I am not sure if this is the right place to post this. My apologies if I am mistaken!
I’ve followed the quick install steps to setup a jitsi-“everything”-environment on one of my servers.
My machine has a valid domain name with A and AAAA records correctly setup. IPv4 and IPv6 are both working.
During the quick install, jitsi deployed a nginx webserver. When running the install-letsencrypt-cert.sh script, certbot could not verify the domain. It took me a while to figure out what was actually going on:
nginx does not listen on IPv6 interfaces. Additionally, some java process (jetty, I suppose) listens on the ipv6:443 port. This means, the quick install breaks reproducible when obtaining letsencrypt-certs.
(In my setup, I then manually fixed the certs. Then, everything seemed to work fine, except for IPv6 clients being unable to connect due to weird SSL errors: again, some jetty listening on [::]:443 and not speaking proper https!)
I think it would be great if nginx could listen to the IPv6-443-port in the quick install. At the same time, I believe that there might be some race conditions between jetty and nginx both trying to bind to the 443-ports. I understand that port 443 would be favorable for videobridge, but “trying to bind to a port unless it is already used” seems to be super dangerous to me and might break in all kinds of unforeseeable manners.
Thank you all for your work, it is greatly appreciated!