Turn server Config in jitsi meet

Ok …we have just got the password…not any secret key …

–use-auth-secret between XMPP & TURN SERVER required to mention in mod_turncredentials @ckwsoft…you won’t be able to use USERNAME & PASSWORD here.

We have some documentation about turn in the jitsi-meet repo here that explains how it’s possible to not include a user/pass in the configuration.

Actually it’s ok if it expose the credentials if mentioned in config.js because I am using free ver. credentials. So doesn’t matter to me much.

Hello,

I have just done step by step the addition of the module “mod_turncredentials” i. e. :

1- I have copied the file “mod_turncredentials” in the folder “/usr/lib/prosody/modules/” and I have uncommented + modified the “turncredentials_secret” and the “turncredentials”.

2- I have activated “mod_turncredentials” in the file “/etc/prosody/prosody/prosody.cfg.lua”.

3- I restarted “prosody”.

but when I look at the “prosody status” I get it wrong and I don’t know how to fix it???

Thank you in advance for your help

Hello,

I have just done step by step the addition of the module “mod_turncredentials” i. e. :

1- I have copied the file “mod_turncredentials” in the folder “/usr/lib/prosody/modules/” and I have uncommented + modified the “turncredentials_secret” and the “turncredentials”.

2- I have activated “mod_turncredentials” in the file “/etc/prosody/prosody/prosody.cfg.lua”.

3- I restarted “prosody”.

but when I look at the “prosody status” I get it wrong and I don’t know how to fix it???

Thank you in advance for your help

Please be sure that you have used coturn server secret auth key and not the password you got alongwith username. Also verify the config and the host. It is recommended that you have valid dns and certificate for that domain. Check your config.

Hi rishabhchd19

thank you for your response.

I don’t have a coTurn server,

i use " Xirsys: WebRTC TURN Server Cloud Provider (https://xirsys.com/)"

this service provides me with an API credentials with (an identifier, a secret code and a channel).

You will find attached my files “mod_turncredentials.lua”, “prosody.cfg.lua”.

by looking at these files can you tell me where I made mistakes.

Thank you for your help.

mod_turncredentials.lua.txt (3.1 KB)

prosody.cfg.lua.txt (11.0 KB)

config seems ok to me. Have you tried host without “turn:”? Because it’s displaying turn credentials not configured…may be config not allowing to proceed further, credentials may be correct but not config. What your prosody logs says?

Also the lua file says : local secret = module:get_option_string(“turncredentials_secret”);
local ttl = module:get_option_number(“turncredentials_ttl”, 86400);
local hosts = module:get_option(“turncredentials”) or {};
if not (secret) then
module:log(“error”, “turncredentials not configured”)

if turncredentials_secret conflicts it throws an error. I have to investigate this matter as some specific auth key worked here.

I just tested “mod_credentials” without putting “turn:” in “host” but it doesn’t work too.

voici ce je vois dans “/var/log/prosody/prosody.log”:

Jun 14 14:24:37 general info Prosody is using the select backend for connection handling
Jun 14 14:24:37 portmanager info Activated service ‘s2s’ on [::]:5269, []:5269
Jun 14 14:24:37 portmanager info Activated service ‘component’ on [127.0.0.1]:5347, [::1]:5347
Jun 14 14:24:37 portmanager info Activated service ‘c2s’ on [::]:5222, [
]:5222
Jun 14 14:24:37 portmanager info Activated service ‘legacy_ssl’ on no ports
Jun 14 14:24:37 portmanager info Activated service ‘http’ on [::]:5280, :5280
Jun 14 14:24:37 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Check that the permissions allow Prosody to read this file. (for https port 5281)
Jun 14 14:24:37 portmanager error Error binding encrypted port for https: error loading private key (Permission denied)
Jun 14 14:24:37 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Previous error (see logs), or other system error. (for https port 5281)
Jun 14 14:24:37 portmanager error Error binding encrypted port for https: error loading private key (system lib)
Jun 14 14:24:37 portmanager info Activated service ‘https’ on no ports
Jun 14 14:24:37 mod_posix info Prosody is about to detach from the console, disabling further console output
Jun 14 14:24:37 mod_posix info Successfully daemonized to PID 19062
Jun 14 14:24:37 auth.@.@.@.@:turncredentials error turncredentials not configured
Jun 14 14:24:37 @.@.@.@:turncredentials error turncredentials not configured
Jun 14 14:24:41 jcp55a96abbb260 info Incoming Jabber component connection
Jun 14 14:24:41 focus.@.@.@.@:component info External component successfully authenticated
Jun 14 14:24:43 c2s55a96aac1b00 info Client connected
Jun 14 14:24:43 c2s55a96aac1b00 info Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)
Jun 14 14:24:43 c2s55a96aac1b00 info Authenticated as focus@auth.@.@.@.@
Jun 14 14:24:43 jitsi-videobridge.@.@.@.@:component warn Component not connected, bouncing error for:
Jun 14 14:24:45 jcp55a96aba8c60 info Incoming Jabber component connection
Jun 14 14:24:45 jitsi-videobridge.@.@.@.@:component info External component successfully authenticated
Jun 14 14:28:58 mod_bosh info Client tried to use sid ‘de567c45-10ea-4825-8399-c705b06f86cc’ which we don’t know about
Jun 14 14:29:50 mod_posix info Received SIGHUP
Jun 14 14:29:50 general info Reloading configuration file
Jun 14 14:29:50 general info Re-opening log files

and in “/var/log/prosody/prosody.err”:

Jun 14 11:51:14 @.@.@.@:turncredentials error turncredentials not configured
Jun 14 12:18:01 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Check that the permissions allow Prosody to read this file. (for localhost)
Jun 14 12:18:01 localhost:tls error Error creating context for c2s: error loading private key (Permission denied)
Jun 14 12:18:01 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Previous error (see logs), or other system error. (for localhost)
Jun 14 12:18:01 localhost:tls error Error creating contexts for s2sout: error loading private key (system lib)
Jun 14 12:18:01 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Previous error (see logs), or other system error. (for localhost)
Jun 14 12:18:01 localhost:tls error Error creating contexts for s2sin: error loading private key (system lib)
Jun 14 12:33:01 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Check that the permissions allow Prosody to read this file. (for https port 5281)
Jun 14 12:33:01 portmanager error Error binding encrypted port for https: error loading private key (Permission denied)
Jun 14 12:33:01 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Previous error (see logs), or other system error. (for https port 5281)
Jun 14 12:33:01 portmanager error Error binding encrypted port for https: error loading private key (system lib)
Jun 14 12:33:01 auth.@.@.@.@:turncredentials error turncredentials not configured
Jun 14 12:33:01 @.@.@.@:turncredentials error turncredentials not configured
Jun 14 12:36:42 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Check that the permissions allow Prosody to read this file. (for https port 5281)
Jun 14 12:36:42 portmanager error Error binding encrypted port for https: error loading private key (Permission denied)
Jun 14 12:36:42 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Previous error (see logs), or other system error. (for https port 5281)
Jun 14 12:36:42 portmanager error Error binding encrypted port for https: error loading private key (system lib)
Jun 14 12:36:42 auth.@.@.@.@:turncredentials error turncredentials not configured
Jun 14 12:36:42 @.@.@.@:turncredentials error turncredentials not configured
Jun 14 14:24:37 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Check that the permissions allow Prosody to read this file. (for https port 5281)
Jun 14 14:24:37 portmanager error Error binding encrypted port for https: error loading private key (Permission denied)
Jun 14 14:24:37 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Previous error (see logs), or other system error. (for https port 5281)
Jun 14 14:24:37 portmanager error Error binding encrypted port for https: error loading private key (system lib)
Jun 14 14:24:37 auth.@.@.@.@:turncredentials error turncredentials not configured
Jun 14 14:24:37 @.@.@.@:turncredentials error turncredentials not configured