How to change authentication and storage after quick install

I did a quick install and now I am manually configuring/customizing it to my requirements or my previous installation.
now I want to use “mysql” instead of default “internal” for storage and “internal_plain” instead of default “internal_hashed” for authentication. but as every component is already configured it didn’t just work after I changed the authentication/storage from prosody.cfg.lua rather it ran into error, even mysql login isn’t working after prosody restart though I installed the required package for prosody mysql. what should I do or how should I approach to change authentication/storage in a existing system?

Thanks in advance

now I tried t revert the changes I made to add secure domain auth with mysql, but now everything seems breaking and I am confused what to do as normal room was working after quick installation.
prosody error :

May 11 10:49:33 portmanager	error	Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281
May 11 10:49:33 portmanager	error	Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281
May 11 10:55:05 portmanager	error	Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281

prosody.log :

May 11 10:56:06 c2s5600587407c0	info	Client disconnected: connection closed
May 11 10:56:08 c2s56005874bbc0	info	Client connected
May 11 10:56:08 c2s56005874bbc0	info	Stream encrypted (TLSv1.2 with ECDHE-RSA-AES128-GCM-SHA256)
May 11 10:56:08 c2s56005874bbc0	info	Client disconnected: connection closed
May 11 10:56:11 c2s560058783670	info	Client connected
May 11 10:56:11 c2s560058783670	info	Stream encrypted (TLSv1.2 with ECDHE-RSA-AES128-GCM-SHA256)
May 11 10:56:11 c2s560058783670	info	Client disconnected: connection closed
May 11 10:56:13 c2s56005878eba0	info	Client connected

jicofo.log :

Jicofo 2021-05-11 10:56:31.306 INFO: [13] [xmpp_connection=client] XmppProviderImpl.doConnect#205: Connected, JID= null
Jicofo 2021-05-11 10:56:31.308 SEVERE: [13] [xmpp_connection=client] XmppProviderImpl.doConnect#225: Failed to connect/login: SASLError using SCRAM-SHA-1: not-authorized
org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized
	at org.jivesoftware.smack.SASLAuthentication.authenticationFailed(SASLAuthentication.java:292)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1100)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
	at java.lang.Thread.run(Thread.java:748)
Jicofo 2021-05-11 10:56:36.343 INFO: [48] [xmpp_connection=client] XmppProviderImpl.doConnect#205: Connected, JID= null
Jicofo 2021-05-11 10:56:36.344 SEVERE: [48] [xmpp_connection=client] XmppProviderImpl.doConnect#225: Failed to connect/login: SASLError using SCRAM-SHA-1: not-authorized

jvb.log :

JVB 2021-05-11 10:56:43.612 INFO: [17] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$8#597: Logging in.
JVB 2021-05-11 10:56:43.614 WARNING: [17] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$8#611: Failed to login. Disconnecting to trigger a re-connect.
JVB 2021-05-11 10:56:43.615 INFO: [17] [hostname=localhost id=shard] MucClient$1.connectionClosed#271: Closed.
JVB 2021-05-11 10:56:47.518 INFO: [21] VideobridgeExpireThread.expire#140: Running expire()
JVB 2021-05-11 10:56:47.529 INFO: [22] HealthChecker.run#171: Performed a successful health check in PT0S. Sticky failure: false
JVB 2021-05-11 10:56:47.542 WARNING: [26] [hostname=localhost id=shard] MucClient.setPresenceExtensions#420: Cannot set presence extension: not connected.
JVB 2021-05-11 10:56:48.641 INFO: [17] [hostname=localhost id=shard] MucClient$1.connected#259: Connected.
JVB 2021-05-11 10:56:48.641 INFO: [17] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$8#597: Logging in.
JVB 2021-05-11 10:56:48.642 WARNING: [17] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$8#611: Failed to login. Disconnecting to trigger a re-connect.
JVB 2021-05-11 10:56:48.643 INFO: [17] [hostname=localhost id=shard] MucClient$1.connectionClosed#271: Closed.
JVB 2021-05-11 10:56:52.542 WARNING: [26] [hostname=localhost id=shard] MucClient.setPresenceExtensions#420: Cannot set presence extension: not connected.
JVB 2021-05-11 10:56:53.674 INFO: [17] [hostname=localhost id=shard] MucClient$1.connected#259: Connected.

I just did the opposite of secure domain , mysql adding but what happened actually?
Its like I cant go forward or backward and I felt like this in multiple times recently. Thanks in advance for any help

This is normally an error indicating problem with the credentials of the focus user.

I just did a quick install and everything was working fine with normal room creation. then I tried secure domain with mysql and after failing I tried to revert back and this error pops up. what should I do? should I follow manual install from scratch or have to make log in other components again and how?
Thanks for the reply

How do you change the config? Do you change the current config manually or overwrite the config file with a customized one?

@emrah
no I just simply followed this Secure Domain setup · Jitsi Meet Handbook
and what I did extra was tried using “storage=sql” (installed required packages,mysql) and “authentication=internal_plain” in our domain virtual host.

more specifically, added ‘authentication = “internal_plain”’ instead of ‘authentication=internal_hashed"’ in prosody.cfg.lua

below in my_domain virtualhost :

authentication = "internal_plain" (instead of "anonymous")
storage = "sql"
sql = { driver = "MySQL", database = "prosody_user_account", username = "prosod", password = "secret", host = "localhost" }

these were the changes apart from secure domain adding. but then I was facing errors in prosody about “portmanager / error in binding encrypted ports also about failed connectivity of mysql with prosody”. then I tried to revert these things and the secure domain things (change manually) and restart but now I am facing these error I posted here
Thanks for the reply

yeah my next plan was to apply the changes we had in previous but before I wanted to add secure domain with mysql(previously we used default internal). and I also think just replacing can cause serious error, I will have to check the changes then add/substract the necessary lines in specific files?

Thanks a lot for the replies… now I can create rooms normally with even authentication with plain password saved internally… the problem was what @damencho suspected… while reverting I made a problem in auth domain and now fixed this.

I did only the followings and works for me

packages

apt-get install mariadb-server
apt-get install lua-dbi-mysql

mariadb

mysql -u root -p

CREATE DATABASE prosody;
CREATE USER prosody@localhost IDENTIFIED by "mypassword";
GRANT ALL PRIVILEGES on prosody.* to prosody@localhost;

prosody config

-- authentication = "anonymous"
authentication = "internal_hashed"
storage = "sql"
sql = {
  driver = "MySQL";
  database = "prosody";
  host = "localhost";
  port = 3306;
  username = "prosody";
  password = "mypassword";
}
sql_manage_tables = true

prosody restart

systemctl restart prosody.service

users

prosodyctl adduser emrah@jitsi.mydomain.com

yeah now it seems working… I did something dumb while reverting (panicked by prosody error which isn’t a error).
here is what I did :

1. quick install (Self-Hosting Guide - Debian/Ubuntu server · Jitsi Meet Handbook)
   **working normally
2. implemented secure domain (Secure Domain setup · Jitsi Meet Handbook)
   **working with room created only by authenticated users
3. installed mysql (How To Install MySQL on Ubuntu 20.04 | DigitalOcean) and tried to connect with user root first from prosody and ran into error which was solved by https://stackoverflow.com/a/46908573/8814924 and created a database “your_database” planned to use for prosody accounts
4. installed “lua-dbi-mysql” package required for connecting prosody to mysql instructed in prosody.cfg.lua
5. now changed authentication in /etc/prosody/conf.d/my_domain.cfg.lua (authentication = “internal_plain”) under “Virtualhost mydomain”
6. added below lines just under the “authentication=internal_plain” under “Virtualhost mydomain”

storage = "sql"
sql = { driver = "MySQL", database = "your_database", username = "your_name", password = "your_password", host = "localhost" }

7.  sudo prosodyctl register username your_domain.com password 
    systemctl restart prosody
   

and checked that it was added in mysql database and also working .

it is good to have a good understanding of manual installation (Self-Hosting Guide - Manual installation · Jitsi Meet Handbook) for debugging or add this authentication/storage configs from scratch. now account info’s are in mysql and other (components) user/pass are internal_hashed.
also thanks a lot @emrah for your detailed sharing

Hi @damencho , I have installed the jitsi meet latest stable version today. But it is not working. If 2nd participant joined it got disconnected. I did not modified any configuration file. Can you please help in this regards?

Thanks,

@anindita.sadhukhan you should probably start a new thread detailing your issue - and while at it, provide browser js console logs.

[TIP] Fastest Way To Get Support In The Forum

can you provide a prosody config pass please ?

I don’t have an active prosody server with MySQL backend now.

okay I see your success try to install mariaDB but there is no table creations with columns , i ask if there some configurations lost or not add to your comment ,because i get in DB and show tables there in no tables founded