Jicofo don’t listen/connect to prosody client_proxy - act 2 (latest 2 stable builds)

Jerome_LEMAN_GARIN · December 2, 2022, 3:10pm

sip com :

org.ice4j.ipv6.DISABLED=true
org.jitsi.videobridge.SINGLE_PORT_HARVESTER_PORT=10000

org.jitsi.videobridge.DISABLE_TCP_HARVESTER=true
org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
#org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=127.0.0.1:9443

#org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=212.129.34.55
#org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=212.129.34.55

org.jitsi.videobridge.ENABLE_STATISTICS=true

org.jitsi.jicofo.PING_INTERVAL=-1
org.jitsi.jicofo.HEALTH_CHECK_INTERVAL=-1
org.jitsi.jicofo.SERVICE_REDISCOVERY_INTERVAL=-1

org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.gofast-preprod-comm.ceo-vision.com

org.jitsi.videobridge.xmpp.user.xmppserver1.HOSTNAME=gofast-preprod-comm.ceo-vision.com
org.jitsi.videobridge.xmpp.user.xmppserver1.DOMAIN=auth.gofast-preprod-comm.ceo-vision.com
org.jitsi.videobridge.xmpp.user.xmppserver1.USERNAME=videobridge
org.jitsi.videobridge.xmpp.user.xmppserver1.PASSWORD=XXX
org.jitsi.videobridge.xmpp.user.xmppserver1.MUC_JIDS=JvbBrewery@internal.auth.gofast-preprod-comm.ceo-vision.com
org.jitsi.videobridge.xmpp.user.xmppserver1.MUC=JvbBrewery@internal.auth.gofast-preprod-comm.ceo-vision.com
org.jitsi.videobridge.xmpp.user.xmppserver1.MUC_NICKNAME=videobridge
org.jitsi.videobridge.xmpp.user.xmppserver1.DISABLE_CERTIFICATE_VERIFICATION=true

org.jitsi.jicofo.jibri.BREWERY=JibriBrewery@internal.auth.gofast-preprod-comm.ceo-vision.com
org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90

org.jitsi.jicofo.FOCUS_USER_DOMAIN=gofast-preprod-comm.ceo-vision.com

#org.jitsi.videobridge.rest.COLIBRI_WS_DISABLE=false
#org.jitsi.videobridge.rest.COLIBRI_WS_DOMAIN=gofast-preprod-comm.ceo-vision.com:443
#org.jitsi.videobridge.rest.COLIBRI_WS_TLS=true
#org.jitsi.videobridge.rest.COLIBRI_WS_SERVER_ID=jvb1

jicofo config

# Jitsi Conference Focus settings
# sets the host name of the XMPP server
JICOFO_HOST=localhost

# sets the XMPP domain (default: none)
JICOFO_HOSTNAME=gofast-preprod-comm.ceo-vision.com

# sets the XMPP domain name to use for XMPP user logins
JICOFO_AUTH_DOMAIN=auth.gofast-preprod-comm.ceo-vision.com

# sets the focus domain name to use for XMPP focus user
FOCUS_USER_DOMAIN=focus.gofast-preprod-comm.ceo-vision.com

# sets the username to use for XMPP user logins
JICOFO_AUTH_USER=focus

# sets the password to use for XMPP user logins
JICOFO_AUTH_PASSWORD=XXX

# extra options to pass to the jicofo daemon
JICOFO_OPTS=""

# adds java system props that are passed to jicofo (default are for home and logging config file)
JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi -Dconfig.file=/etc/jitsi/jicofo/jicofo.conf -Djava.util.logging.config.file=/etc/jitsi/jicofo/logging.properties -Dorg.jitsi.jicofo.PING_INTERVAL=-1 -Dorg.jitsi.jicofo.HEALTH_CHECK_INTERVAL=-1 -Dorg.jitsi.jicofo.SERVICE_REDISCOVERY_INTERVAL=-1 -Dorg.ice4j.ipv6.DISABLED=true"

jicofo jicofo.conf

jicofo {
  // Configuration for the internal health checks performed by jicofo.
  health {
    enabled = false
  }
  
  xmpp {
    // The separate XMPP connection used for communication with clients (endpoints).
    client {
      enabled = true
      hostname = "gofast-preprod-comm.ceo-vision.com"
      port = 5222
      domain = "auth.gofast-preprod-comm.ceo-vision.com"
      xmpp-domain = "gofast-preprod-comm.ceo-vision.com"
      username = "focus"
      password = "XXX"

      // How long to wait for a response to a stanza before giving up.
      reply-timeout = 15 seconds

      // The JID/domain of the MUC service used for conferencing.
      conference-muc-jid = conference.gofast-preprod-comm.ceo-vision.com

      // A flag to suppress the TLS certificate verification.
      disable-certificate-verification = true
      
      // The JID of the mod_client_proxy component if used. It will be trusted to encode the JID of the original
      // sender in the resource part of the JID.
      client-proxy = "focus.gofast-preprod-comm.ceo-vision.com"
    }
    // The separate XMPP connection used for internal services (currently only jitsi-videobridge).
    service {
      enabled = false
    }

    // How often XMPP components re-discovery will be performed. If set to 0, re-discovery will not be performed.
     rediscovery-interval = 0 seconds
  }
}

Jerome_LEMAN_GARIN · December 2, 2022, 3:15pm

Oh and yes you are right this is definitly the issue as in production with an older version it authentifies with focus :

damencho · December 2, 2022, 3:29pm

You have provided the jvb sip-communicator.properties do you have such a file for jicofo?

Jerome_LEMAN_GARIN · December 2, 2022, 3:31pm

No I use the same with sym links, but there is no more configurations concerning jicofo in it if I remember because all was migrated in the new config files

damencho · December 2, 2022, 3:33pm

There is something fishy in here. You do not have any configurations about brewery rooms, but your jicofo is trying to use one … you are probably looking at wrong files or something

Jerome_LEMAN_GARIN · December 2, 2022, 3:33pm

Yes I have, look in the sip communicator :

org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.gofast-preprod-comm.ceo-vision.com
org.jitsi.jicofo.jibri.BREWERY=JibriBrewery@internal.auth.gofast-preprod-comm.ceo-vision.com

(So yes it remains some jicofo config in there)

damencho · December 2, 2022, 3:36pm

Oh you are using same file for both … this is so confusing.

Look, to make it easier. Create a new VM, do a clean install. Take the configs from there and use those and stick to those …

emrah · December 2, 2022, 3:41pm

These are from my newly installed Jitsi

/etc/jitsi/jicofo/config

# adds java system props that are passed to jicofo (default are for home and logging config file)
JAVA_SYS_PROPS="-Dconfig.file=/etc/jitsi/jicofo/jicofo.conf -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi -Djava.util.logging.config.file=/etc/jitsi/jicofo/logging.properties"

/etc/jitsi/jicofo/jicofo.conf

# Jicofo HOCON configuration. See reference.conf in /usr/share/jicofo/jicofo.jar for
#available options, syntax, and default values.
jicofo {
  xmpp: {
    client: {
      client-proxy: "focus.jitsi.mydomain.corp"
      xmpp-domain: "jitsi.mydomain.corp"
      domain: "auth.jitsi.mydomain.corp"
      username: "focus"
      password: "sf5m7rg9IAJsEESc"
    }
    trusted-domains: [ "recorder.jitsi.mydomain.corp" ]
  }
  bridge: {
    brewery-jid: "JvbBrewery@internal.auth.jitsi.mydomain.corp"
  }
  jibri: {
    brewery-jid: "JibriBrewery@internal.auth.jitsi.mydomain.corp"
    pending-timeout: 90 seconds
  }
}

There is also logging.properties but no sip.communicator for the new setup

Jerome_LEMAN_GARIN · December 2, 2022, 3:42pm

Mmh interesting, yeah it may be related to the old sip file.

Let me try to get rid of it and I’ll tell you

Jerome_LEMAN_GARIN · December 2, 2022, 4:05pm

Well done, thank you !

So yeah the old sip configuration is completly unusable now, I think something has changed in the code with the old config vs the new config with the exact same parameters.

Now I have other issues with video communication but I think I can handle that by myself (things with turn).

Thank you both for your help, I hope jitsi (or some maintained fork, maybe us in the future) will release RHEL packages a day because for now, comparing configurations, updates and stuff from the deb packages are the only way we have to update our production and there is some breaking changes each release

Have a nice day !