2014-04-16 19:18:17 +00:00
# Server Installation for Jitsi Meet
2014-04-16 00:01:07 +00:00
2020-03-08 14:08:37 +00:00
:warning: **WARNING:** Manual installation is not recommended. We recommend following the [quick-install ](https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md ) document. The current document describes the steps that are needed to install a working deployment, but steps are easy to mess up, and the debian packages are more up-to-date, where this document is sometimes not updated to reflect latest changes.
2018-01-02 23:12:30 +00:00
2015-05-27 18:49:26 +00:00
This describes configuring a server `jitsi.example.com` running Debian or a Debian Derivative. You will need to
2014-04-16 02:50:02 +00:00
change references to that to match your host, and generate some passwords for
2016-05-29 12:04:33 +00:00
`YOURSECRET1` , `YOURSECRET2` and `YOURSECRET3` .
2014-04-16 02:50:02 +00:00
2014-05-15 21:50:31 +00:00
There are also some complete [example config files ](https://github.com/jitsi/jitsi-meet/tree/master/doc/example-config-files/ ) available, mentioned in each section.
2014-04-16 02:50:02 +00:00
2020-04-10 17:16:18 +00:00
There are additional configurations to be done for a [scalable installation ](https://github.com/jitsi/jitsi-meet/tree/master/doc/scalable-installation.md )
2017-03-16 16:20:54 +00:00
## Network description
2018-06-28 09:07:47 +00:00
This is how the network looks:
2017-03-16 16:20:54 +00:00
```
+ +
| |
| |
v |
443 |
+-------+ |
| | |
2020-03-08 14:08:37 +00:00
| Nginx | |
2017-03-16 16:20:54 +00:00
| | |
+--+-+--+ |
| | |
+------------+ | | +--------------+ |
| | | | | | |
| jitsi-meet +< --- + + --- > + prosody/xmpp | |
| |files 5280 | | |
+------------+ +--------------+ v
2020-03-08 14:08:37 +00:00
5222,5347^ ^5347 4443,10000
2017-03-16 16:20:54 +00:00
+--------+ | | +-------------+
| | | | | |
| jicofo +----^ ^----+ videobridge |
| | | |
+--------+ +-------------+
```
2015-05-27 14:52:16 +00:00
## Install prosody
2014-04-16 00:01:07 +00:00
```sh
2015-06-01 12:01:31 +00:00
apt-get install prosody
2014-04-16 00:01:07 +00:00
```
## Configure prosody
2015-06-01 12:01:31 +00:00
Add config file in `/etc/prosody/conf.avail/jitsi.example.com.cfg.lua` :
- add your domain virtual host section:
2014-04-16 03:04:42 +00:00
2014-04-16 00:01:07 +00:00
```
2014-05-16 05:15:54 +00:00
VirtualHost "jitsi.example.com"
2014-12-22 12:05:20 +00:00
authentication = "anonymous"
ssl = {
key = "/var/lib/prosody/jitsi.example.com.key";
certificate = "/var/lib/prosody/jitsi.example.com.crt";
}
2015-06-01 12:01:31 +00:00
modules_enabled = {
"bosh";
"pubsub";
}
2017-04-16 18:19:47 +00:00
c2s_require_encryption = false
2014-12-22 12:05:20 +00:00
```
- add domain with authentication for conference focus user:
```
VirtualHost "auth.jitsi.example.com"
2017-12-05 20:15:41 +00:00
ssl = {
key = "/var/lib/prosody/auth.jitsi.example.com.key";
certificate = "/var/lib/prosody/auth.jitsi.example.com.crt";
}
2014-12-22 12:05:20 +00:00
authentication = "internal_plain"
```
- add focus user to server admins:
```
admins = { "focus@auth.jitsi.example.com" }
2014-04-16 00:01:07 +00:00
```
- and finally configure components:
```
2014-05-16 05:15:54 +00:00
Component "conference.jitsi.example.com" "muc"
Component "jitsi-videobridge.jitsi.example.com"
2014-04-16 00:01:07 +00:00
component_secret = "YOURSECRET1"
2014-12-22 12:05:20 +00:00
Component "focus.jitsi.example.com"
component_secret = "YOURSECRET2"
2014-04-16 00:01:07 +00:00
```
2015-06-01 12:01:31 +00:00
Add link for the added configuration
```sh
ln -s /etc/prosody/conf.avail/jitsi.example.com.cfg.lua /etc/prosody/conf.d/jitsi.example.com.cfg.lua
```
2014-04-16 00:01:07 +00:00
Generate certs for the domain:
```sh
2014-05-16 05:15:54 +00:00
prosodyctl cert generate jitsi.example.com
2017-12-05 20:15:41 +00:00
prosodyctl cert generate auth.jitsi.example.com
```
Add auth.jitsi.example.com to the trusted certificates on the local machine:
```sh
ln -sf /var/lib/prosody/auth.jitsi.example.com.crt /usr/local/share/ca-certificates/auth.jitsi.example.com.crt
2018-01-25 16:40:56 +00:00
update-ca-certificates -f
2014-04-16 00:01:07 +00:00
```
2018-01-25 16:40:56 +00:00
Note that the `-f` flag is necessary if there are symlinks left from a previous installation.
2014-04-16 00:01:07 +00:00
2014-12-22 12:05:20 +00:00
Create conference focus user:
```sh
prosodyctl register focus auth.jitsi.example.com YOURSECRET3
```
2014-04-16 02:50:02 +00:00
Restart prosody XMPP server with the new config
```sh
prosodyctl restart
```
2020-03-08 14:08:37 +00:00
## Install Nginx
2014-04-16 00:01:07 +00:00
```sh
apt-get install nginx
```
2015-06-01 12:01:31 +00:00
Add a new file `jitsi.example.com` in `/etc/nginx/sites-available` (see also the example config file):
2014-04-16 00:01:07 +00:00
```
server_names_hash_bucket_size 64;
server {
2020-03-08 14:08:37 +00:00
listen 0.0.0.0:443 ssl http2;
listen [::]:443 ssl http2;
2017-03-16 16:20:54 +00:00
# tls configuration that is not covered in this guide
# we recommend the use of https://certbot.eff.org/
2014-05-16 05:15:54 +00:00
server_name jitsi.example.com;
2014-04-16 00:01:07 +00:00
# set the root
2020-03-08 14:08:37 +00:00
root /srv/jitsi-meet;
2014-04-16 00:01:07 +00:00
index index.html;
2015-06-01 12:01:31 +00:00
location ~ ^/([a-zA-Z0-9=\?]+)$ {
2014-04-16 00:01:07 +00:00
rewrite ^/(.*)$ / break;
}
2015-06-01 12:01:31 +00:00
location / {
ssi on;
}
2018-09-04 15:34:38 +00:00
# BOSH, Bidirectional-streams Over Synchronous HTTP
# https://en.wikipedia.org/wiki/BOSH_(protocol)
2014-04-16 00:01:07 +00:00
location /http-bind {
proxy_pass http://localhost:5280/http-bind;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
}
2020-03-17 10:41:21 +00:00
# external_api.js must be accessible from the root of the
# installation for the electron version of Jitsi Meet to work
# https://github.com/jitsi/jitsi-meet-electron
location /external_api.js {
alias /srv/jitsi-meet/libs/external_api.min.js;
}
2014-04-16 00:01:07 +00:00
}
```
Add link for the added configuration
```sh
cd /etc/nginx/sites-enabled
2014-05-16 05:15:54 +00:00
ln -s ../sites-available/jitsi.example.com jitsi.example.com
2014-04-16 00:01:07 +00:00
```
2014-05-16 05:15:54 +00:00
## Install Jitsi Videobridge
2020-03-08 14:08:37 +00:00
Visit https://download.jitsi.org/jitsi-videobridge/linux to determine the current build number, download and unzip it:
2014-04-16 00:01:07 +00:00
```sh
wget https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-{arch-buildnum}.zip
unzip jitsi-videobridge-linux-{arch-buildnum}.zip
```
Install JRE if missing:
```
2019-01-08 16:45:05 +00:00
apt-get install openjdk-8-jre
2014-04-16 00:01:07 +00:00
```
2015-05-27 18:56:10 +00:00
_NOTE: When installing on older Debian releases keep in mind that you need JRE >= 1.7._
2020-03-08 14:08:37 +00:00
Create `~/.sip-communicator/sip-communicator.properties` in the home folder of the user that will be starting Jitsi Videobridge:
```sh
mkdir -p ~/.sip-communicator
2020-03-17 10:41:21 +00:00
cat > ~/.sip-communicator/sip-communicator.properties < < EOF
org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
# The videobridge uses 443 by default with 4443 as a fallback, but since we're already
# running nginx on 443 in this example doc, we specify 4443 manually to avoid a race condition
org.jitsi.videobridge.TCP_HARVESTER_PORT=4443
EOF
2014-04-16 00:01:07 +00:00
```
2014-05-26 16:01:44 +00:00
Start the videobridge with:
2014-04-16 00:01:07 +00:00
```sh
2014-05-16 05:15:54 +00:00
./jvb.sh --host=localhost --domain=jitsi.example.com --port=5347 --secret=YOURSECRET1 &
2014-04-16 00:01:07 +00:00
```
Or autostart it by adding the line in `/etc/rc.local` :
```sh
2014-05-16 05:15:54 +00:00
/bin/bash /root/jitsi-videobridge-linux-{arch-buildnum}/jvb.sh --host=localhost --domain=jitsi.example.com --port=5347 --secret=YOURSECRET1 < /dev/null >> /var/log/jvb.log 2>& 1
2014-04-16 00:01:07 +00:00
```
2015-05-27 18:56:10 +00:00
## Install Jitsi Conference Focus (jicofo)
2016-02-23 19:48:33 +00:00
Install JDK and Maven if missing:
2015-05-27 18:56:10 +00:00
```
2019-01-08 16:45:05 +00:00
apt-get install openjdk-8-jdk maven
2015-05-27 18:56:10 +00:00
```
_NOTE: When installing on older Debian releases keep in mind that you need JDK >= 1.7._
2014-12-22 12:05:20 +00:00
Clone source from Github repo:
```sh
git clone https://github.com/jitsi/jicofo.git
```
2020-03-08 14:08:37 +00:00
Build the package.
2014-12-22 12:05:20 +00:00
```sh
cd jicofo
2016-02-23 19:48:33 +00:00
mvn package -DskipTests -Dassembly.skipAssembly=false
2014-12-22 12:05:20 +00:00
```
Run jicofo:
```sh
2016-02-23 19:48:33 +00:00
=======
2020-03-08 14:08:37 +00:00
unzip target/jicofo-1.1-SNAPSHOT-archive.zip
cd jicofo-1.1-SNAPSHOT-archive'
2016-02-23 19:48:33 +00:00
./jicofo.sh --host=localhost --domain=jitsi.example.com --secret=YOURSECRET2 --user_domain=auth.jitsi.example.com --user_name=focus --user_password=YOURSECRET3
2014-12-22 12:05:20 +00:00
```
2014-05-16 05:15:54 +00:00
## Deploy Jitsi Meet
Checkout and configure Jitsi Meet:
2014-04-16 00:01:07 +00:00
```sh
cd /srv
2014-04-16 19:18:17 +00:00
git clone https://github.com/jitsi/jitsi-meet.git
2020-03-08 14:08:37 +00:00
cd jitsi-meet
2016-02-23 19:48:33 +00:00
npm install
make
2014-04-16 00:01:07 +00:00
```
2020-03-30 13:09:43 +00:00
_NOTE: When installing on older distributions keep in mind that you need Node.js >= 10 and npm >= 6._
2020-03-08 14:08:37 +00:00
Edit host names in `/srv/jitsi-meet/config.js` (see also the example config file):
2014-04-16 00:01:07 +00:00
```
var config = {
hosts: {
2014-05-16 05:15:54 +00:00
domain: 'jitsi.example.com',
muc: 'conference.jitsi.example.com',
2016-02-23 19:48:33 +00:00
bridge: 'jitsi-videobridge.jitsi.example.com',
focus: 'focus.jitsi.example.com'
2014-04-16 00:01:07 +00:00
},
useNicks: false,
2014-09-03 00:51:44 +00:00
bosh: '//jitsi.example.com/http-bind', // FIXME: use xep-0156 for that
2014-04-16 19:18:17 +00:00
//chromeExtensionId: 'diibjkoicjeejcmhdnailmkgecihlobk', // Id of desktop streamer Chrome extension
//minChromeExtVersion: '0.1' // Required version of Chrome extension
2014-04-16 00:01:07 +00:00
};
```
2020-03-08 14:08:37 +00:00
Verify that nginx config is valid and reload nginx:
2014-04-16 02:50:02 +00:00
```sh
2020-03-08 14:08:37 +00:00
nginx -t & & nginx -s reload
2014-04-16 02:50:02 +00:00
```
## Running behind NAT
2020-03-08 14:08:37 +00:00
Jitsi Videobridge can run behind a NAT, provided that both required ports are routed (forwarded) to the machine that it runs on. By default these ports are `TCP/4443` and `UDP/10000` .
If you do not route these two ports, Jitsi Meet will only work with video for two people, breaking upon 3 or more people trying to show video.
2015-10-09 17:39:00 +00:00
2020-03-08 14:08:37 +00:00
`TCP/443` is required for the webserver which can be running on another machine than the Jitsi Videobrige is running on.
The following extra lines need to be added to the file `~/.sip-communicator/sip-communicator.properties` (in the home directory of the user running the videobridge):
2014-04-16 02:50:02 +00:00
```
2019-04-26 08:52:39 +00:00
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=< Local.IP.Address >
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=< Public.IP.Address >
2014-04-16 02:50:02 +00:00
```
2014-05-16 05:15:54 +00:00
# Hold your first conference
You are now all set and ready to have your first meet by going to http://jitsi.example.com
2014-07-06 15:33:21 +00:00
## Enabling recording
2020-03-08 14:08:37 +00:00
[Jibri ](https://github.com/jitsi/jibri ) is a set of tools for recording and/or streaming a Jitsi Meet conference.