Migrating Jicofo & Jitsi-Videobridge from sip-communicator-properties to jicofo.conf & jvb.conf respectively

I have hosted jitsi-meet for my office to communicate in this pandemic. Now I just realized during the upgrade that two new files have been added with a message that in future release the sip-communicator-properties file will be discarded. So I tried to follow but most of the sip-communicator-properties setting of my setup I am not able to map.

The JVB2 sip-communicator-properties file:
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc,colibri
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=domain.example.com
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.domain.example.com
org.jitsi.videobridge.xmpp.user.shard.USERNAME=username1
org.jitsi.videobridge.xmpp.user.shard.PASSWORD=wwJqlXTy
org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.domain.example.com
org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=2c228bb9-3552-5t30-be46-164c1d8c4da9
org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS= xxx.xxx.xxx.xxx
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS= yyy.yyy.yyy.yyy
org.jitsi.videobridge.DISABLE_TCP_HARVESTER=true

# Octo configuration.....
org.ice4j.ice.harvest.ALLOWED_INTERFACES=eth0
org.ice4j.ipv6.DISABLED=true
org.ice4j.ice.harvest.ALLOWED_ADDRESSES=xxx.xxx.xxx.xxx
org.jitsi.videobridge.octo.BIND_ADDRESS=xxx.xxx.xxx.xxx
org.jitsi.videobridge.octo.BIND_PORT=4096
org.jitsi.videobridge.REGION=Region-1

Jicofo Configuration file is:
org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.domain.example.com
org.jitsi.jicofo.jibri.BREWERY=JibriBrewery@internal.auth.domain.example.com
org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90
# Octo configuration
org.jitsi.jicofo.ALWAYS_TRUST_MODE_ENABLED=true
org.jitsi.jicofo.BridgeSelector.BRIDGE_SELECTION_STRATEGY=SplitBridgeSelectionStrategy
org.jitsi.jicofo.HEALTH_CHECK_INTERVAL=-1

If someone has already figured out the migration or have some documentation to refer to as well, Let me know, it would be a great thing to try out with a new configuration…
I hope it will optimize and improve the experience of the users.

Check out this document: jitsi-videobridge/CONFIG.md at master · jitsi/jitsi-videobridge · GitHub

For jvb, it shows a mapping of old to new that will get you started in the right direction.

Also here is some discussion that may be helpful: Move jicofo config to jicofo.conf from sip.communicator · Issue #825 · jitsi/docker-jitsi-meet · GitHub

1 Like

Hello, Jitsi Community!
My goal is get rid of all old config files and completely move to new ones!

Jvb

For jvb I already get rid of /etc/jitsi/videobridge/sip-communicator.properties so here is a files in my /etc/jitsi/videobridge/ directory:

# ls -ls /etc/jitsi/videobridge/
total 20
4 -rw-r--r-- 1 jvb  jitsi  183 Oct  4  2019 callstats-java-sdk.properties
4 -rw-r--r-- 1 root root  1039 May 22 08:44 config
4 -rw-r--r-- 1 jvb  jitsi 3173 May 22 08:41 jvb.conf
4 -rw-r--r-- 1 jvb  jitsi 1068 Oct  4  2019 log4j2.xml
4 -rw-r--r-- 1 jvb  jitsi 1500 Apr 24 16:52 logging.properties

Now I want to get rig of /etc/jitsi/videobridge/config file, but I can’t do it now for a few reasons.

  1. When I comment this line JVB_OPTS="--apis=rest, " - media stop working

Though I have enabled rest in apis section with these lines in /etc/jitsi/videobridge/jvb.conf:

 apis {
    rest {
      enabled=true
    }

So for some reason I can’t delete that JVB_OPTS from /etc/jitsi/videobridge/config file, though I believe apis.rest.enabled=true do similar thing like JVB_OPTS="--apis=rest, " (but I may be wrong in that)

  1. I can’t set this few parameters in /etc/jitsi/videobridge/jvb.conf

    JAVA_SYS_PROPS="-
    Djava.net.preferIPv4Stack=true -
    Dorg.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=1.1.1.1 -
    Dorg.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=2.2.2.2"

because there is no mapped parameters in new config file and these exist only in old config file/

So, how can I declare Dorg.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS and Dorg.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS in /etc/jitsi/videobridge/jvb.conf?

And I can’t delete whole /etc/jitsi/videobridge/config file because I need to declare new HOCON config file in it with JAVA_SYS_PROPS="Dconfig.file=/etc/jitsi/videobridge/jvb.conf" which is bad.

Jicofo

Here I have better results in migrating to new /etc/jitsi/jicofo/jicofo.conf HOCON config file.
In my old config /etc/jitsi/jicofo/config file remain only one parameter JAVA_SYS_PROPS="Dconfig.file=/etc/jitsi/jicofo/jicofo.conf -Djava.util.logging.config.file=/etc/jitsi/jicofo/logging.properties" and all other parameters now are loaded from new config file /etc/jitsi/jicofo/jicofo.conf and commented out in /etc/jitsi/jicofo/config

But anyway - now I have to store that old /etc/jitsi/jicofo/config only to declare location of new config file /etc/jitsi/jicofo/jicofo.conf and logging properties file /etc/jitsi/jicofo/logging.properties
That not looks optimal, I’d like to have only two files for Jicofo - /etc/jitsi/jicofo/jicofo.conf and /etc/jitsi/jicofo/logging.properties

@damencho can you help me with that?
I think that information would be very useful for every Jitsi administrator.

Why you want to do that? This is used here jitsi-videobridge/init.d at 2f7fcb9787d6f81672376c8dfa43942deecdf3ad · jitsi/jitsi-videobridge · GitHub
and here jitsi-videobridge/jitsi-videobridge2.service at 2f7fcb9787d6f81672376c8dfa43942deecdf3ad · jitsi/jitsi-videobridge · GitHub

Same and for jicofo.
This file is doing the debian/systemd/initd related settings, if one want to package it on some other distro will need to have its own glue layer like that, passing params to the .sh file which has no knowledge about folders.
You can package jvb or jicofo and extract archive in random folder and still use it passing params, because of this glue layer.

I thought there is a WIP to move all configuration parameters from old sip-communicator.properties and config files to new HOCON config files jvb.conf and jicofo.conf retrospectively. I guess I was wrong in config file part.

But again, now we have all these parameters JICOFO_HOST, JICOFO_HOSTNAME, JICOFO_SECRET, JICOFO_AUTH_DOMAIN, JICOFO_AUTH_USER, JICOFO_AUTH_PASSWORD of config file in new /etc/jitsi/jicofo/jicofo.conf file and now we don’t need to declare that parameters in old config file.

Similar situation with /etc/jitsi/videobridge/config - now these parameters JVB_HOSTNAME, JVB_HOST, JVB_SECRET are taken from new /etc/jitsi/videobridge/jvb.conf file and now we don’t need to declare that parameters in old config file.

So, I saw this and start thinking that both old config files are in queue to elimination. But again, after Damian answers I see, that I was wrong in that.

But now I have a configuration problem every single update of JVB - my really critical and mandatory parameters Dorg.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=1.1.1.1 and Dorg.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=2.2.2.2 of /etc/jitsi/videobridge/config file are removed during update process. And to me would be much better if that parameters are declared in /etc/jitsi/videobridge/jvb.conf file which remain untouchable in update process. But at moment I don’t know how to solve that problem.

I guess you get me a bit wrong. I’m not try to eliminate no matter what both config files for jvb and jicofo. I just try to optimize configuration scopes to check and update on debian packet update process - less config files to check - less time to update process itself.

There is nothing in the configs that needs to be changed on update …
For jvb addresses just use a stun server to return your public and private address and your jvb configs will be equal between machines.

Thanks, Damian! That sounds really great, and I want to accomplish this.
Actually we are use stun server (coturn), but without that two parameters in /etc/jitsi/videobridge/config file we don’t have media (audio and video) working for external clients, internal are fine.
So, I guess our coturn service it not correctly configured or not fully configured.
Can you share where I can read more about full and proper configuration of coturn for Jitsi?

Create a new VM somewhere and install jitsi-meet it comes with preconfigured turnserver, check prosody config and the /etc/turnserver.conf.

1 Like

Hey, Damian!
We reconfigured coturn server and now it looks like it behaves properly:
If 10000/UDP is available - it is used.
If 10000/UDP not available, then 3478/UDP via coturn is used.
If 10000/UDP and all UDP traffic not available for client, then 443/TCP via coturn is used.

So, it looks like coturn operates correctly.

But still - without that two parameters (Dorg.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=1.1.1.1 and Dorg.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=2.2.2.2) in /etc/jitsi/videobridge/config file we don’t have media (audio and video) working for external clients, internal are fine.

Any advice?

HARVESTER lines should be in /etc/jitsi/videobridge/sip-communicator.properties

Is STUN_MAPPING_HARVESTER_ADDRESSES enabled in sip file?
If enabled, do you set the public STUN server or an internal one?

1 Like

these 2 parameters are not yet migrated to the new format. I think that they are not used by 8x8 so there is no great urgency for Jitsi developers. I’d say that you could create an issue on Github. Wait, there is already one. At this point, PR welcome as they say.

1 Like

There are. ice4j/reference.conf at d4a145374f11ba07bf8407931bf4bd255a7a2e85 · jitsi/ice4j · GitHub

1 Like

I stand corrected, how could I fail to find this in the bridge documentation !
in jvb.conf:

ice4j {
  harvest {
      mapping {
      static-mappings = [ 
                                       {
                                      local-address = "1.1.0.1"
                                      public-address = "2.2.0.2"
                                 }
                         ]
             }
      }   
}

Note: this should be OUTSIDE of the main videobridge { } section.

1 Like

It all was a bit tricky for us, as we almost got rid of /etc/jitsi/videobridge/sip-communicator.properties file and it’s empty for us before every package update.

But all answers I have found in postint file

Here is a 2 important places:

First section is for our org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=2.2.2.2 parameter plus very useful parameter org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES which we configured to our coturn public address.
In that case installer don’t add to config anything.

Second section was so annoying for us - it configured bridge properties (adding them to sip-communicator.properties file) which we are already configured in jvb.conf file.
So, we added org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS with same value that set in jvb.conf and /etc/jitsi/videobridge/sip-communicator.properties remain untouched on package update.

Thank you, @emrah @gpatel-fr and of course @damencho

If jvb and coturn are in the same network this is wrong.

To avoid postinst to put some stuff in sip-comm, most of the checks check for the string, so you can just leave it commented and the postinst will not touch it.