Stream resume enabled, but WebSockets are not enabled / active speaker icon not shown

hello,
I try to enable web-socket because of not able to get active speaker icon from the endpoints where the conferance is handling on secondary JVB.
to do that I use this: https://github.com/jitsi/jitsi-videobridge/blob/master/doc/web-sockets.md
and https://jitsi.github.io/handbook/docs/devops-guide/faq

However I failed.
I uploaded the configs.
need your feedbacks.

regards.

sip-jvb3.txt (855 Bytes) jvb-jvb3.txt (794 Bytes) nginx jms.txt (632 Bytes) jvb-jms.txt (174 Bytes)

This is the clients not establishing websocket to the bridge.
Stream resume feature is used for the xmpp signaling when it is over websocket and not over bosh.
In other words, there can be two communications over websocket signaling to reach prosody and communication with the bridge.

What should I do at that time?
What is wrong that causes not to enable getting active speaker icon and blue layout?

The websocket to the bridge. Check js console logs to verify that is the problem … you can open and the network tab to see the errors you got and start from there .

Ok ,
That is right I have to use web socket to get this icon and blue layout?
Because ı cant get according to default set up config.

@damencho I uoloaded the config according to https://github.com/jitsi/jitsi-videobridge/blob/master/doc/web-sockets.md
and now I get “error during WebSocket handshake: Unexpected response code: 502”

it seems as TLS problem.
May I ask what should I use as key-store-path and password below?

videobridge {
    http-servers {
        public {
            tls-port = 443
            key-store-path=/etc/jitsi/videobridge/ssl.store
            key-store-password=KEY_STORE_PASSWORD
        }
    }
}

Have you setup the nginx fronting it?

Here is the official guide how to modify jitsi-meet deployment to use that: https://jitsi.github.io/handbook/docs/devops-guide/faq#how-to-migrate-away-from-multiplexing-and-enable-bridge-websockets

Sure, I followed the guide firstly and configed the nginx. Shared as the name nginx jms on the first post.

502 = bad gateway, it’s not likely it’s a TLS problem. See your nginx config indeed.

Here my nginx config is

colibri (JVB) websockets for jvb1

location ~ ^/colibri-ws/default-id/(.*) {
 proxy_pass http://127.0.0.1:9090/colibri-ws/default-id/$1$is_args$args;
 proxy_http_version 1.1;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection "upgrade";
 tcp_nodelay on;
}
# colibri (JVB) websockets for jvb3
location ~ ^/colibri-ws/default-id/(.*) {
 proxy_pass http://127.0.0.1:9091/colibri-ws/default-id/$1$is_args$args;
 proxy_http_version 1.1;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection "upgrade";
 tcp_nodelay on;
}

I think that you are trying to run 2 videobridges on the same computer. That is not possible (unless you use virtual machines or containers, having different IPs). That’s your bad gateway, there is no process listening on port 9091.

No let me describe my topology. I have 2 computers.
1 of them has nginx, jms and jvb1. The second one has only jvb for secodary video bridges.
Comp1: y.y.y.1 private ip & x.x.x.1 public ip
Comp2: y.y.y.2 private ip & x.x.x.2 public ip
My aim is to take active speaker icon from all video bridges. By the way I take it only from jvb1 running on same machine with jms. İf I stop jvb1 and start jvb2, the media is working but no active spelader megaphone and blue shadow.
What can I change on my nginx running on the first computer?

if you have videobridges on 2 computers, how can you hope to access the second one with an ip address of 127.0.0.1 ? it’s the local host address.

I supposed the jms waits for connection on it 9090 and 9091 ports.
So I must set second jvbs ip adress, right?

I now realize that your configuration was lifted out the websockets.md file, but it says:

This configuration allows two jitsi-videobridge instances to run on the same
machine, which is useful while testing Octo.

so yes it’s possible to run 2 videobridges on the same machine - but it’s not a production setup, it’s for testing. And in your case you have 2 different computers, so a real IP address should be used.

Really the migration to websockets FAQ is a bit light on this kind of configuration since in this case passing data between the nginx installed on the main JM computer and the secondary jvb should be on a protected (internal or vpn) network, because by default it’s unencrypted. You can crypt it but you need to handle certificates, and probably install nginx on the secondary jvb computers with reverse proxying and I have never even thought of going there.

Encryption between the JVB and JMS doesn’t matter for me.
I just want to take the active speaker icon from all video bridges in any way that provides.
I changed my config and now getting “failed: Error during WebSocket handshake: Unexpected response code: 200”

jvb3 config:
videobridge {
http-servers {
public {
port = 9091
}
}
websockets {
enabled = true
domain = “mydomain:443”
tls = true
}
}
jvb3 sip-communicator.proporties
org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
#org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=meet-jit-si-turnrelay.jitsi.net:443
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=JMS-Publicipaddress
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.mydomain
org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb
org.jitsi.videobridge.xmpp.user.shard.PASSWORD=dw5D0F1n
org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.mydomain
org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=jvb3
org.jitsi.videobridge.DISABLE_TCP_HARVESTER=true
org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=JVBlocalip
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=JVBPublicip

JMS nginx

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mydomian;

colibri (JVB) websockets for jvb1

   location ~ ^/colibri-ws/jvb1/(.*) {
   proxy_pass http://127.0.0.1:9090/colibri-ws/jvb1/$1$is_args$args;
   proxy_http_version 1.1;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection "upgrade";
   tcp_nodelay on;

}
#colibri (JVB) websockets for jvb3
location ~ ^/colibri-ws/jvb3/(.*) {
proxy_pass http://jvb3localip:9091/colibri-ws/jvb3/$1$is_args$args;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “upgrade”;
proxy_set_header Host mydomain;
tcp_nodelay on;

jvb1 in JMS

videobridge {
http-servers {
public {
port = 9090
}
}
websockets {
enabled = true
domain = “mydomain:443”
tls = true
}
}

By the way does it work does it work? https://github.com/jitsi/jitsi-videobridge/blob/master/doc/muc.md
Really stuck in somewhere I dont have any idea.

The server-id is missing in your JVB config

I dont believe :slight_smile: it seems as really arising from it.
thanks for your valuable helps guys.

Hello All,

I have the same message warning message on javascript console:

image

I follow this guide: web-socket videobridge and also this FAQ

Bridge configuration

videobridge {
    http-servers {
        public {
            port = 9090
        }
    }
    websockets {
        enabled = true
        domain = "meet.mydomain:443"
        tls = true
    }
}

Proxy configuration

# colibri (JVB) websockets for jvb1
location ~ ^/colibri-ws/default-id/(.*) {
    proxy_pass http://127.0.0.1:9090/colibri-ws/default-id/$1$is_args$args;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    tcp_nodelay on;
}

Client configuration

image

lua config:

turncredentials = {
    { type = "stun", host = "meet.mydomain", port = "3478" },
    { type = "turn", host = "meet.mydomain", port = "3478", transport = "udp" },
    { type = "turns", host = "meet.mydomain", port = "5349", transport = "tcp" }
};

On the firewall

the opened ports: 80,442,10000,5349,5222
80 and 443 are forwarded to reverse proxy the to jitsi VM
10000, 5349 and 5222 are forwarded directly to jitsi VM

Ngnix reverse proxy Config

    location / {
      proxy_pass              http://192.168.1.79;
      proxy_set_header        Host $host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header        X-Forwarded-Proto $scheme;
      proxy_read_timeout  180;
      proxy_redirect      http://192.168.1.79 https://meet.mydomaine;
      #newly add for xmpp websocket
      proxy_set_header Connection "upgrade";# added to support websocket when jitsi use it
      proxy_set_header Upgrade $http_upgrade;# added to support websocket when jitsi use it
      tcp_nodelay on;
      proxy_buffer_size 128k;
      proxy_buffers 4 256k;
      proxy_busy_buffers_size  256k;
      proxy_http_version 1.1;
      proxy_max_temp_file_size 0;#n upstream response is buffered to a temporary file
         #/path/to/nginx/proxy_temp
    }

status of the port 9090 on Jitsi VM.