8.3 KiB
Server Installation for Jitsi Meet
⚠️ WARNING: Manual installation is not recommended. We recommend following the quick-install document. The current document describes the steps that are needed to install a working deployment, but steps are easy to mess up, and the debian packages are more up-to-date, where this document sometimes is not updated to latest changes.
This describes configuring a server jitsi.example.com
running Debian or a Debian Derivative. You will need to
change references to that to match your host, and generate some passwords for
YOURSECRET1
, YOURSECRET2
and YOURSECRET3
.
There are also some complete example config files available, mentioned in each section.
Network description
This how the network look like:
+ +
| |
| |
v |
443 |
+-------+ |
| | |
| NginX | |
| | |
+--+-+--+ |
| | |
+------------+ | | +--------------+ |
| | | | | | |
| jitsi-meet +<---+ +--->+ prosody/xmpp | |
| |files 5280 | | |
+------------+ +--------------+ v
5222,5347^ ^5347 4443
+--------+ | | +-------------+
| | | | | |
| jicofo +----^ ^----+ videobridge |
| | | |
+--------+ +-------------+
Install prosody
apt-get install prosody
Configure prosody
Add config file in /etc/prosody/conf.avail/jitsi.example.com.cfg.lua
:
- add your domain virtual host section:
VirtualHost "jitsi.example.com"
authentication = "anonymous"
ssl = {
key = "/var/lib/prosody/jitsi.example.com.key";
certificate = "/var/lib/prosody/jitsi.example.com.crt";
}
modules_enabled = {
"bosh";
"pubsub";
}
c2s_require_encryption = false
- add domain with authentication for conference focus user:
VirtualHost "auth.jitsi.example.com"
ssl = {
key = "/var/lib/prosody/auth.jitsi.example.com.key";
certificate = "/var/lib/prosody/auth.jitsi.example.com.crt";
}
authentication = "internal_plain"
- add focus user to server admins:
admins = { "focus@auth.jitsi.example.com" }
- and finally configure components:
Component "conference.jitsi.example.com" "muc"
Component "jitsi-videobridge.jitsi.example.com"
component_secret = "YOURSECRET1"
Component "focus.jitsi.example.com"
component_secret = "YOURSECRET2"
Add link for the added configuration
ln -s /etc/prosody/conf.avail/jitsi.example.com.cfg.lua /etc/prosody/conf.d/jitsi.example.com.cfg.lua
Generate certs for the domain:
prosodyctl cert generate jitsi.example.com
prosodyctl cert generate auth.jitsi.example.com
Add auth.jitsi.example.com to the trusted certificates on the local machine:
ln -sf /var/lib/prosody/auth.jitsi.example.com.crt /usr/local/share/ca-certificates/auth.jitsi.example.com.crt
update-ca-certificates -f
Note that the -f
flag is necessary if there are symlinks left from a previous installation.
Create conference focus user:
prosodyctl register focus auth.jitsi.example.com YOURSECRET3
Restart prosody XMPP server with the new config
prosodyctl restart
Install nginx
apt-get install nginx
Add a new file jitsi.example.com
in /etc/nginx/sites-available
(see also the example config file):
server_names_hash_bucket_size 64;
server {
listen 443;
# tls configuration that is not covered in this guide
# we recommend the use of https://certbot.eff.org/
server_name jitsi.example.com;
# set the root
root /srv/jitsi.example.com;
index index.html;
location ~ ^/([a-zA-Z0-9=\?]+)$ {
rewrite ^/(.*)$ / break;
}
location / {
ssi on;
}
# BOSH
location /http-bind {
proxy_pass http://localhost:5280/http-bind;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
}
}
Add link for the added configuration
cd /etc/nginx/sites-enabled
ln -s ../sites-available/jitsi.example.com jitsi.example.com
Install Jitsi Videobridge
wget https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-{arch-buildnum}.zip
unzip jitsi-videobridge-linux-{arch-buildnum}.zip
Install JRE if missing:
apt-get install default-jre
NOTE: When installing on older Debian releases keep in mind that you need JRE >= 1.7.
In the user home that will be starting Jitsi Videobridge create .sip-communicator
folder and add the file sip-communicator.properties
with one line in it:
org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
Start the videobridge with:
./jvb.sh --host=localhost --domain=jitsi.example.com --port=5347 --secret=YOURSECRET1 &
Or autostart it by adding the line in /etc/rc.local
:
/bin/bash /root/jitsi-videobridge-linux-{arch-buildnum}/jvb.sh --host=localhost --domain=jitsi.example.com --port=5347 --secret=YOURSECRET1 </dev/null >> /var/log/jvb.log 2>&1
Install Jitsi Conference Focus (jicofo)
Install JDK and Maven if missing:
apt-get install default-jdk maven
NOTE: When installing on older Debian releases keep in mind that you need JDK >= 1.7.
Clone source from Github repo:
git clone https://github.com/jitsi/jicofo.git
Build distribution package. Replace {os-name} with one of: 'lin', 'lin64', 'macosx', 'win', 'win64'.
cd jicofo
mvn package -DskipTests -Dassembly.skipAssembly=false
Run jicofo:
=======
unzip target/jicofo-{os-name}-1.0-SNAPSHOT.zip
cd jicofo-{os-name}-1.0-SNAPSHOT'
./jicofo.sh --host=localhost --domain=jitsi.example.com --secret=YOURSECRET2 --user_domain=auth.jitsi.example.com --user_name=focus --user_password=YOURSECRET3
Deploy Jitsi Meet
Checkout and configure Jitsi Meet:
cd /srv
git clone https://github.com/jitsi/jitsi-meet.git
mv jitsi-meet/ jitsi.example.com
npm install
make
Edit host names in /srv/jitsi.example.com/config.js
(see also the example config file):
var config = {
hosts: {
domain: 'jitsi.example.com',
muc: 'conference.jitsi.example.com',
bridge: 'jitsi-videobridge.jitsi.example.com',
focus: 'focus.jitsi.example.com'
},
useNicks: false,
bosh: '//jitsi.example.com/http-bind', // FIXME: use xep-0156 for that
//chromeExtensionId: 'diibjkoicjeejcmhdnailmkgecihlobk', // Id of desktop streamer Chrome extension
//minChromeExtVersion: '0.1' // Required version of Chrome extension
};
Restart nginx to get the new configuration:
invoke-rc.d nginx restart
Running behind NAT
Jitsi-Videobridge can run behind a NAT, provided that all required ports are routed (forwarded) to the machine that it runs on. By default these ports are (TCP/443 or TCP/4443 and UDP 10000-20000).
The following extra lines need to be added the file ~/.sip-communicator/sip-communicator.properties
(in the home directory of the user running the videobridge):
org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=<Local.IP.Address>
org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=<Public.IP.Address>
So the file should look like this at the end:
org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=<Local.IP.Address>
org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=<Public.IP.Address>
Hold your first conference
You are now all set and ready to have your first meet by going to http://jitsi.example.com
Enabling recording
Jibriis a set of tools for recording and/or streaming a Jitsi Meet conference.