Recording fails

[sualko]

Hi everyone, I tried to enable jibri and encountered some problems. First I got the following error message:

org.jitsi.jibri.service.impl.FileRecordingJibriService.finalize() Failed to run finalize script: java.io.IOException: Cannot run program "/config/finalize.sh": error=2, No such file or directory

But this was easy to fix. I just created a file in my config folder, but now I get the following:

org.jitsi.jibri.selenium.JibriSelenium.run() An error occurred while joining the call: org.openqa.selenium.WebDriverException: <unknown>: Failed to read the 'localStorage' property from 'Window': Access is denied for this document.

I think the problem is that Window is different from window, but I don't know where to find the code. Can you help me?

Complete log

``` 2020-03-20 09:15:16.071 FINE: [35] org.jitsi.xmpp.mucclient.MucClient.log() Received an IQ with type set: IQ Stanza (jibri http://jitsi.org/protocol/jibri) [to=jibri@auth.meet.jitsi/edAXYQ94,from=jibribrewery@internal-muc.meet.jitsi/focus,id=amlicmlAYXV0aC5tZWV0LmppdHNpL2VkQVhZUTk0ADBCVGx1LTI1NABVsWt3X1n/o6vD6m2Rlbe7,type=set,] 2020-03-20 09:15:16.073 INFO: [35] org.jitsi.jibri.api.xmpp.XmppApi.handleJibriIq() Received JibriIq from environment [MucClient id=xmpp.meet.jitsi hostname=xmpp.meet.jitsi] 2020-03-20 09:15:16.075 INFO: [35] org.jitsi.jibri.api.xmpp.XmppApi.handleStartJibriIq() Received start request 2020-03-20 09:15:16.078 INFO: [35] org.jitsi.jibri.api.xmpp.XmppApi.handleStartJibriIq() Sending 'pending' response to start IQ 2020-03-20 09:15:16.078 INFO: [38] org.jitsi.jibri.api.xmpp.XmppApi.run() Starting service 2020-03-20 09:15:16.107 INFO: [38] org.jitsi.jibri.api.xmpp.XmppApi.handleStartService() Parsed call url info: CallUrlInfo(baseUrl=https://meet.jitsi, callName=asdfxxssexfadsf, urlParams=[]) 2020-03-20 09:15:16.108 INFO: [38] org.jitsi.jibri.JibriManager.startFileRecording() Starting a file recording with params: FileRecordingRequestParams(callParams=CallParams(callUrlInfo=CallUrlInfo(baseUrl=https://meet.jitsi, callName=asdfxxssexfadsf, urlParams=[])), sessionId=fbzkuvzxovfdfkxh, callLoginParams=XmppCredentials(domain=recorder.meet.jitsi, username=recorder, password=passw0rd)) finalize script path: /config/finalize.sh and recordings directory: /config/recordings 2020-03-20 09:15:16.764 INFO: [38] org.openqa.selenium.remote.ProtocolHandshake.createSession() Detected dialect: OSS 2020-03-20 09:15:16.779 INFO: [38] org.jitsi.jibri.selenium.JibriSelenium.() Starting empty call check with a timeout of PT30S 2020-03-20 09:15:16.790 FINE: [38] org.jitsi.jibri.capture.ffmpeg.FfmpegCapturer.() Detected os as OS: LINUX 2020-03-20 09:15:16.794 INFO: [38] org.jitsi.jibri.service.impl.FileRecordingJibriService.() Writing recording to /config/recordings/fbzkuvzxovfdfkxh 2020-03-20 09:15:16.796 FINE: [38] org.jitsi.jibri.statsd.JibriStatsDClient.incrementCounter() Incrementing statsd counter: start:recording 2020-03-20 09:15:16.797 INFO: [38] org.jitsi.jibri.status.JibriStatusManager.log() Busy status has changed: IDLE -> BUSY 2020-03-20 09:15:16.797 INFO: [38] org.jitsi.jibri.api.xmpp.XmppApi.updatePresence() Jibri reports its status is now JibriStatus(busyStatus=BUSY, health=OverallHealth(healthStatus=HEALTHY, details={})), publishing presence to connections 2020-03-20 09:15:16.798 INFO: [38] org.jitsi.xmpp.mucclient.MucClientManager.log() Setting a presence extension: org.jitsi.xmpp.extensions.jibri.JibriStatusPacketExt@504ca55b 2020-03-20 09:15:16.798 FINE: [38] org.jitsi.xmpp.mucclient.MucClientManager.log() Replacing presence extension: org.jitsi.xmpp.extensions.jibri.JibriStatusPacketExt@5aa6202e 2020-03-20 09:15:16.800 FINE: [32] org.jitsi.xmpp.extensions.DefaultPacketExtensionProvider.parse() Could not add a provider for element busy-status from namespace http://jitsi.org/protocol/jibri 2020-03-20 09:15:16.801 FINE: [32] org.jitsi.xmpp.extensions.DefaultPacketExtensionProvider.parse() Could not add a provider for element health-status from namespace http://jitsi.org/protocol/health 2020-03-20 09:15:16.928 SEVERE: [48] org.jitsi.jibri.selenium.JibriSelenium.run() An error occurred while joining the call: org.openqa.selenium.WebDriverException: : Failed to read the 'localStorage' property from 'Window': Access is denied for this document. (Session info: chrome=78.0.3904.108) (Driver info: chromedriver=78.0.3904.105 (60e2d8774a8151efa6a00b1f358371b1e0e07ee2-refs/branch-heads/3904@{#877}),platform=Linux 4.15.0-91-generic x86_64) (WARNING: The server did not provide any stacktrace information) Command duration or timeout: 0 milliseconds Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: '6648c4582aae', ip: '172.18.0.4', os.name: 'Linux', os.arch: 'amd64', os.version: '4.15.0-91-generic', java.version: '1.8.0_222' Driver info: org.openqa.selenium.chrome.ChromeDriver Capabilities {acceptInsecureCerts: false, acceptSslCerts: false, applicationCacheEnabled: false, browserConnectionEnabled: false, browserName: chrome, chrome: {chromedriverVersion: 78.0.3904.105 (60e2d8774a81..., userDataDir: /tmp/.com.google.Chrome.cJTEvn}, cssSelectorsEnabled: true, databaseEnabled: false, goog:chromeOptions: {debuggerAddress: localhost:41075}, handlesAlerts: true, hasTouchScreen: false, javascriptEnabled: true, locationContextEnabled: true, mobileEmulationEnabled: false, nativeEvents: true, networkConnectionEnabled: false, pageLoadStrategy: normal, platform: LINUX, platformName: LINUX, proxy: Proxy(), rotatable: false, setWindowRect: true, strictFileInteractability: false, takesHeapSnapshot: true, takesScreenshot: true, timeouts: {implicit: 0, pageLoad: 300000, script: 30000}, unexpectedAlertBehaviour: ignore, unhandledPromptBehavior: ignore, version: 78.0.3904.108, webStorageEnabled: true} Session ID: c7d783873cf12c9cf21c44af1ca43a71 with stack: sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) java.lang.reflect.Constructor.newInstance(Constructor.java:423) org.openqa.selenium.remote.ErrorHandler.createThrowable(ErrorHandler.java:214) org.openqa.selenium.remote.ErrorHandler.throwIfResponseFailed(ErrorHandler.java:166) org.openqa.selenium.remote.http.JsonHttpResponseCodec.reconstructValue(JsonHttpResponseCodec.java:40) org.openqa.selenium.remote.http.AbstractHttpResponseCodec.decode(AbstractHttpResponseCodec.java:80) org.openqa.selenium.remote.http.AbstractHttpResponseCodec.decode(AbstractHttpResponseCodec.java:44) org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:158) org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:83) org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:543) org.openqa.selenium.remote.RemoteWebDriver.executeScript(RemoteWebDriver.java:480) org.jitsi.jibri.selenium.JibriSelenium.setLocalStorageValues(JibriSelenium.kt:175) org.jitsi.jibri.selenium.JibriSelenium.access$setLocalStorageValues(JibriSelenium.kt:112) org.jitsi.jibri.selenium.JibriSelenium$joinCall$1.run(JibriSelenium.kt:255) java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) java.util.concurrent.FutureTask.run(FutureTask.java:266) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) java.lang.Thread.run(Thread.java:748) 2020-03-20 09:15:16.931 INFO: [48] org.jitsi.jibri.selenium.JibriSelenium.onSeleniumStateChange() Transitioning from state Starting up to Error: SESSION Failed to join call 2020-03-20 09:15:16.931 INFO: [48] org.jitsi.jibri.service.impl.FileRecordingJibriService.onServiceStateChange() File recording service transitioning from state Starting up to Error: SESSION Failed to join call 2020-03-20 09:15:16.932 INFO: [48] org.jitsi.jibri.api.xmpp.XmppApi.invoke() Current service had an error, sending error iq 2020-03-20 09:15:16.932 FINE: [48] org.jitsi.jibri.statsd.JibriStatsDClient.incrementCounter() Incrementing statsd counter: stop:recording 2020-03-20 09:15:16.933 INFO: [48] org.jitsi.jibri.JibriManager.stopService() Stopping the current service 2020-03-20 09:15:16.933 INFO: [48] org.jitsi.jibri.service.impl.FileRecordingJibriService.stop() Stopping capturer 2020-03-20 09:15:16.934 INFO: [48] org.jitsi.jibri.util.JibriSubprocess.ffmpeg.stop() Stopping ffmpeg process 2020-03-20 09:15:16.934 INFO: [48] org.jitsi.jibri.util.JibriSubprocess.ffmpeg.stop() ffmpeg exited with value null 2020-03-20 09:15:16.934 INFO: [48] org.jitsi.jibri.service.impl.FileRecordingJibriService.stop() Quitting selenium 2020-03-20 09:15:16.943 INFO: [48] org.jitsi.jibri.service.impl.FileRecordingJibriService.stop() Participants in this recording: [] 2020-03-20 09:15:16.987 INFO: [48] org.jitsi.jibri.selenium.JibriSelenium.leaveCallAndQuitBrowser() Got 0 log entries for type browser 2020-03-20 09:15:17.001 INFO: [48] org.jitsi.jibri.selenium.JibriSelenium.leaveCallAndQuitBrowser() Got 110 log entries for type driver 2020-03-20 09:15:17.026 INFO: [48] org.jitsi.jibri.selenium.JibriSelenium.leaveCallAndQuitBrowser() Got 0 log entries for type client 2020-03-20 09:15:17.027 INFO: [48] org.jitsi.jibri.selenium.JibriSelenium.leaveCallAndQuitBrowser() Leaving web call 2020-03-20 09:15:17.045 INFO: [48] org.jitsi.jibri.selenium.JibriSelenium.leaveCallAndQuitBrowser() Quitting chrome driver 2020-03-20 09:15:17.116 INFO: [48] org.jitsi.jibri.selenium.JibriSelenium.leaveCallAndQuitBrowser() Chrome driver quit 2020-03-20 09:15:17.116 INFO: [48] org.jitsi.jibri.service.impl.FileRecordingJibriService.stop() Finalizing the recording 2020-03-20 09:15:27.125 SEVERE: [48] org.jitsi.jibri.service.impl.FileRecordingJibriService.finalize() Timed out waiting for process logger task to complete 2020-03-20 09:15:27.126 INFO: [48] org.jitsi.jibri.service.impl.FileRecordingJibriService.finalize() Recording finalize script finished with exit value 0 2020-03-20 09:15:27.127 INFO: [48] org.jitsi.jibri.status.JibriStatusManager.log() Busy status has changed: BUSY -> IDLE 2020-03-20 09:15:27.128 INFO: [48] org.jitsi.jibri.api.xmpp.XmppApi.updatePresence() Jibri reports its status is now JibriStatus(busyStatus=IDLE, health=OverallHealth(healthStatus=HEALTHY, details={})), publishing presence to connections 2020-03-20 09:15:27.128 INFO: [48] org.jitsi.xmpp.mucclient.MucClientManager.log() Setting a presence extension: org.jitsi.xmpp.extensions.jibri.JibriStatusPacketExt@754e0f5b 2020-03-20 09:15:27.129 FINE: [48] org.jitsi.xmpp.mucclient.MucClientManager.log() Replacing presence extension: org.jitsi.xmpp.extensions.jibri.JibriStatusPacketExt@504ca55b 2020-03-20 09:15:27.132 FINE: [32] org.jitsi.xmpp.extensions.DefaultPacketExtensionProvider.parse() Could not add a provider for element busy-status from namespace http://jitsi.org/protocol/jibri 2020-03-20 09:15:27.132 FINE: [32] org.jitsi.xmpp.extensions.DefaultPacketExtensionProvider.parse() Could not add a provider for element health-status from namespace http://jitsi.org/protocol/health ```

[morphles]

Interesting information, thanks, if that is the cases possibly fix is simpler than working around chromes security stuff, I'll see maybe I can figure out some modifications to nginx confs then.

[sualko]

but after enabling I can still not access the container via port 443. Even from the outside I get "Connection reset by peer". My guess is that the nginx config breaks without letsencrypt.

Forgot to delete the config after changing the env file. Now nginx is listening on port 443. Now I also see the chrome ssl warning:

[0403/085912.457416:ERROR:cert_verify_proc_nss.cc(1011)] CERT_PKIXVerifyCert for meet.jitsi failed err=-8172
[0403/085912.457725:ERROR:ssl_client_socket_impl.cc(969)] handshake failed; returned -1, SSL error code 1, net_error -202

[morphles]

So I have some own wildcard certificates, and tried editing .env
XMPP_SERVER=xmpp.meet.jitsi to XMPP_SERVER=video.test.ours.com though keeping ~/.jitsi-meet-cfg close to as is (well certs for web are mine, and changed domain in couple nginx and prosody confs), but now calls drop just as soon as second person joins. but maybe I just need to edit more of configs in there. Or do XMPP_DOMAIN, XMPP_SERVER, XMPP_MUC_DOMAIN, etc. have to be related in some "subtringy way" ? And thus do I need to also edit there? Will try some more on Monday. How is https://meet.jit.si/ set up ? :)

[primoitt83]

Try edit .env

Look for: meet.jitsi Change to: video.test.ours.com

After docker is up give a try to connect on Prosody port like this:

telnet xmpp.video.test.ours.com 5222

[rodrigopavezi]

I have deployed all into kubernetes. Now, I cannot record and there is an error message on the client but no error on the servers.

2020-04-03 11:41:26.089 BRT 2020-04-03 07:41:26.088 FINE: [30] org.jitsi.xmpp.extensions.DefaultPacketExtensionProvider.parse() Could not add a provider for element busy-status from namespace http://jitsi.org/protocol/jibri

2020-04-03 11:41:26.089 BRT 2020-04-03 07:41:26.089 FINE: [30] org.jitsi.xmpp.extensions.DefaultPacketExtensionProvider.parse() Could not add a provider for element health-status from namespace http://jitsi.org/protocol/health

That is the last thing is logged on jibri. It looks like my start recording request is not getting to jibri.

And this is somewhere in the middle:

"2020-04-03 07:41:25.365 WARNING: [1] org.glassfish.jersey.internal.inject.Providers.checkProviderRuntime() A provider org.jitsi.jibri.api.http.HttpApi registered in SERVER runtime does not implement any provider interfaces applicable in the SERVER runtime. Due to constraint configuration problems the provider org.jitsi.jibri.api.http.HttpApi will be ignored.

Does anyone know what could be?

Cheers

[primoitt83]

Check Prosody logs

If Jibri connects properly should be something like this:

c2s55edc956de50 info Authenticated as jibri@auth.meet.jitsi

And in Jibri logs

2020-04-03 10:44:15.878 INFO: [19] org.jitsi.xmpp.mucclient.MucClient.log() [MucClient id=xmpp.meet.jitsi hostname=xmpp.meet.jitsi] connected
2020-04-03 10:44:17.051 INFO: [19] org.jitsi.xmpp.mucclient.MucClient.log() Joined MUC: jibribrewery@internal-muc.meet.jitsi

At this time Jibri is avaliable for recording

[rodrigopavezi]

@primoitt83 Thanks!!

It is all right there in the logs. But still jibri is not getting the start recording request.

One thing to notice, they are all behind a NAT and the only service that is exposed is the jitsi-meet one.

Would that be a problem?

[primoitt83]

Not at all.. do you have a valid domain? Did you set a true Letsencrypt CA?

Do you have something like this on Jibri logs?

2020-03-27 20:37:15.794 SEVERE: [48] org.jitsi.jibri.selenium.JibriSelenium.run() An error occurred while joining the call: org.openqa.selenium.WebDriverException: <unknown>: Failed to read the 'localStorage' property from 'Window': Access is denied for this document.
  (Session info: chrome=80.0.3987.149)
  (Driver info: chromedriver=80.0.3987.106 (f68069574609230cf9b635cd784cfb1bf81bb53a-refs/branch-heads/3987@{#882}),platform=Linux 3.10.0-1062.18.1.el7.x86_64 x86_64) (WARNING: The server did not provide any stacktrace information)

[rodrigopavezi]

@primoitt83

Yeap, a valid domain with a valid CA. public-live.harmony.chat

Nope. That is all I have.

2020-04-03 08:09:02.570 INFO: [1] org.jitsi.jibri.Main.main() Jibri run with args [--config, /etc/jitsi/jibri/config.json]
2020-04-03 08:09:02.651 INFO: [1] org.jitsi.jibri.Main.main() Using config file /etc/jitsi/jibri/config.json
2020-04-03 08:09:02.654 INFO: [1] org.jitsi.jibri.Main.main() Using port 3333 for internal HTTP API
2020-04-03 08:09:02.670 INFO: [1] org.jitsi.jibri.Main.main() Using port 2222 for the HTTP API
2020-04-03 08:09:09.039 INFO: [1] org.jitsi.jibri.Main.loadConfig() Parsed config:
JibriConfig(recordingDirectory=/config/recordings, singleUseMode=false, enabledStatsD=true, finalizeRecordingScriptPath=/config/finalize.sh, xmppEnvironments=[XmppEnvironmentConfig(name=prod environment, xmppServerHosts=[localhost], xmppDomain=public-live.harmony.chat, controlLogin=XmppCredentials(domain=auth.public-live.harmony.chat, username=jibri, password=), controlMuc=XmppMuc(domain=internal-muc.public-live.harmony.chat, roomName=publicliveharmonychat, nickname=jibri-instanse-publicliveharmonychat), sipControlMuc=null, callLogin=XmppCredentials(domain=record.public-live.harmony.chat, username=recorder, password=), stripFromRoomDomain=muc., usageTimeoutMins=0, trustAllXmppCerts=true)])
2020-04-03 08:09:11.137 WARNING: [1] org.glassfish.jersey.internal.inject.Providers.checkProviderRuntime() A provider org.jitsi.jibri.api.http.internal.InternalHttpApi registered in SERVER runtime does not implement any provider interfaces applicable in the SERVER runtime. Due to constraint configuration problems the provider org.jitsi.jibri.api.http.internal.InternalHttpApi will be ignored. 
2020-04-03 08:09:11.837 INFO: [1] org.jitsi.jibri.api.xmpp.XmppApi.updatePresence() Jibri reports its status is now JibriStatus(busyStatus=IDLE, health=OverallHealth(healthStatus=HEALTHY, details={})), publishing presence to connections
2020-04-03 08:09:11.840 INFO: [1] org.jitsi.xmpp.mucclient.MucClientManager.log() Setting a presence extension: org.jitsi.xmpp.extensions.jibri.JibriStatusPacketExt@771158fb
2020-04-03 08:09:11.854 INFO: [1] org.jitsi.jibri.api.xmpp.XmppApi.start() Connecting to xmpp environment on localhost with config XmppEnvironmentConfig(name=prod environment, xmppServerHosts=[localhost], xmppDomain=public-live.harmony.chat, controlLogin=XmppCredentials(domain=auth.public-live.harmony.chat, username=jibri, password=), controlMuc=XmppMuc(domain=internal-muc.public-live.harmony.chat, roomName=publicliveharmonychat, nickname=jibri-instanse-publicliveharmonychat), sipControlMuc=null, callLogin=XmppCredentials(domain=record.public-live.harmony.chat, username=recorder, password=), stripFromRoomDomain=muc., usageTimeoutMins=0, trustAllXmppCerts=true)
2020-04-03 08:09:11.861 INFO: [1] org.jitsi.jibri.api.xmpp.XmppApi.start() The trustAllXmppCerts config is enabled for this domain, all XMPP server provided certificates will be accepted
2020-04-03 08:09:11.893 FINE: [19] org.jitsi.xmpp.mucclient.MucClient.log() Initializing a new MucClient for [ org.jitsi.xmpp.mucclient.MucClientConfiguration id=localhost domain=auth.public-live.harmony.chat hostname=localhost username=jibri mucs=[publicliveharmonychat@internal-muc.public-live.harmony.chat] mucNickname=jibri-instanse-publicliveharmonychat disableCertificateVerification=true]
2020-04-03 08:09:11.944 WARNING: [19] org.jitsi.xmpp.mucclient.MucClient.log() Disabling certificate verification!
2020-04-03 08:09:12.089 WARNING: [1] org.glassfish.jersey.internal.inject.Providers.checkProviderRuntime() A provider org.jitsi.jibri.api.http.HttpApi registered in SERVER runtime does not implement any provider interfaces applicable in the SERVER runtime. Due to constraint configuration problems the provider org.jitsi.jibri.api.http.HttpApi will be ignored. 
2020-04-03 08:09:12.093 FINE: [19] org.jitsi.xmpp.mucclient.MucClient.log() [MucClient id=localhost hostname=localhost] about to connect and login.
2020-04-03 08:09:12.590 INFO: [19] org.jitsi.xmpp.mucclient.MucClient.log() [MucClient id=localhost hostname=localhost] connected
2020-04-03 08:09:12.715 FINE: [19] org.jitsi.xmpp.mucclient.MucClient.log() [MucClient id=localhost hostname=localhost] authenticated, b=false
2020-04-03 08:09:12.717 FINE: [19] org.jitsi.xmpp.mucclient.MucClient.log() [MucClient id=localhost hostname=localhost] about to join MUCs.
2020-04-03 08:09:12.779 INFO: [19] org.jitsi.xmpp.mucclient.MucClient.log() Joined MUC: publicliveharmonychat@internal-muc.public-live.harmony.chat
2020-04-03 08:09:12.784 FINE: [30] org.jitsi.xmpp.extensions.DefaultPacketExtensionProvider.parse() Could not add a provider for element busy-status from namespace http://jitsi.org/protocol/jibri
2020-04-03 08:09:12.785 FINE: [30] org.jitsi.xmpp.extensions.DefaultPacketExtensionProvider.parse() Could not add a provider for element health-status from namespace http://jitsi.org/protocol/health

Cheers

[primoitt83]

Your Jibri looks good...

Try to click on Record button on Jitsi-meet and see what it changes on Jibri's logs..

I'm out of ideas here..

[rodrigopavezi]

Yeah, tried a couple of times. nothing is logged on Jibri. It seems the request from jitsi-meet is not passing to Jibri somehow.

[primoitt83]

@rodrigopavezi Is your Jibri running on Docker? Or is it a standalone install like this?

https://github.com/jitsi/jibri

In my experience Jibri needs 3 services: jibri-xorg, jibri-icewm and jibri

Can you check if this services are running?

[rodrigopavezi]

@primoitt83 I think they are all running correctly. I am using this docker image: image: jitsi/jibri

Here is the list of jibri processes:

root         228       1  0 08:08 ?        00:00:00 s6-supervise 30-jibri
jibri        231     229  0 08:08 ?        00:00:00 /usr/bin/icewm-session
jibri        232     227  0 08:08 ?        00:00:02 /usr/lib/xorg/Xorg -nocursor -noreset +extension RANDR +extension RENDER -logfile /tmp/xorg.log -config /etc/jitsi/jibri/xorg-video-dummy.conf :0
jibri        236     228  0 08:08 ?        00:00:09 java -Djava.util.logging.config.file=/etc/jitsi/jibri/logging.properties -jar /opt/jitsi/jibri/jibri.jar --config /etc/jitsi/jibri/config.json
jibri        248     231  0 08:08 ?        00:00:00 icewmbg
jibri        249     231  0 08:08 ?        00:00:04 icewm --notify
jibri        267     231  0 08:09 ?        00:00:00 icewmtray --notify

[primoitt83]

Try connect to Jibri and on its console type:

# lsmod | grep snd_aloop

[rodrigopavezi]

It is there I configured the nodes.

snd_aloop              24576  0
snd_pcm                98304  1 snd_aloop
snd                    81920  3 snd_timer,snd_aloop,snd_pcm

[primoitt83]

Yeah.. that's correct

Maybe

# /etc/init.d/jibri-xorg status

# /etc/init.d/jibri-icewm status

# /etc/init.d/jibri status

[rodrigopavezi]

They aren't there in the container. not sure they should though

[rodrigopavezi]

I see jitsi-meet sending this:

<body rid='2876005789' xmlns='http://jabber.org/protocol/httpbind' sid='c53110ee-aa59-487e-9339-ceb488aceb30'>
    <iq to='harmonychatmldhahkbxmxxqesafgeneral@muc.public-live.harmony.chat/focus' type='set' xmlns='jabber:client' id='314476fa-460c-49fc-a4b2-7355775a4c28:sendIQ'>
        <jibri xmlns='http://jitsi.org/protocol/jibri' action='start' app_data='{&quot;file_recording_metadata&quot;:{&quot;share&quot;:true}}' recording_mode='file'/>
    </iq>
</body>

And the result is this:

<body xmlns='http://jabber.org/protocol/httpbind' xmlns:stream='http://etherx.jabber.org/streams' sid='2887f8b9-41f6-408f-b488-d565adc982cd'>
    <iq to='3719bcf8-898a-467e-b64f-ca8aa5e917b8@public-live.harmony.chat/p2GFpP15' from='harmonychatmldhahkbxmxxqesafgeneral@muc.public-live.harmony.chat/focus' id='98a0a076-243e-4ea7-9b46-a05c3a22ae0b:sendIQ' xmlns='jabber:client' type='error'>
        <error type='cancel'>
            <item-not-found xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
        </error>
    </iq>
</body>

[primoitt83]

Don't know..

maybe xmpp address is not correct?

From a container try:

# telnet xmpp.public-live.harmony.chat 5222

[rodrigopavezi]

https://github.com/jitsi/lib-jitsi-meet/blob/4733c537ce213a533cf69918f990216a52f92ec8/JitsiConnectionErrors.js#L10-L15

 * One example is 'item-not-found' error thrown by Prosody when the BOSH session
 * times out after 60 seconds of inactivity. On the other hand 'item-not-found'
 * could also happen when BOSH request is sent to the server with the session-id
 * that is not know to the server. But this should not happen in lib-jitsi-meet
 * case as long as the service is configured correctly (there is no bug).
 */

[rodrigopavezi]

this works

# telnet public-live.harmony.chat 5222

[primoitt83]

Maybe you need to make it works on

telnet xmpp.public-live.harmony.chat 5222

is public-live.harmony.chat your main domain?

[rodrigopavezi]

Ah, I see it could be. Yeap it is the main domain

[primoitt83]

If your domain is meet.jitsi so your xmpp server should be xmpp.meet.jitsi

So if your domain is public-live.harmony.chat xmpp server should be xmpp.public-live.harmony.chat

[nyok92]

Hi, I tried to put my real certificate (coming from traefik reverse proxy) to nginx jitsi-web. Then from jiti-jibri , i can curl jitsi-web:

root@a36b9a941352:/# curl -v https://mydomain
* Rebuilt URL to: https://mydomain
*   Trying 10.0.74.2...
* TCP_NODELAY set
* Connected to mydomain (10.0.74.2) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=mydomain
*  start date: Mar 27 14:46:29 2020 GMT
*  expire date: Jun 25 14:46:29 2020 GMT
*  subjectAltName: host "mydomain" matched cert's "mydomain"
*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
*  SSL certificate verify ok.
> GET / HTTP/1.1
> Host: mydomain
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx/1.10.3
< Date: Sat, 04 Apr 2020 11:15:16 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
<

Then i relaunch nginx inside docker and tried to record a meeting, but still getting the same error on jirbri's logs:

2020-04-03 18:07:36.072 FINE: [39] org.jitsi.xmpp.mucclient.MucClient.log() Received an IQ with type set: IQ Stanza (jibri http://jitsi.org/protocol/jibri) [to=jibri@auth.mydomain/F_pEdIef,from=jibribrewery@internal-muc.mydomain/focus,id=amlicmlAYXV0aC5qaXRzaS5iZW5lbG9zLmV1L0ZfcEVkSWVmAG9xUlhBLTMyNjIAiID2mxClhpzJAOCePD+E4A==,type=set,] 2020-04-03 18:07:36.072 INFO: [39] org.jitsi.jibri.api.xmpp.XmppApi.handleJibriIq() Received JibriIq from environment [MucClient id=xmpp.mydomain hostname=xmpp.mydomain] 2020-04-03 18:07:36.073 INFO: [39] org.jitsi.jibri.api.xmpp.XmppApi.handleStartJibriIq() Received start request 2020-04-03 18:07:36.073 INFO: [39] org.jitsi.jibri.api.xmpp.XmppApi.handleStartJibriIq() Sending 'pending' response to start IQ 2020-04-03 18:07:36.073 INFO: [40] org.jitsi.jibri.api.xmpp.XmppApi.run() Starting service 2020-04-03 18:07:36.075 INFO: [40] org.jitsi.jibri.api.xmpp.XmppApi.handleStartService() Parsed call url info: CallUrlInfo(baseUrl=https://mydomain, callName=test, urlParams=[]) 2020-04-03 18:07:36.076 INFO: [40] org.jitsi.jibri.JibriManager.startFileRecording() Starting a file recording with params: FileRecordingRequestParams(callParams=CallParams(callUrlInfo=CallUrlInfo(baseUrl=https://mydomain, callName=test, urlParams=[])), sessionId=uzudnunmtssggnro, callLoginParams=XmppCredentials(domain=recorder.mydomain, username=recorder, password=passw0rd)) finalize script path: /config/finalize.sh and recordings directory: /config/recordings Starting ChromeDriver 80.0.3987.106 (f68069574609230cf9b635cd784cfb1bf81bb53a-refs/branch-heads/3987@{#882}) on port 21268 Only local connections are allowed. Please protect ports used by ChromeDriver and related test frameworks to prevent access by malicious code. 2020-04-03 18:07:36.249 SEVERE: [40] org.jitsi.jibri.api.xmpp.XmppApi.run() Error starting Jibri service : org.openqa.selenium.WebDriverException: unknown error: Chrome failed to start: crashed. (unknown error: DevToolsActivePort file doesn't exist) (The process started from chrome location /usr/bin/google-chrome is no longer running, so ChromeDriver is assuming that Chrome has crashed.) (Driver info: chromedriver=80.0.3987.106 (f68069574609230cf9b635cd784cfb1bf81bb53a-refs/branch-heads/3987@{#882}),platform=Linux 4.15.0-91-generic x86_64) (WARNING: The server did not provide any stacktrace information) Command duration or timeout: 156 milliseconds Build info: version: 'unknown', revision: 'unknown', time: 'unknown' System info: host: 'a36b9a941352', ip: '10.0.74.49', os.name: 'Linux', os.arch: 'amd64', os.version: '4.15.0-91-generic', java.version: '1.8.0_242' Driver info: driver.version: ChromeDriver with stack: sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) java.lang.reflect.Constructor.newInstance(Constructor.java:423) org.openqa.selenium.remote.ErrorHandler.createThrowable(ErrorHandler.java:214) org.openqa.selenium.remote.ErrorHandler.throwIfResponseFailed(ErrorHandler.java:166) org.openqa.selenium.remote.JsonWireProtocolResponse.lambda$new$0(JsonWireProtocolResponse.java:53) org.openqa.selenium.remote.JsonWireProtocolResponse.lambda$getResponseFunction$2(JsonWireProtocolResponse.java:91) org.openqa.selenium.remote.ProtocolHandshake.lambda$createSession$0(ProtocolHandshake.java:123) java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) java.util.Spliterators$ArraySpliterator.tryAdvance(Spliterators.java:958) java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:126) java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:499) java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:486) java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:472) java.util.stream.FindOps$FindOp.evaluateSequential(FindOps.java:152) java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) java.util.stream.ReferencePipeline.findFirst(ReferencePipeline.java:531) org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:126) org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:73) org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:136) org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:83) org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:543) org.openqa.selenium.remote.RemoteWebDriver.startSession(RemoteWebDriver.java:207) org.openqa.selenium.remote.RemoteWebDriver.(RemoteWebDriver.java:130) org.openqa.selenium.chrome.ChromeDriver.(ChromeDriver.java:181) org.openqa.selenium.chrome.ChromeDriver.(ChromeDriver.java:168) org.jitsi.jibri.selenium.JibriSelenium.(JibriSelenium.kt:156) org.jitsi.jibri.selenium.JibriSelenium.(JibriSelenium.kt:113) org.jitsi.jibri.service.impl.FileRecordingJibriService.(FileRecordingJibriService.kt:105) org.jitsi.jibri.JibriManager.startFileRecording(JibriManager.kt:134) org.jitsi.jibri.api.xmpp.XmppApi.handleStartService(XmppApi.kt:285) org.jitsi.jibri.api.xmpp.XmppApi.access$handleStartService(XmppApi.kt:67) org.jitsi.jibri.api.xmpp.XmppApi$handleStartJibriIq$1.run(XmppApi.kt:195) java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) java.util.concurrent.FutureTask.run(FutureTask.java:266) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) java.lang.Thread.run(Thread.java:748)

I don't understand theese errors coming from chrome driver:

Only local connections are allowed. Please protect ports used by ChromeDriver and related test frameworks to prevent access by malicious code.

Do I have to allow chrome to get secure connection to jitsi's room (jitsi web) ? and this one coming from selenium:

DevToolsActivePort file doesn't exist)

Do you have any other idea to investigate ?

[primoitt83]

Is it a docker or standalone Jibri?

Please protect ports used by ChromeDriver and related test frameworks to prevent access by malicious code.
2020-04-03 18:07:36.249 SEVERE: [40] org.jitsi.jibri.api.xmpp.XmppApi.run() Error starting Jibri service : org.openqa.selenium.WebDriverException: unknown error: Chrome failed to start: crashed.
(unknown error: DevToolsActivePort file doesn't exist)
(The process started from chrome location /usr/bin/google-chrome is no longer running, so ChromeDriver is assuming that Chrome has crashed.)

Check Chrome and Chrome driver version. They need to match.

[nyok92]

It is the official docker one. I use the latest tag. Inside jibri's container i can only see: X.Org X Server 1.19.2 xorg-server 2:1.19.2-1+deb9u5 pixman: 0.34.0 chromedriver=80.0.3987.106

Idon't know where to check google-chrome version, but in the official dockerfile used to make dockerhub images, it's used to be the "latest" version so does chrome driver.

I think i do have an issue with xorg maybe it's related to chrome, i've got this error: Failed to connect to the bus: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory

[nyok92]

i've find my google-chrome version : root@19b6d899239f:/# google-chrome --version Google Chrome 80.0.3987.149 Which is not exactly the same than chromedriver...

[nyok92]

But it is ok for version match: "If you are using Chrome version 80, please download ChromeDriver 80.0.3987.106" on

[primoitt83]

Yeah. They match.

So if xorg is running properly now I'm out of ideas.. Sorry

[ktechmidas]

So in summary to fix this issue we need

• self signed certs for jitsi.meet
• nginx config to use self-signed certs

And it'll all start working again?

But the nginx config is just dummy and doesn't actually need to do anything?

[maltokyo]

This post: https://community.jitsi.org/t/failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/29079?_escaped_fragment_=

Claims they have fixed this with simply:

replace meet.jitsi with my domain.com in .env file

Can anyone verify?

[maltokyo]

How can we change this setting without a GUI, can anyone help?

https://www.chromium.org/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document

[dotnetautor]

Replacing meet.jitsi in the .env file with domain.com only seems to works if you don't use an external HTTPS handler ( means HTTPS is handled directly in the jitsi/web container).

In case of an external handler for HTTPS like traefik or an external nginx is used, the TLS certificate of this external HTTPS handler should also be configured in the nginx of the jitsi/web container.

Even if meet.jitsi in the .env file is replaced with domain.com jibri still will access the nginx of the jitsi/web container. So the chrome in the Jibri should either accept all certificates or learn to trust the self generated certificate of the jitsi/web container by importing.

If we can mange that Jibri will accept all certificates or trust the self generated certificate of the jitsi/web container there will be no need to change meet.jitsi in the .env file with domain.com anymore.

[ktechmidas]

This post: https://community.jitsi.org/t/failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/29079?_escaped_fragment_=

Claims they have fixed this with simply:

replace meet.jitsi with my domain.com in .env file

Can anyone verify?

Can confirm, changing that works but not as a self-signed certificate. Once we got the letsencrypt certs and did the replacement it worked fine.

(However ENABLE_LETSENCRYPT was breaking for us so we just went and manually got them, copied them into config folder, and did chattr +i then restarted web instance as suggested above somewhere)

[maltokyo]

This post: https://community.jitsi.org/t/failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/29079?_escaped_fragment_=

Claims they have fixed this with simply:

replace meet.jitsi with my domain.com in .env file

Can anyone verify?

Can confirm, changing that works but not as a self-signed certificate. Once we got the letsencrypt certs and did the replacement it worked fine.

(However ENABLE_LETSENCRYPT was breaking for us so we just went and manually got them, copied them into config folder, and did chattr +i then restarted web instance as suggested above somewhere)

Could you please give step by step guide on your workaround ? I still can't work it out ;( i.e. what you changed in env file, where you moved certs from and too?

I use an automated letsencrypt enabled Nginx reverse proxy docker. I think I can work out where the certs are in that but no idea what to do with them. Thanks!

[primoitt83]

Go to jitsi-web container.

Take a look here to change CA:

# cat /config/nginx/ssl.conf

[morphles]

For blocking cookies thing, I actually tried it couple days ago via policy in jibri docker image (and restarting container) but it did not seem to work. https://www.chromium.org/administrators/policy-list-3#BlockThirdPartyCookies Adding to file: /etc/opt/chrome/policies/managed/managed_policies.json which already contains option to ignore certain security warnings - cert warnings. Maybe I did something wrong? Others could try and report?

[maltokyo]

Go to jitsi-web container.

Take a look here to change CA:

# cat /config/nginx/ssl.conf

Thank you @primoitt83 - what to change it to?

[teodly]

I managed to fix it with self-signed ceriticate. It's in my branch, here: https://github.com/teowoz/docker-jitsi-meet/commit/8f5a05cdb44b354da715d686e4efa46edebb0bb3 This commit contains additional unrelated change: ability to build and use jibri jar without relying on Debian packages, because I needed to change the YouTube RTMP prefix to my own RTMP server.

The changes needed to fix the certificate problem are:

• generate proper certificate (subjectAltNames with meet.jitsi internal domain is required) in web/rootfs/etc/cont-init.d/10-config
• add that self-signed certificate to Chrome's certificate chain - jibri/rootfs/etc/cont-init.d/11-get-https-cert
• install libnss3-tools APT package in jibri/Dockerfile

[morphles]

@teowoz sounds quite workable, will give it a try!

[nyok92]

Hi Teowoz, Thank you for the help. I've tried your fix but my jibri's container failed. Do you have an idea about what i did wrong ? Here are the logs :

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.

[s6-init] ensuring user provided files have correct perms...exited 0.

[fix-attrs.d] applying ownership & permissions fixes...

[fix-attrs.d] done.

[cont-init.d] executing container initialization scripts...

[cont-init.d] 01-set-timezone: executing...

[cont-init.d] 01-set-timezone: exited 0.

[cont-init.d] 10-config: executing...

stat: cannot stat '/dev/snd/pcmC0D0p': No such file or directory

Usage: usermod [options] LOGIN

Options:

-c, --comment COMMENT new value of the GECOS field

-d, --home HOME_DIR new home directory for the user account

-e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE

-f, --inactive INACTIVE set password inactive after expiration

                            to INACTIVE

-g, --gid GROUP force use GROUP as new primary group

-G, --groups GROUPS new list of supplementary GROUPS

-a, --append append the user to the supplemental GROUPS

                            mentioned by the -G option without removing

                            him/her from other groups

-h, --help display this help message and exit

-l, --login NEW_LOGIN new value of the login name

-L, --lock lock the user account

-m, --move-home move contents of the home directory to the

                            new location (use only with -d)

-o, --non-unique allow using duplicate (non-unique) UID

-p, --password PASSWORD use encrypted password for the new password

-R, --root CHROOT_DIR directory to chroot into

-s, --shell SHELL new login shell for the user account

-u, --uid UID new UID for the user account

-U, --unlock unlock the user account

-v, --add-subuids FIRST-LAST add range of subordinate uids

-V, --del-subuids FIRST-LAST remove range of subordinate uids

-w, --add-subgids FIRST-LAST add range of subordinate gids

-W, --del-subgids FIRST-LAST remove range of subordinate gids

-Z, --selinux-user SEUSER new SELinux user mapping for the user account

chmod: cannot access '/config/finalize.sh': No such file or directory

[cont-init.d] 10-config: exited 0.

[cont-init.d] 11-get-https-cert: executing...

depth=0 CN = meet.jitsi

verify error:num=18:self signed certificate

verify return:1

depth=0 CN = meet.jitsi

verify return:1

DONE

Updating certificates in /etc/ssl/certs...

1 added, 0 removed; done.

Running hooks in /etc/ca-certificates/update.d...

Adding debian:meet.pem

done.

done.

Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted

Failed to generate minidump.Illegal instruction (core dumped)

rm: cannot remove '/tmp/s.png': No such file or directory

[cont-init.d] 11-get-https-cert: exited 1.

[cont-finish.d] executing container finish scripts...

[cont-finish.d] done.

[s6-finish] waiting for services.

[s6-finish] sending all processes the TERM signal.

[s6-finish] sending all processes the KILL signal and exiting.

Le mar. 7 avr. 2020 à 13:58, morphles notifications@github.com a écrit :

@teowoz https://github.com/teowoz sounds quite workable, will give it a try!

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/jitsi/docker-jitsi-meet/issues/240#issuecomment-610344422, or unsubscribe https://github.com/notifications/unsubscribe-auth/AJTZLKW7PS5X5ZQYCAYN67DRLMIN3ANCNFSM4LQFBZCA .

[teodly]

@nyok92

stat: cannot stat '/dev/snd/pcmC0D0p': No such file or directory

Probably you don't have ALSA configured as stated in jibri README, or you started jibri container without required options (/dev/snd bind mount).

I'm using this command: docker-compose -f docker-compose.yml -f jibri.yml up -d and everything works. The jibri.yml file has all needed options included.

Also, remember to rebuild Docker images: make build JITSI_SERVICE=web make build JITSI_SERVICE=jibri

[primoitt83]

@teowoz Great job! Thx!

Is it possible to change how ffmpeg record the conferences?

I want to create a pool of Jibri and need to lower the quality of recording..

Lesser CPU hungry solution.. maybe use some GPU

[maltokyo]

teowoz@8f5a05c

Thank you @teowoz - is there a way with git I can just apply your patch to my installation with one command?

[teodly]

@maltokyo

is there a way with git I can just apply your patch to my installation with one command?

I've created branch with solely this fix: fix-certs-web-jibri https://github.com/teowoz/docker-jitsi-meet/tree/fix-certs-web-jibri To patch it without updating docker-jitsi-meet to the newest version, you'll need to cherry-pick. Then, rebuild Docker images: make build JITSI_SERVICE=web make build JITSI_SERVICE=jibri

@primoitt83

Is it possible to change how ffmpeg record the conferences?

Checkout my jibri-fixes branch. Then download jibri sources as a submodule: git submodule update --init --recursive --remote

and change what you want in sources in jibri/jibri directory. ffmpeg command line is generated in src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/Commands.kt. In src/main/kotlin/org/jitsi/jibri/service/impl/StreamingJibriService.kt you can change the big and greedy corporation YouTube to some other output, e.g. self-hosted :grin:

Then build Docker image for building, and build jar:

in main directory:

make build JITSI_SERVICE=jarbuild - this is a hack specific to my branch make build JITSI_SERVICE=jibri

and it should work.

[primoitt83]

@teowoz thank you so much! I'll try it soon!

[Syam]

Have the same issue, using a front nginx-proxy with letsencrypt certificates.

Any idea how to setup this ?

[nyok92]

Hi teowoz, do you use docker compose or docker stack deploy ? I've got errors using your branch ( using stack deploy):

[s6-init] making user provided files available at /var/run/s6/etc...exited 0., [s6-init] ensuring user provided files have correct perms...exited 0., [fix-attrs.d] applying ownership & permissions fixes..., [fix-attrs.d] done., [cont-init.d] executing container initialization scripts..., [cont-init.d] 01-set-timezone: executing... , [cont-init.d] 01-set-timezone: exited 0., [cont-init.d] 10-config: executing... , chmod: changing permissions of '/config/finalize.sh': Read-only file system, [cont-init.d] 10-config: exited 0., [cont-init.d] 11-get-https-cert: executing... , depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3, verify return:1, depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3, verify return:1, depth=0 CN = my.domain, verify return:1, DONE, Updating certificates in /etc/ssl/certs..., 1 added, 0 removed; done., Running hooks in /etc/ca-certificates/update.d..., , Adding debian:meet.pem, done., done., Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted, Failed to generate minidump.Illegal instruction (core dumped), rm: cannot remove '/tmp/s.png': No such file or directory, [cont-init.d] 11-get-https-cert: exited 1., [cont-finish.d] executing container finish scripts..., [cont-finish.d] done., [s6-finish] waiting for services., [s6-finish] sending all processes the TERM signal., [s6-finish] sending all processes the KILL signal and exiting.,

Do you have any idea ? Maybe it's related to the cap_add SYS_admin and NET_BIND_SERVICE which are not taken by docker stack deploy...

[nyok92]

1-OK I've managed to get it working , by adding --no-sandbox on google-come driver flags 2-I'm not using meet.jitsi, so I've changed all reference to this by my.domain in rootfs files. 3- then rebuilding jar and building jibri's container. Now on container's start:

[0410/133530.055186:ERROR:command_buffer_proxy_impl.cc(125)] ContextResult::kTransientFailure: Failed to send GpuChannelMsg_CreateCommandBuffer., Fontconfig warning: "/etc/fonts/fonts.conf", line 100: unknown element "blank", [0410/133530.271697:WARNING:audio_manager_linux.cc(52)] Falling back to ALSA for audio output. PulseAudio is not available or could not be initialized., xcb_connection_has_error() returned true, [0410/133530.608491:ERROR:web_contents_delegate.cc(218)] WebContentsDelegate::CheckMediaAccessPermission: Not supported., [0410/133530.608521:ERROR:web_contents_delegate.cc(218)] WebContentsDelegate::CheckMediaAccessPermission: Not supported., ALSA lib pcm_direct.c:1605:(_snd_pcm_direct_get_slave_ipc_offset) Invalid value for card, [0410/133530.683077:ERROR:alsa_util.cc(204)] PcmOpen: default,No such device, [0410/133530.683270:ERROR:alsa_util.cc(204)] PcmOpen: plug:default,No such device, [0410/133530.684965:ERROR:alsa_util.cc(204)] PcmOpen: default,No such device, [0410/133530.685166:ERROR:alsa_util.cc(204)] PcmOpen: plug:default,No such device

4 - Then when i start a recording, Jibri manage to connect to my session but, i've got some new issues with ffmpeg, maybe related to the first ones:

2020-04-10 14:00:24.076 INFO: [151] org.jitsi.jibri.capture.ffmpeg.FfmpegCapturer.onFfmpegProcessUpdate() Ffmpeg quit abruptly. Last output line: plug:bsnoop: Input/output error, 2020-04-10 14:00:24.075 FINE: [54] org.jitsi.jibri.util.ProcessStatePublisher.ffmpeg.invoke() Process ffmpeg hasn't written in 2 seconds, publishing periodic update, 2020-04-10 14:00:19.073 INFO: [148] org.jitsi.jibri.util.JibriSubprocess.ffmpeg.launch() Starting ffmpeg with command ffmpeg -y -v info -f x11grab -draw_mouse 0 -r 30 -s 1280x720 -thread_queue_size 4096 -i :0.0+0,0 -f alsa -thread_queue_size 4096 -i plug:bsnoop -acodec aac -strict -2 -ar 44100 -c:v libx264 -preset veryfast -profile:v main -level 3.1 -pix_fmt yuv420p -r 30 -crf 25 -g 60 -tune zerolatency -f mp4 /config/recordings/cidbvmsuyibtewph/test_2020-04-10-14-00-16.mp4 ([ffmpeg, -y, -v, info, -f, x11grab, -draw_mouse, 0, -r, 30, -s, 1280x720, -thread_queue_size, 4096, -i, :0.0+0,0, -f, alsa, -thread_queue_size, 4096, -i, plug:bsnoop, -acodec, aac, -strict, -2, -ar, 44100, -c:v, libx264, -preset, veryfast, -profile:v, main, -level, 3.1, -pix_fmt, yuv420p, -r, 30, -crf, 25, -g, 60, -tune, zerolatency, -f, mp4, /config/recordings/cidbvmsuyibtewph/test_2020-04-10-14-00-16.mp4]), 2020-04-10 14:00:19.053 INFO: [148] org.jitsi.jibri.service.impl.FileRecordingJibriService.invoke() Selenium joined the call, starting the capturer, 2020-04-10 14:00:19.053 INFO: [148] org.jitsi.jibri.selenium.JibriSelenium.onSeleniumStateChange() Transitioning from state Starting up to Running, 2020-04-10 14:00:19.044 INFO: [148] org.jitsi.jibri.selenium.pageobjects.CallPage.visit() Waited 1095 milliseconds for call page to load, 2020-04-10 14:00:17.602 FINE: [148] org.jitsi.jibri.selenium.pageobjects.CallPage.visit() Visiting url https://**my.domain**/test#config.iAmRecorder=true&config.externalConnectUrl=null&config.startWithAudioMuted=true&config.startWithVideoMuted=true&interfaceConfig.APP_NAME="Jibri"&config.analytics.disabled=true&config.p2p.enabled=false, 2020-04-10 14:00:34.123 INFO: [151] org.jitsi.jibri.capture.ffmpeg.FfmpegCapturer.onFfmpegProcessUpdate() Ffmpeg quit abruptly. Last output line: plug:bsnoop: Input/output error, 2020-04-10 14:00:34.123 FINE: [54] org.jitsi.jibri.util.ProcessStatePublisher.ffmpeg.invoke() Process ffmpeg hasn't written in 2 seconds, publishing periodic update, 2020-04-10 14:00:34.123 INFO: [54] org.jitsi.jibri.selenium.JibriSelenium.run() Jibri client receive bitrates: {}, all clients muted? false, 2020-04-10 14:00:32.075 INFO: [151] org.jitsi.jibri.capture.ffmpeg.FfmpegCapturer.onFfmpegProcessUpdate() Ffmpeg quit abruptly. Last output line: plug:bsnoop: Input/output error, 2020-04-10 14:00:32.075 FINE: [54] org.jitsi.jibri.util.ProcessStatePublisher.ffmpeg.invoke() Process ffmpeg hasn't written in 2 seconds, publishing periodic update, 2020-04-10 14:00:30.075 INFO: [151] org.jitsi.jibri.capture.ffmpeg.FfmpegCapturer.onFfmpegProcessUpdate() Ffmpeg quit abruptly. Last output line: plug:bsnoop: Input/output error, 2020-04-10 14:00:30.075 FINE: [54] org.jitsi.jibri.util.ProcessStatePublisher.ffmpeg.invoke() Process ffmpeg hasn't written in 2 seconds, publishing periodic update, 2020-04-10 14:00:28.075 INFO: [151] org.jitsi.jibri.capture.ffmpeg.FfmpegCapturer.onFfmpegProcessUpdate() Ffmpeg quit abruptly. Last output line: plug:bsnoop: Input/output error, 2020-04-10 14:00:28.075 FINE: [54] org.jitsi.jibri.util.ProcessStatePublisher.ffmpeg.invoke() Process ffmpeg hasn't written in 2 seconds, publishing periodic update, 2020-04-10 14:00:26.076 INFO: [151] org.jitsi.jibri.capture.ffmpeg.FfmpegCapturer.onFfmpegProcessUpdate() Ffmpeg quit abruptly. Last output line: plug:bsnoop: Input/output error, 2020-04-10 14:00:26.075 FINE: [54] org.jitsi.jibri.util.ProcessStatePublisher.ffmpeg.invoke() Process ffmpeg hasn't written in 2 seconds, publishing periodic update