How to enable moderated meetings?

I have enabled moderatedRoomServiceUrl in mydomain.com-config.js however moderated.mydomain.com is not up.What else is required to enable it?.eg moderated meet.jit.si

You need to deploy on moderated… domain GitHub - jitsi/moderated-meetings: Jitsi Moderated Meetings microservice

is there a alternative instead building it to deb every time a update is passed?

It is docket based … No idea, sorry.

You are asking about moderated site? That can be on the same server if it has enough resources

So we have a 5930 docker deployment. We do have a vanilla instance too

We need to enable moderated meetings on the same

What I wants to ask is, how do we go ahead and enable the microservice for moderated meetings - GitHub - jitsi/moderated-meetings: Jitsi Moderated Meetings microservice?

No issues with the server, we have a lot of resources

Lets say, our PUBLIC_URL is https://meet.exwhyz.com

Now, using the github link mentioned above, how do we configure the moderated service?

Correct me if I am wrong, but the .env file will look something like this right?

DEPLOYMENT_URL= https://meet.exwhyz.com
PORT= Is this expecting port 443?
PRIVATE_KEY_FILE= Do we need the .pem file here
PRIVATE_KEY_ID= Need clarity
TARGET_TENANT= Does this become https://moderated.meet.exwhyz.com? Do we need to make any DNS changes here?

looks like i need to clarify the README a little… :slight_smile:

you are correct about DEPLOYMENT_URL.
PORT is the port you want node spring to expose the http API on. SSL on 443 would typically be handled by a webserver.
PRIVATE_KEY_FILE is the absolute path to the private key in DER format
PRIVATE_KEY_ID is the id associated with the key
TARGET_TENANT is looking for one word like “moderated”, in which case it would become https://meet.exwhyz.com/moderated/

@mirth,@damencho,

We have a 5930 docker deployment.

We need to enable moderated meetings on the same.

What I have done is cloned the repo, installed npm package. Enabled moderatedRoomServiceUrl in config.js Created a .env file with following environment variables.

DEPLOYMENT_URL=subdomain.domain.com
PORT=443
PRIVATE_KEY_FILE= Path/to/certificate.der
PRIVATE_KEY_ID=private_key_id
TARGET_TENANT=subdomain.domain.com/moderated

when I run npm start,
I get following error.

Can you Please Guide me with this issue.

@Sayali_bhavsar
The easiest way to work with this locally is in a docker container. If you look at Dockerfile and docker-local.sh you can see how that builds works.

Note that I incorrectly implied that this is all running in node in my previous message. The backend piece is spring boot so you will need to have maven and a java environment up as well.

Docker Build Failed: COPY failed: file not found in build context or excluded by .dockerignore: stat build/run.sh: file does not exist

When I tried to build image from Dockerfile. I faced this issue.

Step 13/16 : COPY --from=builder /opt/moderated-meetings/target/*.jar ./moderated-meetings.jar
 ---> Using cache
 ---> 55d270e66d61
Step 14/16 : COPY --from=builder /opt/moderated-meetings/public ./public
 ---> Using cache
 ---> d2cc177d25bd
Step 15/16 : COPY build/run.sh /
COPY failed: file not found in build context or excluded by .dockerignore: stat build/run.sh: file does not exist

Do I need to give my local Location for it.

There is a bug, identified in the git repo.

2 Likes

Looks like the run script was missed when we merged in the recent round of updates due to a conflict with .gitignore. This should be fixed now in master!

2 Likes

Thank you @mirth for this

1 Like

Thank You @mirth .

1 Like

Hello @mirth @damencho @saghul , sorry to disturb you, but there is a small issue we are facing

As of now, we have a Docker-based jitsi meet setup - 5963 version

The end goal is to enable moderated meetings, as seen on meet.jit.si

With a fair understanding of whats needed from the documents available on the repository, we came up with this

We have 2 servers with us, both of them have an individual public IP

The first server, which hosts the JMS - is resolved to something like meet.xyz.com

The second server, on which we want to run the microservice, is resolved to moderatedmeet.xyz.com

We could have used the same JMS Machine to run this microservice, but we cannot bind the microservice to a non-https port

From our understanding, we have modified the .env file in the second server which looks something like this

DEPLOYMENT_URL=https://meet.xyz.com 
PORT=?
PRIVATE_KEY_FILE=?
PRIVATE_KEY_ID=?
TARGET_TENANT=https://moderatedmeet.xyz.com

We need some help with the question marks above, please correct us if we are wrong anywhere

  1. The PORT mentioned here, will be the port where the microservice runs right? So if we mention 443, since it is hosted on a different server and on https, how and where do we give reference to our certificates?

  2. The PRIVATE_KEY_FILE is the location of our .der file. Using OpenSSL, we have converted our wildcard .crt certificate to .der, following the commands

openssl x509 -in cert.crt -out cert.pem
openssl x509 -outform der -in cert.pem -out cert.der
  1. The PRIVATE_KEY_ID is the ID associated with the key. How do we retrieve the same?

  2. In our JMS config.js, we mention https://moderatedmeet.xyz.com in the moderatedRoomServiceUrl

  3. Post this, how does the microservice in the different server, provide us with the respective meeting links?

Have we missed anything here?

@Sayali_bhavsar

This is the private key that will be used to create the jwt tokens. Your meet.xyz.com should be configured with jwt tokens that will authenticate the tokens signed with this key.
The certificates for the moderatedmeet.xyz.com you can have on any nginx or some other service fronting the container.

2 Likes

Hi @damencho , Good Evening!!

Thanks for your quick reply, really appreciate it.

Do we have any guide around configuring JMS with JWT Tokens? Can you help us with the same?

@tusharsonawane,

PORT is the port that the Spring Boot microservice is running on. To use SSL, you need to set up a web server like nginx or apache to front for the microservice as an API gateway, e.g., https://www.nginx.com/blog/deploying-nginx-plus-as-an-api-gateway-part-1/

TARGET_TENANT should be a single string, not a URL. If you set it to moderated then the URL for moderated links will be https://meet.xyz.com/moderated/

Correct. And as damencho mentioned, we need to enable JWT on the server side right?

1 Like