[jitsi-users] Trying to install jitsi meet with apache2


#1

Hi everyone,

I know there are already post on this subject, but they don't produce good
results and I would like to share, here, my thinking on this subject. Feel
free to moderate my post if you think it's a bad idea.

Server: Ubuntu 16.04.1, Apache2.4.18

DNS conf:

   - for Jitsi meet - meet.mydomain.xx ----> ip_of_my_server
   - for my website - mydomain.xx ----> ip_of_my_server

Like I said I try to run Jitsi meet on apache2. By following the steps
described in Quick install (
https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md)

If I install Jitsi meet on my server just after installing Ubuntu so
without Apache or Nginx. Jitsi works great. If I install Jitsi meet on my
server after installing Nginx. Jitsi works great.

With the same method of installation, I try to install Jitsi meet after
installing Apache2, so I notice that Jitsi meet does not configure itself
apache2, so I tried this first configuration:

<VirtualHost *:443>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
DocumentRoot "/usr/share/jitsi-meet/"
<Directory /usr/share/jitsi-meet/>
AllowOverride All
</Directory>

ProxyPass / http://meet.mydomain.xx:5280/http-bind
ProxyPassReverse / http://meet.mydomain.xx:5280/http-bind

ProxyPreserveHost Off

<Location "/http-bind">
   Order allow,deny
   Allow from all
</Location>

<Location "/meet/xmpp-websocket">
    ProxyPass http://meet.mydomain.xx:5280
    ProxyPassReverse http://meet.mydomain.xx:5280
</Location>

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
SSLCertificateFile /etc/letsencrypt/live/acert.mydomain.xx/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/acert.mydomain.xx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

When I load the page meet.mydomain.xx I get the following error:
"It works! Now your customer BOSH points to this URL to connect to Prosody.

For more information see Prosody. Setting up BOSH "

But when I look at the /etc/prosody/conf.avail/meet.mydomain.xx.cfg.lua
file, I notice that bosh is already enabled and the rest of the
configuration is ok with what is explain here
https://github.com/jitsi/jitsi-meet/blob/master/doc/manual-install.md The
log contains no errors. If you have an idea to fix this problem I'm
interested.

Second configuration that I tested:

<VirtualHost *:80>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
DocumentRoot "/usr/share/jitsi-meet/"

SSLProxyEngine On
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/[a-zA-Z0-9]+$
RewriteRule ^/(.*)$ / [PT]
RewriteRule ^/http-bind$ https://meet.mydomain.xx:5281/http-bind [P,L]

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
</Virtualhost>

With this setup the result seems better, I can see the home page of Jitsi
meet but without the text, without the logo and when I click on the go
button, nothing happend. The log contains no errors.

So here I don't no really what to do. If someone have some advices or
ideas, ​​thank you to share it !

Bye, thank you for reading

···

___________________________
*POHU*
*Valentin*


#2

Are there any browser errors when you open the page? Can you paste them here?

···

On Fri, Oct 28, 2016 at 3:49 AM, Valentin Pohu <pohuvalentin@gmail.com> wrote:

Hi everyone,

I know there are already post on this subject, but they don't produce good
results and I would like to share, here, my thinking on this subject. Feel
free to moderate my post if you think it's a bad idea.

Server: Ubuntu 16.04.1, Apache2.4.18

DNS conf:

for Jitsi meet - meet.mydomain.xx ----> ip_of_my_server
for my website - mydomain.xx ----> ip_of_my_server

Like I said I try to run Jitsi meet on apache2. By following the steps
described in Quick install
(https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md)

If I install Jitsi meet on my server just after installing Ubuntu so without
Apache or Nginx. Jitsi works great. If I install Jitsi meet on my server
after installing Nginx. Jitsi works great.

With the same method of installation, I try to install Jitsi meet after
installing Apache2, so I notice that Jitsi meet does not configure itself
apache2, so I tried this first configuration:

<VirtualHost *:443>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
DocumentRoot "/usr/share/jitsi-meet/"
<Directory /usr/share/jitsi-meet/>
AllowOverride All
</Directory>

ProxyPass / http://meet.mydomain.xx:5280/http-bind
ProxyPassReverse / http://meet.mydomain.xx:5280/http-bind

ProxyPreserveHost Off

<Location "/http-bind">
   Order allow,deny
   Allow from all
</Location>

<Location "/meet/xmpp-websocket">
    ProxyPass http://meet.mydomain.xx:5280
    ProxyPassReverse http://meet.mydomain.xx:5280
</Location>

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
SSLCertificateFile /etc/letsencrypt/live/acert.mydomain.xx/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/acert.mydomain.xx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

When I load the page meet.mydomain.xx I get the following error:

"It works! Now your customer BOSH points to this URL to connect to Prosody.

For more information see Prosody. Setting up BOSH "

But when I look at the /etc/prosody/conf.avail/meet.mydomain.xx.cfg.lua
file, I notice that bosh is already enabled and the rest of the
configuration is ok with what is explain
herehttps://github.com/jitsi/jitsi-meet/blob/master/doc/manual-install.md
The log contains no errors. If you have an idea to fix this problem I'm
interested.

Second configuration that I tested:

<VirtualHost *:80>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
DocumentRoot "/usr/share/jitsi-meet/"

SSLProxyEngine On
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/[a-zA-Z0-9]+$
RewriteRule ^/(.*)$ / [PT]
RewriteRule ^/http-bind$ https://meet.mydomain.xx:5281/http-bind [P,L]

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
</Virtualhost>

With this setup the result seems better, I can see the home page of Jitsi
meet but without the text, without the logo and when I click on the go
button, nothing happend. The log contains no errors.

So here I don't no really what to do. If someone have some advices or ideas,
thank you to share it !

Bye, thank you for reading

___________________________

POHU
Valentin

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#3

[...]
<VirtualHost *:443>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
DocumentRoot "/usr/share/jitsi-meet/"
<Directory /usr/share/jitsi-meet/>
AllowOverride All
</Directory>

ProxyPass / http://meet.mydomain.xx:5280/http-bind
ProxyPassReverse / http://meet.mydomain.xx:5280/http-bind
ProxyPreserveHost Off

Try moving these proxy-pass directives into the <Location /http-bind> just below. If you keep it like above, Apache never gets a chance to serve the static web pages.

<Location "/http-bind">
   Order allow,deny
   Allow from all
</Location>

<Location "/meet/xmpp-websocket">
    ProxyPass http://meet.mydomain.xx:5280
    ProxyPassReverse http://meet.mydomain.xx:5280
</Location>

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
SSLCertificateFile /etc/letsencrypt/live/acert.mydomain.xx/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/acert.mydomain.xx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
[...]

Ingo


#4

Hi there,

We had to migrate from a working Nginx to Apache2 so that we could get
the Shibboleth authentication working. Rather than recompile Nginx with
the required modules, it was easier to convert the config to Apache2 as
we had a different app with Apache2 working with Shibboleth. But I
digress.

This is our Apache2 config, server/domains changed to protect the
innocent etc. It's not beautiful, it might be able to be improved, but
it currently works for us ..

# Working config
<VirtualHost *:80>
ServerName jitsi.mydomain.com
Redirect permanent / https://jitsi.mydomain.com/
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost _default_:443>
ServerAdmin root@jitsi.mydomain.com
ServerName jitsi.mydomain.com

DocumentRoot &quot;/usr/share/jitsi\-meet&quot;
&lt;Directory &quot;/usr/share/jitsi\-meet&quot;&gt;
    Options \-Indexes \+MultiViews
    AllowOverride All
    Order allow,deny
    Allow from all
&lt;/Directory&gt;

Alias &quot;/config\.js&quot; &quot;/etc/jitsi/meet/jitsi\.mydomain\.com\-config\.js&quot;
&lt;Location /config\.js&gt;
    Require all granted
&lt;/Location&gt;

AddOutputFilter INCLUDES \.html

&lt;Location /&gt;
    Options \+Includes
&lt;/Location&gt;

ErrorLog $\{APACHE\_LOG\_DIR\}/error\.log
CustomLog $\{APACHE\_LOG\_DIR\}/access\.log combined

SSLProxyEngine On
SSLEngine on

SSLCertificateFile  /etc/prosody/certs/jitsi\.mydomain\.com\.crt
SSLCertificateKeyFile /etc/prosody/certs/jitsi\.mydomain\.com\.key
Include /etc/letsencrypt/options\-ssl\-apache\.conf
Header set Strict\-Transport\-Security &quot;max\-age=31536000&quot;

ProxyPass /http\-bind http://jitsi.mydomain.com:5280/http-bind/
ProxyPassReverse /http\-bind http://jitsi.mydomain.com:5280/http-bin

d/
ProxyHTMLURLMap http://jitsi.mydomain.com:5280/http-bind/ /http-
bind

\# Backward compatibility
Alias /external\.api /usr/share/jitsi\-meet/libs/

RewriteEngine on
RewriteRule ^/\(\[a\-zA\-Z0\-9\]\+\)$ /index\.html \[L\]

</VirtualHost>

···

On Fri, 2016-10-28 at 10:49 +0200, Valentin Pohu wrote:

Hi everyone,

I know there are already post on this subject, but they don't produce
good
results and I would like to share, here, my thinking on this subject.
Feel
free to moderate my post if you think it's a bad idea.

Server: Ubuntu 16.04.1, Apache2.4.18

DNS conf:

- for Jitsi meet - meet.mydomain.xx ----> ip_of_my_server
- for my website - mydomain.xx ----> ip_of_my_server

Like I said I try to run Jitsi meet on apache2. By following the
steps
described in Quick install (
https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md)

If I install Jitsi meet on my server just after installing Ubuntu so
without Apache or Nginx. Jitsi works great. If I install Jitsi meet
on my
server after installing Nginx. Jitsi works great.

With the same method of installation, I try to install Jitsi meet
after
installing Apache2, so I notice that Jitsi meet does not configure
itself
apache2, so I tried this first configuration:

<VirtualHost *:443>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
DocumentRoot "/usr/share/jitsi-meet/"
<Directory /usr/share/jitsi-meet/>
AllowOverride All
</Directory>

ProxyPass / http://meet.mydomain.xx:5280/http-bind
ProxyPassReverse / http://meet.mydomain.xx:5280/http-bind

ProxyPreserveHost Off

<Location "/http-bind">
Order allow,deny
Allow from all
</Location>

<Location "/meet/xmpp-websocket">
ProxyPass http://meet.mydomain.xx:5280
ProxyPassReverse http://meet.mydomain.xx:5280
</Location>

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
SSLCertificateFile
/etc/letsencrypt/live/acert.mydomain.xx/fullchain.pem
SSLCertificateKeyFile
/etc/letsencrypt/live/acert.mydomain.xx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

When I load the page meet.mydomain.xx I get the following error:
"It works! Now your customer BOSH points to this URL to connect to
Prosody.

For more information see Prosody. Setting up BOSH "

But when I look at the
/etc/prosody/conf.avail/meet.mydomain.xx.cfg.lua
file, I notice that bosh is already enabled and the rest of the
configuration is ok with what is explain here
https://github.com/jitsi/jitsi-meet/blob/master/doc/manual-install.md
The
log contains no errors. If you have an idea to fix this problem I'm
interested.

Second configuration that I tested:

<VirtualHost *:80>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
DocumentRoot "/usr/share/jitsi-meet/"

SSLProxyEngine On
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/[a-zA-Z0-9]+$
RewriteRule ^/(.*)$ / [PT]
RewriteRule ^/http-bind$ https://meet.mydomain.xx:5281/http-bind
[P,L]

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
</Virtualhost>

With this setup the result seems better, I can see the home page of
Jitsi
meet but without the text, without the logo and when I click on the
go
button, nothing happend. The log contains no errors.

So here I don't no really what to do. If someone have some advices or
ideas, thank you to share it !

Bye, thank you for reading

___________________________
*POHU*
*Valentin*
_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#5

Thank for your answers,

@ Damian : For the first configuration there is this error "It works! Now
your customer BOSH points to this URL to connect to Prosody. For more
information see Prosody. Setting up BOSH " but that all, the error log
of Apache are empty. And for the second configuration non error.

@ Ingo : You are right I will try, I give you an answer in 15 minutes.

···

___________________________
*Président (CEO) Cairn Devices,*
*Tel.* 07-83-44-28-20
*POHU*
*Valentin*

2016-10-29 10:53 GMT+02:00 Ingo Bauersachs <ingo@jitsi.org>:

> [...]
> <VirtualHost *:443>
> ServerAdmin postmaster@mydomain.xx
> ServerName meet.mydomain.xx
> ServerAlias meet.mydomain.xx
> LoadModule proxy_module modules/mod_proxy.so
> LoadModule proxy_http_module modules/mod_proxy_http.so
> DocumentRoot "/usr/share/jitsi-meet/"
> <Directory /usr/share/jitsi-meet/>
> AllowOverride All
> </Directory>
>
> ProxyPass / http://meet.mydomain.xx:5280/http-bind
> ProxyPassReverse / http://meet.mydomain.xx:5280/http-bind
> ProxyPreserveHost Off

Try moving these proxy-pass directives into the <Location /http-bind> just
below. If you keep it like above, Apache never gets a chance to serve the
static web pages.

> <Location "/http-bind">
> Order allow,deny
> Allow from all
> </Location>
>
> <Location "/meet/xmpp-websocket">
> ProxyPass http://meet.mydomain.xx:5280
> ProxyPassReverse http://meet.mydomain.xx:5280
> </Location>
>
> ErrorLog /var/www/meet/logs/error.log
> CustomLog /var/www/meet/logs/access.log combined
> SSLCertificateFile /etc/letsencrypt/live/acert.mydomain.xx/fullchain.pem
> SSLCertificateKeyFile /etc/letsencrypt/live/acert.
mydomain.xx/privkey.pem
> Include /etc/letsencrypt/options-ssl-apache.conf
> </VirtualHost>
> [...]

Ingo

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#6

Hi

quickly responded with my config files :

I have a working jitsi with anonymous login, but I can't have a secure domain

Both rewrite and proxy directives works for me, and jitsi works great (beside my jicofo secure domain config issue)

(the title of my post on the dev mailing list "error to start a conference room with secure domain")

pm me if you wants more details,

bye :slight_smile:

···

------

(I have tried with and without cross domain and consider bosh secure)

cross_domain_bosh = true
consider_bosh_secure = true

VirtualHost "conference.example.com"
    authentication = "internal_plain"
    --authentication = "anonymous"
    --authentication = "sql"

VirtualHost "support.conference.example.com"
    authentication = "anonymous"

VirtualHost "auth.conference.example.com"
    authentication = "internal_plain"

admins = { "focus@auth.conference.example.com" }

Component "conference.conference.example.com" "muc"
Component "jitsi-videobridge.conference.example.com"
        component_secret = "secret"
Component "focus.conference.example.com"
        component_secret = "secret"

In jicofo

/etc/jitsi/jicofo/sip-communicator.properties
org.jitsi.jicofo.auth.URL=XMPP:conference.example.com

Apache:

<VirtualHost *:80>
    ServerName conference.example.com

    DocumentRoot "/var/www/srv/2/conference.example.com"

    SSLProxyEngine On
    RewriteEngine On
    RewriteCond %{REQUEST_URI} ^/[a-zA-Z0-9]+$
    RewriteRule ^/(.*)$ / [PT]
    RewriteRule ^/http-bind$ https://conference.example.com:5281/http-bind [P,L]

</Virtualhost>

<VirtualHost *:443>
    ServerName conference.example.com

    DocumentRoot "/var/www/srv/2/conference.example.com"

    SSLProxyEngine On
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/ca.crt
    SSLCertificateKeyFile /etc/apache2/ssl/ca.key

    RewriteEngine On
    RewriteCond %{REQUEST_URI} ^/[a-zA-Z0-9]+$
    RewriteRule ^/(.*)$ / [PT]
    RewriteRule ^/http-bind$ https://conference.example.com:5281/http-bind [P,L]

</Virtualhost>

Le 30/10/2016 à 20:25, Ian Beardslee a écrit :

Hi there,

We had to migrate from a working Nginx to Apache2 so that we could get
the Shibboleth authentication working. Rather than recompile Nginx with
the required modules, it was easier to convert the config to Apache2 as
we had a different app with Apache2 working with Shibboleth. But I
digress.

This is our Apache2 config, server/domains changed to protect the
innocent etc. It's not beautiful, it might be able to be improved, but
it currently works for us ..

# Working config
<VirtualHost *:80>
     ServerName jitsi.mydomain.com
     Redirect permanent / https://jitsi.mydomain.com/
     RewriteEngine On
     RewriteCond %{HTTPS} off
     RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost _default_:443>
     ServerAdmin root@jitsi.mydomain.com
     ServerName jitsi.mydomain.com

     DocumentRoot "/usr/share/jitsi-meet"
     <Directory "/usr/share/jitsi-meet">
         Options -Indexes +MultiViews
         AllowOverride All
         Order allow,deny
         Allow from all
     </Directory>

     Alias "/config.js" "/etc/jitsi/meet/jitsi.mydomain.com-config.js"
     <Location /config.js>
         Require all granted
     </Location>

     AddOutputFilter INCLUDES .html

     <Location />
         Options +Includes
     </Location>

     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined

     SSLProxyEngine On
     SSLEngine on

     SSLCertificateFile /etc/prosody/certs/jitsi.mydomain.com.crt
     SSLCertificateKeyFile /etc/prosody/certs/jitsi.mydomain.com.key
     Include /etc/letsencrypt/options-ssl-apache.conf
     Header set Strict-Transport-Security "max-age=31536000"

     ProxyPass /http-bind http://jitsi.mydomain.com:5280/http-bind/
     ProxyPassReverse /http-bind http://jitsi.mydomain.com:5280/http-bin
d/
     ProxyHTMLURLMap http://jitsi.mydomain.com:5280/http-bind/ /http-
bind

     # Backward compatibility
     Alias /external.api /usr/share/jitsi-meet/libs/

     RewriteEngine on
     RewriteRule ^/([a-zA-Z0-9]+)$ /index.html [L]

</VirtualHost>

On Fri, 2016-10-28 at 10:49 +0200, Valentin Pohu wrote:

Hi everyone,

I know there are already post on this subject, but they don't produce
good
results and I would like to share, here, my thinking on this subject.
Feel
free to moderate my post if you think it's a bad idea.

Server: Ubuntu 16.04.1, Apache2.4.18

DNS conf:

    - for Jitsi meet - meet.mydomain.xx ----> ip_of_my_server
    - for my website - mydomain.xx ----> ip_of_my_server

Like I said I try to run Jitsi meet on apache2. By following the
steps
described in Quick install (
https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md)

If I install Jitsi meet on my server just after installing Ubuntu so
without Apache or Nginx. Jitsi works great. If I install Jitsi meet
on my
server after installing Nginx. Jitsi works great.

With the same method of installation, I try to install Jitsi meet
after
installing Apache2, so I notice that Jitsi meet does not configure
itself
apache2, so I tried this first configuration:

<VirtualHost *:443>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
DocumentRoot "/usr/share/jitsi-meet/"
<Directory /usr/share/jitsi-meet/>
AllowOverride All
</Directory>

ProxyPass / http://meet.mydomain.xx:5280/http-bind
ProxyPassReverse / http://meet.mydomain.xx:5280/http-bind

ProxyPreserveHost Off

<Location "/http-bind">
    Order allow,deny
    Allow from all
</Location>

<Location "/meet/xmpp-websocket">
     ProxyPass http://meet.mydomain.xx:5280
     ProxyPassReverse http://meet.mydomain.xx:5280
</Location>

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
SSLCertificateFile
/etc/letsencrypt/live/acert.mydomain.xx/fullchain.pem
SSLCertificateKeyFile
/etc/letsencrypt/live/acert.mydomain.xx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

When I load the page meet.mydomain.xx I get the following error:
"It works! Now your customer BOSH points to this URL to connect to
Prosody.

For more information see Prosody. Setting up BOSH "

But when I look at the
/etc/prosody/conf.avail/meet.mydomain.xx.cfg.lua
file, I notice that bosh is already enabled and the rest of the
configuration is ok with what is explain here
https://github.com/jitsi/jitsi-meet/blob/master/doc/manual-install.md
  The
log contains no errors. If you have an idea to fix this problem I'm
interested.

Second configuration that I tested:

<VirtualHost *:80>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
DocumentRoot "/usr/share/jitsi-meet/"

SSLProxyEngine On
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/[a-zA-Z0-9]+$
RewriteRule ^/(.*)$ / [PT]
RewriteRule ^/http-bind$ https://meet.mydomain.xx:5281/http-bind
[P,L]

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
</Virtualhost>

With this setup the result seems better, I can see the home page of
Jitsi
meet but without the text, without the logo and when I click on the
go
button, nothing happend. The log contains no errors.

So here I don't no really what to do. If someone have some advices or
ideas, thank you to share it !

Bye, thank you for reading

___________________________
*POHU*
*Valentin*
_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#7

After some test I have this config :

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so

ProxyPreserveHost Off

DocumentRoot "/usr/share/jitsi-meet/"

<Location "/http-bind">
   Order allow,deny
   Allow from all
   ProxyPass http://meet.mydomain.xx:5280/http-bind
   ProxyPassReverse http://meet.mydomain.xx:5280/http-bind
   ProxyPreserveHost Off
</Location>

<Location "/meet/xmpp-websocket">
    ProxyPass http://meet.mydomain.xx:5280
    ProxyPassReverse http://meet.mydomain.xx:5280
</Location>

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
SSLCertificateFile /etc/letsencrypt/live/meet.mydomain.xx/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meet.mydomain.xx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

When I try to access to https://meetmydomain.xx I can see this[image:
Images intégrées 1]

and when I access to https://meetmydomain.xx/http-bind I can see this
<img src=’/uploads/jitsi/original/2X/e/e55c7f0ccfeca8e9fbd41ae28d2c6ddaa927b0b3.png’ width=‘690’ height=‘345’>

···

___________________________
*Président (CEO) Cairn Devices,*
*Tel.* 07-83-44-28-20
*POHU*
*Valentin*

2016-10-30 17:35 GMT+01:00 Valentin Pohu <pohuvalentin@gmail.com>:

Thank for your answers,

@ Damian : For the first configuration there is this error "It works! Now
your customer BOSH points to this URL to connect to Prosody. For more
information see Prosody. Setting up BOSH " but that all, the error log
of Apache are empty. And for the second configuration non error.

@ Ingo : You are right I will try, I give you an answer in 15 minutes.

___________________________
*Président (CEO) Cairn Devices,*
*Tel.* 07-83-44-28-20
*POHU*
*Valentin*

2016-10-29 10:53 GMT+02:00 Ingo Bauersachs <ingo@jitsi.org>:

> [...]
> <VirtualHost *:443>
> ServerAdmin postmaster@mydomain.xx
> ServerName meet.mydomain.xx
> ServerAlias meet.mydomain.xx
> LoadModule proxy_module modules/mod_proxy.so
> LoadModule proxy_http_module modules/mod_proxy_http.so
> DocumentRoot "/usr/share/jitsi-meet/"
> <Directory /usr/share/jitsi-meet/>
> AllowOverride All
> </Directory>
>
> ProxyPass / http://meet.mydomain.xx:5280/http-bind
> ProxyPassReverse / http://meet.mydomain.xx:5280/http-bind
> ProxyPreserveHost Off

Try moving these proxy-pass directives into the <Location /http-bind>
just below. If you keep it like above, Apache never gets a chance to serve
the static web pages.

> <Location "/http-bind">
> Order allow,deny
> Allow from all
> </Location>
>
> <Location "/meet/xmpp-websocket">
> ProxyPass http://meet.mydomain.xx:5280
> ProxyPassReverse http://meet.mydomain.xx:5280
> </Location>
>
> ErrorLog /var/www/meet/logs/error.log
> CustomLog /var/www/meet/logs/access.log combined
> SSLCertificateFile /etc/letsencrypt/live/acert.my
domain.xx/fullchain.pem
> SSLCertificateKeyFile /etc/letsencrypt/live/acert.my
domain.xx/privkey.pem
> Include /etc/letsencrypt/options-ssl-apache.conf
> </VirtualHost>
> [...]

Ingo

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#8

Thank for all of your answer, but I have always some trouble. I tried the
config of Ian and Nicolas it's the same result as my own config. I keep
looking for a solution, if I find something I will tell you.

Maybe, in the end of this it will be a good idea to add an apache config in
the manual of Jitsi Meet.

···

___________________________
*Président (CEO) Cairn Devices,*
*Tel.* 07-83-44-28-20
*POHU*
*Valentin*

2016-10-31 12:33 GMT+01:00 Nicolas <nicolas@kaizendo.fr>:

Hi

quickly responded with my config files :

I have a working jitsi with anonymous login, but I can't have a secure
domain

Both rewrite and proxy directives works for me, and jitsi works great
(beside my jicofo secure domain config issue)

(the title of my post on the dev mailing list "error to start a conference
room with secure domain")

pm me if you wants more details,

bye :slight_smile:

------

(I have tried with and without cross domain and consider bosh secure)

cross_domain_bosh = true
consider_bosh_secure = true

VirtualHost "conference.example.com"
    authentication = "internal_plain"
    --authentication = "anonymous"
    --authentication = "sql"

VirtualHost "support.conference.example.com"
    authentication = "anonymous"

VirtualHost "auth.conference.example.com"
    authentication = "internal_plain"

admins = { "focus@auth.conference.example.com"
<focus@auth.conference.example.com> }

Component "conference.conference.example.com" "muc"
Component "jitsi-videobridge.conference.example.com"
        component_secret = "secret"
Component "focus.conference.example.com"
        component_secret = "secret"

In jicofo

/etc/jitsi/jicofo/sip-communicator.properties

org.jitsi.jicofo.auth.URL=XMPP:conference.example.com

Apache:

<VirtualHost *:80>
    ServerName conference.example.com

    DocumentRoot "/var/www/srv/2/conference.example.com"

    SSLProxyEngine On
    RewriteEngine On
    RewriteCond %{REQUEST_URI} ^/[a-zA-Z0-9]+$
    RewriteRule ^/(.*)$ / [PT]
    RewriteRule ^/http-bind$ https://conference.example.com:5281/http-bind
[P,L]

</Virtualhost>

<VirtualHost *:443>
    ServerName conference.example.com

    DocumentRoot "/var/www/srv/2/conference.example.com"

    SSLProxyEngine On
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/ca.crt
    SSLCertificateKeyFile /etc/apache2/ssl/ca.key

    RewriteEngine On
    RewriteCond %{REQUEST_URI} ^/[a-zA-Z0-9]+$
    RewriteRule ^/(.*)$ / [PT]
    RewriteRule ^/http-bind$ https://conference.example.com:5281/http-bind
[P,L]

</Virtualhost>

Le 30/10/2016 à 20:25, Ian Beardslee a écrit :

Hi there,

We had to migrate from a working Nginx to Apache2 so that we could get
the Shibboleth authentication working. Rather than recompile Nginx with
the required modules, it was easier to convert the config to Apache2 as
we had a different app with Apache2 working with Shibboleth. But I
digress.

This is our Apache2 config, server/domains changed to protect the
innocent etc. It's not beautiful, it might be able to be improved, but
it currently works for us ..

# Working config
<VirtualHost *:80>
    ServerName jitsi.mydomain.com
    Redirect permanent / https://jitsi.mydomain.com/
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost _default_:443>
    ServerAdmin root@jitsi.mydomain.com
    ServerName jitsi.mydomain.com

    DocumentRoot "/usr/share/jitsi-meet"
    <Directory "/usr/share/jitsi-meet">
        Options -Indexes +MultiViews
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>

    Alias "/config.js" "/etc/jitsi/meet/jitsi.mydomain.com-config.js"
    <Location /config.js>
        Require all granted
    </Location>

    AddOutputFilter INCLUDES .html

    <Location />
        Options +Includes
    </Location>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLProxyEngine On
    SSLEngine on

    SSLCertificateFile /etc/prosody/certs/jitsi.mydomain.com.crt
    SSLCertificateKeyFile /etc/prosody/certs/jitsi.mydomain.com.key
    Include /etc/letsencrypt/options-ssl-apache.conf
    Header set Strict-Transport-Security "max-age=31536000"

    ProxyPass /http-bind http://jitsi.mydomain.com:5280/http-bind/
    ProxyPassReverse /http-bind http://jitsi.mydomain.com:5280/http-bin
d/
    ProxyHTMLURLMap http://jitsi.mydomain.com:5280/http-bind/ /http-
bind

    # Backward compatibility
    Alias /external.api /usr/share/jitsi-meet/libs/

    RewriteEngine on
    RewriteRule ^/([a-zA-Z0-9]+)$ /index.html [L]

</VirtualHost>

On Fri, 2016-10-28 at 10:49 +0200, Valentin Pohu wrote:

Hi everyone,

I know there are already post on this subject, but they don't produce
good
results and I would like to share, here, my thinking on this subject.
Feel
free to moderate my post if you think it's a bad idea.

Server: Ubuntu 16.04.1, Apache2.4.18

DNS conf:

   - for Jitsi meet - meet.mydomain.xx ----> ip_of_my_server
   - for my website - mydomain.xx ----> ip_of_my_server

Like I said I try to run Jitsi meet on apache2. By following the
steps
described in Quick install (https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md)

If I install Jitsi meet on my server just after installing Ubuntu so
without Apache or Nginx. Jitsi works great. If I install Jitsi meet
on my
server after installing Nginx. Jitsi works great.

With the same method of installation, I try to install Jitsi meet
after
installing Apache2, so I notice that Jitsi meet does not configure
itself
apache2, so I tried this first configuration:

<VirtualHost *:443>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
DocumentRoot "/usr/share/jitsi-meet/"
<Directory /usr/share/jitsi-meet/>
AllowOverride All
</Directory>

ProxyPass / http://meet.mydomain.xx:5280/http-bind
ProxyPassReverse / http://meet.mydomain.xx:5280/http-bind

ProxyPreserveHost Off

<Location "/http-bind">
   Order allow,deny
   Allow from all
</Location>

<Location "/meet/xmpp-websocket">
    ProxyPass http://meet.mydomain.xx:5280
    ProxyPassReverse http://meet.mydomain.xx:5280
</Location>

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
SSLCertificateFile
/etc/letsencrypt/live/acert.mydomain.xx/fullchain.pem
SSLCertificateKeyFile
/etc/letsencrypt/live/acert.mydomain.xx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

When I load the page meet.mydomain.xx I get the following error:
"It works! Now your customer BOSH points to this URL to connect to
Prosody.

For more information see Prosody. Setting up BOSH "

But when I look at the
/etc/prosody/conf.avail/meet.mydomain.xx.cfg.lua
file, I notice that bosh is already enabled and the rest of the
configuration is ok with what is explain herehttps://github.com/jitsi/jitsi-meet/blob/master/doc/manual-install.md
The
log contains no errors. If you have an idea to fix this problem I'm
interested.

Second configuration that I tested:

<VirtualHost *:80>
ServerAdmin postmaster@mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
DocumentRoot "/usr/share/jitsi-meet/"

SSLProxyEngine On
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/[a-zA-Z0-9]+$
RewriteRule ^/(.*)$ / [PT]
RewriteRule ^/http-bind$ https://meet.mydomain.xx:5281/http-bind
[P,L]

ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
</Virtualhost>

With this setup the result seems better, I can see the home page of
Jitsi
meet but without the text, without the logo and when I click on the
go
button, nothing happend. The log contains no errors.

So here I don't no really what to do. If someone have some advices or
ideas, thank you to share it !

Bye, thank you for reading

___________________________
*POHU*
*Valentin*
_______________________________________________
users mailing listusers@jitsi.org
Unsubscribe instructions and other list options:http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing listusers@jitsi.org
Unsubscribe instructions and other list options:http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users