Jitsi Meet on NS8

federico.ballarini · February 25, 2025, 11:30am

Hi all,
has anyone ever managed to setup jitsi meet on ns8 via podman container?

mrmarkuz · February 25, 2025, 10:17pm

There’s a gist by @davidep: Jitsi with Podman 2.2.1 · GitHub

I’m going to test it…

federico.ballarini · February 26, 2025, 11:44am

I found it but the link (http://tendie.haus/how-to-setup-a-basic-jitsi-instance-with-podman/) doesn’t work…

mrmarkuz · February 26, 2025, 12:05pm

I think the link is not needed, all important info is in the gist.
I already got a working version where at least jitsiweb is reachable and a conference can be started, I hope to release a testing version asap.

federico.ballarini · February 26, 2025, 12:07pm

When I tried, JVB was not working. I have some cloud machine with real DNS, if u want to share me something I can do some test.

mrmarkuz · February 26, 2025, 6:53pm

Thanks @federico.ballarini for testing, hopefully you’ve got more luck…

The containers are running but I can’t start a conference because I get following error:

[error] 308#308: *2 xmpp.meet.jitsi could not be resolved (3: Host not found)

I think it’s just about setting real names according to DNS but I’m not sure…

To install:

add-module ghcr.io/mrmarkuz/jitsi:latest

To edit variables:

runagent -m jitsi1 nano ../actions/configure-module/10configure_environment_vars

To apply the changes, just click in “Save” the NS8 Jitsi app settings which writes the config and restarts the services.

It’s also possible to edit jitsi.env directly and restart the jitsi service but it will be overwritten by next “Save”.

Some service FQDNs are also used in the jitsi.service file, to edit:

systemctl --user edit --full jitsi

federico.ballarini · February 26, 2025, 8:59pm

Same result here: also with public DNS when starts the meeting the system return an error.

mrmarkuz · February 26, 2025, 9:18pm

Thanks for testing.
I’m going to recheck…when I got something working I’ll report and update the app.

EDIT:

When providing a DNS wildcard entry for the pseudo names *.meet.jitsi on my DNS server (NethSec), I could join a conference.

There must be some difference to docker as regards DNS, I need to check. Usually the hosts file works to access other containers by name but jitsi does some DNS check. Maybe it could be disabled.
To be continued…

EDIT:

@federico.ballarini I think I got something. At least I could start a conference between PC and mobile phone and audio/video were working.
The default rootless podman network has dns disabled, therefore the internal names couldn’t be resolved and we got the error.
Now the jitsi service creates a new network (which has dns enabled by default) “meet.jitsi” using the same network alias. The containers are started using the new network and the prosody container adds its internal network alias “xmpp.meet.jitsi”.
The web container runs in the default podman network to be available to traefik.

To update:

api-cli run update-module --data '{"module_url":"ghcr.io/mrmarkuz/jitsi:1.0.0-dev.1","instances":["jitsi1"],"force":true}'

Todos:

Authentication
LDAP/AD
Performance settings

federico.ballarini · February 27, 2025, 10:50pm

I’ll test it asap. Thank you

federico.ballarini · March 15, 2025, 8:04pm

Hi @mrmarkuz, it seems there is a problem with the videobridge when you connect more than 2 people. (If there are only 2 people connected Jitsi uses P2P)

mrmarkuz · March 15, 2025, 8:10pm

Thanks for testing, did you test it on a cloud machine or on a server in the LAN?
I tested in the LAN and was able to have a conference between PC, laptop and mobile.

federico.ballarini · March 15, 2025, 8:25pm

On a Cloud machine

mrmarkuz · March 15, 2025, 8:28pm

I’m going to test it asap…

oneitonitram · July 19, 2025, 6:23am

Morning Markuz, were these ever implemented?

mrmarkuz · July 19, 2025, 7:52am

No, unfortunately not, I’m still thinking about a solution to add LDAP.
The issue is that jitsi checks DNS during startup which I could solve by enabling DNS in the podman network but when using LDAP I need to switch back to old slirp4netns which doesn’t provide DNS.

See also Jitsi Meet on NS8 - #8 by mrmarkuz

oneitonitram · July 19, 2025, 7:56am

This makes me curious, Will i not experience the same thing wehn building matrix for NS8? if this is the case, then we need to figure out a solution that would work without conflicts…

mrmarkuz · July 19, 2025, 8:01am

This issue seems specific to jitsi. Usually the connection is checked by ping, curl etc which can use the containers /etc/hosts but jitsi does an nslookup.

transocean · July 19, 2025, 8:08am

Servus Markus,

I have now tried it out and was able to establish a connection with four participants at the same time. All without any problems. But without authentication, this is a security risk because anyone who knows the public address can then access it and make their own games. I have regulated access via Traefik and use a VPN connection outside my LAN.

Have a nice weekend…

Edit:

You could implement Keycloak in NS 8 and use it as an authenticator.

oneitonitram · July 19, 2025, 8:11am

i am curious about something, if jitsi is configured mainly to be used with other internal apps that require a jisti endpoint, like webtop and others would it still work and handle calls, if not exposed directly to the web, and have an internally reachable URL?

transocean · July 19, 2025, 8:14am

Hi @oneitonitram

I tested it with the app in Nextcloud. It works well.