No name-based virtual hosting on nginx and port 443 possible when jitsi meet is installed

Hi there,

I wanted to set up a matrix server on an already existing Jitsi server.
Unfortunately, the port 443 is already used by Jitsi, so I cannot use it for matrix, even though I am using a different hostname.

The following stanza in the nginx config file of the matrix virtual host is causing the nginx error message:

listen 443 ssl;

There is no other vhost on port 443, but there’s a module 60-jitsi-meet.conf which seems to fully occupy port 443 for jitsi (or so it seems)
In that file, there’s a part

 server {
     listen 443;
     listen [::]:443;

     # since 1.11.5
     ssl_preread on;
     proxy_pass $upstream;

     # Increase buffer to serve video
     proxy_buffer_size 10m;

I already tried to add a server_name line, but that is not allowed there.

Any hints on how to change the nginx configuration so that it only listens on port 443 for the jitsi hostname and let me add a new vhost for matrix on port 443?

(I already found some explanation to remove the 60-jitsi-meet.conf file and move the jitsi configuration to a vhost, but that’s beyond of what I can do, as I don’t understand how all this proxy stuff interacts with each other…)

Can anyone explain how to do that?

Thanks a lot in advance!

Best regards,

Change matrix port, the same port whose jitsi used…

I changed the matrix port to 444.
Both matrix and jitsi are working fine now.
But it would be easier for users if both functions were available without entering any port number.
Thanks for the hint. But is there also a way to keep both matrix and jitsi on port 443?

If you don’t need turn server, you can delete 60-jitsi-meet.conf and set TCP/443 for matrix and jitsi. But techniquelly, there is nothing changed. As a result Nginx listens TCP/443 again but does not use upstreams

What do you mean by “upstreams”?

Will the server still be available when entering after deleting 60-jitsi-meet.conf?
I need a new vhost for jitsi then, right?
But which options do I have to choose to get it working?
Is certificates and root enough to be entered in the vhost file?

I do not have a TURN server anymore then, when disabling the module, right?
… But I think I need one.
I also need one for matrix, I guess. But that could be the same, I saw somewhere…
I think it would be good to have jitsi, matrix and a TURN server installed, with both Jitsi and Matrix listening to 443. - Maybe also the TURN server if this is needed.
(but that does not necessarily have to be jitsi’s TURN server)
Is that possible?

Upstreams are the sites which are served by Nginx using a different port (TCP/4444) and the turn server (TCP/5347) in your situation

Best way in this situation:

  • don’t delete 60-jitsi-meet.conf, so Nginx continues to listen TCP/443

  • matrix and jitsi-meet are served on TCP/4444 as upstreams

  • coturn continues to listen TCP/5349 as upstream

  • The incoming TCP/443 traffic is checked by Nginx and redirected the relevant upstream according the requested server name.