Infamous error "You have been disconnected"

Please, help!
I’ve installed Jitsi Meet recently (Docker installation). It’s latest release 8044. I got the same error one year ago, and only release 5076 worked well then.
Also I want to ask where Nginx is installed (in “web” container?) and how to edit its configuration file.

Configurations:
errors in browser console: browser errors - Pastebin.com
env-file: env - Pastebin.com
docker-compose.yml: see my second post here.

Without any logs there is no way for us to help you.

Nginx is part of the web container, yes.

There is no way to edit the config file, it’s auto-generated from the supplied environment variables.

You’re right. I was trying to post my logs and .env-file but anti-spam filter deleted it due to the excessive links.
There’s no way to upload .env here: “new users can put only 2 links in the post” everytime despite the fact I deleted almost all links.

docker-compose.yml:

version: ‘3’

services:
# Frontend
web:
image: jitsi/web:stable-8044
restart: ${RESTART_POLICY}
container_name: jitsi-meet-web
ports:
- ‘${HTTP_PORT}:80’
- ‘${HTTPS_PORT}:443’
volumes:
- ${CONFIG}/web:/config:Z
- ${CONFIG}/web/letsencrypt:/etc/letsencrypt:Z
- ${CONFIG}/transcripts:/usr/share/jitsi-meet/transcripts:Z
environment:
- ENABLE_AUTH
- ENABLE_GUESTS
#- ENABLE_LETSENCRYPT
- ENABLE_HTTP_REDIRECT
- ENABLE_TRANSCRIPTIONS
- DISABLE_HTTPS
- JICOFO_AUTH_USER
- LETSENCRYPT_DOMAIN
- LETSENCRYPT_EMAIL
- PUBLIC_URL
- XMPP_DOMAIN
- XMPP_AUTH_DOMAIN
- XMPP_BOSH_URL_BASE
- XMPP_GUEST_DOMAIN
- XMPP_MUC_DOMAIN
- XMPP_RECORDER_DOMAIN
- ETHERPAD_URL_BASE
- TZ
- JIBRI_BREWERY_MUC
- JIBRI_PENDING_TIMEOUT
- JIBRI_XMPP_USER
- JIBRI_XMPP_PASSWORD
- JIBRI_RECORDER_USER
- JIBRI_RECORDER_PASSWORD
- ENABLE_RECORDING
networks:
meet.jitsi:
aliases:
- ${XMPP_DOMAIN}

# XMPP server
prosody:
    image: jitsi/prosody:stable-8044
    restart: ${RESTART_POLICY}
    container_name: jitsi-meet-prosody
    expose:
        - '5222'
        - '5347'
        - '5280'
    volumes:
        - ${CONFIG}/prosody/config:/config:Z
        - ${CONFIG}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
    environment:
        - AUTH_TYPE
        - ENABLE_AUTH
        - ENABLE_GUESTS
        - GLOBAL_MODULES
        - GLOBAL_CONFIG
        - LDAP_URL
        - LDAP_BASE
        - LDAP_BINDDN
        - LDAP_BINDPW
        - LDAP_FILTER
        - LDAP_AUTH_METHOD
        - LDAP_VERSION
        - LDAP_USE_TLS
        - LDAP_TLS_CIPHERS
        - LDAP_TLS_CHECK_PEER
        - LDAP_TLS_CACERT_FILE
        - LDAP_TLS_CACERT_DIR
        - LDAP_START_TLS
        - XMPP_DOMAIN
        - XMPP_AUTH_DOMAIN
        - XMPP_GUEST_DOMAIN
        - XMPP_MUC_DOMAIN
        - XMPP_INTERNAL_MUC_DOMAIN
        - XMPP_MODULES
        - XMPP_MUC_MODULES
        - XMPP_INTERNAL_MUC_MODULES
        - XMPP_RECORDER_DOMAIN
        - JICOFO_COMPONENT_SECRET
        - JICOFO_AUTH_USER
        - JICOFO_AUTH_PASSWORD
        - JVB_AUTH_USER
        - JVB_AUTH_PASSWORD
        - JIGASI_XMPP_USER
        - JIGASI_XMPP_PASSWORD
        - JIBRI_XMPP_USER
        - JIBRI_XMPP_PASSWORD
        - JIBRI_RECORDER_USER
        - JIBRI_RECORDER_PASSWORD
        - JWT_APP_ID
        - JWT_APP_SECRET
        - JWT_ACCEPTED_ISSUERS
        - JWT_ACCEPTED_AUDIENCES
        - JWT_ASAP_KEYSERVER
        - JWT_ALLOW_EMPTY
        - JWT_AUTH_TYPE
        - JWT_TOKEN_AUTH_MODULE
        - LOG_LEVEL
        - PUBLIC_URL
        - TZ
    networks:
        meet.jitsi:
            aliases:
                - ${XMPP_SERVER}

# Focus component
jicofo:
    image: jitsi/jicofo:stable-8044
    restart: ${RESTART_POLICY}
    container_name: jitsi-meet-jicofo
    volumes:
        - ${CONFIG}/jicofo:/config:Z
    environment:
        - AUTH_TYPE
        - ENABLE_AUTH
        - XMPP_DOMAIN
        - XMPP_AUTH_DOMAIN
        - XMPP_INTERNAL_MUC_DOMAIN
        - XMPP_SERVER
        - JICOFO_COMPONENT_SECRET
        - JICOFO_AUTH_USER
        - JICOFO_AUTH_PASSWORD
        - JICOFO_RESERVATION_REST_BASE_URL
        - JVB_BREWERY_MUC
        - JIGASI_BREWERY_MUC
        - JIGASI_SIP_URI
        - JIBRI_BREWERY_MUC
        - JIBRI_PENDING_TIMEOUT
        - TZ
    depends_on:
        - prosody
    networks:
        meet.jitsi:

# Video bridge
jvb:
    image: jitsi/jvb:stable-8044
    restart: ${RESTART_POLICY}
    container_name: jitsi-meet-jvb
    ports:
        - '${JVB_PORT}:${JVB_PORT}/udp'
        - '${JVB_TCP_PORT}:${JVB_TCP_PORT}'
    volumes:
        - ${CONFIG}/jvb:/config:Z
    environment:
        - DOCKER_HOST_ADDRESS
        - XMPP_AUTH_DOMAIN
        - XMPP_INTERNAL_MUC_DOMAIN
        - XMPP_SERVER
        - JVB_AUTH_USER
        - JVB_AUTH_PASSWORD
        - JVB_BREWERY_MUC
        - JVB_PORT
        - JVB_TCP_HARVESTER_DISABLED
        - JVB_TCP_PORT
        - JVB_STUN_SERVERS
        - JVB_ENABLE_APIS
        - TZ
    depends_on:
        - prosody
    networks:
        meet.jitsi:

Custom network so all services can communicate using a FQDN

networks:
meet.jitsi:

Sorry that doesn’t tell anything. Did you modify the original? How and more importantly why?

Please share the logs in the browser JS console.

I’ve added my .env-file and browser console output in my first post.
Concerning console the error is in the line: “Firefox can’t establish a connection to the server at wss://192.168.1.241:8443/xmpp-websocket?room=1. strophe.umd.js:5463:30”

That is likely because you are using the self-signed certificate. You accepted it when viewing thew page, likely, but then the WSS connection will break. IIRC Chrome will work.

Generally speaking, the self-signed certificate is for VERY basic smoke testing, I recommend you set this up with a real domain and TLS certificate.

How can I generate and install this certificate?
I found only this article Self-Hosting Guide - Debian/Ubuntu server | Jitsi Meet which isn’t very helpful.
I remember that I generated it somehow one year ago, I even see my email in .env LETSENCRYPT_EMAIL parameter. But now I have no idea what to do.
Do you have a guide how to generate and deploy TLS-certificate in Docker installation?
It would be helpful.
I need Jitsi Meet working only in local (private) network. Does it really need a certificate?

If you are using docker just set ENABLE_LETSENCRYPT to 1 and fill in the rest of the variables.

It’s not a necessity, but you see, you are already running into problems because of it. So I’d recommend it.

So, as this soft doesn’t work with self-signed certificate, and as I can’t get LetsEncrypt cert then I can’t use it in internal network. Rather disappointing result.

:person_shrugging: That’s a combination of both browser imposed constraints and your own. Nothing we can do here.

It’s written in docs:

Using existing TLS certificate and key

If you own a proper TLS certificate and don’t need a Let’s Encrypt certificate, you can configure Jitsi Meet container to use it.

I spent all day trying to issue certificate by easy-rsa and now browsers establish connection via https. But both Chrome and Firefox do this reconnections all the time.

What does the errors in console logs say in the browser?

Something like this

It’s Chrome. Firefox doesn’t disconnect. Also it’s 5076 release.
And Chrome doesn’t produce errors until the second person connects to the room.

I tried release 7630 and Firefox started produce errors and disconnections


.

Try this:

ENABLE_XMPP_WEBSOCKET=0
ENABLE_COLIBRI_WEBSOCKET=0
ENABLE_SCTP=1

“You’ve been disconnected” in both browsers.

Browser console logs please.


There are no disconnections in such combination:
web-5076
prosody-8044
jvb-8044
jicofo-804

If I use web container with newer release - I get disconnections.

Don’t mxi and match versions, that’s not supported.

You have not applied the options I mentioned correctly. I still see a WSS connection attempt instead of BOSH.



Like this?