Jibri user is visible

Hi,

When I start a recording, the jibri user joins and is visible to the participants. I have set hiddenDomain: ‘recorder.domain.net’ right under liveStreamingnabled in config.js and have ‘recorder.domain.net’ in jibri conf and appropriate prosody config changes with virtual host for ‘recorder.domain.net’ and authentication set to internal_plain. I tried changing the password for recorder in jibri conf to a password that is not registered and the recording still worked and the jibri user connected. So I believe it is an issue with jibri not connecting through the correct subdomain but everything looks right in the config.

I would greatly appreciate any help or insight. Thank you

jibri {
// A unique identifier for this Jibri
// TODO: eventually this will be required with no default
id = ""
// Whether or not Jibri should return to idle state after handling
// (successfully or unsuccessfully) a request. A value of true
// here means that a Jibri will NOT return back to the IDLE state
// and will need to be restarted in order to be used again.
single-use-mode = false
api {
http {
external-api-port = 2222
internal-api-port = 3333
}
xmpp {
// See example_xmpp_envs.conf for an example of what is expected here
environments = [
{
name = "prod environment"
xmpp-server-hosts = ["domain.net"]
xmpp-domain = "domain.net"

            control-muc {
                domain = "internal.auth.domain.net"
                room-name = "JibriBrewery"
                nickname = "jibri"
            }

            control-login {
                domain = "auth.domain.net"
                username = "jibri"
                password = "jibripass"
            }

            call-login {
                domain = "recorder.domain.net"
                username = "recorder"
                password = "recordpass"
           }

           strip-from-room-domain = "conference."
            usage-timeout = 0
            trust-all-xmpp-certs = true
        }]
}
}
recording {
recordings-directory = "/srv/recordings"
# TODO: make this an optional param and remove the default
finalize-script = ""
}
streaming {
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used
// when starting a stream must match at least one of the patterns in
// this list.
rtmp-allow-list = [
// By default, all services are allowed
".*"
]
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--disable-infobars",
"--autoplay-policy=no-user-gesture-required"
]
}
stats {
enable-stats-d = true
}
webhook {
// A list of subscribers interested in receiving webhook events
subscribers = [] 
}
jwt-info {
// The path to a .pem file which will be used to sign JWT tokens used in webhook
// requests. If not set, no JWT will be added to webhook requests.
# signing-key-path = "/path/to/key.pem"

// The kid to use as part of the JWT
# kid = "key-id"

// The issuer of the JWT
# issuer = "issuer"

// The audience of the JWT
# audience = "audience"

// The TTL of each generated JWT.  Can't be less than 10 minutes.
# ttl = 1 hour
}
call-status-checks {
// If all clients have their audio and video muted and if Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 30 seconds

// If all clients have their audio and video muted, Jibri consideres this
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes

// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
}
}

prosody config

VirtualHost "guest.domain.net"
   authentication = "token";
   app_id = "[redacted]";
   app_secret = "[redacted]";
   c2s_require_encryption = false;
   allow_empty_token = true;

-- internal muc component, meant to enable pools of jibri and jigasi clients
Component "internal.auth.domain.net" "muc"
    modules_enabled = {
        "ping";
    }
    storage = "memory"
    muc_room_cache_size = 1000
    
VirtualHost "recorder.domain.net"
    modules_enabled = {
        "ping";
    }
    authentication = "internal_plain"

config.js

  // on the backend.
    // fileRecordingsServiceSharingEnabled: false,

    // Whether to enable live streaming or not.
    liveStreamingEnabled: true,
    hiddenDomain: 'recorder.domain.net',
    // Transcription (in interface_config,
    // subtitles and buttons can be configured)
    // transcribingEnabled: false,

Did you check /etc/jitsi/jicofo/jicofo.conf? It should be something like

jicofo {
  xmpp: {
    client: {
      client-proxy: focus.jitsi.yourdomain.com
    }
    trusted-domains: [ "recorder.jitsi.yourdomain.com" ]
  }
  bridge: {
    brewery-jid: "JvbBrewery@internal.auth.jitsi.yourdomain.com"
  }
  conference: {
    enable-auto-owner: true
  }
  jibri: {
    brewery-jid: "JibriBrewery@internal.auth.jitsi.yourdomain.com"
    pending-timeout: 90 seconds
  }
}
1 Like

This is the current jicofo conf

jicofo {
  xmpp: {
    client: {
      client-proxy: focus.domain.net
    }
    trusted-domains: [ "recorder.domain.net" ]
  }
  bridge: {
    brewery-jid: "JvbBrewery@internal.auth.domain.net"
  }
}

@emrah I matched the config to the one you posted but still not working.

You may try to unregister jibri accounts and register again.