Jitsi [Link] is an open-source Video Conferencing for web and mobile.
- HD audio and video;
- Unlimited meetings;
- Up to 50 participants at a time;
- End-to-end encryption;
- Simultaneous screen sharing;
- Remote control;
- Integration with Google, Microsoft, and Slack;
- and more.
Initial configuration
sudo hostnamectl set-hostname example.com sudo nano /etc/hosts
Add the same domain as follows:
127.0.0.1 localhost example.com
Firewall
sudo ufw limit 22 sudo ufw allow 80 sudo ufw allow 443 sudo ufw allow 4443 sudo ufw allow 10000 sudo ufw enable sudo ufw status numbered
Installing
wget https://download.jitsi.org/jitsi-key.gpg.key sudo apt-key add jitsi-key.gpg.key sudo echo "deb https://download.jitsi.org stable/" > /etc/apt/sources.list.d/jitsi-stable.list sudo apt update sudo apt install jitsi-meet -y
When prompted answer the same domain: example.com
Then select: Generate a new self-signed certificate.
The certificate will be located at: /etc/jitsi/meet/
At this point, it is already secure and ready to be used but let’s move on to create a public certificate.
Install Let’s Encrypt and Certbot
sudo apt install certbot -y sudo sed -i 's/\.\/certbot-auto/certbot/g' /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh sudo ln -s /usr/bin/certbot /usr/sbin/certbot sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
Inform your email for getting the reminders when the certificate is about to expire.
Use your browser to get access to the framework: https://example.com
Right away the server is up and running. Any visitor can create a meeting by giving a name to it:
Then copy and share the link on the address bar: https://example.com/firstmeeting
Note the name of the meeting appended to the server address.
Workload tests on the server:
- I was using the most basic Linode virtual machine: 1vCPU and 1GB RAM.
- 3 participants with audio and video (Linux, Win10, and Android): CPU utilization around 20%.
- Added 1 more participant sharing screen: CPU utilization around 40%.
Access Control
It will prevent anyone from the internet to create meetings and consume the resources of your server.
sudo nano /etc/prosody/conf.avail/example.com.cfg.lua
Edit the authentication option:
...
VirtualHost "example.com"
...
authentication = "internal_plain"
...
This configuration will allow only registered users to create meetings and access them.
If you want to invite participants that are not part of your company (registered users) add at the very bottom of the file the following options:
VirtualHost "guest.example.com"
authentication = "anonymous"
c2s_require_encryption = false
Do not create the guest subdomain, it is just internal to the Jitsi.
sudo nano /etc/jitsi/meet/example.com-config.js
Change the “anonymousdomain” option accordingly:
...
hosts: {
...
domain: 'example.com',
...
anonymousdomain: 'guest.example.com',
...
Next…
sudo nano /etc/jitsi/jicofo/sip-communicator.properties
Append:
org.jitsi.jicofo.auth.URL=XMPP:example.com
Restart all the services:
sudo systemctl restart prosody sudo systemctl restart jicofo sudo systemctl restart jitsi-videobridge2
Create each user by issuing:
sudo prosodyctl register user1 example.com password1
Now, when someone tries to create or join a meeting will be held in a lounge room until the host of the meeting connects.
The host of the meeting will be able to click on that button and enter the credentials to start the meeting:
More useful commands to manage your conference service.
sudo prosodyctl --help sudo prosodyctl adduser [email protected] sudo prosodyctl deluser [email protected] sudo prosodyctl passwd [email protected] sudo prosodyctl reload
Read more about how to monitor the resources of your server over CLI [Link].