How to enable authentication for jitsi using helm?
Abbasgori13 opened this issue · 4 comments
I am trying to enable authentication. I saw this #12 issue but I want to enable authentication using username and password. can you help me, please?
I'm new on this helm chart but we've our own helm to deploy Jitsi.
The underlying dockers used, the official ones, already support authentication. This chart has just 1 value to do so "enableAuth".
I'd suggest adding the specific variables required for prosody to enable JWT or LDAP, as described on docker-jitsi-meet for their docker compose under a new "env:" section under "prosody"
Probably this will work for you too:
prosody:
enabled: true
affinity: {}
env:
AUTH_TYPE: ldap
ENABLE_GUESTS: "true"
JIBRI_RECORDER_PASSWORD: 1234567890
JIBRI_RECORDER_USER: recorder
JIBRI_XMPP_PASSWORD: 0987654321
JIBRI_XMPP_USER: jibri
LDAP_AUTH_METHOD: bind
LDAP_BASE: dc=mydomain,dc=com
LDAP_TLS_CHECK_PEER: "0"
LDAP_URL: ldap://10.20.30.40:389/
LDAP_FILTER: (sAMAccountName=%u)
LDAP_BINDDN: cn=jitsi,ou=Users,ou=Systems,dc=mydomain,dc=com
LDAP_VERSION: "3"
LDAP_BINDPW: ABCDEF012345
LDAP_START_TLS: "0"
LDAP_USE_TLS: "0"
XMPP_RECORDER_DOMAIN: recorder.jitsi.mydomain.com
extraEnvFrom:
[....]
For JWT use this instead:
AUTH_TYPE: jwt
JWT_APP_ID: ABCDEFG
JWT_APP_SECRET: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
JWT_ALLOW_EMPTY: "true"
XMPP_MUC_MODULES: token_moderation
Please, try it out and tell us if it worked as expected :-)
Thanks!
@kpeiruza Thank you for your help. Closing it because there was no response from @Abbasgori13.
So I've added an "env" section under "prosody"
prosody:
enabled: true
env:
AUTH_TYPE: ldap
LDAP_AUTH_METHOD: bind
LDAP_BASE: DC=myad,DC=local
LDAP_TLS_CHECK_PEER: "0"
LDAP_URL: ldap://myad.local/
LDAP_FILTER: (sAMAccountName=%u)
LDAP_BINDDN: sys-ad@myad.local
LDAP_VERSION: "3"
LDAP_BINDPW: pwd
LDAP_START_TLS: "1"
LDAP_USE_TLS: "1"
LDAP_TLS_CHECK_PEER: "0"
Also I've set this
enableAuth: true
enableGuests: true
So LDAP auth works, but for some reason all users need to auth, even If meet was started. Don't know how to fix it, unfortunately.
UPD. Just using newer image
tag: 'stable-9111'
Resolved my issue, now this works as intended.
Hello @Marker689!
Thank you for the info, I'll make sure to bump the Jitsi image before packaging a new release.