Accessing Jitsi without having to specify port 8443

Hi all,

I have Synapse installed in /opt/synapse and all is working well.
I followed Rob howto at: Matrix - synapse
I modified /var/www/html/index.html to redirect the default page to the client Element.
I can access Synapse with https://chat.toto.org without having to specify a port.

I have Jitsi installed in /opt/jitsi and all is working well.
I followed HF wiki page at: https://wiki.nethserver.org/doku.php?id=jitsi_meet&do=
I can access it with https://jitsi.toto.org:8443,

GOAL:

I want to access Jitsi the same way as I access Synapse i.e with just https://jitsi.toto.org without having to specify the port 8443.
I would like to use the file /etc/httpd/conf.d/jitsi.conf to achieve this.

QUESTION:

How can I do that ?

Thank you in advance,

Michel-André

Would a reverse proxy on Nethserver accomplish this?

EDIT - Should have read second half

1 Like

reverse proxy is the key, either use the panel or once the configuration from the panel is workable, copy and paste the configuration to you apache vhost configuration

1 Like

Salut @stephdl,

Here is the working configuration file: /etc/httpd/conf.d/ab_jitsi-meet.conf.

I tried it with Firefox and Chrome. To make sure it’s working from the Internet, I tried it with TOR as toto.org is running as a LOCAL VM.


# ================= Jitsi Meet =================
#     Michel-André // 2021-05-11 @ 15h01 HAE
#
# As suggested by Stéphane, it comes from a VHOST "meet".
# 1) Create the VHOST meet (in Server Manager 980).
# 2) Copy /etc/httpd/conf.d/meet.conf to /etc/httpd/conf.d/ab_jitsi-meet.conf.
# 3) Delete the VHOST.
# 4) Edit the ab_jitsi-meet.conf:
#    Delete the beginning of the file, etc... as they're not needed.
#    Move the 80 part to the beginning of the file as it's more "normal".
#    Ajust the FQDN of the site.
#    Comment the line " RewriteCond %{HTTPS} !=on " in the 443 section.
# 5) Restarted httpd.
# 6) VoilĂ , total victory!
#

<VirtualHost *:80>

    ServerName meet.toto.org

    # Start Rewrite Engine
    RewriteEngine On

    # forcessl_redirect
    RewriteCond %{HTTPS} !=on
    RewriteRule (.*) https://meet.toto.org:8443$1 [R,L]

    # Reverse Proxy (with exclusion of local Letsencrypt challenge path)
    ProxyPassMatch ^/.well-known/acme-challenge/ !

    ProxyPass  / https://meet.toto.org:8443/ max=3 retry=30
    ProxyPassReverse / https://meet.toto.org:8443/
   ProxyPreserveHost On

    <Location "/">
      <RequireAll>
        Require all granted
      </RequireAll>
    </Location>

</VirtualHost>

<VirtualHost *:443>

    ServerName meet.toto.org

    # Start Rewrite Engine
    RewriteEngine On

    # forcessl_redirect
#####    RewriteCond %{HTTPS} !=on
    RewriteRule (.*) https://meet.toto.org:8443$1 [R,L]

    #20ssl_engine
    SSLEngine On
    SSLProxyEngine On

    # Reverse Proxy (with exclusion of local Letsencrypt challenge path)
    ProxyPassMatch ^/.well-known/acme-challenge/ !

    ProxyPass  / https://meet.toto.org:8443/ max=3 retry=30
    ProxyPassReverse / https://meet.toto.org:8443/
    ProxyPreserveHost On

    <Location "/">
      <RequireAll>
        Require all granted
      </RequireAll>
    </Location>

</VirtualHost>


Stéphane: Je t’ajoute un ange et une étoile sur ma liste “The Greatest” :wink:

Michel-André

3 Likes

Hi all,

I did some modifications because the first version was redirecting all URL.

# ================= Jitsi Meet =================
# Michel-André // 2021-05-11 @ 15h01 HAE
# Michel-André // 2021-05-12 @ 17h58 HAE
# Modified the first version because it was redirecting all URL.
#
# As suggested by Stéphane, it comes from a VHOST "meet".
# 1) Create the VHOST meet (in Server Manager 980).
# 2) Copy /etc/httpd/conf.d/meet.conf to /etc/httpd/conf.d/ab_jitsi-meet.conf.
# 3) Delete the VHOST.
# 4) Edit the ab_jitsi-meet.conf:
#    Delete the beginning of the file, etc... as they're not needed.
#    Move the 80 part to the beginning of the file as it's more "normal".
#    Ajust the FQDN of the site.
# 5) Restarted httpd.
# 6) VoilĂ , total victory!
#

<VirtualHost *:80>

    ServerName meet.toto.org

    # Start Rewrite Engine
    RewriteEngine On

    # forcessl_redirect
	##### If it is not HTTPS and start with meet, then redirect
    RewriteCond %{HTTPS} !=on
    RewriteCond %{HTTP_HOST} ^meet
    RewriteRule (.*) https://meet.toto.org:8443$1 [R,L]

    # Reverse Proxy (with exclusion of local Letsencrypt challenge path)
    ProxyPassMatch ^/.well-known/acme-challenge/ !

    <Location "/">

      <RequireAll>
        Require all granted
      </RequireAll>
    </Location>

</VirtualHost>

<VirtualHost *:443>

    ServerName meet.toto.org

    # Start Rewrite Engine
    RewriteEngine On

    #20ssl_engine
    SSLEngine On
    SSLProxyEngine On

    # Reverse Proxy (with exclusion of local Letsencrypt challenge path)
    ProxyPassMatch ^/.well-known/acme-challenge/ !

	##### If it is HTTPS and start with meet, then redirect
    RewriteCond %{HTTP_HOST} ^meet
    RewriteRule (.*) https://meet.toto.org:8443$1 [R,L]

    <Location "/">
      <RequireAll>
        Require all granted
      </RequireAll>
    </Location>

</VirtualHost>

RewriteCond

By default, the RewriteCond are AND together.

* For the 80 section, it means that only if it is not HTTPS AND it is starting with meet, then the redirection takes place.

For the 443 section, only if it is starting with meet, then the redirection takes place.

WARNING

1) It is recommended to start the name of this .conf file with aa such as aa-toto.org.conf.

With such a name, systemctl restart httpd will include this file in /etc/httpd/conf/httpd.conf as the first one from the /etc/httpd/conf.d directory because it includes them in alphabetical order.

2) To make sure the tests are acurate and complete, you should clear both caches: browser and system, between each test: toto.org, http://toto.org, meet.toto.org, http://meet.toto.org, https://toto.org, https://meet.toto.org.

Michel-André

You may know that the Frenchman Nicolas Boileau wrote in 1674 : "Make haste slowly; do not be discouraged, but return to the work frequently.

1 Like