Closed tio-trom closed 1 year ago
Thanks. Ok. May I ask why the decision to make Jitsi only work for the registered users? The default Jitsi Meet is open for everyone. It is a very handy tool to use and maybe there should either be open as default, or make it easy to remove the LDAP limitation.
Thanks. Ok. May I ask why the decision to make Jitsi only work for the registered users? The default Jitsi Meet is open for everyone. It is a very handy tool to use and maybe there should either be open as default, or make it easy to remove the LDAP limitation.
I though that most jitsi installed on yunohost will be for personal use, not to make a public jitsi.
As you can see, there are various files to modify to enable or disable ldap authentication, not that simple. But feel free to make a pull request to make that change easily.
Ah I see. I truly wanted to provide a free Jitsi Meet instance for our trom.tf services so that anyone can use it. I can try do those changes manually but I see even scripts/install
need to be modified. Does that mean I have to fork this and do the changes then install in order for it to work?
Also would you reconsider making it public and not LDAP based?
And thanks a lot for your work on this package!
Also, is this the correct folder to edit /etc/yunohost/apps/jitsi/conf
? I see all of the edited files there.
So I have done all of the changes to the files in /etc/yunohost/apps/jitsi/conf
. Restarted all Jitsi services + Prosody + Nginx. I see no difference. Weird.
This is not where the actual conf are, only templates used during install.
You'll need to edit the config at the final location.
Probably somewhere in /etc/jitsi
and /etc/prosody/
according to https://github.com/YunoHost-Apps/jitsi_ynh/blob/master/scripts/install#L163-L235
I think I've done it. Here's how (replace domain-name with your domain name where jitsi is installed):
/etc/jitsi/jicofo/jicofo.conf
And remove:
authentication: {
enabled: true
type: XMPP
login-url: __DOMAIN__
}
/etc/jitsi/meet/domain-name-config.js
And replace:
anonymousdomain: 'guest.__DOMAIN__',
with
// anonymousdomain: 'guest.example.com',
/etc/prosody/conf.avail/domain-name.cfg.lua
And replace:
authentication = "ldap"
ldap_server = "localhost"
ldap_filter = "(uid=$user)"
ldap_scope = "subtree"
ldap_base = "ou=users,dc=yunohost,dc=org"
ldap_mode = "bind"
With:
authentication = "anonymous"
Plus delete:
VirtualHost "guest.__DOMAIN__"
authentication = "anonymous"
c2s_require_encryption = fa
So I could probably close this issue now. It is a little work but seems doable. If any of you can confirm that the above are ok and there is nothing else to do more for it to properly work.
yes it's what has to be done. PS: at next upgrade of jitsi, the changes you made manually will be overwrite and you will have to redo then
Yes I know I will have to do the changes again. It is ok. Thanks for the help!
The method does not really work. It tries to reconnect. I will reopen this issue for now and see if I or others can come up with a better solution to then be integrated into the main ynh package. I think it can be really great to easily provide this as a public service like we do via trom.tf for many other services. But for now this Jitsi package is unreliable when trying to disable the LDAP integration.
Hardware: VPS bought online YunoHost version: 4.3.6.2 (stable). I have access to my server: Through SSH | through the webadmin | direct access via keyboard / screen | ... Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: no
I would like to have Jitsi open for anyone. So how can I disable LDAP? Thanks!
EDIT: Is it the file
/etc/prosody/conf.avail/call.trom.tf.cfg.lua
?