Jitsi.meet container ... first touch - preparation for a final Resource description

Currently reading
Jitsi.meet container ... first touch - preparation for a final Resource description

jeyare

Subscriber
1,587
537
Docker image:
jitsi/web
483MB

Launch:
jitsi-web1

Advanced settings:
Auto restart - enabled

NAS Docker Parent folder:
docker/jitsi
create .env folder
copy env.example into .env (you need download this file from GitHub - official Jitsi)

Edit the env.example file
1. change the line:
# Directory where all configuration will be stored
from CONFIG=~/.jitsi-meet-cfg
to CONFIG=/volume1/docker/jitsi/.jitsi-meet-cfg

2.Enable authentication, guest access and internal authentication:
ENABLE_AUTH=1
ENABLE_GUESTS=1
AUTH_TYPE=internal

3. Setup your FDQN for the jitsi + docker host address:
PUBLIC_URL=https://meet.domain.com
don't forget to manage your DNS record
DOCKER_HOST_ADDRESS=your NAS LAN ADDRESS

4. Auth. config lines:
# Enable authentication
ENABLE_AUTH=1
# Enable guest access
ENABLE_GUESTS=1
# Select authentication type: internal, jwt or ldap
AUTH_TYPE=internal


NAS side Volume preparation:
NAS folder: docker/jitsi
make new subfolders:
/.env
/config
/.jitsi-meet-cfg ....... in this subfolder make next structure by SSH command:
mkdir -p -v /volume1/docker/jitsi/.jitsi-meet-cfg/{web/letsencrypt,transcripts,prosody/config,prosody/prosody-plugins-custom,jicofo,jvb,jigasi,jibri}
1596909356079.png

Volume setup for in Docker (NAS ... Image):
/.env ... /.env
/.jitsi-meet-cfg ... /.jitsi-meet-cfg
/.jitsi-meet-cfg/config ... /.jitsi-meet-cfg/config/ngnix
in the folder:
/.jitsi-meet-cfg/config/ngnix
you will find file
you need to note (#) lines 33-38 (reason of errors of ngnix, then solved):
# BOSH
#location = /http-bind {
# proxy_pass <no value>/http-bind;
# proxy_set_header X-Forwarded-For $remote_addr;
# proxy_set_header Host <no value>;
#}


Ports:
your NAS port / 443 TCP
your NAS port / 80 TCP
your NAS port / 4443 TCP

Environments:
TZ: up to you..... List of tz database time zones - Wikipedia
CONFIG: /.jitsi-meet-cfg
no need more, because everything is defined by file in: /volume1/docker/jitsi/.jitsi-meet-cfg

Setup of NAS Firewall + RP
then:

and done

First setup.png


you can setup your devices in right upper corner icon

then you just need to "Start a new meeting"
done, meeting was established and started. Perfect.

and here is my cyclic "disconnecting":
1596910146537.png


Jitsi container Console:
- no error found in log
- copy of the log:
,[cont-finish.d] executing container finish scripts...
,[cont-finish.d] done.
,[s6-finish] waiting for services.
,[s6-finish] sending all processes the TERM signal.
,[s6-finish] sending all processes the KILL signal and exiting.
,[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
,[s6-init] ensuring user provided files have correct perms...exited 0.
,[fix-attrs.d] applying ownership & permissions fixes...
,[fix-attrs.d] done.
,[cont-init.d] executing container initialization scripts...
,[cont-init.d] 01-set-timezone: executing...
,[cont-init.d] 01-set-timezone: exited 0.
,[cont-init.d] 10-config: executing...
,using keys found in /config/keys
,[cont-init.d] 10-config: exited 0.
,[cont-init.d] done.
,[services.d] starting services
,[services.d] done.
,172.17.0.1 - - [08/Aug/2020:20:15:27 +0200] "GET / HTTP/1.1" 200 15397 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:27 +0200] "GET /libs/do_external_connect.min.js?v=1 HTTP/1.1" 200 1173 "https://xx.xx.com/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:27 +0200] "GET /libs/lib-jitsi-meet.min.js?v=4289 HTTP/1.1" 200 228097 "https://xx.xx.com/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:27 +0200] "GET /libs/app.bundle.min.js?v=4289 HTTP/1.1" 200 1345461 "https://xx.xx.com/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:32 +0200] "GET /Test HTTP/1.1" 200 15397 "https://xx.xx.com/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:32 +0200] "GET /libs/do_external_connect.min.js?v=1 HTTP/1.1" 200 1173 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:32 +0200] "GET /libs/lib-jitsi-meet.min.js?v=4289 HTTP/1.1" 200 228097 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:32 +0200] "GET /libs/app.bundle.min.js?v=4289 HTTP/1.1" 200 1345461 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:33 +0200] "POST /http-bind?room=test HTTP/1.1" 405 580 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:49 +0200] "GET /Test HTTP/1.1" 200 15397 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:49 +0200] "GET /libs/do_external_connect.min.js?v=1 HTTP/1.1" 200 1173 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:49 +0200] "GET /libs/lib-jitsi-meet.min.js?v=4289 HTTP/1.1" 200 228097 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:49 +0200] "GET /libs/app.bundle.min.js?v=4289 HTTP/1.1" 200 1345461 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:15:50 +0200] "POST /http-bind?room=test HTTP/1.1" 405 580 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:16:06 +0200] "GET /Test HTTP/1.1" 200 15397 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:16:06 +0200] "GET /libs/do_external_connect.min.js?v=1 HTTP/1.1" 200 1173 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:16:06 +0200] "GET /libs/lib-jitsi-meet.min.js?v=4289 HTTP/1.1" 200 228097 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:16:06 +0200] "GET /libs/app.bundle.min.js?v=4289 HTTP/1.1" 200 1345461 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,172.17.0.1 - - [08/Aug/2020:20:16:07 +0200] "POST /http-bind?room=test HTTP/1.1" 405 580 "https://xx.xx.com/Test" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
,
,


Now:
tested image jitsi/prosody
for a possible "unregistered user" issue ... but guest connection is enabled in jitsi

Searched over internet - tons of similar issues, no single right solution
 
did you catch this?
https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker#running-behind-nat-or-on-a-lan-environment said:
If running in a LAN environment (as well as on the public Internet, via NAT) is a requirement, the DOCKER_HOST_ADDRESS should be set. This way, the Videobridge will advertise the IP address of the host running Docker instead of the internal IP address that Docker assigned it, thus making ICE succeed. If your users are coming in over the Internet (and not over LAN), this will likely be your public IP address. If this is not set up correctly, calls will crash when more than two users join a meeting.

The public IP address is discovered via STUN. STUN servers can be specified with the JVB_STUN_SERVERS option.
 

jeyare

Subscriber
1,587
537
OFC, I have seen this

DOCKER_HOST_ADDRESS=your NAS LAN ADDRESS
it was defined in the “env.example” config file
tested with both LAN/WAN addresses. No change
WAN is properly NATed to NAS, then RP to proper local host port

also tested both adresses in LAN only calls. No changes

also tested in the JVB_STUN_SERVERS setup = both addresses
No changes
 
Try your wan ip (if static), otherwise try the fqdn (assumed it resolves to your wan-ip and be properly forwarded to the RP, which forwards it to the container}.
 

jeyare

Subscriber
1,587
537
checked NAT and routing of port 10000, done.
it's one of reason failing of ICE
 
Does this problem happen with browser based clients as well? If so, can you enable the developer tools of the browser (usualy F12) and switch to the network or network analysis (or similar) tab and check the communication for errors?
 

jeyare

Subscriber
1,587
537
found in their GitHub some issues:
Web client fails to join or create rooms with fresh docker install
 
There must be some logs about it in the container. Sometimes container only write a part of the logs to STDOUT/STDERR (which are the ones you see with docker logs) and other parts to files. Did you check if there is such a seperation?

Not sure how to untangle this, if there are no error in the logs and no visible errors in the communication pattern from browser to service...
 

jeyare

Subscriber
1,587
537
Next turn with this simple guide, based on docker compose from official Jitsi.meets docker at GitHub (mentioned in my first post)
downloaded
copy into new /volume1/docker/... structure
edited file:
Code:
docker-compose.yml
follow error notes from
Code:
docker-compose up -d
tuned all variables + lost directory structure in the official compose from jitsi.meet (five subfolders missed)
managed by Portainer, nice as Stack. No errors (except mentioned above = BOSH/ngnix setup, repaired)
then done, running
jitsi meets is running, but in same behavior = you can connect landing page, create "room" name, but server can't create the room (as was indicated by two persons in last month by issuing a ticket in jitsi.meet GitHub) and you are disconnected

Diff approach = same verdict

Finally I found this guide from Cedric.
Same approach as my last one. Seems to be it works for him. He also uses:
PUBLIC_URL=https://meet.mydomain.com
DOCKER_HOST_ADDRESS=192.168.X.X

for the WAN connection

Then must be something what I missing.
 
managed by Portainer, nice as Stack
How is this possible? Last time I checked it was impossible, because Portainer declared some default config items that failed to work with Syno's custom docker engine. :unsure:Did Portainer fix the problem on their end? Can't find anything in the change logs...

I wish I could reproduce the setup on my box, but my setup points port 443 to a swarm cluster where Traefik acts as a reverse proxy for my swarm cluster. At least the reverse proxy configuration would be completly different.
 

jeyare

Subscriber
1,587
537
1596966153605.png


1596966255670.png


here some experiences for the Stacks:
- you can't RUN these containers from Syno Docker GUI (Syno GUI Docker API Error message). Just Stop it/edit variables.
- from Portainer is full control available

this Stack has been configured (.yml) then run in NAS by SSH
[CODE]docker-compose up -d[/CODE]
nothing more .... may be some note, .yml is ver: 3.0
 
Last edited:
I see, missunderstanding on my side. I was talking about creating stacks directly in the Portainer UI. ofc, a docker-compose deployment on the shell works. What I didn't knew is that Portainer picks it up and displays it as stack.
Though, when I think about it, it shouldn't have surprised me, because all components of a docker-compose deployment share the docker-compose specific label "com.docker.compose.project".

If a stack is created in the Portainer UI, you can actualy modify the compose configuration in the UI and trigger redeployments for changed services directly. If the compose deployment is done with docker-compose, the compose configuration is unknown to Portainer and cannot be modified in the UI. Though, you can still manage all objects it created in the UI.

Thanks for the clearification.
 
I am afraid, I won't be able to assist with jitsi. There setup is too complicated to troubleshoot without performing the installation myself.

Did you see this post in the jitsi.meet forum that seems to be the origin of the "jitsi on Syno" efforts?
Maybe the discussion provides some helpful details: Jitsi, Dockers and Synology NAS
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Similar threads

Similar threads

Top