Jitsi Server
Jitsi Server
by Open Trade Statistics

Version 2.1-273

OS Ubuntu 18.04

MEDIA

Description

Jitsi is an open source app for videoconferencing and chat. Works with Windows, Linux, Mac OS X and Android clients.

Droplets created by using this image allow videoconferencing between Windows, Mac, Linux, Android and iOS users, just requiring to open a new browser tab on laptops/desktops or to install the Jitsi app from the Play Store/App Store on mobile.

This is a pre-configured image with pre-configured dependencies. You'll only need a domain and we provide the scripts for an effortless setup with HTTPS enabled for secure communication with your team.

It is recommended to run this image on a CPU-Optimized droplet with at least 4GB of RAM or higher.

Software Included

Getting started after deploying Jitsi Server

Configure Jitsi

Step 1

Create a droplet from the image available in the Marketplace.

Step 2

Before accessing the fresh droplet, add a domain to your project. This is required because most browsers require HTTPS in order to allow you to use the camera and microphone in a website, and it's not possible to enable HTTPS just with an IP.

Here's an excellent guide to do that: https://www.digitalocean.com/docs/networking/dns/how-to/add-domains/.

It is mandatory to add an A record (i.e. jitsi-example.digitalocean.com) pointing to the IP associated with your droplet.

Step 3

Access the console (i.e via ssh by running ssh root@123.456.789) and set a new password.

Step 4

We have created scripts to configure Jitsi in a very straightforward way. This is divided in two steps:

  1. Configure videoconference.
  2. Configure HTTPS.

Step 4.1

Configure your video conference setup by running:

./01_videoconf.sh

The menu will ask you to type the domain you added to your project in step 2. Type it exactly the same (i.e. jitsi-example.digitalocean.com), if you insert the droplet IP you won't be able to configure HTTPS in the next step.

Then select the option to generate a self-signed certificate, unless you want import your own certificate.

Step 4.2

This image uses Let's Encrypt to enable HTTPS. Configure this setup by running:

./02_https.sh

The menu will ask you for an email, it will be used to notify you when it's time to renew the certificates and maintain your website with a secure connection.

Here's an excellent guide if you have questions with respect to HTTPS and encryption: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04

Step 5 (Optional)

You can optionally add a password to control who can create a meeting. If you want to restrict that, type the next command:

nano /etc/prosody/conf.avail/jitsi-example.digitalocean.com.cfg.lua

There, look for the line that starts with VirtualHost, below it, there is a line that says authentication = "anonymous", it should be changed to authentication = "internal_plain".

After you saved the authentication changes, you can set one or more Jitsi users that will be able to create a meeting after providing a password. This can be configured with the next command:

prosodyctl register the-user jitsi-example.digitalocean.com the-password

To allow users entering the videoconferences without providing them the user and password just created, go back to edit /etc/prosody/conf.avail/jitsi-example.digitalocean.com.cfg.lua and at the end of the file paste these lines:

VirtualHost "guest.jitsi-example.digitalocean.com"
    authentication = "anonymous"
    c2s_require_encryption = false

Save the changes and close the editor. Now type

nano /etc/jitsi/meet/jitsi-example.digitalocean.com.js

Then uncomment the line that says:

// anonymousdomain: 'guest.jitsi-example.digitalocean.com',

Save the changes and close the editor again. Now type:

nano /etc/jitsi/jicofo/sip-communicator.properties

There, add this line:

org.jitsi.jicofo.auth.URL=XMPP:jitsi-example.digitalocean.com

Save the changes and close the editor, again.

This shall enable users to enter the conference with and URL or the URL and a plain password that can be configured in the browser and is the same for all users. See Jitsi documentation for the details.

Finally restart the services by typing:

systemctl restart {prosody,jicofo,jitsi-videobridge2,nginx}

Use Jitsi

Connect to the host via the hostname you set up in the earlier. Just open a browser tab and visit jitsi-example.digitalocean.com (i.e. the domain that you previously configured).

Good practices

  1. It is highly recommended to enable the firewall by running ufw enable.
  2. Keep your server updated with the last security patches and recent software versions.
  3. (Optional) Use SSH keys instead of typed passwords to enter your server via SSH. See the details here: https://www.digitalocean.com/docs/droplets/how-to/add-ssh-keys/
  4. (Optional) Configure an application such as Google Authenticator to provide a dynamic additional password for SSH access. See the details here: https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-two-factor-authentication

API Creation

In addition to creating a Droplet from the Jitsi Server 1-Click App via the control panel, you can also use the DigitalOcean API.

As an example, to create a 4GB Jitsi Server Droplet in the SFO2 region, you can use the following curl command. You’ll need to either save your API access token to an environment variable or substitute it into the command below.


  curl -X POST -H 'Content-Type: application/json' \
       -H 'Authorization: Bearer '$TOKEN'' -d \
      '{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image":"opentradestatist-jitsiserver-18-04"}' \
      "https://api.digitalocean.com/v2/droplets"
      

Support Details

Hours:09.00 - 18.00
Support URL:https://github.com/pachamaltese/jitsi-droplet/issues

More DigitalOcean Links

DigitalOcean Community

Developers supporting developers

Ask a Question

Ask anything related to system administration, programming, devops, open source, or the DigitalOcean platform.

List your 1-Click App in the DigitalOcean Marketplace

Partner with us to build traction for your open source project or software company