Threads like the one containing this:
show, that the new way of integrating the turnserver with h2 is very appealing on the one hand but it is creating possibly insurmountable difficulties for others, particularly if there is no separate IP for jitsi, but if one uses SNI, HAProxy (or similar), NAT and possibly SSL offloading. All of those techniques are typically used for valid reasons and they are difficult to replace if the infrastructure is used for other purposes in parallel. It would be good if they did not prevent a full installation of jitsi.
What does work in such settings is to purge the turnserver, forward port 443 tcp through the proxy and port 10000 udp directly to the one and only jitsi server used. But then, the turnserver functionality is lost. If I am not mistaken, the following way should also be feasible:
- Use one SNI/Proxy/NAT (and possibly SSL offloading) for one subdomain, such as meet.[URL] for the core functions.
- Use a second SNI/Proxy/NAT subdomain, such as turn.[URL] for the turnserver.
- Publish the turnserver subdomain through /etc/jitsi/meet/[URL]-config.js
While I am unable to implement this mysel: Is this feasible? Could someone with adequate knowledge please be so kind to publish a how-to?