Install jitsi-meet for a local network

You are right. If it finds apache2 installed it configures apache2, if it finds nginx it configures nginx.
But I still don’t get how to fix the configuration of nginx so that it works both with a domain name (something like meet.example.org) and an IP (something like 192.168.0.10, or even 127.0.0.1).
I understand that this is not a jitsi-meet issue but rather an apache2/nginx configuration issue, however I still have to find out how to fix it.

Does it work just with a domain? If yes, then change your config.js replacing the bosh url with:

bosh: '//<!--# echo var="http_host" -->/<!--# echo var="subdir" default="" -->http-bind'

I still don’t understand what is the advantage to change domain name with ip-address, you cannot install a valid cert when using ip-address…

I works with a fake domain like meet.example.org, if I add to /etc/hosts a line like: 127.0.0.1 meet.example.org

The use case that I am thinking about is this:
I am in a room (or classroom) with a few other people, each of them having a laptop. I start a hotspot on my laptop (like this: https://gitlab.com/docker-scripts/desktop/blob/master/misc/hotspot.sh#L26) Then I start a jitsi-meet container on my laptop and invite the other to connect (probably with an IP like 10.42.0.1). Then I can use screen sharing of jitsi-meet to share my screen with the other people. We can all block audio and video since it is not needed in this case (we are all present on the same room).

Actually this is a corner case, not quite frequent or useful, since I want to do this because I don’t have a projector (otherwise I can share my desktop using the projector). So it is not such a big issue if it does not work.

Now that I think about it, since I am starting my own hotspot on my laptop and the other people are connecting to it, maybe I can start a dnsmasq service as well and let them resolve meet.example.org to the IP that I want (in this case 10.42.0.1), and this would make everything work.

So, it seems that this is not such a big issue after all, even if it is not solved.
Thanks for your help and support.

After the install itunes on windows 7 when I tried to connect the local network and access the internet connectivity it was not connecting to the internet at all.

While accessing streaming server in local network without internet, the second user stream is not getting to the first user and vice versa. Do any one encounter this issue?

I gave up installing it in a local network. I don’t remember exactly, but maybe this was one of the issues that I encountered.

1 Like

:disappointed:

Getting below error while accessing through LAN network

Are these the first errors you see?

1 Like

Yes. This should work without internet right? If the server is in LAN then how about below config params value? How to configure this which will work fine in LAN without internet connection.24%20PM

And I can see an external API call from my LAN which is continuously failing in LAN without internet,
22%20PM

You need to enable disableThirdPartyRequests https://github.com/jitsi/jitsi-meet/blob/master/config.js#L316

Hum … what is the browser you use, seems it is missing navigator.mediaDevices. Are you accessing it using https connection?

I’m already using that. My updated config looks like below,

Im using latest chrome and I’m using http connection instead of https because it’s in my local network. I have added two systems to my LAN. My server is running jitsi docker and my .env looks like below,

#
# Basic configuration options
#

# Directory where all configuration will be stored.
CONFIG=~/.jitsi-meet-cfg

# Exposed HTTP port.
HTTP_PORT=80

# Exposed HTTPS port.
HTTPS_PORT=8443

# System time zone.
TZ=Europe/Amsterdam

# IP address of the Docker host. See the "Running on a LAN environment" section
# in the README.
DOCKER_HOST_ADDRESS=192.168.0.100


#
# Let's Encrypt configuration
#

# Enable Let's Encrypt certificate generation.
#ENABLE_LETSENCRYPT=1

# Domain for which to generate the certificate.
#LETSENCRYPT_DOMAIN=meet.example.com

# E-Mail for receiving important account notifications (mandatory).
#LETSENCRYPT_EMAIL=alice@atlanta.net


#
# Basic Jigasi configuration options (needed for SIP gateway support)
#

# SIP URI for incoming / outgoing calls.
#JIGASI_SIP_URI=test@sip2sip.info

# Password for the specified SIP account as a clear text
#JIGASI_SIP_PASSWORD=passw0rd

# SIP server (use the SIP account domain if in doubt).
#JIGASI_SIP_SERVER=sip2sip.info

# SIP server port
#JIGASI_SIP_PORT=5060

# SIP server transport
#JIGASI_SIP_TRANSPORT=UDP

#
# Authentication configuration (see README for details)
#

# Enable authentication.
#ENABLE_AUTH=1

# Enable guest access.
#ENABLE_GUESTS=1

#
# Advanced configuration options (you generally don't need to change these)
#

# Internal XMPP domain.
XMPP_DOMAIN=meet.jitsi

# Internal XMPP domain for authenticated services.
XMPP_AUTH_DOMAIN=auth.meet.jitsi

# XMPP domain for the MUC.
XMPP_MUC_DOMAIN=muc.meet.jitsi

# XMPP domain for the internal MUC used for jibri, jigasi and jvb pools.
XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi

# XMPP domain for unauthenticated users.
XMPP_GUEST_DOMAIN=guest.meet.jitsi

# Custom Prosody modules for XMPP_DOMAIN (comma separated)
XMPP_MODULES=

# Custom Prosody modules for MUC component (comma separated)
XMPP_MUC_MODULES=

# Custom Prosody modules for internal MUC component (comma separated)
XMPP_INTERNAL_MUC_MODULES=

# MUC for the JVB pool.
JVB_BREWERY_MUC=jvbbrewery

# XMPP user for JVB client connections.
JVB_AUTH_USER=jvb

# XMPP password for JVB client connections.
JVB_AUTH_PASSWORD=passw0rd

# STUN servers used to discover the server's public IP.
JVB_STUN_SERVERS=stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302

# Media port for the Jitsi Videobridge
JVB_PORT=10000

# TCP Fallback for Jitsi Videobridge for when UDP isn't available
JVB_TCP_HARVESTER_DISABLED=true
JVB_TCP_PORT=4443

# A comma separated list of APIs to enable when the JVB is started. The default is none.
# See https://github.com/jitsi/jitsi-videobridge/blob/master/doc/rest.md for more information
#JVB_ENABLE_APIS=rest,colibri

# XMPP component password for Jicofo.
JICOFO_COMPONENT_SECRET=s3cr37

# XMPP user for Jicofo client connections. NOTE: this option doesn't currently work due to a bug.
JICOFO_AUTH_USER=focus

# XMPP password for Jicofo client connections.
JICOFO_AUTH_PASSWORD=passw0rd

# XMPP user for Jigasi MUC client connections.
JIGASI_XMPP_USER=jigasi

# XMPP password for Jigasi MUC client connections.
JIGASI_XMPP_PASSWORD=passw0rd

# MUC name for the Jigasi pool.
JIGASI_BREWERY_MUC=jigasibrewery

# Minimum port for media used by Jigasi.
JIGASI_PORT_MIN=20000

# Maximum port for media used by Jigasi.
JIGASI_PORT_MAX=20050

# Disable HTTPS. This can be useful if TLS connections are going to be handled outside of this setup.
# DISABLE_HTTPS=1

# Redirects HTTP traffic to HTTPS. Only works with the standard HTTPS port (443).
#ENABLE_HTTP_REDIRECT=1

I have tried by uncommenting DISABLE_HTTPS=1 flag but the result is same. Do I missing anything in this .env file.?

No idea about the docker setup, but disableThirdPartyRequests is a config property and you need to pass it in configOverride…

You need to make sure you access the deployment using https from your browser, and what is the browser and version you use to test?

1 Like

Ok. If I add noSSL: true then client able to make a call to the server but it will give no ‘audio’/‘video’ found error. Is that mandatory to add https connection in the local network without internet? Because I’m trying to access using network IP (ex: 192.168.0.100).

Yes, this is a webrtc requirement, webrtc is working only when your browser uses https.

1 Like

Hi @damencho ,

I have setup the selfsigned certificate in my server with nginx proxy. My nginx proxy settings looks like below,

server {
    listen       80;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name  192.168.0.100;
    root /Users/apple/workspace/webapp/build;
   
    ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
    ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;

    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;

    location / {
                root /Users/apple/workspace/webapp/build;
                try_files $uri /index.html;

                # kill cache
                add_header Last-Modified $date_gmt;
                #add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
                #if_modified_since off;
                #expires off;
                #etag off;
        }
location ~* (service-worker\.js)$ {
    add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
    expires off;
    proxy_no_cache 1;
}
        location /api/ {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            # try_files $uri $uri/ =404;
            rewrite ^/api/?(.*) /$1 break;
            proxy_pass http://localhost:5000;
            proxy_redirect off;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
            proxy_read_timeout 5m;
            proxy_connect_timeout 5m;
            proxy_buffer_size   128k;
            proxy_buffers   4 256k;
            proxy_busy_buffers_size   256k;
        }
        location /ws/ {
            proxy_pass http://localhost:5001/;
            proxy_redirect off;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "Upgrade";
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
        location /meet/ {
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-NginX-Proxy true;
            proxy_pass http://localhost:8000/;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }

        location ~ ^/([a-zA-Z0-9]+)$ {
            rewrite ^/(.*)$ / break;
        }
        # BOSH
        location /http-bind {
            proxy_pass      http://localhost:5280/http-bind;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header Host $http_host;
        }
        # xmpp websockets
        location /xmpp-websocket {
            proxy_pass http://localhost:5280;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header Host $host;
            tcp_nodelay on;
        }
}

After adding this configuration I’m getting below error in my console while accessing the conference.


Please help me.

Thank you.

You are accessing your bosh connection with ip-address not with dns. Did you use ip-address to setup or dns?
Try accessing directly the bosh address and see it working.

1 Like

The thing is I’m using LAN IP for accessing the server. I have an application running on 192.168.0.100 port 80 and inside this application, I’m using jitsi external API to load the embedded video stream. The jitsi web application running on 8080 port. I’m using nginx server for proxy redirection. (Jitsi server running in 192.168.0.100/meet)

But the problem here is, BOSH request not calling the actual endpoint (the client request going to https://192.168.0.100/http-bind instead it should be https://192.168.0.100/meet/http-bind).

09%20AM

My jitsi external api conf looks like below,

const domain = '192.168.0.100/meet'; 
    const options = {
        roomName: 'sample',
        width: '100%',
        height: '100%',
        parentNode: document.querySelector('#meet'),
        configOverwrite: {
            disableThirdPartyRequests: true
        },
        interfaceConfigOverwrite: {
            TOOLBAR_BUTTONS: [],
            SHOW_WATERMARK_FOR_GUESTS: false,
            SHOW_BRAND_WATERMARK: false,
            SHOW_JITSI_WATERMARK: false
        },
        noSSL: false
    };
    const api = new JitsiMeetExternalAPI(domain, options);

36%20PM

No idea whats going on.:pensive:

Change your config.js and change the bosh url to match your setup.

1 Like

After spending many days, I have fixed the issue and now streaming works great. Thank you very much @damencho for the help.

I have updated bosh proxy config like below,

location /meet/ {
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-NginX-Proxy true;
            proxy_pass http://localhost:8000/;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }

        location ~ ^/([a-zA-Z0-9]+)$ {
            rewrite ^/(.*)$ / break;
        }
        # BOSH
        location /http-bind {
            proxy_pass      http://localhost:8000/http-bind;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header Host $http_host;
        }
        # xmpp websockets
        location /xmpp-websocket {
            rewrite ^/xmpp-websocket/?(.*) /$1 break;
            proxy_pass http://localhost:8000;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header Host $host;
            tcp_nodelay on;
        }

and also I have updated the client config like below,

@damencho Thank you once again.