbc0	info	Client disconnected: connection closed
May 11 10:56:11 c2s560058783670	info	Client connected
May 11 10:56:11 c2s560058783670	info	Stream encrypted (TLSv1.2 with ECDHE-RSA-AES128-GCM-SHA256)
May 11 10:56:11 c2s560058783670	info	Client disconnected: connection closed
May 11 10:56:13 c2s56005878eba0	info	Client connected

jicofo.log :

Jicofo 2021-05-11 10:56:31.306 INFO: [13] [xmpp_connection=client] XmppProviderImpl.doConnect#205: Connected, JID= null
Jicofo 2021-05-11 10:56:31.308 SEVERE: [13] [xmpp_connection=client] XmppProviderImpl.doConnect#225: Failed to connect/login: SASLError using SCRAM-SHA-1: not-authorized
org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized
	at org.jivesoftware.smack.SASLAuthentication.authenticationFailed(SASLAuthentication.java:292)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1100)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
	at java.lang.Thread.run(Thread.java:748)
Jicofo 2021-05-11 10:56:36.343 INFO: [48] [xmpp_connection=client] XmppProviderImpl.doConnect#205: Connected, JID= null
Jicofo 2021-05-11 10:56:36.344 SEVERE: [48] [xmpp_connection=client] XmppProviderImpl.doConnect#225: Failed to connect/login: SASLError using SCRAM-SHA-1: not-authorized

jvb.log :

JVB 2021-05-11 10:56:43.612 INFO: [17] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$8#597: Logging in.
JVB 2021-05-11 10:56:43.614 WARNING: [17] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$8#611: Failed to login. Disconnecting to trigger a re-connect.
JVB 2021-05-11 10:56:43.615 INFO: [17] [hostname=localhost id=shard] MucClient$1.connectionClosed#271: Closed.
JVB 2021-05-11 10:56:47.518 INFO: [21] VideobridgeExpireThread.expire#140: Running expire()
JVB 2021-05-11 10:56:47.529 INFO: [22] HealthChecker.run#171: Performed a successful health check in PT0S. Sticky failure: false
JVB 2021-05-11 10:56:47.542 WARNING: [26] [hostname=localhost id=shard] MucClient.setPresenceExtensions#420: Cannot set presence extension: not connected.
JVB 2021-05-11 10:56:48.641 INFO: [17] [hostname=localhost id=shard] MucClient$1.connected#259: Connected.
JVB 2021-05-11 10:56:48.641 INFO: [17] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$8#597: Logging in.
JVB 2021-05-11 10:56:48.642 WARNING: [17] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$8#611: Failed to login. Disconnecting to trigger a re-connect.
JVB 2021-05-11 10:56:48.643 INFO: [17] [hostname=localhost id=shard] MucClient$1.connectionClosed#271: Closed.
JVB 2021-05-11 10:56:52.542 WARNING: [26] [hostname=localhost id=shard] MucClient.setPresenceExtensions#420: Cannot set presence extension: not connected.
JVB 2021-05-11 10:56:53.674 INFO: [17] [hostname=localhost id=shard] MucClient$1.connected#259: Connected.

I just did the opposite of secure domain , mysql adding but what happened actually?
Its like I cant go forward or backward and I felt like this in multiple times recently. Thanks in advance for any help :heartbeat:

This is normally an error indicating problem with the credentials of the focus user.

1 Like

I just did a quick install and everything was working fine with normal room creation. then I tried secure domain with mysql and after failing I tried to revert back and this error pops up. what should I do? should I follow manual install from scratch or have to make log in other components again and how?
Thanks for the reply :heartbeat:

How do you change the config? Do you change the current config manually or overwrite the config file with a customized one?

@emrah
no I just simply followed this Secure Domain setup · Jitsi Meet Handbook
and what I did extra was tried using “storage=sql” (installed required packages,mysql) and “authentication=internal_plain” in our domain virtual host.

more specifically, added ‘authentication = “internal_plain”’ instead of ‘authentication=internal_hashed"’ in prosody.cfg.lua

below in my_domain virtualhost :

authentication = "internal_plain" (instead of "anonymous")
storage = "sql"
sql = { driver = "MySQL", database = "prosody_user_account", username = "prosod", password = "secret", host = "localhost" }

these were the changes apart from secure domain adding. but then I was facing errors in prosody about “portmanager / error in binding encrypted ports also about failed connectivity of mysql with prosody”. then I tried to revert these things and the secure domain things (change manually) and restart but now I am facing these error I posted here :slight_smile:
Thanks for the reply :heartbeat:

yeah my next plan was to apply the changes we had in previous but before I wanted to add secure domain with mysql(previously we used default internal). and I also think just replacing can cause serious error, I will have to check the changes then add/substract the necessary lines in specific files?

Thanks a lot for the replies… now I can create rooms normally with even authentication with plain password saved internally… the problem was what @damencho suspected… while reverting I made a problem in auth domain and now fixed this.

I did only the followings and works for me

packages

apt-get install mariadb-server
apt-get install lua-dbi-mysql

mariadb

mysql -u root -p
CREATE DATABASE prosody;
CREATE USER prosody@localhost IDENTIFIED by "mypassword";
GRANT ALL PRIVILEGES on prosody.* to prosody@localhost;

prosody config

-- authentication = "anonymous"
authentication = "internal_hashed"
storage = "sql"
sql = {
  driver = "MySQL";
  database = "prosody";
  host = "localhost";
  port = 3306;
  username = "prosody";
  password = "mypassword";
}
sql_manage_tables = true

prosody restart

systemctl restart prosody.service

users

prosodyctl adduser emrah@jitsi.mydomain.com
1 Like

yeah now it seems working… I did something dumb while reverting (panicked by prosody error which isn’t a error).
here is what I did :

  1. quick install (Self-Hosting Guide - Debian/Ubuntu server · Jitsi Meet Handbook)
    **working normally
  2. implemented secure domain (Secure Domain setup · Jitsi Meet Handbook)
    **working with room created only by authenticated users
  3. installed mysql (How To Install MySQL on Ubuntu 20.04 | DigitalOcean) and tried to connect with user root first from prosody and ran into error which was solved by https://stackoverflow.com/a/46908573/8814924 and created a database “your_database” planned to use for prosody accounts
  4. installed “lua-dbi-mysql” package required for connecting prosody to mysql instructed in prosody.cfg.lua
  5. now changed authentication in /etc/prosody/conf.d/my_domain.cfg.lua (authentication = “internal_plain”) under “Virtualhost mydomain”
  6. added below lines just under the “authentication=internal_plain” under “Virtualhost mydomain”
storage = "sql"
sql = { driver = "MySQL", database = "your_database", username = "your_name", password = "your_password", host = "localhost" }
  1.  sudo prosodyctl register username your_domain.com password 
     systemctl restart prosody
    

and checked that it was added in mysql database and also working .

it is good to have a good understanding of manual installation (Self-Hosting Guide - Manual installation · Jitsi Meet Handbook) for debugging or add this authentication/storage configs from scratch. now account info’s are in mysql and other (components) user/pass are internal_hashed.
also thanks a lot @emrah for your detailed sharing :heartbeat:

Hi @damencho , I have installed the jitsi meet latest stable version today. But it is not working. If 2nd participant joined it got disconnected. I did not modified any configuration file. Can you please help in this regards?

Thanks,

@anindita.sadhukhan you should probably start a new thread detailing your issue - and while at it, provide browser js console logs.

[TIP] Fastest Way To Get Support In The Forum