Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Authentication support?

Scheduled Pinned Locked Moved Solved Jitsi
49 Posts 17 Posters 1.8k Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • ocelotslothO Offline
    ocelotslothO Offline
    ocelotsloth
    wrote on last edited by
    #1

    First, this application works great from my testing.

    Is some kind of authentication in the roadmap for this app? For my use case I really can't have it open for anybody to create or join rooms. Just limiting who can create rooms would get me 80% of the way--requiring a secret to join an in-progress call would be even better.

    Thanks!

    BrutalBirdieB rmdesR 2 Replies Last reply
    2
  • BrutalBirdieB Offline
    BrutalBirdieB Offline
    BrutalBirdie Staff
    replied to ocelotsloth on last edited by
    #2

    @ocelotsloth ldap integration is comming in the near future.

    Like my work? Consider donating a drink drink. Cheers!

    1 Reply Last reply
    3
  • rmdesR Offline
    rmdesR Offline
    rmdes
    replied to ocelotsloth on last edited by
    #3

    @ocelotsloth a temporary "fix" would be to add a basic auth with .htpasswd authentication
    in the nginx conf file of your jitsi app /etc/nginx/applications/

    find the name of your nginx conf file with
    6f5a11b5-6576-4613-af18-45e28edd025a-image.png

    step 2 and step 3 from here https://www.cyberciti.biz/faq/nginx-password-protect-directory-with-nginx-htpasswd-authentication/ should do the work

    beware you're modifying a cloudron generated file that could change later and remove your changes.

    chetbakerC 1 Reply Last reply
    2
  • chetbakerC Offline
    chetbakerC Offline
    chetbaker
    replied to rmdes on last edited by
    #4

    @rmdes just a clarification question about that temporary "fix": will that mean you are password protecting the subdomain of your self-hosted jitsi homepage or just anyone willing to join a created meeting will need a password to log in?

    rmdesR 1 Reply Last reply
    0
  • rmdesR Offline
    rmdesR Offline
    rmdes
    replied to chetbaker on last edited by
    #5

    @chetbaker both
    You can use this approach to create several users/pass allowing other people to join
    but the moment you put this in place, you can't access the jitsi without a user/pass

    chetbakerC 1 Reply Last reply
    0
  • chetbakerC Offline
    chetbakerC Offline
    chetbaker
    replied to rmdes on last edited by
    #6

    @rmdes thanks! I was digging in some of the jitsi documentation and there's something called secure domain that in the handbook seems to be different than LDAP. Would that work?

    rmdesR 1 Reply Last reply
    0
  • rmdesR Offline
    rmdesR Offline
    rmdes
    replied to chetbaker on last edited by
    #7

    @chetbaker I don't think so, better wait for LDAP support cos it will bring you authentication and a closed jitsi server in one shot 🙂

    chetbakerC 1 Reply Last reply
    0
  • chetbakerC Offline
    chetbakerC Offline
    chetbaker
    replied to rmdes on last edited by
    #8

    @rmdes oh no, for sure! I was thinking more on something like this while we wait for LDAP

    rmdesR 1 Reply Last reply
    0
  • rmdesR Offline
    rmdesR Offline
    rmdes
    replied to chetbaker on last edited by
    #9

    @chetbaker This could be a path to explore outside of a cloudron context, but within cloudron I'm not sure I have the know-how to talk about this, maybe @nebulon can chime in?

    1 Reply Last reply
    0
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    wrote on last edited by
    #10

    Package version 0.2.0 now has LDAP integration. This allows authentication of users but also enables the guest mode as outlined in https://jitsi.github.io/handbook/docs/devops-guide/secure-domain#enable-anonymous-login-for-guests

    imc67I H 2 Replies Last reply
    9
  • imc67I Offline
    imc67I Offline
    imc67 translator
    replied to nebulon on last edited by
    #11

    @nebulon very good news!!

    How do we disable anonymous access so only LDAP?

    1 Reply Last reply
    0
  • H Offline
    H Offline
    hakunamatata
    replied to nebulon on last edited by
    #12

    @nebulon
    I just installed the update but now the app is stuck starting. Log excerpt:

    Mar 02 22:57:04 => Ensure directories
    Mar 02 22:57:04 => Create configs
    Mar 02 22:57:04 ==> Configuring static assets
    Mar 02 22:57:04 ==> Configuring SASLauthd for LDAP
    Mar 02 22:57:04 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
    Mar 02 22:57:05 => Ensure directories
    Mar 02 22:57:05 => Create configs
    Mar 02 22:57:05 ==> Configuring static assets
    Mar 02 22:57:05 ==> Configuring SASLauthd for LDAP
    Mar 02 22:57:05 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
    Mar 02 22:57:06 => Ensure directories
    Mar 02 22:57:06 => Create configs
    Mar 02 22:57:06 ==> Configuring static assets
    Mar 02 22:57:06 ==> Configuring SASLauthd for LDAP
    Mar 02 22:57:06 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
    Mar 02 22:57:07 => Ensure directories
    Mar 02 22:57:07 => Create configs
    Mar 02 22:57:07 ==> Configuring static assets
    Mar 02 22:57:07 ==> Configuring SASLauthd for LDAP
    Mar 02 22:57:07 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
    Mar 02 22:57:09 => Ensure directories
    Mar 02 22:57:09 => Create configs
    Mar 02 22:57:09 ==> Configuring static assets
    Mar 02 22:57:09 ==> Configuring SASLauthd for LDAP
    Mar 02 22:57:09 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
    Mar 02 22:57:11 => Ensure directories
    Mar 02 22:57:11 => Create configs
    Mar 02 22:57:11 ==> Configuring static assets
    Mar 02 22:57:11 ==> Configuring SASLauthd for LDAP
    Mar 02 22:57:11 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
    

    Running Cloudron v7.1.2 on Ubuntu 20.04.3 LTS. Reverted to Jitsi package v0.1.0 for now.

    avatar1024A 1 Reply Last reply
    1
  • avatar1024A Offline
    avatar1024A Offline
    avatar1024
    replied to hakunamatata on last edited by
    #13

    @hakunamatata Same here

    1 Reply Last reply
    1
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #14

    @nebulon I guess the package should have optionalSso flag set?

    1 Reply Last reply
    1
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    wrote on last edited by
    #15

    As this is still an app marked as unstable, update issues are to be expected. Since the current package relies on LDAP and does not yet support optionalSso, existing instances have to be reintsalled. Since jitsi is mostly stateless though, this shouldn't be an issue. Sorry for not mentioning this upfront.

    luckowL 1 Reply Last reply
    1
  • luckowL Offline
    luckowL Offline
    luckow translator
    replied to nebulon on last edited by
    #16

    @nebulon My expected behavior is: starting a new conference/meeting brings a pop-up ("if you are the moderator, please sign in"). But this does not work with the new package (yes, fresh install) at first. It feels like the public jitsi from the first package. Am I missing any configuration?

    Pronouns: he/him | Primary language: German

    1 Reply Last reply
    1
  • jdaviescoatesJ Online
    jdaviescoatesJ Online
    jdaviescoates
    wrote on last edited by
    #17

    @nebulon I just installed a fresh install to see/ test LDAP support but when installing it just talks about "Dahboard visibility" not "User management" like other LDAP enabled apps:

    Screenshot from 2022-03-03 11-55-36.png

    I use Cloudron with Gandi & Hetzner

    jdaviescoatesJ H 2 Replies Last reply
    0
  • jdaviescoatesJ Online
    jdaviescoatesJ Online
    jdaviescoates
    replied to jdaviescoates on last edited by
    #18

    @nebulon and when going to https://meet.uniteddiversity.coop/ any anonymous user can still create a room and be granted moderator rights on the room they create. Looks like something isn't quite right.

    I'm still on Cloudron 7.0.4 is LDAP Jitsi only available on 7.1 or something?

    I use Cloudron with Gandi & Hetzner

    nebulonN 1 Reply Last reply
    0
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    replied to jdaviescoates on last edited by
    #19

    @jdaviescoates you are right, the jitsi app package version 0.2.0 is only available for Cloudrons running 7.1.2

    luckowL 1 Reply Last reply
    1
  • luckowL Offline
    luckowL Offline
    luckow translator
    replied to nebulon on last edited by
    #20

    @nebulon Interesting phenomenon: there is a folder in Prosody that cannot be accessed via the Web Filemanger. In the terminal, this is not a problem.
    8dbd2a7c-6ef3-4dd5-8e59-786c19d02bcc-grafik.png
    31ca9120-ea77-4a7f-a63d-4b52bafc2cd5-grafik.png

    Pronouns: he/him | Primary language: German

    nebulonN 1 Reply Last reply
    1

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.