Introduction
In this tutorial, we install and configure Jitsi Meet on Ubuntu 18.04 server. It is a free, open-source video-conferencing web application based on WebRTC. It works on iOS, Linux, Windows, macOS, and Android as well. The web application provides high audio and video quality and supports certificates from Let’s Encrypt with fully encrypted connections using TLS/SSL.
You can configure the Jitisi Meet with the restriction through this only registered users can create new conference rooms. The default configuration allows it to publicly available on the internet and dust to this anyone can create new conference rooms.
And after creating the new conference room, anyone can join who has the unique address or the optional password to enter.
Features of Jitsi Meet
- It is Open- Source web application.
- Users can share their screen.
- Users can do a group chat.
- Jitsi Meet users can set a password for their conference room to prevent it from any strangers.
- The communication over the network is encrypted, and the end-to-end TLS encryption ensures that no one can snoop on the call.
- Users can share text documents.
- You can assign a moderator to any authorized users and a moderator can mute every participant with one click.
- You can record the meeting and can store it on DropBox or YouTube.
Prerequisites
- An Ubuntu 18.04 server up and running.
- A non-root user with sudo privileges.
- RAM: 1 GB
- A domain name that points your server.
Setup the System Hostname
Change the system’s hostname to your domain name of the Jitsi Meet server and resolve your hostname to the localhost.
Note: please replace the hostname “jitsi.zehncloud.com” with your hostname.
sudo hostnamectl set-hostname jitsi.zehncloud.com
Check the hostname
hostname
Output of above command
jitsi.zehncloud.com
Open the /etc/hosts file with a text editor for setting a local mapping of the server’s hostname with the loopback IP address, 127.0.0.1.
sudo nano /etc/hosts
Add the below line into /etc/hosts file
127.0.0.1 jitsi.zehncloud.com
Save and exit.
Open the firewall ports
Enable the UFW firewall and open the required firewall ports
sudo ufw allow OpenSSH sudo ufw allow 80/tcp sudo ufw allow 443/tcp sudo ufw allow 4443/tcp
sudo ufw allow 10000/udp
Review the firewall status
sudo ufw statusThe output will display open ports
Status: active To Action From -- ------ ---- 80/tcp ALLOW Anywhere 443/tcp ALLOW Anywhere 4443/tcp ALLOW Anywhere 10000/udp ALLOW Anywhere 80/tcp (v6) ALLOW Anywhere (v6) 443/tcp (v6) ALLOW Anywhere (v6) 4443/tcp (v6) ALLOW Anywhere (v6) 10000/udp (v6) ALLOW Anywhere (v6)
Install the Jitsi Meet
Add the Jitsi repository to your server
wget https://download.jitsi.org/jitsi-key.gpg.key
The output of above command
--2020-06-16 13:12:58-- https://download.jitsi.org/jitsi-key.gpg.key Resolving download.jitsi.org (download.jitsi.org)... 104.18.18.146, 104.18.19.146, 2606:4700::6812:1392, ... Connecting to download.jitsi.org (download.jitsi.org)|104.18.18.146|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 3071 (3.0K) [application/pgp-keys] Saving to: ‘jitsi-key.gpg.key’ jitsi-key.gpg.key 100%[==============================================================================>] 3.00K --.-KB/s in 0s 2020-06-16 13:12:58 (58.7 MB/s) - ‘jitsi-key.gpg.key’ saved [3071/3071]
The apt is a package manager which will use the GPG key for package validation that we have downloaded from Jitsi repository
sudo apt-key add jitsi-key.gpg.keyRemove the GPG key as it no longer needed
rm jitsi-key.gpg.keyCreate a new source file that will contain the Jitsi repository
sudo nano /etc/apt/sources.list.d/jitsi-stable.listAdd the below line to this file /etc/apt/sources.list.d/jitsi-stable.list
deb https://download.jitsi.org stable/Save and exit.
Update the packages
sudo apt updateInstall Jitsi Meet
sudo apt install jitsi-meetThe output of the above command will ask you to confirm if you want to continue installation or not as it will consume 134 MB of additional disk space on the server.
Press Y and Enter to continue.
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
jicofo jitsi-meet-prosody jitsi-meet-web jitsi-meet-web-config jitsi-videobridge2 lua-event lua-expat lua-filesystem lua-sec lua-socket lua5.1 prosody
Suggested packages:
lua-zlib lua-dbi-postgresql lua-dbi-mysql lua-dbi-sqlite3
The following NEW packages will be installed:
jicofo jitsi-meet jitsi-meet-prosody jitsi-meet-web jitsi-meet-web-config jitsi-videobridge2 lua-event lua-expat lua-filesystem lua-sec lua-socket lua5.1 prosody
0 upgraded, 13 newly installed, 0 to remove and 99 not upgraded.
2 not fully installed or removed.
Need to get 91.6 MB of archives.
After this operation, 134 MB of additional disk space will be used.
Do you want to continue? [Y/n]
The installation will prompt you to configure the jitsi-videobridge, enter the hostname, and hit Enter button.
The next screen will prompt you to select one of the below:
- Generate a new self-signed certificate
- I want to use my own certificate
Select “Generate a new self-signed certificate” option (if you do not have your own certificates) and hit Enter.
The Jitsi Meet application is now installed using a self-signed TLS certificate. Due to this, you may face browser warnings.
Therefore, in the below steps, you will get a signed TLS certificate.
To review the installed application at this point, then open the URL “http://YOUR_DOMAIN_NAME” in the browser and select proceed.
e.g. http://jitsi.zehncloud.com
Obtaining Self-Signed Certificates
To make sure that no one can listen to your call and to make the communication more secure as it is over the internet, run below command to add the Certbot repository to the system
sudo add-apt-repository ppa:certbot/certbotThe output will require your confirmation, hit Enter to continue
This is the PPA for packages prepared by Debian Let's Encrypt Team and backported for Ubuntu.
Note: Packages are only provided for currently supported Ubuntu releases.
More info: https://launchpad.net/~certbot/+archive/ubuntu/certbot
Press [ENTER] to continue or ctrl-c to cancel adding it
After proceeding, the repository will be added and display as below
gpg: keyring `/tmp/tmp341b54je/secring.gpg' created
gpg: keyring `/tmp/tmp341b54je/pubring.gpg' created
gpg: requesting key 75BCA694 from hkp server keyserver.ubuntu.com
gpg: /tmp/tmp341b54je/trustdb.gpg: trustdb created
gpg: key 75BCA694: public key "Launchpad PPA for certbot" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
OK
sudo apt install certbotsudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.shThis script will:
- Need a working DNS record pointing to this machine(for domain jitsi.zehncloud.com)
- Download certbot-auto from https://dl.eff.org to /usr/local/sbin
- Install additional dependencies in order to request Let’s Encrypt certificate
- If running with jetty serving web content, will stop Jitsi Videobridge
- Configure and reload nginx or apache2, whichever is used
- Configure the coturn server to use Let's Encrypt certificate and add required deploy hooks
- Add command in weekly cron job to renew certificates regularly
You need to agree to the ACME server's Subscriber Agreement (https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf)
by providing an email address for important account notifications
Enter your email and press [ENTER]:
sudo systemctl status jitsi-videobridge● jitsi-videobridge2.service - Jitsi Videobridge
Loaded: loaded (/lib/systemd/system/jitsi-videobridge2.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2020-06-16 13:25:44 UTC; 40min ago
Main PID: 26152 (java)
CGroup: /system.slice/jitsi-videobridge2.service
└─26152 java -Xmx3072m -XX:+UseConcMarkSweepGC -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp - Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi
Jun 16 13:25:44 jitsi.zehncloud.com systemd[1]: Starting Jitsi Videobridge...
Jun 16 13:25:44 jitsi.zehncloud.com systemd[1]: Started Jitsi Videobridge.
Summary
In this article, we have installed the Jitsi Meet web application successfully with the Certbot certificates for secure communication. You can have online meetings with people and can share audio/video/files/screen to each other.
by Zehntech