yinzer

woops, i misread your description and though you were using domain.net because you didn't have a real domain. Both errors appear to be related to files in /data, which should map to your appdata folder. Do you have any strange permission issues with appdata? All these changes should not be necessary in a default setting, and should be generated automatically. It seems like something in the setup is failing to allow the files to be written to appdata correctly.

thanks @spyd4r I'll add that above. I didnt have to make that change and it 'just works' but I'll at least note it unless othesr are having the same issue. The joys of living, actively-developed codebases The other error sounds like an SSL problem. If you don't actually own the domain, you can't use LetsEncrypt to provision your certificates (since it verifies ownership). You should be able to get a full-HTTP setup -- edit all your configs and replace http with https for internal services, and adjust ports accordingly (443 to 80 or whatever you are using). If you run HTTPSEverywhere in your browser, expect problems!

Yes, Jitsi is working fine for me. If you enable Jitsi authentication, I haven't figure out how to pass that in, yet. You can work around this by not exposing the Jitsi web UI to the public and letting all the setup occur inside your docker network between the riot server and jitsi server. A couple thoughts: Is your channel encrypted? Bots wont work on encrypted channels. If you want to run your own bot, you need to figure out how to host your own Matrix Integrations Server, and run the bots there. I haven't gotten that far yet. If you figure it out, please share!

No shame there, a life without silly gifs is a life I don't want to live! I just tried it out and it worked fine without any issues. The Firefox javascript console was a lot of help in getting it all sorted out. There might be some hints there.

You found my mistake in the write-up, congrats My setup forwards 8448 to 1443 rather than exposing 8448 directly -- that way it goes through LetsEncrypt and you dont get cert warnings, and you don't need to make Matrix listen on 8448. Nice catch! I'll update the guide to reflect that. Edit: to make that more clear: The guide originally said to forward WAN 8448 to LAN 8448, which is wrong. It SHOULD have said to forward WAN 8448 to LAN 1443, so that LetsEncrypt redirects the traffic back to the HTTP port of the Matrix service on 8008.

Did you also add `listen 8448 ssl;` to your matrix.subdomain.conf nginx proxy? Edit: test it -- from an external network, brows to https://yourdomain:8448/ and see what you see. If you cant connect, your FW isn't setup or nginx isnt listening on the port. If you see the Nginx landing page, your port forward isn't setup. If you see a gateway error, your forward is setup incorrectly.

For anyone else who was wondering how to support multiple domains via a single LetsEncrypt Docker, this can be accomplished via the `EXTRA_DOMAINS` Docker environment variable (see https://github.com/linuxserver/docker-letsencrypt/blob/master/README.md). In your Unraid docker setup, `Add another Path, Port, Variable, Label or Device`. Select Config Type = `Variable`. Set the Key to `EXTRA_DOMAINS`. Set the Value to your comma-separated list of domains (NO WILDCARDS!). Add and Apply, verify that it all worked.

I didn't get the RiotBot message either, as I'm pretty sure that depends on Integrations working at the point (bots are integrations). To be clear,. have you opened the Integrations (tcp 8448 -> LetsEncrypt IP, and modify `letsencrypt/nginx/site-confs/default` to also handle port 8448 requests) port on your FW? If you have, check your browser's javascript console, which will likely show you where the failure is

I'm not sure. Do you get the Javascript 'Joining Room' with spiny wheel thing at all? When joining large rooms, it may take a minute for server-to-server syndication to complete, as your local Matrix servers pulls in all the user's, their stats, and the new room's chat history. The integrations may be related. It involves getting LetsEncrypt to also listen (ssl) on 8448, and proxying that into matrix. I didn't test this until AFTER I made that change, but it works for me. See the updates I made in the original post and give it a shot!

If both need to be publicly exposed, then this is 100% correct and you should try changing the STUN ports in the Matrix docker config and configuring the Jitsi TURN service to redirect to the corresponding port. Most users probably don't want to expose the UniFI STUN service outside their public router, as its typically used for adoption/management of devices on the same private network. I'd personally connect any remotely managed sites via a VPN for this, but your in advanced use-case territory at this point and are therefore likely capable of figuring out a solution that fits your network.

Nice catch! I'm a Unifi users as well, but my controller runs on the USG. The Matrix container config does give you the option to reassign the STUN ports, so you can give that a shot and reflect the settings in your TURN config. If anyone has to do this, please report back if there are any issues! Worst case, you can pick one of the conflicting dockers and set their network type to 'Host'. Unrelated note: this configuration has an issue with enabling integrations. I think I can work around this by adding another port-forward rule and another entry to the Matrix nginx proxy config. Will update once I figure it out!

Slight update, for those who already followed along: I forgot one step Forward in both TCP and UDP ports 3478 to your unraid server Then in your matrix/homeserver.yaml file, configure TURN to point to your bridge, and give it a good secret using the methods described above: This is for the Matrix TURN server, which is used to connect VoIP/video calls correctly. Turning a riot chat into a video conference may fail with only 2 users if this isn't done!

Thanks! If you need to get in touch with the support team via Riot, you can connect directly to their main matrix server using their Riot install https://riot.im/app/ I just tested creating a matrix.org account via my hosted Riot client and didn't have any issues. Make sure your FW/NAT is allowing access from outside the firewall using the URL you intend to use for your Riot client.

That's a great question, and being kinda new to docker-composer, I'm not quite sure yet since i haven't had it up long enough to need to worry about that yet. When you bring up the containers with docker-compose, they download the images. I wonder if the following will do the trick: ``` cd /path/to/docker-jitsi-meet docker-compose pull docker-compose restart ``` Since its using images, that should 'in theory' pull down the latest images. If there are any config changes, it might be a good idea to do a `docker-compose build` as well. If anyone knows better, please chime in!

haha i just figured this out on my own today and was putting together a guide, along with linking it to Riot Chat Looks like we settled on a very similar approach! I'll link my guide to this video, as you did a great job covering some of the bases that I didn't get into, like authentication. Awesome video as always! My guide for integrating jitsi with Riot/Matrix -