Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding Servers with using the .env FIle #545

Open
tP1812 opened this issue Sep 3, 2024 · 10 comments
Open

Adding Servers with using the .env FIle #545

tP1812 opened this issue Sep 3, 2024 · 10 comments

Comments

@tP1812
Copy link

tP1812 commented Sep 3, 2024

Hey everybody,

we set up the .env file so only people in the group keycloak group "admin" can add jitsi servers to jitsi-admin.

laf_CreateServerOpenToEveryone=0
laf_keycloakGroupToCreateServer=/admin

I created a user and he cannot add any server. Problem now is, that even if I create the keycloak group "admin" and add the user to this group, I cannot add a server.

I assume that the change of the group is not recognized by the jitsi-admin but I don't know how I can fix that.

We want to use Jitsi-Admin for our small business but want to prevent users from adding any servers themselves.

Thanks for any advice.

Edit: next problem: when we restart the server, the jitsi-admin-app-ja-1 container won't start again "Acces denied for user jitsiadmin". So it is not possible to ever restart without destroying the whole tool.
@holema
Copy link
Contributor

holema commented Sep 10, 2024

hello @tP1812,

how did you try to restart the container?
when you hit docker restart then it should work. To restart the whole system you need to rerun bach installDocker.sh.
This is because of a bug in docker compose which is fixed in the latest version which will be released soon. Docker compse ignored the given .env file in the docker compose so we set up the envs by exporting them in the bash script.

For he next issue:
Did you add the group to the keycloak infos?
I described it here how you can set up the correct groups: https://github.com/H2-invent/jitsi-admin/wiki/Organize-Jitsi-Servers-via-keycloak-groups

@tP1812
Copy link
Author

tP1812 commented Sep 10, 2024

hello @tP1812,

how did you try to restart the container? when you hit docker restart then it should work. To restart the whole system you need to rerun bach installDocker.sh. This is because of a bug in docker compose which is fixed in the latest version which will be released soon. Docker compse ignored the given .env file in the docker compose so we set up the envs by exporting them in the bash script.

For he next issue: Did you add the group to the keycloak infos? I described it here how you can set up the correct groups: https://github.com/H2-invent/jitsi-admin/wiki/Organize-Jitsi-Servers-via-keycloak-groups

It is still not working.
The article in the Wiki looks different and I am not quite sure where to set the group mapper.

I changed the
laf_CreateServerOpenToEveryone=0
laf_keycloakGroupToCreateServer=/admin

again. I connected to the jitsi-admin-app-ja-1 container and executed php bin/console app:connectServerAndGroups 4 /admin
When I log in with the user in the /admin group, he cannot use this Server for meetings.
And even the setting to add new servers is not available. I don't know what I am doing wrong.

@holema
Copy link
Contributor

holema commented Sep 10, 2024
edited
Loading

so you where able to set up your server?
YOu don't need the comand any more, you can set up the users which are allowed to use the server in the GUI:
image

@tP1812
Copy link
Author

tP1812 commented Sep 10, 2024

Ich kann auch auf deutsch fragen?

Ich habe ja in der .env eingerichtet, dass nur User der Gruppe /admin Server hinzufügen können.
Das geht aber trotzdem nicht. Wenn ich laf_CreateServerOpenToEveryone=0 setze, kann niemand mehr Server hinzufügen, auch nicht Mitglieder der /admin Gruppe.

Als würde Jitsi-Admin nicht korrekt mit dem Keycloak kommunizieren.

Habe jetzt testweise im Keycloak die Gruppe /user eingerichtet und einem Server wie in deinem Screenshot die Gruppe /user hinzugefügt.
Es geht einfach nicht.

@holema
Copy link
Contributor

holema commented Sep 10, 2024

Ich versuche es gerade nachzustellen, dann die Doku upzudaten. Ich versuche es gerade auf meiner Dev Umgebung nachzustellen

@holema
Copy link
Contributor

holema commented Sep 10, 2024

Ich habe die Doku an das neue KEycloak angepasst.
https://github.com/H2-invent/jitsi-admin/wiki/Organize-Jitsi-Servers-via-keycloak-groups

Ich hoffe das klappt nun so

@tP1812
Copy link
Author

tP1812 commented Sep 10, 2024

Vielen tausend Dank, es funktioniert nun!

Wenn ich schon dabei bin - können wir per LDAP die Nutzer am Keycloak anbinden, damit nicht jeder einen neuen Jitsi-Admin Account braucht und dann diese Nutzer an Gruppen für die Server anbinden?

@holema
Copy link
Contributor

holema commented Sep 10, 2024

ja das geht mit keycloak. da kannst du deinen LDAP als identity provider einstellen. dann melden sich die Leute ihren LDAP credentials an.

@tP1812
Copy link
Author

tP1812 commented Sep 12, 2024

Sorry für die erneute Frage:

Der LDAP Login funktioniert, jedoch wird im Keycloak der Nutzer nicht angelegt.
Somit können wir den Nutzern auch keine Keycloak Gruppen zuweisen und daher auch nicht die Serververwaltung damit durchführen.

Import Users ist aktiviert.

@holema
Copy link
Contributor

holema commented Sep 13, 2024

Hallo @holema,
er synchronisiert auch die Gruppen korrekt, wir machen das bei einigen unserer Kunden. Dies ist aber außerhalb des Scopes des Projekts. Dafür gerne eine Anfrage an [email protected] schreiben, dann kann ich dir gerne helfen das Problem zu lösen.

VG

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@holema @tP1812