Manual Installation on Oracle Linux

Install & Config
,
#1

Hi,

We are trying to set up jitsi web server natively on Oracle Linux 8 without docker. I was able to follow this guide Jitsi Manual Installation and go through the installation and build all the components aside from requiring newer versions of some of the packages. But when I try to start a conference, I get a 502 Error http-bind BOSH connection failed in the console. I have tried some of the solutions mentioned in the forum including setting an appropriate timeout in Nginx config and enabling websockets but I still get a 502 error with websocket connection which makes me believe It’s a prosody issue. I have provided the appropriate config and log files.

Prosody Log:
prosody.log (12.1 KB)

Prosody config:

cross_domain_websocket = true;
consider_websocket_secure = true;

VirtualHost "jitsi.undo.it"
    authentication = "anonymous"
    ssl = {
        key = "/var/lib/prosody/jitsi.undo.it.key";
        certificate = "/var/lib/prosody/jitsi.undo.it.crt";
    }
    modules_enabled = {
        "bosh";
	"websocket";
	"smacks";
        "pubsub";
    }
    smacks_max_unacked_stanzas = 5;
    smacks_hibernation_time = 60;
    smacks_max_hibernated_sessions = 1;
    smacks_max_old_sessions = 1;
    c2s_require_encryption = false

VirtualHost "auth.jitsi.undo.it"
    ssl = {
        key = "/var/lib/prosody/auth.jitsi.undo.it.key";
        certificate = "/var/lib/prosody/auth.jitsi.undo.it.crt";
    }
    authentication = "internal_hashed"

admins = { "focus@auth.jitsi.undo.it" }

Component "conference.jitsi.undo.it" "muc"
Component "jitsi-videobridge.jitsi.undo.it"
    component_secret = "secret1"
Component "focus.jitsi.undo.it"
    component_secret = "secret2"

Nginx config:

server_names_hash_bucket_size 64;

server {
    listen       443 ssl http2;
    listen       [::]:443 ssl http2;
    # tls configuration that is not covered in this guide
    # we recommend the use of https://certbot.eff.org/
    server_name jitsi.undo.it;
    # set the root
    root /srv/jitsi-meet;
    index index.html;

    ssl_certificate "/etc/pki/nginx/server.crt";
    ssl_certificate_key "/etc/pki/nginx/private/server.key";
    #ssl_session_cache shared:SSL:1m;
    #ssl_session_timeout  10m;
    #ssl_ciphers PROFILE=SYSTEM;
    #ssl_prefer_server_ciphers on;
    
    location ~ ^/([a-zA-Z0-9=\?]+)$ {
        rewrite ^/(.*)$ / break;
    }
    location / {
        ssi on;
    }

    location = /xmpp-websocket
    {
        proxy_pass http://localhost:5280/xmpp-websocket;

        #shard & region that matches config.deploymentInfo.shard/region -  See [note 1] below
        add_header 'x-jitsi-shard' 'shard';
        add_header 'x-jitsi-region' 'us-east-2a';
        add_header 'Access-Control-Expose-Headers' 'X-Jitsi-Shard, X-Jitsi-Region';

        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $http_host;

        proxy_http_version 1.1;
        proxy_buffer_size 128k;
        proxy_buffers 4 256k;
        proxy_busy_buffers_size  256k;
        proxy_set_header Connection "upgrade";
        tcp_nodelay on;
    }
    # BOSH, Bidirectional-streams Over Synchronous HTTP
    # https://en.wikipedia.org/wiki/BOSH_(protocol)
    location /http-bind {
        proxy_pass      http://localhost:5280/http-bind;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $http_host;
	proxy_read_timeout 1800;
    }
    # external_api.js must be accessible from the root of the
    # installation for the electron version of Jitsi Meet to work
    # https://github.com/jitsi/jitsi-meet-electron
    location /external_api.js {
        alias /srv/jitsi-meet/libs/external_api.min.js;
    }
}

Config.js

var config = {
    // Connection
    //

    hosts: {
        // XMPP domain.
        domain: 'jitsi.undo.it',

        // When using authentication, domain for guest users.
        // anonymousdomain: 'guest.example.com',

        // Domain for authenticated users. Defaults to <domain>.
        // authdomain: 'jitsi-meet.example.com',

        // Focus component domain. Defaults to focus.<domain>.
        focus: 'focus.jitsi.undo.it',

        // XMPP MUC domain. FIXME: use XEP-0030 to discover it.
        muc: 'conference.jitsi.undo.it'
    },

    // BOSH URL. FIXME: use XEP-0156 to discover it.
    bosh: '//jitsi.undo.it/http-bind',

    // Websocket URL
    websocket: 'wss://jitsi.undo.it/xmpp-websocket',

    // The real JID of focus participant - can be overridden here
    // Do not change username - FIXME: Make focus username configurable
    // https://github.com/jitsi/jitsi-meet/issues/7376
    // focusUserJid: 'focus@auth.jitsi-meet.example.com',

  ...
}

Please let me know if you need anything else and I greatly appreciate your assistance.

#2

What happens when you visit the bosh URL directly?

#3

Thank you for your response @saghul

So when I visit https://jitsi.undo.it/http-bind I get the following page

image
image1757×533 14.5 KB

#4

Hum is the proxying working ok for other routes? Is prosody up and listening on localhost?

#5

image
image758×183 40.7 KB

Prosody seems to be up, not sure how to check if it is listening on localhost

Proxying seems to work when I visit https://jitsi.undo.it

image
image1913×881 51.1 KB

image
image1880×888 23.7 KB

#6

Check with netstat -tunapl what interfaces Prosody is listening on.