Lobby stopped working after configuring tokens

I set up the lobby feature a while ago and it was working… then I set up token auth and lobby stopped working. Meanwhile, I upgraded all of the components to the latest unstable debs.

Trying to track down what went wrong with the lobby config, I backtracked and tried disabling token auth, but still no lobby.

Here’s my prosody site configs:

VirtualHost "beach.mydomain.us"
        -- enabled = false -- Remove this line to enable this host
        authentication = "internal_plain"

        -- authentication = "token";
        -- app_id="xxx";
        -- app_secret="xxx";
        -- allow_empty_token = true;

        ssl = {
                key = "/etc/prosody/certs/beach.mydomain.us.key";
                certificate = "/etc/prosody/certs/beach.mydomain.us.crt";
        }
        speakerstats_component = "speakerstats.beach.mydomain.us"
        conference_duration_component = "conferenceduration.beach.mydomain.us"
        -- we need bosh
        modules_enabled = {
            "bosh";
            "pubsub";
            "ping"; -- Enable mod_ping
            "speakerstats";
            "turncredentials";
            "conference_duration";
            -- "presence_identity"; -- for token auth
            "muc_size";
            "muc_status";
        }
        c2s_require_encryption = false
VirtualHost "guest.beach.mydomain.us"
    -- enabled = false
    authentication = "anonymous"
    speakerstats_component = "speakerstats.beach.mydomain.us" -- dmk
    conference_duration_component = "conferenceduration.beach.mydomain.us" -- dmk
    modules_enabled = { -- dmk
        --"bosh";
        --"pubsub";
        --"ping"; -- Enable mod_ping
        "speakerstats";
        --"turncredentials";
        "conference_duration"; -- this is required for timer to work
        "muc_lobby_rooms";
    }
    c2s_require_encryption = false
    lobby_muc = "lobby.beach.mydomain.us"
    main_muc = "conference.beach.mydomain.us"
Component "lobby.beach.mydomain.us" "muc"
    storage = "memory";
    restrict_room_creation = true
    muc_room_locking = false
    muc_room_default_public_jids = true

There are more sections, but not sure if they are relevant to lobbies, and wanted to keep from cluttering the message. I can post the whole file if that helps.

Thanks!

My bad… looks like lobby was working with this config… I just needed to enable it in the room.
Is there a setting to turn lobby on in new rooms by default?

Hm… turned token auth back on, and lobby option is gone again.

Ok, I was able to get the lobby working by disabling the guest virtualhost and moving lobby config into main virtualhost section.

Still have several issues with token verification though… I’ll post that in a new thread.

Any chance you can share your config please? As soon as I enable token authentication, the Lobby feature disappears.

It’s a bit messy, and might have some stuff you don’t care about, but here’s the whole thing, in case I miss something trying to extract the relevant info. I haven’t messed with this stuff for a few weeks.

Looks like I have the guest VirtualHost enabled again, and I moved the ssl certs, app_id, app_secret stuff into the global section to prevent some modules complaining in the log (I forgot which ones).

I just verified on my server and it looks like lobby is working with tokens with this config…other than the issues I mentioned in the other thread, anyhow.

plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/", "/home/beach/prosody-modules" }

-- domain mapper options, must at least have domain base set to use the mapper
muc_mapper_domain_base = "beach.mydomain.us";

turncredentials_secret = "xxx";

turncredentials = {
  { type = "stun", host = "beach.mydomain.us", port = "4446" },
  { type = "turn", host = "beach.mydomain.us", port = "4446", transport = "udp" },
  { type = "turns", host = "beach.mydomain.us", port = "443", transport = "tcp" }
};

https_certificate = "/etc/prosody/certs/beach.mydomain.us.crt"
https_key = "/etc/prosody/certs/beach.mydomain.us.key"

cross_domain_bosh = true
consider_bosh_secure = true

app_id="xxx"
app_secret="xxx"

---------- Virtual Host Entries ----------

VirtualHost "beach.mydomain.us"
    -- enabled = false -- Remove this line to enable this host
    authentication = "token"
    allow_empty_token = true
    token_verification_require_token_for_moderation = true

    speakerstats_component = "speakerstats.beach.mydomain.us"
    conference_duration_component = "conferenceduration.beach.mydomain.us"
    -- we need bosh
    modules_enabled = {
        "bosh";
        "pubsub";
        "ping"; -- Enable mod_ping
        "speakerstats";
        "turncredentials";
        "conference_duration";
        "presence_identity"; -- for token auth
        "muc_size";
        "muc_status";
        "muc_lobby_rooms";
    }
    c2s_require_encryption = false
    lobby_muc = "lobby.beach.mydomain.us"
    main_muc = "conference.beach.mydomain.us"
    muc_lobby_whitelist = { "recorder.beach.mydomain.us" }

VirtualHost "auth.beach.mydomain.us"
    authentication = "internal_plain"

    
VirtualHost "guest.beach.mydomain.us"
    -- enabled = false
    authentication = "anonymous"
    speakerstats_component = "speakerstats.beach.mydomain.us" -- dmk
    conference_duration_component = "conferenceduration.beach.mydomain.us" -- dmk
    modules_enabled = { -- dmk
        "speakerstats";
        "conference_duration"; -- this is required for timer to work
    }
    c2s_require_encryption = false

Component "lobby.beach.mydomain.us" "muc"
    storage = "memory";
    restrict_room_creation = true
    muc_room_locking = false
    muc_room_default_public_jids = true

-- For jibri & jigasi
VirtualHost "recorder.beach.mydomain.us"
    modules_enabled = {
         "ping"; -- was ping only, everything else dmk test 5/3
    }
    authentication = "internal_plain"
    --c2s_require_encryption = false
    
-- For jigasi - maybe not used now
VirtualHost "transcriber.beach.mydomain.us"
    modules_enabled = {
         "ping"; -- was ping only, everything else dmk test 5/3
    }
    authentication = "internal_plain"
    --c2s_require_encryption = false
    
---------- Component Entries ----------

-- internal components --

---Set up a MUC (multi-user chat) room server on conference.example.com:
Component "conference.beach.mydomain.us" "muc"
    storage = "memory"
    --muc_max_occupants = 8
    --muc_access_whitelist = { "recorder.beach.mydomain.us" }
    modules_enabled = {
        "muc_meeting_id";
        "muc_domain_mapper";
        -- "muc_mam"; --- Store MUC messages in an archive and allow users to access it
        -- "muc_max_occupants";
        "token_verification";
    }
    admins = { "focus@auth.beach.mydomain.us", "callcontrol@auth.beach.mydomain.us" }
    muc_room_locking = false
    muc_room_default_public_jids = true
    --token_verification_require_token_for_moderation = true

-- Note: this is also used for jibris & jigasis
Component "internal.auth.beach.mydomain.us" "muc"
    storage = "memory"
    modules_enabled = {
      "ping";
    }
    admins = { "focus@auth.beach.mydomain.us", "jvb@auth.beach.mydomain.us", "callcontrol@auth.beach.mydomain.us" }
    muc_room_locking = false
    muc_room_default_public_jids = true
    muc_room_cache_size = 1000 -- dmk

Component "speakerstats.beach.mydomain.us" "speakerstats_component"
    muc_component = "conference.beach.mydomain.us"

Component "conferenceduration.beach.mydomain.us" "conference_duration_component"
    muc_component = "conference.beach.mydomain.us"

-- external components --

Component "focus.beach.mydomain.us"
    component_secret = "xxx"
    
Component "callcontrol.beach.mydomain.us"
    component_secret = "xxx"

Thanks for that, it was very helpful for figuring out why my instance is not working. It turns out that I also have token_moderation enabled as well, which prevents the lobby from working.

Aha… I want to use that plugin as well, but haven’t gotten around to adding it in.
If you figure out how to make it work with the lobby, I’d appreciate if you let me know!