Prosody kills rooms!

Hi, I have tried this:

to make rooms auto close after I leave, but no when I enter a room, I am no longer a moderator, and the room restarts every about 10 seconds or though…!!

I want to return everything back to normal please.

Seems like your prosody config is broken and the prosody service fails. Revert what you did in config file.

already did that,
it was adding this:
Component “conference.meet.mydomain.com” “muc”
modules_enabled = {


“token_verification”;
“token_affiliation”;
“token_owner_party”;
}
party_check_timeout = 20

and removed it already… nothing changes and still the problem persists

When the module name is removed from “modules_enabled”, it is not possible to affect your setup. There should be some other things wrong with your config file.

ok is there anyway to get the default config file? maybe download it an upload there ?

The template

I have taken the code and put it instead of mine, after putting my domain instead of jitsi.example.com
but still, every time I make a room and enter it, I am not a moderator, and the room every 20 seconds kicks me out!! and anyone else enters the room!

What does the js console in the browser shows?

I am sorry, do you need a copy of a specific file? Or a screenshot of something?

this is the jcofo file:

Jicofo HOCON configuration. See reference.conf in /usr/share/jicofo/jicofo.jar for

#available options, syntax, and default values.
jicofo {
xmpp: {
client: {
client-proxy: focus.live.creative-online.net
}
trusted-domains: [ “recorder.live.creative-online.net” ]
}
bridge: {
brewery-jid: “JvbBrewery@internal.auth.live.creative-online.net
}
conference: {
enable-auto-owner: true
}
}

And this is the conf.d file of the domain

:
plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }

– domain mapper options, must at least have domain base set to use the mapper
muc_mapper_domain_base = “live.creative-online.net”;

external_service_secret = “turnSecret”;
external_services = {
{ type = “stun”, host = “live.creative-online.net”, port = 3478 },
{ type = “turn”, host = “live.creative-online.net”, port = 3478, transport = “udp”, secret = true, ttl = 86400, algorithm = “turn” },
{ type = “turns”, host = “live.creative-online.net”, port = 5349, transport = “tcp”, secret = true, ttl = 86400, algorithm = “turn” }
};

cross_domain_bosh = false;
consider_bosh_secure = true;
– https_ports = { }; – Remove this line to prevent listening on port 5284

– by default prosody 0.12 sends cors headers, if you want to disable it uncomment the following (the config is available on 0.12.1)
–http_cors_override = {
– bosh = {
– enabled = false;
– };
– websocket = {
– enabled = false;
– };
–}

Mozilla SSL Configuration Generator
ssl = {
protocol = “tlsv1_2+”;
ciphers = “ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384”
}

unlimited_jids = {
focusUser@auth.live.creative-online.net”,
jvb@auth.live.creative-online.net
}

VirtualHost “live.creative-online.net
authentication = “jitsi-anonymous” – do not delete me
– Properties below are modified by jitsi-meet-tokens package config
– and authentication above is switched to “token”
–app_id=“example_app_id”
–app_secret=“example_app_secret”
– Assign this host a certificate for TLS, otherwise it would use the one
– set in the global section (if any).
– Note that old-style SSL on port 5223 only supports one certificate, and will always
– use the global one.
ssl = {
key = “/etc/prosody/certs/live.creative-online.net.key”;
certificate = “/etc/prosody/certs/live.creative-online.net.crt”;
}
av_moderation_component = “avmoderation.live.creative-online.net
speakerstats_component = “speakerstats.live.creative-online.net
conference_duration_component = “conferenceduration.live.creative-online.net
– we need bosh
modules_enabled = {
“bosh”;
“pubsub”;
“ping”; – Enable mod_ping
“speakerstats”;
“external_services”;
“conference_duration”;
“muc_lobby_rooms”;
“muc_breakout_rooms”;
“av_moderation”;
}
c2s_require_encryption = false
lobby_muc = “lobby.live.creative-online.net
breakout_rooms_muc = “breakout.live.creative-online.net
main_muc = “conference.live.creative-online.net
– muc_lobby_whitelist = { “recorder.live.creative-online.net” } – Here we can whitelist jibri to enter lobby enabled rooms

Component “conference.live.creative-online.net” “muc”
restrict_room_creation = true
storage = “memory”
modules_enabled = {
“muc_meeting_id”;
“muc_domain_mapper”;
“polls”;
–“token_verification”;
“muc_rate_limit”;
}
admins = { “focusUser@auth.live.creative-online.net” }
muc_room_locking = false
muc_room_default_public_jids = true

Component “breakout.live.creative-online.net” “muc”
restrict_room_creation = true
storage = “memory”
modules_enabled = {
“muc_meeting_id”;
“muc_domain_mapper”;
–“token_verification”;
“muc_rate_limit”;
“polls”;
}
admins = { “focusUser@auth.live.creative-online.net” }
muc_room_locking = false
muc_room_default_public_jids = true

– internal muc component
Component “internal.auth.live.creative-online.net” “muc”
storage = “memory”
modules_enabled = {
“ping”;
}
admins = { “focusUser@auth.live.creative-online.net”, “jvb@auth.live.creative-online.net” }
muc_room_locking = false
muc_room_default_public_jids = true

VirtualHost “auth.live.creative-online.net
modules_enabled = {
“limits_exception”;
}
authentication = “internal_hashed”

– Proxy to jicofo’s user JID, so that it doesn’t have to register as a component.
Component “focus.live.creative-online.net” “client_proxy”
target_address = “focusUser@auth.live.creative-online.net

Component “speakerstats.live.creative-online.net” “speakerstats_component”
muc_component = “conference.live.creative-online.net

Component “conferenceduration.live.creative-online.net” “conference_duration_component”
muc_component = “conference.live.creative-online.net

Component “avmoderation.live.creative-online.net” “av_moderation_component”
muc_component = “conference.live.creative-online.net

Component “lobby.live.creative-online.net” “muc”
storage = “memory”
restrict_room_creation = true
muc_room_locking = false
muc_room_default_public_jids = true
modules_enabled = {
“muc_rate_limit”;
“polls”;
}

– Enables dial-in for Jitsi meet components customers
– Note: make sure you have the following packages installed: lua-basexx, liblua5.3-dev, libssl-dev, luarocks
– and execute $ sudo luarocks install luajwtjitsi 3.0-0
VirtualHost “jigasi.meet.jitsi”
enabled = false – Jitsi meet components customers remove this line
modules_enabled = {
“ping”;
“bosh”;
“muc_password_check”;
}
authentication = “token”
app_id = “jitsi”;
asap_key_server = “https://jaas-public-keys.jitsi.net/jitsi-components/prod-8x8
asap_accepted_issuers = { “jaas-components” }
asap_accepted_audiences = { “jigasi.live.creative-online.net” }

Open the JavaScript console in the browser to see the actual error for the page reload.

here:

This points to prosody. Check prosody logs for errors. That’s in /var/log/prosody. If you don’t see any errors, clear the log files restart prosody and check again.

parosody.err gives this:

Aug 02 02:00:55 portmanager error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281
Aug 02 02:00:55 portmanager error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281
Aug 02 02:03:26 portmanager error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281
Aug 02 02:03:26 portmanager error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281
Aug 02 02:04:09 portmanager error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281
Aug 02 02:04:09 portmanager error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281
Aug 02 17:30:15 portmanager error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281
Aug 02 17:30:15 portmanager error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281

and yo can check prosody.log from here:

There is some problem with prosody there, not sure what it is …
“Client disconnected: ssl handshake error: sslv3 alert certificate unknown”.

Have you changed anything in your nginx config? The SSL should be terminated in nginx and it should be HTTP on localhost between nginx and prosody … so this SSL thing from bosh is strange …

No I didn’t, just did the steps in the plugin install! and nothing in it concerned ssl!

any fix for that please ?

if I put :
VirtualHost “live.creative-online.net
http_host = “www.live.creative-online.net

in mod_bosh and saved will it work ?
also where can I find mod_both because I can't seem to locate it.

I don’t understand what is that?

Here is the code: prosody/mod_bosh.lua at master · bjc/prosody · GitHub

On your machine it is in /usr/lib/prosody/…

thanks, tried putting those lines but didn’t know where to put them and didn’t want to break anything else…!

any fix for the situation ?

I also got this today