Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Jitsi
  3. Authentication support?

Authentication support?

Scheduled Pinned Locked Moved Solved Jitsi
61 Posts 18 Posters 13.8k Views 21 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ocelotslothO ocelotsloth

      First, this application works great from my testing.

      Is some kind of authentication in the roadmap for this app? For my use case I really can't have it open for anybody to create or join rooms. Just limiting who can create rooms would get me 80% of the way--requiring a secret to join an in-progress call would be even better.

      Thanks!

      BrutalBirdieB Offline
      BrutalBirdieB Offline
      BrutalBirdie
      Partner
      wrote on last edited by
      #2

      @ocelotsloth ldap integration is comming in the near future.

      Like my work? Consider donating a drink. Cheers!

      1 Reply Last reply
      3
      • ocelotslothO ocelotsloth

        First, this application works great from my testing.

        Is some kind of authentication in the roadmap for this app? For my use case I really can't have it open for anybody to create or join rooms. Just limiting who can create rooms would get me 80% of the way--requiring a secret to join an in-progress call would be even better.

        Thanks!

        rmdesR Offline
        rmdesR Offline
        rmdes
        wrote on last edited by
        #3

        @ocelotsloth a temporary "fix" would be to add a basic auth with .htpasswd authentication
        in the nginx conf file of your jitsi app /etc/nginx/applications/

        find the name of your nginx conf file with
        6f5a11b5-6576-4613-af18-45e28edd025a-image.png

        step 2 and step 3 from here https://www.cyberciti.biz/faq/nginx-password-protect-directory-with-nginx-htpasswd-authentication/ should do the work

        beware you're modifying a cloudron generated file that could change later and remove your changes.

        chetbakerC 1 Reply Last reply
        2
        • rmdesR rmdes

          @ocelotsloth a temporary "fix" would be to add a basic auth with .htpasswd authentication
          in the nginx conf file of your jitsi app /etc/nginx/applications/

          find the name of your nginx conf file with
          6f5a11b5-6576-4613-af18-45e28edd025a-image.png

          step 2 and step 3 from here https://www.cyberciti.biz/faq/nginx-password-protect-directory-with-nginx-htpasswd-authentication/ should do the work

          beware you're modifying a cloudron generated file that could change later and remove your changes.

          chetbakerC Offline
          chetbakerC Offline
          chetbaker
          wrote on last edited by
          #4

          @rmdes just a clarification question about that temporary "fix": will that mean you are password protecting the subdomain of your self-hosted jitsi homepage or just anyone willing to join a created meeting will need a password to log in?

          rmdesR 1 Reply Last reply
          0
          • chetbakerC chetbaker

            @rmdes just a clarification question about that temporary "fix": will that mean you are password protecting the subdomain of your self-hosted jitsi homepage or just anyone willing to join a created meeting will need a password to log in?

            rmdesR Offline
            rmdesR Offline
            rmdes
            wrote on last edited by
            #5

            @chetbaker both
            You can use this approach to create several users/pass allowing other people to join
            but the moment you put this in place, you can't access the jitsi without a user/pass

            chetbakerC 1 Reply Last reply
            0
            • rmdesR rmdes

              @chetbaker both
              You can use this approach to create several users/pass allowing other people to join
              but the moment you put this in place, you can't access the jitsi without a user/pass

              chetbakerC Offline
              chetbakerC Offline
              chetbaker
              wrote on last edited by
              #6

              @rmdes thanks! I was digging in some of the jitsi documentation and there's something called secure domain that in the handbook seems to be different than LDAP. Would that work?

              rmdesR 1 Reply Last reply
              0
              • chetbakerC chetbaker

                @rmdes thanks! I was digging in some of the jitsi documentation and there's something called secure domain that in the handbook seems to be different than LDAP. Would that work?

                rmdesR Offline
                rmdesR Offline
                rmdes
                wrote on last edited by
                #7

                @chetbaker I don't think so, better wait for LDAP support cos it will bring you authentication and a closed jitsi server in one shot 🙂

                chetbakerC 1 Reply Last reply
                0
                • rmdesR rmdes

                  @chetbaker I don't think so, better wait for LDAP support cos it will bring you authentication and a closed jitsi server in one shot 🙂

                  chetbakerC Offline
                  chetbakerC Offline
                  chetbaker
                  wrote on last edited by
                  #8

                  @rmdes oh no, for sure! I was thinking more on something like this while we wait for LDAP

                  rmdesR 1 Reply Last reply
                  0
                  • chetbakerC chetbaker

                    @rmdes oh no, for sure! I was thinking more on something like this while we wait for LDAP

                    rmdesR Offline
                    rmdesR Offline
                    rmdes
                    wrote on last edited by
                    #9

                    @chetbaker This could be a path to explore outside of a cloudron context, but within cloudron I'm not sure I have the know-how to talk about this, maybe @nebulon can chime in?

                    1 Reply Last reply
                    0
                    • nebulonN Offline
                      nebulonN Offline
                      nebulon
                      Staff
                      wrote on last edited by
                      #10

                      Package version 0.2.0 now has LDAP integration. This allows authentication of users but also enables the guest mode as outlined in https://jitsi.github.io/handbook/docs/devops-guide/secure-domain#enable-anonymous-login-for-guests

                      imc67I H 2 Replies Last reply
                      9
                      • nebulonN nebulon

                        Package version 0.2.0 now has LDAP integration. This allows authentication of users but also enables the guest mode as outlined in https://jitsi.github.io/handbook/docs/devops-guide/secure-domain#enable-anonymous-login-for-guests

                        imc67I Online
                        imc67I Online
                        imc67
                        translator
                        wrote on last edited by
                        #11

                        @nebulon very good news!!

                        How do we disable anonymous access so only LDAP?

                        1 Reply Last reply
                        0
                        • nebulonN nebulon

                          Package version 0.2.0 now has LDAP integration. This allows authentication of users but also enables the guest mode as outlined in https://jitsi.github.io/handbook/docs/devops-guide/secure-domain#enable-anonymous-login-for-guests

                          H Offline
                          H Offline
                          hakunamatata
                          wrote on last edited by
                          #12

                          @nebulon
                          I just installed the update but now the app is stuck starting. Log excerpt:

                          Mar 02 22:57:04 => Ensure directories
                          Mar 02 22:57:04 => Create configs
                          Mar 02 22:57:04 ==> Configuring static assets
                          Mar 02 22:57:04 ==> Configuring SASLauthd for LDAP
                          Mar 02 22:57:04 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                          Mar 02 22:57:05 => Ensure directories
                          Mar 02 22:57:05 => Create configs
                          Mar 02 22:57:05 ==> Configuring static assets
                          Mar 02 22:57:05 ==> Configuring SASLauthd for LDAP
                          Mar 02 22:57:05 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                          Mar 02 22:57:06 => Ensure directories
                          Mar 02 22:57:06 => Create configs
                          Mar 02 22:57:06 ==> Configuring static assets
                          Mar 02 22:57:06 ==> Configuring SASLauthd for LDAP
                          Mar 02 22:57:06 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                          Mar 02 22:57:07 => Ensure directories
                          Mar 02 22:57:07 => Create configs
                          Mar 02 22:57:07 ==> Configuring static assets
                          Mar 02 22:57:07 ==> Configuring SASLauthd for LDAP
                          Mar 02 22:57:07 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                          Mar 02 22:57:09 => Ensure directories
                          Mar 02 22:57:09 => Create configs
                          Mar 02 22:57:09 ==> Configuring static assets
                          Mar 02 22:57:09 ==> Configuring SASLauthd for LDAP
                          Mar 02 22:57:09 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                          Mar 02 22:57:11 => Ensure directories
                          Mar 02 22:57:11 => Create configs
                          Mar 02 22:57:11 ==> Configuring static assets
                          Mar 02 22:57:11 ==> Configuring SASLauthd for LDAP
                          Mar 02 22:57:11 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                          

                          Running Cloudron v7.1.2 on Ubuntu 20.04.3 LTS. Reverted to Jitsi package v0.1.0 for now.

                          avatar1024A 1 Reply Last reply
                          1
                          • H hakunamatata

                            @nebulon
                            I just installed the update but now the app is stuck starting. Log excerpt:

                            Mar 02 22:57:04 => Ensure directories
                            Mar 02 22:57:04 => Create configs
                            Mar 02 22:57:04 ==> Configuring static assets
                            Mar 02 22:57:04 ==> Configuring SASLauthd for LDAP
                            Mar 02 22:57:04 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                            Mar 02 22:57:05 => Ensure directories
                            Mar 02 22:57:05 => Create configs
                            Mar 02 22:57:05 ==> Configuring static assets
                            Mar 02 22:57:05 ==> Configuring SASLauthd for LDAP
                            Mar 02 22:57:05 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                            Mar 02 22:57:06 => Ensure directories
                            Mar 02 22:57:06 => Create configs
                            Mar 02 22:57:06 ==> Configuring static assets
                            Mar 02 22:57:06 ==> Configuring SASLauthd for LDAP
                            Mar 02 22:57:06 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                            Mar 02 22:57:07 => Ensure directories
                            Mar 02 22:57:07 => Create configs
                            Mar 02 22:57:07 ==> Configuring static assets
                            Mar 02 22:57:07 ==> Configuring SASLauthd for LDAP
                            Mar 02 22:57:07 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                            Mar 02 22:57:09 => Ensure directories
                            Mar 02 22:57:09 => Create configs
                            Mar 02 22:57:09 ==> Configuring static assets
                            Mar 02 22:57:09 ==> Configuring SASLauthd for LDAP
                            Mar 02 22:57:09 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                            Mar 02 22:57:11 => Ensure directories
                            Mar 02 22:57:11 => Create configs
                            Mar 02 22:57:11 ==> Configuring static assets
                            Mar 02 22:57:11 ==> Configuring SASLauthd for LDAP
                            Mar 02 22:57:11 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
                            

                            Running Cloudron v7.1.2 on Ubuntu 20.04.3 LTS. Reverted to Jitsi package v0.1.0 for now.

                            avatar1024A Offline
                            avatar1024A Offline
                            avatar1024
                            wrote on last edited by
                            #13

                            @hakunamatata Same here

                            1 Reply Last reply
                            1
                            • girishG Offline
                              girishG Offline
                              girish
                              Staff
                              wrote on last edited by
                              #14

                              @nebulon I guess the package should have optionalSso flag set?

                              1 Reply Last reply
                              1
                              • nebulonN Offline
                                nebulonN Offline
                                nebulon
                                Staff
                                wrote on last edited by
                                #15

                                As this is still an app marked as unstable, update issues are to be expected. Since the current package relies on LDAP and does not yet support optionalSso, existing instances have to be reintsalled. Since jitsi is mostly stateless though, this shouldn't be an issue. Sorry for not mentioning this upfront.

                                luckowL 1 Reply Last reply
                                1
                                • nebulonN nebulon

                                  As this is still an app marked as unstable, update issues are to be expected. Since the current package relies on LDAP and does not yet support optionalSso, existing instances have to be reintsalled. Since jitsi is mostly stateless though, this shouldn't be an issue. Sorry for not mentioning this upfront.

                                  luckowL Online
                                  luckowL Online
                                  luckow
                                  translator
                                  wrote on last edited by
                                  #16

                                  @nebulon My expected behavior is: starting a new conference/meeting brings a pop-up ("if you are the moderator, please sign in"). But this does not work with the new package (yes, fresh install) at first. It feels like the public jitsi from the first package. Am I missing any configuration?

                                  Pronouns: he/him | Primary language: German

                                  1 Reply Last reply
                                  1
                                  • jdaviescoatesJ Offline
                                    jdaviescoatesJ Offline
                                    jdaviescoates
                                    wrote on last edited by
                                    #17

                                    @nebulon I just installed a fresh install to see/ test LDAP support but when installing it just talks about "Dahboard visibility" not "User management" like other LDAP enabled apps:

                                    Screenshot from 2022-03-03 11-55-36.png

                                    I use Cloudron with Gandi & Hetzner

                                    jdaviescoatesJ H 2 Replies Last reply
                                    0
                                    • jdaviescoatesJ jdaviescoates

                                      @nebulon I just installed a fresh install to see/ test LDAP support but when installing it just talks about "Dahboard visibility" not "User management" like other LDAP enabled apps:

                                      Screenshot from 2022-03-03 11-55-36.png

                                      jdaviescoatesJ Offline
                                      jdaviescoatesJ Offline
                                      jdaviescoates
                                      wrote on last edited by
                                      #18

                                      @nebulon and when going to https://meet.uniteddiversity.coop/ any anonymous user can still create a room and be granted moderator rights on the room they create. Looks like something isn't quite right.

                                      I'm still on Cloudron 7.0.4 is LDAP Jitsi only available on 7.1 or something?

                                      I use Cloudron with Gandi & Hetzner

                                      nebulonN 1 Reply Last reply
                                      0
                                      • jdaviescoatesJ jdaviescoates

                                        @nebulon and when going to https://meet.uniteddiversity.coop/ any anonymous user can still create a room and be granted moderator rights on the room they create. Looks like something isn't quite right.

                                        I'm still on Cloudron 7.0.4 is LDAP Jitsi only available on 7.1 or something?

                                        nebulonN Offline
                                        nebulonN Offline
                                        nebulon
                                        Staff
                                        wrote on last edited by
                                        #19

                                        @jdaviescoates you are right, the jitsi app package version 0.2.0 is only available for Cloudrons running 7.1.2

                                        luckowL 1 Reply Last reply
                                        1
                                        • nebulonN nebulon

                                          @jdaviescoates you are right, the jitsi app package version 0.2.0 is only available for Cloudrons running 7.1.2

                                          luckowL Online
                                          luckowL Online
                                          luckow
                                          translator
                                          wrote on last edited by
                                          #20

                                          @nebulon Interesting phenomenon: there is a folder in Prosody that cannot be accessed via the Web Filemanger. In the terminal, this is not a problem.
                                          8dbd2a7c-6ef3-4dd5-8e59-786c19d02bcc-grafik.png
                                          31ca9120-ea77-4a7f-a63d-4b52bafc2cd5-grafik.png

                                          Pronouns: he/him | Primary language: German

                                          nebulonN 1 Reply Last reply
                                          1
                                          • luckowL luckow

                                            @nebulon Interesting phenomenon: there is a folder in Prosody that cannot be accessed via the Web Filemanger. In the terminal, this is not a problem.
                                            8dbd2a7c-6ef3-4dd5-8e59-786c19d02bcc-grafik.png
                                            31ca9120-ea77-4a7f-a63d-4b52bafc2cd5-grafik.png

                                            nebulonN Offline
                                            nebulonN Offline
                                            nebulon
                                            Staff
                                            wrote on last edited by
                                            #21

                                            @luckow that seems to be a filemanager client side bug. Thanks for reporting.

                                            Regardless of that, I do wonder if that folder needs to be there in the first place. There is nothing which should be changed or touched by the admin without risking breaking, so I think I will move most of that, if not all to /run

                                            1 Reply Last reply
                                            1
                                            Reply
                                            • Reply as topic
                                            Log in to reply
                                            • Oldest to Newest
                                            • Newest to Oldest
                                            • Most Votes


                                              • Login

                                              • Don't have an account? Register

                                              • Login or register to search.
                                              • First post
                                                Last post
                                              0
                                              • Categories
                                              • Recent
                                              • Tags
                                              • Popular
                                              • Bookmarks
                                              • Search