VIDEO GUIDE ** How to Setup Jitsi in Docker with a Reverse Proxy **


69 posts in this topic Last Reply

Recommended Posts

  • Replies 68
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

How to install the Jitsi stack and run through a reverse proxy. This guide uses docker compose and portainer.      

I'm no pro, but here's how I'm doing updates. You will need docker-compose, so get it as is shown in the video or via nerd tools   1) Get and replace (appdata/jitsi/github/docker-jitsi-meet)

Try prosodyctl deluser username

Posted Images

haha i just figured this out on my own today and was putting together a guide, along with linking it to Riot Chat :) Looks like we settled on a very similar approach! I'll link my guide to this video, as you did a great job covering some of the bases that I didn't get into, like authentication. Awesome video as always!

 

My guide for integrating jitsi with Riot/Matrix -

 

 

Link to post

This is awesome and I'm super glad you got around to creating this video for everyone.

 

I am however having issues with meetings with more than 2 users when I'm connected from my LAN. As soon as a third user connects, video and audio stop for me, but the rest of the users in the meeting are still able to chat. If I connect from outside of my local network, I can join the meeting.

 

I've checked my jvb docker logs and there's a lot of errors about "INFO: ICE state is FAILED", "INFO: Suspicious ICE connectivity failure. Checks failed but the remote end was able to reach us.", and a few others. I've done some googling and troubleshooting with a friend and we haven't been able to resolve the issue.

 

I tried updating the DOCKER_HOST_ADDRESS to my WAN IP in .env, I tried updating the STUN server to a google one as my friend did, I tried updating the sip-communicator.properties as per this link, and so far nothing has worked to allow me to join a meeting with more than 2 people from my local network.  Somewhat defeats the purpose if I can't join meetings from my local network.

 

Anyone else having issues like this?

Link to post

Thanks for this! It seems I'm having an issue w/ the jitsi conf file you provided. If I add it, it appears to load correctly but none of my subdomains work. Once I remove it, they're working again. 

_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/


Brought to you by linuxserver.io
-------------------------------------

To support the app dev(s) visit:
Let's Encrypt: https://letsencrypt.org/donate/

To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
Variables set:
PUID=99
PGID=100
TZ=America/Denver
URL=domain
SUBDOMAINS=server,nextcloud,climadb,meet,jitsi
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=true
DHLEVEL=2048
VALIDATION=http
DNSPLUGIN=
EMAIL=email
STAGING=

2048 bit DH parameters present
SUBDOMAINS entered, processing
SUBDOMAINS entered, processing
Only subdomains, no URL in cert
Sub-domains processed are: -d server.domain -d nextcloud.domain -d climadb.domain -d meet.domain -d jitsi.domain
E-mail address entered: email
http validation is selected
Certificate exists; parameters unchanged; starting nginx
[cont-init.d] 50-config: exited 0.
[cont-init.d] 60-renew: executing...
The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
[cont-init.d] 60-renew: exited 0.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Server ready
Server ready
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:3
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:3
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:3
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:3
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:3
Edited by adambeck7
Link to post

Working great for me so far.. Just got off a 3-way chat, but one question.. If portainer is brought down in Unraid (and with it jitsi) i get the following error repeatedly when starting Letencrypt. This continues until Portainer (along w/ Jitsi) is started.. If possible, i'd like to allow Letsencrypt to continue unbothered even if those containers are down.  Other Nginx conf files use $upstream_app , $upstream_port and $upstream_proto... i beleive for this very situation.  SHould i try adding that on all 3 location / includes in jitsimeet.subdomain.conf?

 

Quote

nginx: [emerg] host not found in upstream "meet.jitsi" in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:17
nginx: [emerg] host not found in upstream "meet.jitsi" in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:17
nginx: [emerg] host not found in upstream "meet.jitsi" in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:17
nginx: [emerg] host not found in upstream "meet.jitsi" in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:17
nginx: [emerg] host not found in upstream "meet.jitsi" in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:17
nginx: [emerg] host not found in upstream "meet.jitsi" in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:17
nginx: [emerg] host not found in upstream "meet.jitsi" in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:17
nginx: [emerg] host not found in upstream "meet.jitsi" in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:17
nginx: [emerg] host not found in upstream "meet.jitsi" in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:17
nginx: [emerg] host not found in upstream "meet.jitsi" in /config/nginx/proxy-confs/jitsimeet.subdomain.conf:17

 

 

Link to post

I am having big problems with the video.meet.jitsi docker using more and more RAM.

 

I had originally poster a question in another Jitsi thread and realise now that this is a more appropriate place to look for an answer.

Original post

 

Everything seems to work the way it should in terms of making meetings and video calls but the docker is quickly consuming RAM and this is while it is idle and no meetings or calls have happened. I restarted it this morning and in the last 4 hours the RAM usage for video.meet.jitsi has increased to 1.014GB and climbing.

 

Any ideas on what is using the RAM and how I can stop this from happening?

Link to post

I followed the guide and got everything working perfectly. I got video calls working from multiple devices just fine. After a server restart when I now try to access the Jitsi web UI I get a dark gray blank page. The page title says Jitsi Meet. I've tried restarting the stack but no changes. Any clues? Heres the javascript console log:

 

(TIME) index.html loaded:	 510.44999999976426
(index):298 Uncaught ReferenceError: kecohalednmcpjceagiapnnpmdnpbagc is not defined
    at (index):298
Logger.js:154 2020-04-30T22:30:21.032Z [modules/browser/BrowserCapabilities.js] <new t>:  This appears to be chrome, ver: 81.0.4044.113
AuthHandler.js:18 Uncaught TypeError: Cannot read property 'tokenAuthUrl' of undefined
    at Object.<anonymous> (AuthHandler.js:18)
    at Object.<anonymous> (app.bundle.min.js?v=3992:54)
    at n (bootstrap:19)
    at Object.<anonymous> (connection.js:1)
    at Object.<anonymous> (app.bundle.min.js?v=3992:54)
    at n (bootstrap:19)
    at Object.<anonymous> (conference.js:1)
    at Object.<anonymous> (app.bundle.min.js?v=3992:126)
    at n (bootstrap:19)
    at Module.<anonymous> (app.bundle.min.js?v=3992:222)
    at n (bootstrap:19)
    at bootstrap:83
    at app.bundle.min.js?v=3992:1
configLanguageDetector.js:22 Uncaught TypeError: Cannot read property 'defaultLanguage' of undefined
    at Object.lookup (configLanguageDetector.js:22)
    at index.js:111
    at Array.forEach (<anonymous>)
    at e.value (index.js:109)
    at t.value (i18next.js:2016)
    at u (i18next.js:1868)
DevTools failed to load SourceMap: Could not load content for chrome-extension://hdokiejnpimakedhajhdlcegeplioahd/sourcemaps/onloadwff.js.map: HTTP error: status code 404, net::ERR_UNKNOWN_URL_SCHEME

 

EDIT: FIXED

I was experimenting with making my own Jitsi Chrome extension and stopped when it required to publish to the store. There's no way that I could find to tell Chrome to force allow an unpublished extension. As soon as I removed the extension ID from the config.js file and restarted the container I'm back to a working setup.

Edited by ChadwickTheCrab
Link to post

Thx @SpaceInvaderOne for another geat guide! It works great. Keep up the good work.:)

 

EDIT: Well I was claiming success too early. I cannot make it work.

 

When in portainer if I click the published ports of "meet.jitsi" (8443:443 8000:80) and "focus.meet.jitsi" (43:4443 10000:10000) only 8000:80 brings me to the Jitsi page to start a meeting (http://myunraidserverip:8000/). If I start a meeting as host, when I enter the meeting I have no access to audio or webcam. Have been doing this week video on this laptop using other applications.

 

I am running duckdns in my router. I did set up a subdomain called "magmajitsi" (magmajitsi.duckdns.org).

 

I wrote in the .env file:

# Public URL for the web service PUBLIC_URL=https://meet.magmajitsi.com

And in the "jitsimeet.subdomain":

server_name meet.magmajitsi.com

 

Letsencrypt is starting normally without any errors in log.

 

Maybe someone can point me out in the right direction.

 

 

Edited by luca2
Link to post
15 hours ago, jonathanm said:

That wasn't the question. When you ping the url, what result do you get?

From my mobile (outside lan):

$ ping meet.magmajitsi.com
ping: unknown host meet.magmajitsi.com

From unraid:

root@xxx:~# ping meet.magmajitsi.com
ping: meet.magmajitsi.com: Name or service not known

 

Link to post
2 minutes ago, luca2 said:

From my mobile (outside lan):


$ ping meet.magmajitsi.com
ping: unknown host meet.magmajitsi.com

From unraid:


root@xxx:~# ping meet.magmajitsi.com
ping: meet.magmajitsi.com: Name or service not known

 

Apparently you don't own the rights to use magmajitsi.com, it appears to be available for purchase.

Link to post
5 hours ago, jonathanm said:

Apparently you don't own the rights to use magmajitsi.com, it appears to be available for purchase.

I reviewed again my setup and discovered duckdns not updating my wan IP.

I did the following changes:

In my .env file: changed this "PUBLIC_URL=https://meet.magmajitsi.com" to this "PUBLIC_URL=https://meet.magmajitsi.duckdns.org"

In the "jitsimeet.subdomain.conf": changed this "server_name meet.magmajitsi.com" to this "server_name meet.magmajitsi.duckdns.org"

If I ping now "meet.magmajitsi.duckdns.org" I get my actual wan IP.

But if I write into my browser "https://meet.magmajitsi.duckdns.org/" I do not connect to the Jitsi meeting.

Link to post

Is anyone else having issues when restarting the server/docker service? I can't get these four containers to start automatically. When I check them in Portainer it says 'Failure network ******* not found'. I have to remove them from that network and re-add them. They all start fine after that.

Link to post
On 4/28/2020 at 5:33 AM, mattyx said:

Quick (and probably obvious) question:  How does one update the jitsi components when deployed in this way?

Don't update.

 

I updated and now it no longer works. I can see the old docker images in portainer, but don't know how to spin them up.

Edited by dallus
Link to post
On 5/3/2020 at 8:13 PM, luca2 said:

I reviewed again my setup and discovered duckdns not updating my wan IP.

I did the following changes:

In my .env file: changed this "PUBLIC_URL=https://meet.magmajitsi.com" to this "PUBLIC_URL=https://meet.magmajitsi.duckdns.org"

In the "jitsimeet.subdomain.conf": changed this "server_name meet.magmajitsi.com" to this "server_name meet.magmajitsi.duckdns.org"

If I ping now "meet.magmajitsi.duckdns.org" I get my actual wan IP.

But if I write into my browser "https://meet.magmajitsi.duckdns.org/" I do not connect to the Jitsi meeting.

Hi, I have one doubt and I think it is the key to make it work.

I am assuming the subdomain I created in duckdns (magmajitsi.duckdns.org) will allow any user to access from a browser in my Jitsi-server by typing https://meet.magmajitsi.duckdns.org. Is it true or do I need a domain so that the user types https://meet.mydomain.com?

 

 

Link to post

I'm no pro, but here's how I'm doing updates. You will need docker-compose, so get it as is shown in the video or via nerd tools

 

1) Get and replace (appdata/jitsi/github/docker-jitsi-meet) the edited docker compose file. I labeled the containers and set the network name (proxynet) as shown in the video. If using a different network, just change the name (very last line). You won't have to fiddle around in portainer anymore.

 

2) Pop open a terminal and cd to the github repo you pulled down which should be something like /mnt/cache/appdata/jitsi/github/docker-jitsi-meet/

cd /mnt/cache/appdata/jitsi/github/docker-jitsi-meet/

 

3) Time to pull the new images. In console, run:

docker-compose pull

4) Set up the new containers:

docker-compose up -d --remove-orphans

5) Optional - remove old images

docker image prune

6) You will need to setup authentication again if you so desire, as it appears to be stored in the container (and so is lost when replaced by the update). Open a terminal to the xmpp.meet.jitsi container:

 

prosodyctl --config /config/prosody.cfg.lua register username meet.jitsi password

Unfortunately unraid will still show an update available, not sure what to do about that.

 

Hope this helps, good luck!

docker-compose.yml

Link to post
11 hours ago, rjlan said:

I'm no pro, but here's how I'm doing updates. You will need docker-compose, so get it as is shown in the video or via nerd tools

 

1) Get and replace (appdata/jitsi/github/docker-jitsi-meet) the edited docker compose file. I labeled the containers and set the network name (proxynet) as shown in the video. If using a different network, just change the name (very last line). You won't have to fiddle around in portainer anymore.

 

2) Pop open a terminal and cd to the github repo you pulled down which should be something like /mnt/cache/appdata/jitsi/github/docker-jitsi-meet/


cd /mnt/cache/appdata/jitsi/github/docker-jitsi-meet/

 

3) Time to pull the new images. In console, run:


docker-compose pull

4) Set up the new containers:


docker-compose up -d --remove-orphans

5) Optional - remove old images


docker image prune

6) You will need to setup authentication again if you so desire, as it appears to be stored in the container (and so is lost when replaced by the update). Open a terminal to the xmpp.meet.jitsi container:

 


prosodyctl --config /config/prosody.cfg.lua register username meet.jitsi password

Unfortunately unraid will still show an update available, not sure what to do about that.

 

Hope this helps, good luck!

docker-compose.yml 4.53 kB · 1 download

Great info @rjlanthanks.

Also people should remember that if they have restarted their server since installing jistsi then docker compose will no longer be instaled so will need to run

curl -L "https://github.com/docker/compose/releases/download/1.25.5/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose && chmod 777 /usr/local/bin/docker-compose 

Might be a good idea to put that line into a suer script to execute on first start of the array

Link to post
18 hours ago, luca2 said:

Hi, I have one doubt and I think it is the key to make it work.

I am assuming the subdomain I created in duckdns (magmajitsi.duckdns.org) will allow any user to access from a browser in my Jitsi-server by typing https://meet.magmajitsi.duckdns.org. Is it true or do I need a domain so that the user types https://meet.mydomain.com?

 

 

Did you get this working, I am having similar issues with ngix bad gateway 502 when trying to use duckdns?

Link to post
On 4/22/2020 at 12:52 AM, SpaceInvaderOne said:

How to install the Jitsi stack and run through a reverse proxy. This guide uses docker compose and portainer.

 

 

 

Hi I always follow your guides and usually all goes well, just can get this one to work. Various issues, however the main one to start is an ngix 502 bad gateway, I'm using duckdns with the url meetnantwich.duckdns.org. any help would be appreceated?

Link to post
5 hours ago, SpaceInvaderOne said:

Great info @rjlanthanks.

Also people should remember that if they have restarted their server since installing jistsi then docker compose will no longer be instaled so will need to run


curl -L "https://github.com/docker/compose/releases/download/1.25.5/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose && chmod 777 /usr/local/bin/docker-compose 

Might be a good idea to put that line into a suer script to execute on first start of the array

Hi I always follow your guides and usually all goes well, just can get this one to work. Various issues, however the main one to start is an ngix 502 bad gateway, I'm using duckdns with the url meetnantwich.duckdns.org. any help would be appreceated?

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.