search

openziti / ziti

The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
https://openziti.io
Apache License 2.0
2.25k stars 131 forks source link

Jitsi Meet Handbook service #1147

Open wangzy1065 opened 1 year ago

wangzy1065 commented 1 year ago

I have a Jitsi Meet Handbook service that uses the following configuration:

ziti edge create config "jitsi.intercept.v1" intercept.v1 '{"protocols":["tcp"],"addresses":["jitsi.meeting.oo"], "portRanges":[{"low":0, "high":65535}]}'
ziti edge create config "jitsi.host.v1" host.v1 '{"forwardProtocol":true, "allowedProtocols":["tcp","udp"], "address":"192.168.0.129", "forwardPort":true, "allowedPortRanges":[{"low":0, "high":65535}] }'
ziti edge create service "jitsi-app" --configs "jitsi.intercept.v1,jitsi.host.v1"
ziti edge create service-policy jitsi-app.bind Bind --service-roles "@jitsi-app" --identity-roles "@edge-router-142"
ziti edge create service-policy jitsi-app.dial Dial --service-roles "@jitsi-app" --identity-roles "#management"

When accessing the service, the user may drop the line. This issue requires you to actually build a jitsi Meet Handbook service to reproduce it

I have a regular web service that has opened 443 and 9527, which can be accessed according to the above configuration

wangzy1065 commented 1 year ago

https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart/

dovholuknf commented 1 year ago

Do I understand correctly, you installed OpenZiti and tried to run jitsi over it, but were disconnected for an unknown reason? If that's the case, have you looked at the logs from both sides? Do you see any logs indicating an error?

After reading that install guide, I can see why OpenZiti would fit. It could simplify a lot of the connectivity needs. Are you a developer on the project or are you using jitsi for your own need? I ask because if your a developer I could see jitsi potentially adopting OpenZiti sdks and simplifying the setup even more. It seems like an interesting project.

If you look at the logs for OpenZiti on both sides I'd be interested to see if there are any errors that might point at the problem?

qrkourier commented 1 month ago

I hit an issue sharing my Jitsi Meet server with zrok where the meeting starts but there's no audio or video from either side. I can see my own video preview and audio level, but it's not transmitted. I surmised there must be additional configuration needed, perhaps a UDP port, beyond the web port of the server.