These are my DNS settings:
(base) marco@pc:~$ curl -v meet.grasp.deals
* Rebuilt URL to: meet.grasp.deals/
* Trying 109.116.174.21...
* TCP_NODELAY set
* Connected to meet.grasp.deals (109.116.174.21) port 80 (#0)
> GET / HTTP/1.1
> Host: meet.grasp.deals
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Server: nginx/1.14.0 (Ubuntu)
< Date: Wed, 19 May 2021 06:56:02 GMT
< Content-Type: text/html
< Content-Length: 194
< Connection: keep-alive
< Location: https://grasp.deals/
< Strict-Transport-Security: max-age=31536000
<
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>
* Connection #0 to host meet.grasp.deals left intact
(base) marco@pc:~$
(base) marco@pc:~$ cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 pc01
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
127.0.0.1 postgresql
127.0.0.1 explorer
127.0.0.1 vagrant
127.0.0.1 localhost
109.116.174.21 meet.grasp.deals
(base) marco@pc:~$
(base) marco@pc:~$ sudo hostnamectl set-hostname meet.grasp.deals
(base) marco@pc:~$ sudo ping "$(hostname)"
PING meet.grasp.deals (109.116.174.21) 56(84) bytes of data.
64 bytes from meet.grasp.deals (109.116.174.21): icmp_seq=1 ttl=64 time=1.20 ms
64 bytes from meet.grasp.deals (109.116.174.21): icmp_seq=2 ttl=64 time=0.805 ms
64 bytes from meet.grasp.deals (109.116.174.21): icmp_seq=3 ttl=64 time=0.764 ms
When I try to install and configure Jitsi-Meet I get this error:
- The following errors were reported by the server:
Domain: meet.grasp.deals
Type: unauthorized
Detail: Invalid response from
https://grasp.deals/.well-known/acme-challenge
/0vImsKazC5KiwPegEIdaarQwWqgWg9h1qLFchlmCOm8
(base) marco@pc:~$ sudo apt-get install jitsi-meet
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
ca-certificates-java coturn java-common jicofo jitsi-meet-prosody jitsi-meet-turnserver jitsi-meet-web jitsi-meet-web-config jitsi-videobridge2
libhiredis0.13 lua-expat lua-filesystem lua-sec lua-socket lua5.2 openjdk-8-jre-headless prosody ruby-hocon
Suggested packages:
sip-router default-jre fonts-dejavu-extra fonts-ipafont-gothic fonts-ipafont-mincho fonts-wqy-microhei fonts-wqy-zenhei lua-event lua-dbi-mysql
lua-dbi-postgresql lua-dbi-sqlite3
The following NEW packages will be installed:
ca-certificates-java coturn java-common jicofo jitsi-meet jitsi-meet-prosody jitsi-meet-turnserver jitsi-meet-web jitsi-meet-web-config jitsi-videobridge2
libhiredis0.13 lua-expat lua-filesystem lua-sec lua-socket lua5.2 openjdk-8-jre-headless prosody ruby-hocon
0 upgraded, 19 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/95,8 MB of archives.
After this operation, 217 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Preconfiguring packages ...
Selecting previously unselected package ca-certificates-java.
(Reading database ... 396738 files and directories currently installed.)
Preparing to unpack .../ca-certificates-java_20180516ubuntu1~18.04.1_all.deb ...
Unpacking ca-certificates-java (20180516ubuntu1~18.04.1) ...
Selecting previously unselected package java-common.
Preparing to unpack .../java-common_0.68ubuntu1~18.04.1_all.deb ...
Unpacking java-common (0.68ubuntu1~18.04.1) ...
Selecting previously unselected package openjdk-8-jre-headless:amd64.
Preparing to unpack .../openjdk-8-jre-headless_8u292-b10-0ubuntu1~18.04_amd64.deb ...
Unpacking openjdk-8-jre-headless:amd64 (8u292-b10-0ubuntu1~18.04) ...
Setting up java-common (0.68ubuntu1~18.04.1) ...
Setting up ca-certificates-java (20180516ubuntu1~18.04.1) ...
Processing triggers for ca-certificates (20210119~18.04.1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
done.
Setting up openjdk-8-jre-headless:amd64 (8u292-b10-0ubuntu1~18.04) ...
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/rmid to provide /usr/bin/rmid (rmid) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java to provide /usr/bin/java (java) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/keytool to provide /usr/bin/keytool (keytool) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/jjs to provide /usr/bin/jjs (jjs) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/pack200 to provide /usr/bin/pack200 (pack200) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/rmiregistry to provide /usr/bin/rmiregistry (rmiregistry) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/unpack200 to provide /usr/bin/unpack200 (unpack200) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/orbd to provide /usr/bin/orbd (orbd) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/servertool to provide /usr/bin/servertool (servertool) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/tnameserv to provide /usr/bin/tnameserv (tnameserv) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/jexec to provide /usr/bin/jexec (jexec) in auto mode
Selecting previously unselected package jitsi-videobridge2.
(Reading database ... 396965 files and directories currently installed.)
Preparing to unpack .../00-jitsi-videobridge2_2.1-492-g5edaf7dd-1_all.deb ...
Unpacking jitsi-videobridge2 (2.1-492-g5edaf7dd-1) ...
Selecting previously unselected package ruby-hocon.
Preparing to unpack .../01-ruby-hocon_1.2.5-1_all.deb ...
Unpacking ruby-hocon (1.2.5-1) ...
Selecting previously unselected package jicofo.
Preparing to unpack .../02-jicofo_1.0-747-1_all.deb ...
Unpacking jicofo (1.0-747-1) ...
Selecting previously unselected package jitsi-meet-web.
Preparing to unpack .../03-jitsi-meet-web_1.0.4985-1_all.deb ...
Unpacking jitsi-meet-web (1.0.4985-1) ...
Selecting previously unselected package jitsi-meet-web-config.
Preparing to unpack .../04-jitsi-meet-web-config_1.0.4985-1_all.deb ...
Unpacking jitsi-meet-web-config (1.0.4985-1) ...
Selecting previously unselected package lua5.2.
Preparing to unpack .../05-lua5.2_5.2.4-1.1build1_amd64.deb ...
Unpacking lua5.2 (5.2.4-1.1build1) ...
Selecting previously unselected package lua-expat:amd64.
Preparing to unpack .../06-lua-expat_1.3.0-4_amd64.deb ...
Unpacking lua-expat:amd64 (1.3.0-4) ...
Selecting previously unselected package lua-filesystem:amd64.
Preparing to unpack .../07-lua-filesystem_1.6.3-1_amd64.deb ...
Unpacking lua-filesystem:amd64 (1.6.3-1) ...
Selecting previously unselected package lua-socket:amd64.
Preparing to unpack .../08-lua-socket_3.0~rc1+git+ac3201d-4_amd64.deb ...
Unpacking lua-socket:amd64 (3.0~rc1+git+ac3201d-4) ...
Selecting previously unselected package prosody.
Preparing to unpack .../09-prosody_0.11.9-1~bionic1_amd64.deb ...
Unpacking prosody (0.11.9-1~bionic1) ...
Selecting previously unselected package lua-sec:amd64.
Preparing to unpack .../10-lua-sec_0.6-4_amd64.deb ...
Unpacking lua-sec:amd64 (0.6-4) ...
Selecting previously unselected package jitsi-meet-prosody.
Preparing to unpack .../11-jitsi-meet-prosody_1.0.4985-1_all.deb ...
Unpacking jitsi-meet-prosody (1.0.4985-1) ...
Setting up jitsi-videobridge2 (2.1-492-g5edaf7dd-1) ...
Generating an empty hocon config
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
* Applying /etc/sysctl.d/10-console-messages.conf ...
kernel.printk = 4 4 1 7
* Applying /etc/sysctl.d/10-ipv6-privacy.conf ...
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2
* Applying /etc/sysctl.d/10-kernel-hardening.conf ...
kernel.kptr_restrict = 1
* Applying /etc/sysctl.d/10-link-restrictions.conf ...
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/10-magic-sysrq.conf ...
kernel.sysrq = 176
* Applying /etc/sysctl.d/10-network-security.conf ...
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.tcp_syncookies = 1
* Applying /etc/sysctl.d/10-ptrace.conf ...
kernel.yama.ptrace_scope = 1
* Applying /etc/sysctl.d/10-zeropage.conf ...
vm.mmap_min_addr = 65536
* Applying /etc/sysctl.d/20-jvb-udp-buffers.conf ...
net.core.rmem_max = 10485760
net.core.netdev_max_backlog = 100000
* Applying /etc/sysctl.d/30-postgresql-shm.conf ...
* Applying /usr/lib/sysctl.d/50-default.conf ...
net.ipv4.conf.all.promote_secondaries = 1
net.core.default_qdisc = fq_codel
* Applying /etc/sysctl.d/99-sysctl.conf ...
fs.inotify.max_user_watches = 524288
fs.inotify.max_user_watches = 1048576
* Applying /etc/sysctl.conf ...
fs.inotify.max_user_watches = 524288
fs.inotify.max_user_watches = 1048576
Created symlink /etc/systemd/system/multi-user.target.wants/jitsi-videobridge2.service → /lib/systemd/system/jitsi-videobridge2.service.
Selecting previously unselected package jitsi-meet.
(Reading database ... 398037 files and directories currently installed.)
Preparing to unpack .../jitsi-meet_2.0.5870-1_all.deb ...
Unpacking jitsi-meet (2.0.5870-1) ...
Selecting previously unselected package libhiredis0.13:amd64.
Preparing to unpack .../libhiredis0.13_0.13.3-2.2_amd64.deb ...
Unpacking libhiredis0.13:amd64 (0.13.3-2.2) ...
Selecting previously unselected package coturn.
Preparing to unpack .../coturn_4.5.0.7-1ubuntu2.18.04.3_amd64.deb ...
Unpacking coturn (4.5.0.7-1ubuntu2.18.04.3) ...
Setting up jitsi-meet-web-config (1.0.4985-1) ...
----------------
You can now switch to a Let’s Encrypt certificate. To do so, execute:
/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
----------------
Selecting previously unselected package jitsi-meet-turnserver.
(Reading database ... 398146 files and directories currently installed.)
Preparing to unpack .../jitsi-meet-turnserver_1.0.4985-1_all.deb ...
Unpacking jitsi-meet-turnserver (1.0.4985-1) ...
Setting up libhiredis0.13:amd64 (0.13.3-2.2) ...
Setting up lua-socket:amd64 (3.0~rc1+git+ac3201d-4) ...
Processing triggers for ufw (0.36-0ubuntu0.18.04.1) ...
Processing triggers for ureadahead (0.100.0-21) ...
ureadahead will be reprofiled on next reboot
Setting up lua-sec:amd64 (0.6-4) ...
Setting up lua-filesystem:amd64 (1.6.3-1) ...
Setting up ruby-hocon (1.2.5-1) ...
Setting up jitsi-meet-web (1.0.4985-1) ...
Setting up lua-expat:amd64 (1.3.0-4) ...
Processing triggers for libc-bin (2.27-3ubuntu1.4) ...
Processing triggers for doc-base (0.10.8) ...
Processing 1 added doc-base file...
Setting up lua5.2 (5.2.4-1.1build1) ...
update-alternatives: using /usr/bin/lua5.2 to provide /usr/bin/lua (lua-interpreter) in auto mode
update-alternatives: using /usr/bin/luac5.2 to provide /usr/bin/luac (lua-compiler) in auto mode
Processing triggers for systemd (237-3ubuntu10.47) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Setting up jicofo (1.0-747-1) ...
Updating /etc/jitsi/jicofo/config to use jicofo.conf
Generating an empty jicofo.conf file
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
Setting up prosody (0.11.9-1~bionic1) ...
Setting up coturn (4.5.0.7-1ubuntu2.18.04.3) ...
Setting up jitsi-meet-prosody (1.0.4985-1) ...
The given hostname does not exist in the config
dpkg: error processing package jitsi-meet-prosody (--configure):
installed jitsi-meet-prosody package post-installation script subprocess returned error exit status 1
dpkg: dependency problems prevent configuration of jitsi-meet:
jitsi-meet depends on jitsi-meet-prosody (= 1.0.4985-1); however:
Package jitsi-meet-prosody is not configured yet.
dpkg: error processing package jitsi-meet (--configure):
dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of jitsi-meet-turnserver:
jitsi-meet-turnserver depends on jitsi-meet-prosody; however:
Package jitsi-meet-prosody is not configured yet.
dpkg: error processing package jitsi-meet-turnserver (--configure):
dependency problems - leaving unconfigured
Processing triggers for systemd (237-3ubuntu10.47) ...
No apport report written because the error message indicates its a followup error from a previous failure.
No apport report written because the error message indicates its a followup error from a previous failure.
Processing triggers for ureadahead (0.100.0-21) ...
Errors were encountered while processing:
jitsi-meet-prosody
jitsi-meet
jitsi-meet-turnserver
E: Sub-process /usr/bin/dpkg returned an error code (1)
(base) marco@pc:~$ sudo dpkg-reconfigure jitsi-videobridge2
* Applying /etc/sysctl.d/10-console-messages.conf ...
kernel.printk = 4 4 1 7
* Applying /etc/sysctl.d/10-ipv6-privacy.conf ...
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2
* Applying /etc/sysctl.d/10-kernel-hardening.conf ...
kernel.kptr_restrict = 1
* Applying /etc/sysctl.d/10-link-restrictions.conf ...
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/10-magic-sysrq.conf ...
kernel.sysrq = 176
* Applying /etc/sysctl.d/10-network-security.conf ...
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.tcp_syncookies = 1
* Applying /etc/sysctl.d/10-ptrace.conf ...
kernel.yama.ptrace_scope = 1
* Applying /etc/sysctl.d/10-zeropage.conf ...
vm.mmap_min_addr = 65536
* Applying /etc/sysctl.d/20-jvb-udp-buffers.conf ...
net.core.rmem_max = 10485760
net.core.netdev_max_backlog = 100000
* Applying /etc/sysctl.d/30-postgresql-shm.conf ...
* Applying /usr/lib/sysctl.d/50-default.conf ...
net.ipv4.conf.all.promote_secondaries = 1
net.core.default_qdisc = fq_codel
* Applying /etc/sysctl.d/99-sysctl.conf ...
fs.inotify.max_user_watches = 524288
fs.inotify.max_user_watches = 1048576
* Applying /etc/sysctl.conf ...
fs.inotify.max_user_watches = 524288
fs.inotify.max_user_watches = 1048576
(base) marco@pc:~$ sudo dpkg-reconfigure jitsi-meet-web-config
----------------
You can now switch to a Let’s Encrypt certificate. To do so, execute:
/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
----------------
(base) marco@pc:~$ sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
-------------------------------------------------------------------------
This script will:
- Need a working DNS record pointing to this machine(for domain meet.grasp.deals)
- Download certbot-auto from https://dl.eff.org to /usr/local/sbin
- Install additional dependencies in order to request Let’s Encrypt certificate
- If running with jetty serving web content, will stop Jitsi Videobridge
- Configure and reload nginx or apache2, whichever is used
- Configure the coturn server to use Let's Encrypt certificate and add required deploy hooks
- Add command in weekly cron job to renew certificates regularly
You need to agree to the ACME server's Subscriber Agreement (https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf)
by providing an email address for important account notifications
Enter your email and press [ENTER]: raphael.stonehorse@gmail.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for meet.grasp.deals
Using the webroot path /usr/share/jitsi-meet for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. meet.grasp.deals (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://grasp.deals/.well-known/acme-challenge/0vImsKazC5KiwPegEIdaarQwWqgWg9h1qLFchlmCOm8 [109.116.174.21]: "<!DOCTYPE html>\n<html lang=\"en\">\n <head>\n <meta charset=\"utf-8\">\n <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n "
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: meet.grasp.deals
Type: unauthorized
Detail: Invalid response from
https://grasp.deals/.well-known/acme-challenge/0vImsKazC5KiwPegEIdaarQwWqgWg9h1qLFchlmCOm8
[109.116.174.21]: "<!DOCTYPE html>\n<html lang=\"en\">\n <head>\n
<meta charset=\"utf-8\">\n <meta http-equiv=\"X-UA-Compatible\"
content=\"IE=edge\">\n "
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
(base) marco@pc:~$