Unix Server Tech Knowledge Base

User Tools

Site Tools

Trace:
software:jitsi

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
software:jitsi [2021/05/04 16:57] rodolicosoftware:jitsi [2021/07/27 02:06] (current) rodolico
Line 3: Line 3:
 Just some notes for me, but may be useful for others. Just some notes for me, but may be useful for others.
  
-Jitsi is a video bridge server. It allows two or more users to do video chat. It uses Prosody for an XMPP chat also, and appears to use Prosody for authentication. It can be run in a standard web browser, though it is much better on Chrome/Chromium based browsers (FireFox is supported, but may have some weirdness).+Jitsi is a video bridge server. It allows two or more users to do video chat. It uses [[software:prosody|Prosody]] for an XMPP chat also, and appears to use Prosody for authentication. It can be run in a standard web browser, though it is much better on Chrome/Chromium based browsers (FireFox is supported, but may have some weirdness).
  
-===== Quick Notes =====+===== Backing up =====
  
-==== Update key for downloading clientDevuan ====+You can back up lots of stuffbut the important part is /etc/prosody, /etc/jitsi and the location of the XMPP config files. Jitsi uses prosody, an XMPP server, for authentication.
  
-Got message:+The XMPP user configuration files are in /var/lib/prosody under a URL encoded directory name the same as your server. Assuming your server name is //jitsi.example.com//, the directory is /var/lib/prosody/jitsi%20example%20com. Replace this with your REAL server name to back up. /path/to/backup is wherever you want to back up to. 
 +  * /var/lib/prosody/jitsi%20example%20com/accounts contains all of the accounts you have 
 +  * /var/lib/prosody/jitsi%20example%20com/roster is the linkage, ie the list of "buddies" amongst the accounts. 
 +<code bash> 
 +mkdir -p /path/to/backup/etc 
 +cp -av /etc/prosody /etc/jitsi /path/to/backup/etc 
 +mkdir -p /path/to/backup/varlib 
 +cp -av  /var/lib/prosody/jitsi%20example%20com/accounts /var/lib/prosody/jitsi%20example%20com/roster /path/to/backup/varlib 
 +</code>
  
-GPG error: https://download.jitsi.org stable/ InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY B4D2D216F1FD7806+===== Installation ======
  
 +For Devuan and other Debian derivatives, I do this. I use apache since I'm used to it. If you do not have a web server installed, the following will install nginx since it is lighter weight. certbot is also very useful so you can get real SSL certs, and jitsi has a script that will set that up also.
  
-Went to +You MUST have a DNS A record set to your server before doing any of thisA CNAME may work, but I always put in an A record.
-https://community.jitsi.org/t/problem-with-public-key-on-jitsi-meet-install/16850/4+
  
 <code bash> <code bash>
 +# Add the repo
 wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add - wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
 +echo deb https://download.jitsi.org stable/ > /etc/apt/sources.list.d/jitsi-stable.list
 +apt update
 +# Do the installation
 +# get the web server and certbot installed and configured
 +apt -y install apache2 certbot
 +# make sure everything works
 +# the jitsi-meet package will install everything needed
 +# you will be asked for server name (your A record)
 +# you will also be asked if you want a self signed SSL cert, choose that and we'll replace it 
 +# with certbot later
 +apt -y install jitsi-meet 
 +# now, run the script to to the certbot setup
 +/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
 </code> </code>
 +
 +===== Configure =====
 +
 +Finally, we need to make some configuration file changes. Again, replace jitsi.example.com with your server name. In the code below, a minus sign means "find and remove this line" and a plus sign means "add this line".
 +
 +====/etc/prosody/conf.avail/jitsi.example.com.cfg.lua====
 +<code>
 +- authentication = "anonymous"
 ++ authentication = "internal_plain"
 +</code>
 +
 +<code bash>
 +# add a block for guest at bottom of the file
 +echo 'VirtualHost "guest.jitsi.example.com"' >> /etc/prosody/conf.avail/jitsi.example.com.cfg.lua
 +echo '    authentication = "anonymous"' >> /etc/prosody/conf.avail/jitsi.example.com.cfg.lua
 +echo '    c2s_require_encryption = false' >> /etc/prosody/conf.avail/jitsi.example.com.cfg.lua
 +</code>
 +
 +====/etc/jitsi/meet/jitsi.example.com-config.js====
 +<code>
 +- // anonymousdomain: 'guest.jitsi.example.com',
 ++ anonymousdomain: 'guest.jitsi.example.com',
 +</code>
 +
 +<code bash>
 +# add this line to sip-communicator.properties
 +echo 'org.jitsi.jicofo.auth.URL=XMPP:jitsi.example.com' >> /etc/jitsi/jicofo/sip-communicator.properties
 +</code>
 +
 +<code bash>
 +# add your first user, in this case, user1 with a password of Password
 +prosodyctl register user1 jitsi.example.com Password
 +</code>
 +
 +====/etc/letsencrypt/renewal-hooks/deploy/prosody.sh====
 +
 +This file is a hook that will update prosody's SSL cert when certbot updates the main cert. If it does not exist, run the following.
 +<code bash>
 +# DO NOT RUN unless /etc/letsencrypt/renewal-hooks/deploy/prosody.sh does not exist
 +echo '#!/bin/sh' > /etc/letsencrypt/renewal-hooks/deploy/prosody.sh
 +echo '/usr/bin/prosodyctl --root cert import /etc/letsencrypt/live' >> /etc/letsencrypt/renewal-hooks/deploy/prosody.sh
 +chmod 700 /etc/letsencrypt/renewal-hooks/deploy/prosody.sh
 +</code>
 +
 +Now, finally, we run it one time to get prosody updated. After this, it will run after a new SSL cert is created automatically
 +<code bash>
 +/etc/letsencrypt/renewal-hooks/deploy/prosody.sh
 +</code>
 +
 +==== restart everything ====
 +<code bash>
 +service prosody restart
 +service jicofo restart
 +service jitsi-videobridge2 restart
 +</code>
 +
 +===== Quick Notes =====
 +
 +==== Uninstall ====
 +
 +Note: most of the time you do not need to remove prosody, so I put that on a separate line. If you do remove prosody, be sure to back up /var/lib/prosody first, or you'll have to add all your users.
 +<code bash>
 +apt purge jigasi jitsi-meet jitsi-meet-web-config jitsi-meet-prosody jitsi-meet-turnserver jitsi-meet-web jicofo jitsi-videobridge2
 +apt purge prosody # only if you really, really need to
 +apt autoremove
 +</code>
 +
 +==== Can't create an XMPP room ====
 +
 +By default, jitsi does not allow you to create new rooms in when you are using it for straight XMPP. In this case, edit the file **/etc/prosody/conf.avail/jitsi.example.com**
 +  - Find line similar to //Component "conference.jitsi.example.com"//
 +  - find line under that //restrict_room_creation = true//
 +  - change 'true' to 'false'
 +  - restart everything
 +
  
 ==== Location of authentication files ==== ==== Location of authentication files ====
 User authentication file (plain text, so don't trust it) User authentication file (plain text, so don't trust it)
 <code> <code>
-/var/lib/prosody/server%2ename%2edomain/accounts+/var/lib/prosody/jitsi%2eexample%2ecom/accounts
 </code> </code>
 Basically, the server name with the dots replaced with %2e Basically, the server name with the dots replaced with %2e
Line 84: Line 181:
   * https://desktop.jitsi.org/Main/Download.html   * https://desktop.jitsi.org/Main/Download.html
   * https://appimage.github.io/jitsi-meet/   * https://appimage.github.io/jitsi-meet/
 +  * https://prosody.im/doc/letsencrypt
 +  * https://www.digitalocean.com/community/tutorials/how-to-install-jitsi-meet-on-ubuntu-20-04
 +  * https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart
   *    * 
software/jitsi.1620165468.txt.gz · Last modified: 2021/05/04 16:57 by rodolico