Not working for more than 2 people in the room

Hi @alekho
Let’s say your server FQDN is vc.server.com

Then edit /etc/hostname and the only thing in there should be:

vc.server

Edit /etc/hosts and on the 127.0.0.1 definition make sure you have:

127.0.0.1 localhost vc.server.com vc.server

That’s all

Thanks for the answer. All added according to your instructions. This did not work. Ports 4443 and 10000 are listened on in the jvb container, but they are not accessible even from the host. I don’t know what else to do …

2020-03-29_23-18-25

Hi everyone. This thread was a good read. I’m going to try and get this done again from scratch and see what happens. I’m currently reinstalling my VPS instance and will go through the entire setup.

If I manage to get this fully working then I’ll probably post the set of instructions on my site.

DISCLAIMER
I follow instructions pretty well (I think). I am not familiar with Linux CLI and unfortunately the VPS is CLI only. So I’m going to use PUTTY and connect then go through the process.

FIREWALL
The default installation carries no firewall. I will not be enabling the firewall either as I’d first like to get it functional.

SSL
In doing testing I ran into “too many certificates already issued” and I’ve not found any good (straightforward) instructions on how to get that sorted. The VPS is setup with WEBMIN/LAMP so I could install an FTP server after and then pull the files as needed - if I could find out how to fully backup the SSL. If someone is willing to go through that process with me as the guinea pig then we can do so.

JVB
I see a lot of talk about this - I have no idea what it is or how to check for it. I do see a NETSTAT in the screenshot above so I’ll try that later on. But let’s get into this.

FIRST STEP - Remove Apache
Once the VPS is up and running I log in and remove APACHE. This is installed by default and I’d rather use NGINX since I got it working with that before.

sudo service apache2 stop
sudo apt-get purge apache2 apache2-utils apache2-bin apache2.2-common
sudo apt-get autoremove
apt-get update

SECOND STEP - Install NGINX
Once APACHE is removed I needed to set this up. I had actually set them both up previously (not on this run through) and realized that APACHE was being used when I go to the URL. NGINX only came up once I removed APACHE. This may be due to them using the same port or something…I’ve also seen where you can use NGINX to host different sites/URLs on the same VPS, but we’ll save that for some other time.

apt-get install nginx
sudo /etc/init.d/nginx start

Once done and I go to the site (vc.server.com) it loads fine and shows the NGINX page.

THIRD STEP - Install Jitsi
Now previously I’ve been using the unstable build. This was due to another article I saw showing that the stable build had the whole no video/audio issue. I think this was a much older article, and as @albercuba said it’s working with the stable, I’ll be using that.

  1. wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -
  2. sudo sh -c “echo ‘deb https://download.jitsi.org stable/’ > /etc/apt/sources.list.d/jitsi-stable.list”
  3. sudo apt-get -y update
  4. sudo apt-get -y install jitsi-meet
  5. sudo nano /etc/jitsi/meet/vc.server.com-config.js

Changes made as @albercuba specified.

  1. sudo nano /etc/jitsi/jicofo/sip-communicator.properties

Changes made as @albercuba specified.

  1. service prosody restart && service jicofo restart

SSL - Let’s Encrypt
At this point I’m setting up Let’s Encrypt as per the instructions.

cd /usr/share/jitsi-meet/scripts/

./install-letsencrypt-cert.sh

Line Break Added For Completion I Guess.

So Once all of that is done and I go to the site - vc.server.com - it loads. So now I connect with 2 devices and no issues. When I go to the video quality setting it says “PEER TO PEER ENABLED”. So:

Since P2P seems to automatically get disabled once 3 people are in the room, I keep trying different things I find and just use the “#config.p2p.enabled=false” to test.

What confuses me is that it worked on one of the multiple reinstalls I did before. The only thing I could think of that I did - at that time - was remove APACHE and install NGINX.

So with that done - is there anything else you can suggest? I can run whichever commands you’d like and do whatever tests are needed - once you’ll provide the commands needed for the desired output.

Without the “#config.p2p.enabled=false” once one of the 3 persons exits the room then the camera and voice come back and are working. This happens regardless of persons being on the same network or not. So…yeah.

Any help appreciated. Thanks very much.

EDIT
I’ve installed Lynx and gone to canyouseeme.org to test for the ports being open. I’ve checked:

  • 80 (OPEN)
  • 8000 (CLOSED)
  • 8443 (CLOSED)
  • 443 (OPEN)
  • 4443 (CLOSED)
  • 10000 (OPEN)
  • 20000 (CLOSED)

Let me know what else you’d like tested.

Hi @khat17

Several points here:

  1. Do not install nginx, Jitsi takes care of that

  2. JVB stands for Jitsi Video Bridge

  3. Once you get the certificates from letsencrypt please just save them and reuse them so you do not have to face the “too many certificates already issued” issue

  4. Once everything is installed and running, setup your firewall rules. Never let your server open. Just remember not to block port 22 so you can still SSH into the server.

1 Like

Hi @alekho you are gonna have to read your logs then

/var/log/jitsi/jvb.log
/var/log/jitsi/jicofo.log
/var/log/prosody/prosody.log

OK. So just leave it running with Apache?

And how do I backup the certificates for reuse? Last time I tried it was asking for a *.key file and I had no idea where it was.

I’ll turn on the firewall after we get it working. Server address isn’t publicly known so that’s why I’m doing that.

Remove Apache then Jitsi will install nginx and all the configuration files.
I can offer you the same I offered dani521 and Scazzy and go into your server and test it.
We can use screen or tmux and you can see what I do.

If you didn’t delete the certificates,they are still there, just need to look for them. I do not remember now where letsencrypt saves them

1 Like

Thanks for that. May take up the offer. Want to try and work through it first though.

I think it’s under /etc/letsencrypt but didn’t find a *.key file to restore. And if the files in there are symlinks how do I backup/restore?

I could remove jitsi and start over, but in doing so I need to be able to restore the SSL.

Find the location where the links at pointing at and save all the files.
If you are using windows in your computer then get Bitvise SSH Client.
When you connect to the server via SSH it will also open a file explorer with two windows, one in your computer and one in the linux server. Then you can just download and upload files from one to the other

WinSCP I think works similarly. Will try and see. But having the files doesn’t help with the restore process does it? I’m looking into this:

Hopefully it will allow me to TAR the files then I can copy them after.

When you have the files, you do not have to run the letsencrypt script again. You just install Jisti and at the beginning you just select the option saying something like “I have my own certificates” and like 2 or 3 steps later it will ask for the location of the files.
I would recommend taking notes of the files’ location and the links’ location and names.

1 Like

I’ve sent you a PM. Let me know when you’ve seen it.

The issue I have though - looking through the directory I don’t see any *.key file which is what Jitsi is looking for after.

EDIT
Many thanks to @albercuba for assistance provided. Things were weird with the server so a backup of the certificate files were done and I’m going to reinstall (again) without WEBMIN/LAMP. Hopefully after doing so and going back through the setup everything will work. Will post an update once completed.

EDIT
So after a full reinstall WITHOUT WEBMIN and LAMP everything is now working it seems. So the instructions are exactly as @albercuba said - but ensure that APACHE and NGINX are not installed on the system beforehand. Jitsi will setup whatever it needs during install.

I did get one error however:

N: Ignoring file ‘jitsi-stable.list”’ in directory ‘/etc/apt/sources.list.d/’ as it has an invalid filename extension

And I then decided on using unstable instead since it gave that error. Up and working. Kudos to @albercuba - many thanks!

Now I just need to work on the permissions so that only certain persons have moderator rights. If someone could point me there that would be awesome. But will do some searching.

Thanks again!

EDIT (again)
Managed to get the authentication working. A little tedious in comparison to the setup, but got it working. Now to play with the recording. Keep up the good work all!

Hi, I remind you that I run jitsi in the container. I looked at the logs in the service containers, to my surprise, the directories are empty.
2020-03-30_09-52-06 2020-03-30_09-50-28 2020-03-30_09-48-58

Hi @alekho

sorry but I cannot help you there. I never tried Jitsi in Docker.

thanks anyway for responding!

Either use docker-compose logs from the directory where the docker-compose.yml of your installation lives or run docker logs CONTAINERNAME where CONTAINERNAME is the name of the jitsi container you want to look at.

Thnx @jogi! Got the logs. Any ideas?
log_jicofo.txt (49.5 KB)
log_jvb.txt (4.0 MB)
log_prosody.txt (7.3 KB)

This save my day. Thanks albercuba.

I did that… below is my sip-communicator.properties – still doesn’t work
org.jitsi.jicofo.auth.DISABLE_AUTOLOGIN=true
org.jitsi.jicofo.auth.URL=XMPP:vc.server.com
org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.vc.server.com

This is even after completing the recent upgrade to the jitsi package as per below:
jitsi-videobridge2 2.1-183-gdbddd169-1 [33.2 MB]
jitsi-meet 2.0.4468-1 [2864 B]
jicofo 1.0-549-1 [49.6 MB]
jitsi-meet-web 1.0.4025-1 [5926 kB]
jitsi-meet-web-config 1.0.4025-1 [13.5 kB]
jitsi-meet-prosody 1.0.4025-1 [34.7 kB]

Hi @Wavex,
I would recommend to start from scratch. When installing and configuring it for Dani521 and khat17 i had to do that because it wouldnt work.

So, remove everything related to prosody, jicofo, jitsi and apache or nginx

apt --purge remove jicofo* prosody* jitsi* apache2 nginx*

Find all files and folders containing anything related to prosody, jicofo and jitsi and remove them

apt install locate

updatedb

Run the following commands, check the output and remove all files and folders these commands find:

locate jitsi

locate jicofo

locate prosody

Let’s say your server FQDN is vc.server.com

vim /etc/hostname

The only thing in there should be:

vc.server

vim /etc/hosts

On the 127.0.0.1 definition make sure you have:

127.0.0.1 localhost vc.server.com vc.server

apt install dirmngr apt-transport-https

wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -

sh -c "echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list"

apt -y update

apt install jitsi-meet

When ask about the hostname, enter the FQDN

Install Certificate. (you should already have them in your server, you just need to find where)

vim /etc/jitsi/meet/vc.server.com-config.js

Change:

/ / requireDisplayName: true,

to

requireDisplayName: true,

vim /etc/jitsi/videobridge/sip-communicator.properties

Edit:

org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=YOUR_INTERNAL_IP
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=YOUR_EXTERNAL IP
org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
org.jitsi.jicofo.auth.URL=XMPP:vc.server.com

service prosody restart && service jicofo restart