Jicofo or Prosody silently failing?

I can’t start videoconference on my Jitsi server with JWT enabled (which Is connected with Moodle). There are no logs in Prosody or Jicofo that would give me any clue. The best error I got was from developer console:

VM336 lib-jitsi-meet.min.js:2 2022-04-11T07:54:21.748Z [JitsiMeetJS.js] <Object.getGlobalOnErrorHandler>:  UnhandledError: Focus error, retry after 1000 Script: null Line: null Column: null StackTrace:  Error: Focus error, retry after 1000     VM336 lib-jitsi-meet.min.js:2
    at rr._allocateConferenceFocusError (https://meet.vc.example.com/libs/lib-jitsi-meet.min.js?v=5913:2:273076)
    at https://meet.vc.example.com/libs/lib-jitsi-meet.min.js?v=5913:2:272117
    at P.Handler.handler (https://meet.vc.example.com/libs/lib-jitsi-meet.min.js?v=5913:2:644039)
    at P.Handler.run (https://meet.vc.example.com/libs/lib-jitsi-meet.min.js?v=5913:2:639338)
    at https://meet.vc.example.com/libs/lib-jitsi-meet.min.js?v=5913:2:647776
    at Object.forEachChild (https://meet.vc.example.com/libs/lib-jitsi-meet.min.js?v=5913:2:631006)
    at P.Connection._dataRecv (https://meet.vc.example.com/libs/lib-jitsi-meet.min.js?v=5913:2:647625)
    at O.Websocket._onMessage (https://meet.vc.example.com/libs/lib-jitsi-meet.min.js?v=5913:2:676855)

r                                @ VM336 lib-jitsi-meet.min.js:2
getGlobalOnErrorHandler          @ VM336 lib-jitsi-meet.min.js:2
window.onerror                   @ VM337 app.bundle.min.js:138
callErrorHandler                 @ VM336 lib-jitsi-meet.min.js:2
rr._allocateConferenceFocusError @ VM336 lib-jitsi-meet.min.js:2
(anonymous)                      @ VM336 lib-jitsi-meet.min.js:2
(anonymous)                      @ VM336 lib-jitsi-meet.min.js:2
run                              @ VM336 lib-jitsi-meet.min.js:2
(anonymous)                      @ VM336 lib-jitsi-meet.min.js:2
forEachChild                     @ VM336 lib-jitsi-meet.min.js:2
_dataRecv                        @ VM336 lib-jitsi-meet.min.js:2
_onMessage                       @ VM336 lib-jitsi-meet.min.js:2

2022-04-11T07:54:21.749Z [modules/xmpp/moderator.js] <rr._allocateConferenceFocusError>:  Focus error, retry after 1000  VM336 lib-jitsi-meet.min.js:2

<iq xmlns="jabber:client" id="de4c8340-137e-4aed-bfd7-bbda7050b50a:sendIQ" to="ba495caa-296c-49ba-afe4-9df567ffe0bf@meet.vc.example.com/ChDbh3PM" from="focus.meet.vc.example.com" type="error">
  <error type="cancel">
    <service-unavailable xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"></service-unavailable>
  </error>
</iq>

r                                @ VM336 lib-jitsi-meet.min.js:2
rr._allocateConferenceFocusError @ VM336 lib-jitsi-meet.min.js:2
(anonymous)                      @ VM336 lib-jitsi-meet.min.js:2
(anonymous)                      @ VM336 lib-jitsi-meet.min.js:2
run                              @ VM336 lib-jitsi-meet.min.js:2
(anonymous)                      @ VM336 lib-jitsi-meet.min.js:2
forEachChild                     @ VM336 lib-jitsi-meet.min.js:2
_dataRecv                        @ VM336 lib-jitsi-meet.min.js:2
_onMessage                       @ VM336 lib-jitsi-meet.min.js:2

2022-04-11T07:54:21.916Z [conference.js] <yoe._onConferenceFailed>:  CONFERENCE FAILED: conference.focusDisconnected focus.meet.vc.example.com 1 VM336 lib-jitsi-meet.min.js:2

i                                @ VM337 app.bundle.min.js:138
_onConferenceFailed              @ VM337 app.bundle.min.js:138
r.emit                           @ VM336 lib-jitsi-meet.min.js:2
r.emit                           @ VM336 lib-jitsi-meet.min.js:2
rr._allocateConferenceFocusError @ VM336 lib-jitsi-meet.min.js:2
(anonymous)                      @ VM336 lib-jitsi-meet.min.js:2
(anonymous)                      @ VM336 lib-jitsi-meet.min.js:2
run                              @ VM336 lib-jitsi-meet.min.js:2
(anonymous)                      @ VM336 lib-jitsi-meet.min.js:2
forEachChild                     @ VM336 lib-jitsi-meet.min.js:2
_dataRecv                        @ VM336 lib-jitsi-meet.min.js:2
_onMessage                       @ VM336 lib-jitsi-meet.min.js:2

To me it looks like prosody can’t connect to focus account in prosody session, logs don’t show any problem at attempting to start the session from the lobby:

Apr 11 11:53:58 c2s561f08835120 info Client connected
Apr 11 11:53:59 c2s561f08835120 info Authenticated as dbb02e66-b29b-48c9-9282-22124fc55a32@meet.vc.example.com

Environment

  • Ubuntu 18.04
  • Jitsi packages (this server is just JMS, videobridges are on other hosts and working fine with other JMS servers):
  • jitsi-meet-prosody/stable,now 1.0.5913-1
  • jitsi-meet-tokens/stable,now 1.0.5913-1
  • jitsi-meet-turnserver/stable,now 1.0.5913-1
  • jitsi-meet-web/stable,now 1.0.5913-1
  • jitsi-meet-web-config/stable,now 1.0.5913-1
  • prosody 0.11 nightly build 143 (2022-01-24, 458c5f8d5d3e)

Config files

Prosody virtualhost:

plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }

-- domain mapper options, must at least have domain base set to use the mapper
muc_mapper_domain_base = "meet.vc.example.com";

external_service_secret  = "**********************";

external_services = {
  { type = "stun", host = "meet.vc.example.com", port = 3478 },
  { type = "turn", host = "meet.vc.example.com", port = 3478, transport = "udp", secret = true, ttl = 86400, algorithm = "turn" },
  { type = "turns", host = "meet.vc.example.com", port = 5349, transport = "tcp", secret = true, ttl = 86400, algorithm = "turn" }
};

cross_domain_bosh = false;
consider_bosh_secure = true;
https_ports = { }; -- disable listening on port 5284

cross_domain_websocket = true;
consider_websocket_secure = true;

-- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4
ssl = {
  protocol = "tlsv1_2+";
  ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
}

unlimited_jids = {
    "focus@auth.meet.vc.example.com",
    "jvb@auth.meet.vc.example.com"
}

VirtualHost "guest.meet.vc.example.com"
    authentication = "token"
    app_id="moodle.example.com"
    app_secret="**********************"
    c2s_require_encryption = false
    allow_empty_token = true
VirtualHost "meet.vc.example.com"
        authentication = "token"
        app_id="moodle.example.com"
        app_secret="**********************"
        allow_empty_token = false
	allow_unencrypted_plain_auth = true
        ssl = {
            key = "/etc/prosody/certs/meet.vc.example.com.key";
            certificate = "/etc/prosody/certs/meet.vc.example.com.crt";
        }
	av_moderation_component = "avmoderation.meet.vc.example.com"
        speakerstats_component = "speakerstats.meet.vc.example.com"
        conference_duration_component = "conferenceduration.meet.vc.example.com"
        -- we need bosh
        modules_enabled = {
            "bosh";
            "websocket";
            "smacks";
            "pubsub";
            "ping"; -- Enable mod_ping
            "speakerstats";
            "external_services";
            "conference_duration";
	    "muc_lobby_rooms";
	    "muc_breakout_rooms";
	    "av_moderation";
	    "presence_identity";
            "frozen_nick";
        }
        c2s_require_encryption = false
	lobby_muc = "lobby.meet.vc.example.com"
        breakout_rooms_muc = "breakout.meet.vc.example.com"
        main_muc = "conference.meet.vc.example.com"

Component "conference.meet.vc.example.com" "muc"
    restrict_room_creation = true
    storage = "memory"
    modules_enabled = {
        "muc_meeting_id";
        "muc_domain_mapper";
	"polls";
	"muc_rate_limit";
        "token_verification";
        "token_affiliation";
        "token_owner_party";
    }
    party_check_timeout = 20
    admins = { "focus@auth.meet.vc.example.com" }
    muc_room_locking = false
    muc_room_default_public_jids = true

Component "breakout.meet.vc.example.com" "muc"
    restrict_room_creation = true
    storage = "memory"
    modules_enabled = {
        "muc_meeting_id";
        "muc_domain_mapper";
        "token_verification";
        "muc_rate_limit";
        "polls";
    }
    admins = { "focus@auth.meet.vc.example.com" }
    muc_room_locking = false
    muc_room_default_public_jids = true

-- internal muc component
Component "internal.auth.meet.vc.example.com" "muc"
    storage = "memory"
    modules_enabled = {
      "ping";
    }
    admins = { "focus@auth.meet.vc.example.com", "jvb@auth.meet.vc.example.com" }
    muc_room_locking = false
    muc_room_default_public_jids = true

VirtualHost "auth.meet.vc.example.com"
    ssl = {
        key = "/etc/prosody/certs/auth.meet.vc.example.com.key";
        certificate = "/etc/prosody/certs/auth.meet.vc.example.com.crt";
    }
    modules_enabled = {
        "limits_exception";
    }
    authentication = "internal_hashed"

-- Proxy to jicofo's user JID, so that it doesn't have to register as a component.
Component "focus.meet.vc.example.com" "client_proxy"
    target_address = "focus@auth.meet.vc.example.com"

Component "speakerstats.meet.vc.example.com" "speakerstats_component"
    muc_component = "conference.meet.vc.example.com"

Component "conferenceduration.meet.vc.example.com" "conference_duration_component"
    muc_component = "conference.meet.vc.example.com"

Component "avmoderation.meet.vc.example.com" "av_moderation_component"
    muc_component = "conference.meet.vc.example.com"

Component "lobby.meet.vc.example.com" "muc"
    storage = "memory"
    restrict_room_creation = true
    muc_room_locking = false
    muc_room_default_public_jids = true
    modules_enabled = {
        "muc_rate_limit";
        "polls";
    }

Jicofo ./config:

# Jitsi Conference Focus settings

# sets the host name of the XMPP server
JICOFO_HOST=meet.vc.example.com

# sets the XMPP domain (default: none)
JICOFO_HOSTNAME=meet.vc.example.com

# sets the XMPP domain name to use for XMPP user logins
JICOFO_AUTH_DOMAIN=auth.meet.vc.example.com

# sets the username to use for XMPP user logins
JICOFO_AUTH_USER=focus

# sets the password to use for XMPP user logins
JICOFO_AUTH_PASSWORD=*************

# extra options to pass to the jicofo daemon
JICOFO_OPTS=""

# adds java system props that are passed to jicofo (default are for home and logging config file)
JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi -Dconfig.file=/etc/jitsi/jicofo/jicofo.conf -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi -Djava.util.logging.config.file=/etc/jitsi/jicofo/logging.properties -Dlog4j2.formatMsgNoLookups=true"

Jicofo ./jicofo.conf:

# Jicofo HOCON configuration. See reference.conf in /usr/share/jicofo/jicofo.jar for
#available options, syntax, and default values.
jicofo {
  conference {
    enable-auto-owner = true
  }
  octo {
    enabled = True
    id = 3
  }
  bridge {
    max-bridge-participants = -1
    stress-threshold = 0.8
    selection-strategy = IntraRegionBridgeSelectionStrategy
  }
  authentication {
    enabled: true
    type: JWT
    login-url: meet.vc.example.com
    enable-auto-login = false
  }
  xmpp: {
    client: {
      client-proxy: focus.meet.vc.example.com
      disable-certificate-verification = false
    }
    trusted-domains: [ "recorder.meet.vc.example.com" ]
  }
  bridge: {
    brewery-jid: "JvbBrewery@internal.auth.meet.vc.example.com"
  }
  health: {
    enabled: true
    interval: "10 seconds"
    timeout: "30 seconds"
    max-check-duration: "20 seconds"
    room-name-prefix: "__jicofo-health-check"
  }
}

Nginx virtualhost:

# forcefully unconfigured FIXME
# server_names_hash_bucket_size 64;

types {
# nginx's default mime.types doesn't include a mapping for wasm
    application/wasm     wasm;
}

server {
    listen 80;
    listen [::]:80;
    server_name meet.vc.example.com;

    location ^~ /.well-known/acme-challenge/ {
       default_type "text/plain";
       root         /usr/share/jitsi-meet;
    }
    location = /.well-known/acme-challenge/ {
       return 404;
    }
    location / {
       return 301 https://$host$request_uri;
    }
}
server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name meet.vc.example.com;

    # Mozilla Guideline v5.4, nginx 1.17.7, OpenSSL 1.1.1d, intermediate configuration
    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
    ssl_prefer_server_ciphers off;

    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:10m;  # about 40000 sessions
    ssl_session_tickets off;

    add_header Strict-Transport-Security "max-age=63072000" always;
    set $prefix "";

    ssl_certificate /etc/letsencrypt/live/meet.vc.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/meet.vc.example.com/privkey.pem;

    root /usr/share/jitsi-meet;

    # ssi on with javascript for multidomain variables in config.js
    ssi on;
    ssi_types application/x-javascript application/javascript;

    index index.html index.htm;
    error_page 404 /static/404.html;

    gzip on;
    gzip_types text/plain text/css application/javascript application/json image/x-icon application/octet-stream application/wasm;
    gzip_vary on;
    gzip_proxied no-cache no-store private expired auth;
    gzip_min_length 512;

    # our custom init page
    location = /static/close3.html {
       return 301 https://vc.example.com;
    }

    location = /config.js {
        alias /etc/jitsi/meet/meet.vc.example.com-config.js;
        # disable config caching
        add_header Last-Modified $date_gmt;
        add_header Cache-Control 'no-store, no-cache';
        if_modified_since off;
        expires off;
        etag off;
    }

    location = /external_api.js {
        alias /usr/share/jitsi-meet/libs/external_api.min.js;
    }

    # ensure all static content can always be found first
    location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$
    {
        add_header 'Access-Control-Allow-Origin' '*';
        alias /usr/share/jitsi-meet/$1/$2;

        # cache all versioned files
        if ($arg_v) {
            expires 1y;
        }
    }

    # BOSH
    location = /http-bind {
        proxy_pass http://127.0.0.1:5280/http-bind?prefix=$prefix&$args;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $http_host;
    }

    # xmpp websockets
    location = /xmpp-websocket {
        proxy_pass http://127.0.0.1:5280/xmpp-websocket?prefix=$prefix&$args;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
        proxy_buffer_size 512k; 
        proxy_buffers 16 512k; 
        proxy_busy_buffers_size  512k;
        tcp_nodelay on;
    }

    location ~ ^/([^/?&:'"]+)$ {
        try_files $uri @root_path;
    }

    location @root_path {
        rewrite ^/(.*)$ / break;
    }

    location ~ ^/([^/?&:'"]+)/config.js$
    {
        set $subdomain "$1.";
        set $subdir "$1/";

        alias /etc/jitsi/meet/meet.vc.example.com-config.js;
    }

    # BOSH for subdomains
    location ~ ^/([^/?&:'"]+)/http-bind {
        set $subdomain "$1.";
        set $subdir "$1/";
        set $prefix "$1";

        rewrite ^/(.*)$ /http-bind;
    }

    # websockets for subdomains
    location ~ ^/([^/?&:'"]+)/xmpp-websocket {
        set $subdomain "$1.";
        set $subdir "$1/";
        set $prefix "$1";

        rewrite ^/(.*)$ /xmpp-websocket;
    }

    # Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
    location ~ ^/([^/?&:'"]+)/(.*)$ {
        set $subdomain "$1.";
        set $subdir "$1/";
        rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
    }

}

What version of Prosody do you have running on the server?

It’s Prosody 0.11 nightly build 143 (2022-01-24, 458c5f8d5d3e)

Is that the latest of v0.11? Maybe move from nightly to the latest stable of 0.11.

Yeah, I guess it’s the latest version:

apt-get upgrade prosody-0.11
Reading package lists... Done
Building dependency tree       
Reading state information... Done
prosody-0.11 is already the newest version (1nightly143-1~bionic).

And judging by the release date of 0.11.13, this is the latest stable.

Yup, “Prosody 0.11 nightly build 143” is equivalent to 0.11.13 and should be fine.

Perhaps try with this block in Jicofo removed (or enabled: false)? JWT auth handled in prosody so I’m not sure how Jicofo plays a part here. Neither is it mentioned in docs.

1 Like

IMO the secure domain guide causes misunderstanding

Indeed. Is that even required (or works)?

I use solely JWT in my deployments and do not have that enabled in Jicofo. Also, I vaguely recall multiple posts which mentions EXT_JWT being deprecated from jicofo sip properties; I presumed the same would apply to new jicofo config.

I’m not sure I understand what “external JWT” is. According to my tests, it doesn’t work correctly when the token authentication is enabled for prosody

Well, the wording here is unambiguous:

When using token based authentication, the type must use JWT as the scheme instead:

This is what bugs me most of the time with Jitsi - I allways try to consult with reference.conf, Github docs and Handbook … Three sources of the documentation and I still can’t figure out which one is the most accurate or up-to-date.

Alas, disabling authentication section didn’t help.

Any errors in jicofo logs?

No, none in particular, not at rebooting the service, nor at starting a new VC session:

Jicofo 2022-04-12 09:09:54.858 INFO: [1] Main.main#80: Stopping services.
Jicofo 2022-04-12 09:09:55.077 INFO: [1] Main.main#49: Starting Jicofo.
Jicofo 2022-04-12 09:09:55.261 INFO: [1] JitsiConfig.<clinit>#47: Initialized newConfig: merge of /etc/jitsi/jicofo/jicofo.conf: 1,system properties,reference.conf @ jar:file:/usr/share/jicofo/jicofo.jar!/refere
nce.conf: 1
Jicofo 2022-04-12 09:09:55.262 INFO: [1] ReadOnlyConfigurationService.reloadConfiguration#51: loading config file at path /etc/jitsi/jicofo/sip-communicator.properties
Jicofo 2022-04-12 09:09:55.263 INFO: [1] ReadOnlyConfigurationService.reloadConfiguration#56: Error loading config file: java.io.FileNotFoundException: /etc/jitsi/jicofo/sip-communicator.properties (No such file
 or directory)
Jicofo 2022-04-12 09:09:55.264 INFO: [1] JitsiConfig.<clinit>#68: Initialized legacyConfig: sip communicator props (no description provided)
Jicofo 2022-04-12 09:09:55.265 INFO: [1] JitsiConfig$Companion.reloadNewConfig#94: Reloading the Typesafe config source (previously reloaded 0 times).
Jicofo 2022-04-12 09:09:55.755 INFO: [1] FocusManager.start#150: Initialized octoId=3
Jicofo 2022-04-12 09:09:55.780 INFO: [1] JicofoServices.createAuthenticationAuthority#178: Starting authentication service with config=AuthConfig[enabled=true, type=JWT, loginUrl=meet.vc.example.com, logoutUrl
=null, authenticationLifetime=PT24H, enableAutoLogin=true].
Jicofo 2022-04-12 09:09:55.786 INFO: [1] AbstractAuthAuthority.<init>#109: Auto login disabled
Jicofo 2022-04-12 09:09:55.786 INFO: [1] AbstractAuthAuthority.<init>#112: Authentication lifetime: PT1M
Jicofo 2022-04-12 09:09:55.978 INFO: [1] XmppServices.<init>#48: No dedicated Service XMPP connection configured, re-using the client XMPP connection.
Jicofo 2022-04-12 09:09:55.984 INFO: [1] XmppServices.<init>#63: No Jigasi detector configured.
Jicofo 2022-04-12 09:09:56.000 INFO: [1] BridgeSelector.<init>#58: Using org.jitsi.jicofo.bridge.IntraRegionBridgeSelectionStrategy
Jicofo 2022-04-12 09:09:56.006 INFO: [1] [type=bridge brewery=jvbbrewery] BaseBrewery.<init>#100: Initialized with JID=jvbbrewery@internal.auth.meet.vc.example.com
Jicofo 2022-04-12 09:09:56.008 INFO: [1] JicofoServices.<init>#122: No Jibri detector configured.
Jicofo 2022-04-12 09:09:56.011 INFO: [1] JicofoServices.<init>#128: No SIP Jibri detector configured.
Jicofo 2022-04-12 09:09:56.023 INFO: [1] HealthChecker.start#118: Started with interval=10000, timeout=PT30S, maxDuration=PT20S, stickyFailures=false.
Jicofo 2022-04-12 09:09:56.029 INFO: [1] JicofoServices.<init>#143: Starting HTTP server with config: host=null, port=8888, tlsPort=8843, isTls=false, keyStorePath=null, sendServerVersion=true.
Jicofo 2022-04-12 09:09:56.102 INFO: [1] org.eclipse.jetty.util.log.Log.initialized: Logging initialized @1162ms to org.eclipse.jetty.util.log.Slf4jLog
Jicofo 2022-04-12 09:09:56.201 INFO: [1] org.eclipse.jetty.server.Server.doStart: jetty-9.4.44.v20210927; built: 2021-09-27T23:02:44.612Z; git: 8da83308eeca865e495e53ef315a249d63ba9332; jvm 17.0.2+8-Ubuntu-118.04
Jicofo 2022-04-12 09:09:56.268 INFO: [19] [xmpp_connection=client] XmppProviderImpl.doConnect#209: Connected, JID=null
Jicofo 2022-04-12 09:09:56.342 INFO: [19] AvModerationHandler.registrationChanged#120: Discovered av_moderation component at avmoderation.meet.vc.example.com.
Jicofo 2022-04-12 09:09:56.347 INFO: [19] ConferenceIqHandler.registrationChanged#183: Using breakout room component address: breakout.meet.vc.example.com
Jicofo 2022-04-12 09:09:56.401 INFO: [34] [type=bridge brewery=jvbbrewery] BaseBrewery.addInstance#341: Added brewery instance: jvbbrewery@internal.auth.meet.vc.example.com/VB13
Jicofo 2022-04-12 09:09:56.407 WARNING: [34] Main$1.warn#154: Key 'jicofo.bridge.average-participant-packet-rate-pps' from source 'typesafe config (reloaded 1 times)' is deprecated: use jicofo.bridge.average-participant-stress
Jicofo 2022-04-12 09:09:56.408 INFO: [34] BridgeSelector.addJvbAddress#95: Added new videobridge: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB13, relayId=null, region=null, stress=0.00]
Jicofo 2022-04-12 09:09:56.412 INFO: [35] JvbDoctor.bridgeAdded#127: Scheduled health-check task for: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB13, relayId=[REDACTED].246:4096, region=region1, stress=0.00]
Jicofo 2022-04-12 09:09:56.423 INFO: [34] [type=bridge brewery=jvbbrewery] BaseBrewery.addInstance#341: Added brewery instance: jvbbrewery@internal.auth.meet.vc.example.com/VB10
Jicofo 2022-04-12 09:09:56.424 INFO: [34] BridgeSelector.addJvbAddress#95: Added new videobridge: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB10, relayId=null, region=null, stress=0.00]
Jicofo 2022-04-12 09:09:56.427 INFO: [35] JvbDoctor.bridgeAdded#127: Scheduled health-check task for: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB10, relayId=[REDACTED].254:4096, region=region1, stress=0.00]
Jicofo 2022-04-12 09:09:56.428 INFO: [34] [type=bridge brewery=jvbbrewery] BaseBrewery.addInstance#341: Added brewery instance: jvbbrewery@internal.auth.meet.vc.example.com/VB14
Jicofo 2022-04-12 09:09:56.429 INFO: [34] BridgeSelector.addJvbAddress#95: Added new videobridge: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB14, relayId=null, region=null, stress=0.00]
Jicofo 2022-04-12 09:09:56.435 INFO: [35] JvbDoctor.bridgeAdded#127: Scheduled health-check task for: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB14, relayId=[REDACTED].247:4096, region=region1, stress=0.00]
Jicofo 2022-04-12 09:09:56.443 INFO: [34] [type=bridge brewery=jvbbrewery] BaseBrewery.addInstance#341: Added brewery instance: jvbbrewery@internal.auth.meet.vc.example.com/VB12
Jicofo 2022-04-12 09:09:56.456 INFO: [34] BridgeSelector.addJvbAddress#95: Added new videobridge: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB12, relayId=null, region=null, stress=0.00]
Jicofo 2022-04-12 09:09:56.457 INFO: [34] [type=bridge brewery=jvbbrewery] BaseBrewery.addInstance#341: Added brewery instance: jvbbrewery@internal.auth.meet.vc.example.com/VB11
Jicofo 2022-04-12 09:09:56.458 INFO: [34] BridgeSelector.addJvbAddress#95: Added new videobridge: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB11, relayId=null, region=null, stress=0.00]
Jicofo 2022-04-12 09:09:56.461 INFO: [21] [type=bridge brewery=jvbbrewery] BaseBrewery.addInstance#341: Added brewery instance: jvbbrewery@internal.auth.meet.vc.example.com/VB9
Jicofo 2022-04-12 09:09:56.462 INFO: [21] BridgeSelector.addJvbAddress#95: Added new videobridge: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB9, relayId=null, region=null, stress=0.00]
Jicofo 2022-04-12 09:09:56.467 INFO: [35] JvbDoctor.bridgeAdded#127: Scheduled health-check task for: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB12, relayId=[REDACTED].245:4096, region=region1, stress=0.00]
Jicofo 2022-04-12 09:09:56.468 INFO: [35] JvbDoctor.bridgeAdded#127: Scheduled health-check task for: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB11, relayId=[REDACTED].244:4096, region=region1, stress=0.00]
Jicofo 2022-04-12 09:09:56.483 INFO: [35] JvbDoctor.bridgeAdded#127: Scheduled health-check task for: Bridge[jid=jvbbrewery@internal.auth.meet.vc.example.com/VB9, relayId=[REDACTED].253:4096, region=region1, stress=0.00]
Jicofo 2022-04-12 09:09:56.507 INFO: [19] [type=bridge brewery=jvbbrewery] BaseBrewery.start#171: Joined the room.
Jicofo 2022-04-12 09:09:56.508 INFO: [19] [xmpp_connection=client] XmppProviderImpl.fireRegistrationStateChanged#314: Set replyTimeout=PT15S
Jicofo 2022-04-12 09:09:56.597 WARNING: [1] org.glassfish.jersey.server.wadl.WadlFeature.configure: JAXBContext implementation could not be found. WADL feature is disabled.
Jicofo 2022-04-12 09:09:56.685 WARNING: [1] org.glassfish.jersey.internal.inject.Providers.checkProviderRuntime: A provider org.jitsi.rest.Health registered in SERVER runtime does not implement any provider interfaces applicable in the SERVER runtime. Due to constraint configuration problems the provider org.jitsi.rest.Health will be ignored. 
Jicofo 2022-04-12 09:09:56.686 WARNING: [1] org.glassfish.jersey.internal.inject.Providers.checkProviderRuntime: A provider org.jitsi.rest.Version registered in SERVER runtime does not implement any provider interfaces applicable in the SERVER runtime. Due to constraint configuration problems the provider org.jitsi.rest.Version will be ignored. 
Jicofo 2022-04-12 09:09:56.879 INFO: [1] org.eclipse.jetty.server.handler.ContextHandler.doStart: Started o.e.j.s.ServletContextHandler@49ca94a9{/,null,AVAILABLE}
Jicofo 2022-04-12 09:09:56.888 INFO: [1] org.eclipse.jetty.server.AbstractConnector.doStart: Started ServerConnector@16073fa8{HTTP/1.1, (http/1.1)}{0.0.0.0:8888}
Jicofo 2022-04-12 09:09:56.888 INFO: [1] org.eclipse.jetty.server.Server.doStart: Started @1950ms
Jicofo 2022-04-12 09:10:06.084 INFO: [24] HealthChecker.run#171: Performed a successful health check in PT0.061850592S. Sticky failure: false

I guess I’ll have to try with a complete reinstall.

I did apt purge jitsi* and apt purge prosody* and then apt install prosody=0.11 and then install of jitsi along with tokens and stuff.

It still didn’t work, but then because of Error verifying token err:not-allowed, reason:token required. I solved that with sed like here. I don’t understand. Isn’t this issue supposed to be solved?

If you had to change mod_auth_token to use hook_global instead of hook, then you somehow managed to install an old jitsi version? That was fixed a very long time ago and should already be using hook_global:

Yeah, that is possible as this was an old VM that got a long overdue refreshment.

Also, I think that installing specific version (for this interim period of 0.11 and 0.12) is a part of the problem because it probably breaks version checking in post-install script:

dpkg-query -l prosody
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                 Version         Architecture    Description
+++-====================-===============-===============-=============================================
un  prosody              <none>          <none>          (no description available)

So checking for the version:

dpkg-query -f='${Version}\n'  --show prosody

… returns empty result. This would be better:

dpkg-query -l prosody-0.11
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                 Version         Architecture    Description
+++-====================-===============-===============-=============================================
ii  prosody-0.11         1nightly143-1~b amd64           Lightweight Jabber/XMPP server

… as it would return 1nightly143-1~b.

I think I finally figured it out. apt purge jitsi* didn’t work well enough because I do remember that purge command reported it would leave /usr/share/jitsi-meet/prosody-plugins untouched, probably because I had some custom modules inserted there.

1 Like

How to purge

2 Likes

same issue
ubuntu 20.04 lts
prosody version prosody-0.11 1nightly143-1~focal amd64 (install prosody apt install prosody-0.11)

jwt token installation not working correctly

Error verifying token err:not-allowed, reason:token required