From c95ca4badcd53a9232dbf88fce8ca1c633feb3b8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 21 Apr 2021 14:48:54 +0300 Subject: [PATCH] Do not ask everyone to whitelist Jitsi ports It's an optional service, so we shouldn't bother most people with it. --- docs/configuring-playbook-jitsi.md | 2 +- docs/prerequisites.md | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index f72241e12..81ceb9fb2 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -13,8 +13,8 @@ Before installing Jitsi, make sure you've created the `jitsi.DOMAIN` DNS record. You may also need to open the following ports to your server: -- `10000/udp` - RTP media over UDP - `4443/tcp` - RTP media fallback over TCP +- `10000/udp` - RTP media over UDP. Depending on your firewall/NAT setup, incoming RTP packets on port `10000` may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`matrix_jitsi_jvb_stun_servers`](../roles/matrix-jitsi/defaults/main.yml)). ## Installation diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 8b7e9d00d..39b42ef11 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -34,7 +34,6 @@ If your distro runs within an [LXC container](https://linuxcontainers.org/), you - `5349/udp`: TURN over UDP (used by Coturn) - `8448/tcp`: Matrix Federation API HTTPS webserver. In some cases, this **may necessary even with federation disabled**. Integration Servers (like Dimension) and Identity Servers (like ma1sd) may need to access `openid` APIs on the federation port. - the range `49152-49172/udp`: TURN over UDP - - `4443/tcp`: Jitsi Harvester fallback - - `10000/udp`: Jitsi video RTP. Depending on your firewall/NAT setup, incoming RTP packets on port `10000` may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`matrix_jitsi_jvb_stun_servers`](../roles/matrix-jitsi/defaults/main.yml)). + - potentially some other ports, depending on the additional (non-default) services that you enable in the **configuring the playbook** step (later on). Consult each service's documentation page in `docs/` for that. When ready to proceed, continue with [Configuring DNS](configuring-dns.md).