Subdomain not working on docker conatiner

I got this subdomain config issue recently #1390 merged but no idea why it is not working.

Nginx is responding with proxy timeout error.
[error] 260#260: *916 jitsi-prosody could not be resolved (110: Operation timed out), client: 192.168.111.27, server: _, request: "GET /xmpp-websocket?room=name&token=**

User is visiting the room using this url format. https://domain.example.com/tenant1/roomName

You updated to the unstable images of docker?

Yes of course.

Show the result nginx config for meet?

Have you adjusted XMPP_BOSH_URL_BASE?

server_name _;

client_max_body_size 0;

root /usr/share/jitsi-meet;

# ssi on with javascript for multidomain variables in config.js
ssi on;
ssi_types application/x-javascript application/javascript;

index index.html index.htm;
error_page 404 /static/404.html;

# Security headers
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

set $prefix "";



# Opt out of FLoC (deprecated)
add_header Permissions-Policy "interest-cohort=()";

location = /config.js {
    alias /config/config.js;
}

location = /interface_config.js {
    alias /config/interface_config.js;
}

location = /external_api.js {
    alias /usr/share/jitsi-meet/libs/external_api.min.js;
}



# ensure all static content can always be found first
location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$ {
    add_header 'Access-Control-Allow-Origin' '*';
    alias /usr/share/jitsi-meet/$1/$2;

    # cache all versioned files
    if ($arg_v) {
        expires 1y;
    }
}


# colibri (JVB) websockets
location ~ ^/colibri-ws/([a-zA-Z0-9-\._]+)/(.*) {
    tcp_nodelay on;

    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;

    proxy_pass http://$1:9090/colibri-ws/$1/$2$is_args$args;
}


# BOSH
location = /http-bind {
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Host classroom.innovatetech.io;

    proxy_pass http://jitsi-prosody:5280/http-bind?prefix=$prefix&$args;
}


# xmpp websockets
location = /xmpp-websocket {
    tcp_nodelay on;

    proxy_http_version 1.1;
    proxy_set_header Connection $connection_upgrade;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Host classroom.innovatetech.io;
    proxy_set_header X-Forwarded-For $remote_addr;

    proxy_pass http://jitsi-prosody:5280/xmpp-websocket?prefix=$prefix&$args;
}



# Etherpad-lite
location ^~ /etherpad/ {
    proxy_buffering off;
    proxy_cache_bypass $http_upgrade;

    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header X-Forwarded-For $remote_addr;

    proxy_pass http://jitsi-etherpad/;
}


location ~ ^/([^/?&:'"]+)$ {
    try_files $uri @root_path;
}

location @root_path {
    rewrite ^/(.*)$ / break;
}


    location ~ ^/([^/?&:'"]+)/config.js$ {
        set $subdomain "$1.";
        set $subdir "$1/";

        alias /config/config.js;
    }

    # BOSH for subdomains
    location ~ ^/([^/?&:'"]+)/http-bind {
        set $subdomain "$1.";
        set $subdir "$1/";
        set $prefix "$1";

        rewrite ^/(.*)$ /http-bind;
    }


    # websockets for subdomains
    location ~ ^/([^/?&:'"]+)/xmpp-websocket {
        set $subdomain "$1.";
        set $subdir "$1/";
        set $prefix "$1";

        rewrite ^/(.*)$ /xmpp-websocket;
    }




    # Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
    location ~ ^/([^/?&:'"]+)/(.*)$ {
        set $subdomain "$1.";
        set $subdir "$1/";
        rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
    }

Is jitsi-prosody a DNS that is resolvable in your network?
The default that works in the docker network is xmpp.meet.jitsi docker-jitsi-meet/meet.conf at 47804d0b9e1657debf0200472e3eb22563a26100 · jitsi/docker-jitsi-meet · GitHub

?

yes, removing query strings params works.

You mean that jitsi-prosody is resolvable? Why did you need to adjust that setting instead of using the defaults?

Yes, It works striping query strings. proxy_pass http://jitsi-prosody:5280/http-bind.

Its k8s setup, its service name that resolves.

Yeah, that is strange, no idea why that does not work in that context.
I don’t see any significant difference with the one installed with the debian packages jitsi-meet/jitsi-meet.example at master · jitsi/jitsi-meet · GitHub
Maybe k8s does not like to have params there … which is strange.
Sorry, I’m not so familiar with that to be able to help.
Try running the latest unstable docker images with compose and see whether it works, if it works then the problem for sure is in k8s environment.

1 Like

It resolves on docker compose setup but prefix is not set hence endconference and breakouts feature does not works.

Is it correct format to join meeting when subdomain is used.
User is visiting the room using this url format. https://domain.example.com/tenant1/roomName

Yoe the URL is correct. Did you test latest unstable, there was a fix for the prefix which I’m not sure is in the stable packages.

yes Its unstable.

I’m able to fix the dns issue by using kubedns resolver. anyone facing such can look here. kubernetes - nginx won't resolve hostname in K8S - Stack Overflow

Yes, my pr supposed to fix that. #1390

Edit: updated wrong url

I got confused, so you say that with unstable images tenants still do not work (the breakout rooms are broken) is this correct?

yes.

But breakouts room is still broken.

Looks like we do not pass subdomnain info from websocket when connection on docker setup like we do on normal setup.

Docker config:

What’s your say @damencho ?

Good catch!

I fixed it recently upstream.