SSL Enable :404 page not found

meet

#1

HI

When I allow SSL in nginx config file , first time I got Error in interface_config js not found ,i make correct it include through script src tag same for config js , index page working fine but when i connect room its ,give error 404 not found .

I also enable SSI (Server Side Include) in Nginx .

i am installing jitsi-meet through Quick install guide .

My os version is 18.04 ubuntu ,nginix version is 1.14

I also mention ngnix Error log

tail /var/log/nginx/error.log
2018/09/06 05:17:31 [error] 41757#41757: *17 open() “/usr/share/jitsi-meet/StrangeTreesGrowMalevolently” failed (2: No such file or directory), client: 127.0.0.1, server: meet.example.com, request: “GET /StrangeTreesGrowMalevolently HTTP/1.1”, host: “meet.example.com”, referrer: “https://meet.example.com/
2018/09/06 05:25:31 [error] 41757#41757: *19 open() “/usr/share/jitsi-meet/OrangeDogsResizeEvenly” failed (2: No such file or directory), client: 127.0.0.1, server: meet.example.com, request: “GET /OrangeDogsResizeEvenly HTTP/1.1”, host: “meet.example.com”, referrer: “https://meet.example.com/
2018/09/06 21:52:23 [info] 874#874: Using 32768KiB of shared memory for nchan in /etc/nginx/nginx.conf:79
2018/09/06 21:52:23 [warn] 874#874: conflicting server name “meet.example.com” on 0.0.0.0:443, ignored
2018/09/06 21:52:31 [warn] 979#979: conflicting server name “meet.example.com” on 0.0.0.0:443, ignored
2018/09/06 22:13:25 [info] 856#856: Using 32768KiB of shared memory for nchan in /etc/nginx/nginx.conf:79
2018/09/06 22:13:25 [warn] 856#856: conflicting server name “meet.example.com” on 0.0.0.0:443, ignored
2018/09/06 22:13:36 [warn] 1017#1017: conflicting server name “meet.example.com” on 0.0.0.0:443, ignored
2018/09/06 22:19:41 [error] 1019#1019: *1 open() “/usr/share/jitsi-meet/test” failed (2: No such file or directory), client: 127.0.0.1, server: meet.example.com, request: “GET /test HTTP/1.1”, host: “meet.example.com”, referrer:
2018/09/08 00:19:51 [error] 1019#1019: *4 open() “/usr/share/jitsi-meet/test” failed (2: No such file or directory), client: 127.0.0.1, server: meet.example.com, request: “GET /test HTTP/1.1”, host: “meet.example.com”, referrer:


#2

Can I ask you, please do not open a new topic for every question you have on the same subject? Keep your questions on the topic you initially created for your problem.

There is the current one, also Configuration Issue ! SSI Enable Ngnix and SSI issue- Unable to load room
I’m not sure where to answer you so other community members can follow. I will close the others. And will write here.


SSI issue- Unable to load room
Configuration Issue ! SSI Enable Ngnix
#3

Your nginx config is wrong. It misses this part: https://github.com/jitsi/jitsi-meet/blob/master/doc/debian/jitsi-meet/jitsi-meet.example#L29
While editing it you broke it or deleted some part of it, that’s why I was asking to check the logs on startup to see whether nginx is complaining for broken config.


#4

thanks for your reply damencho:i will keep in my mind ,i am start with this topic .
Can you please tell me what can be issue in my nginx config file .

your are share a above. https://github.com/jitsi/jitsi-meet/blob/master/doc/debian/jitsi-meet/jitsi-meet.example#L29

can i Continue through this link with my nginx config.


#5

Share your current nginx config here.


#6

HI Damencho
Here is my nginx config file.

server_names_hash_bucket_size 64;

server {
listen 80;
server_name meet.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name meet.example.com;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED";

add_header Strict-Transport-Security "max-age=31536000";

ssl_certificate /etc/jitsi/meet/meet.example.com.crt;
ssl_certificate_key /etc/jitsi/meet/meet.example.com.key;

root /usr/share/jitsi-meet;
index index.html index.htm;
error_page 404 /static/404.html;

location /config.js {
    alias /etc/jitsi/meet/meet.example.com-config.js;
}

location ~ ^/([a-zA-Z0-9=\?]+)$ {
    rewrite ^/(.*)$ / break;
}

location / {
root /usr/share/jitsi-meet;
index index.html index.htm;
    ssi on;
}

# Backward compatibility
location ~ /external_api.* {
    root /usr/share/jitsi-meet/libs;
}

# BOSH
location /http-bind {
    proxy_pass      http://localhost:5280/http-bind;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Host $http_host;
}

}

Including this, I want to confirm some points,
1: Is it mandatory to install nginx server or apache server for jitsi-meet…?
2:Today I install jitsi-meet in ubuntu 14 .without install any server like(nginx or apache ).The application Working fine and we can able to join room ,i think is there any default server for jitsi-meet (prosody xamp) or somthing else…?

3: If any default server for jitsi-meet ,please suggest in which file i put my ssl certificate and key .

thanks


#7

The config looks good, but looking at the errors seems like the rewrite stuff is not taken into account.

The installation for jitsi-meet, checks whether there are apache2 or nginx installed on the system, if they are, then the web server installed is used to be configured and used.

If non web server is installed the jetty instance inside jvb is used. The configuration you need to do is inside /etc/jitsi/videobridge/sip-communicator.properties, but as java uses a java store to get the certificates you need to first import them there.

When you do initially install, the install process asks for certificate and key file so it can do it for you, if you want to do it by hand you can look at the script that is doing that: https://github.com/jitsi/jitsi-meet/blob/master/debian/jitsi-meet-web-config.postinst#L154
The let’s encrypt script is also doing the same thing: https://github.com/jitsi/jitsi-meet/blob/master/resources/install-letsencrypt-cert.sh#L93


#8

Thanks for your answer damencho ,

please explain this point …
(but looking at the errors seems like the rewrite stuff is not taken into account)

Can you please tell me what about account with example…?

Can you please tell me, if i start without apache, nginx server , go with default instance ,is it safe for future prospective or not…?

Where i need to import (first import them there). ,which location or path


#9

This means nginx is trying to open file “/usr/share/jitsi-meet/StrangeTreesGrowMalevolently”, which is wrong, obviously StrangeTreesGrowMalevolently is the name of the conference, and this is handled by

It will match and it will load actually index.html. So assume you have some other root clause that serves “/usr/share/jitsi-meet/” or for some reason that location-rewrite definition is not used by nginx for another reason …

The good thing about running jetty is that you will have the fallback of using tcp port 443 for media, which is the case with some restricted firewalls but still is not covering all edge cases. For covering all you will also need a turn server with valid certificates.

Using apache or nginx is more flexible, you can still have the option mentioned above with jvb handling media over port 443 using tcp, but you will need to deploy jvb on different machine or at least having one machine with two public addresses where address1 is used by nginx for port 443 and the second address used by jvb port 443.