The Covid19 pandemic broke out with a social gap, and online meeting applications became hotter than ever. We can mention the big guys like Google Hangout, Zoom, Skype … In this article, I will guide you to build and deploy online meeting system with Jitsi. OK, got it Let’s start !!!
About Jitsi
Jitsi is an open source video conferencing project that is secure, easy to use and easy to master. I drew the most basic diagram of Jitsi for you to easily imagine.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | + + | | | | v | 443 | +-------+ | | | | | Nginx | | | | | +--+-+--+ | | | | +------------+ | | +--------------+ | | | | | | | | | jitsi-meet +<---+ +--->+ prosody/xmpp | | | |files 5280 | | | +------------+ +--------------+ v 5222,5347^ ^5347 4443,10000 +--------+ | | +-------------+ | | | | | | | jicofo +----^ ^----+ videobridge | | | | | +--------+ +-------------+ |
Install Jitsi Meet
First of all you need to prepare a domain. For example: meet.example.org
Add Jitsi package archive
1 2 3 4 5 6 | curl https://download.jitsi.org/jitsi-key.gpg.key | sudo sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg' echo 'deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/' | sudo tee /etc/apt/sources.list.d/jitsi-stable.list > /dev/null # update all package sources sudo apt update |
Firewall configuration settings
The following ports need to be opened in your firewall, to allow traffic to the Jitsi Meet server:
- 80 TCP – config http
- 443 TCP – config https
- 4443 TCP – for backup video / audio transmission (for example, when UDP is blocked)
- 10000 UDP – for video / audio transmission
- 22 TCP – alow ssh
Here I use ufw
1 2 3 4 5 6 7 | sudo ufw allow 80/tcp sudo ufw allow 443/tcp sudo ufw allow 4443/tcp sudo ufw allow 10000/udp sudo ufw allow 22/tcp sudo ufw enable |
Command to check the status of firewall sudo ufw status verbose
install
** Note: You will need to install Nginx first **
sudo apt install nginx
Next is the jitsi-meet installation command
1 2 3 | # jitsi-meet installation sudo apt install jitsi-meet |
After a series of commands run your screen will show the box to enter the domain. Here I enter the domain that I have prepared before
TLS Certificate To be able to transfer images and audio, you need to have TLS Certificate. During the installation of Jitsi Meet, there are options for you:
- Generate a new self-signed certificate
- I want to use my own certificate
Jitsi recommend we choose Generate a new self-signed certificate and create Lets-Encrypt Certificate later. However, if you have your own ssl, you can choose I want to use my own certificate . The installation will display two boxes for you to enter the path to your key and crt
Create Let’s Encrypt certificate
Note: This step is for those who choose Generate a new self-signed certificate
sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
Advanced configuration
vi /etc/jitsi/videobridge/sip-communicator.properties
Add the following content to the above file:
1 2 3 | org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=<Local.IP.Address> org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=<Public.IP.Address> |
Restart videobridge:
1 2 | service jitsi-videobridge2 restart |
At this point, we have completed the installation! Turn on the browser and enjoy. Access: your
domain của bạn
(egmeet.example.org
) and enter any id, the same id will enter the same room
Note: if you have a 3rd person error connecting to class, all can’t see the cam and can’t hear each other’s mic then fix as follows:
1 2 | vi /etc/jitsi/jicofo/sip-communicator.properties |
Add the following content to the above file:
1 2 | org.jitsi.jicofo.ALWAYS_TRUST_MODE_ENABLED=true |
Restart jicofo
1 2 | service jicofo restart |