Posted on by Ramneek

How to Install Jitsi on Ubuntu 18 LTS

Jitsi is an open-source voice, video conferencing and instant messaging application. We can use it to easily build and deploy secure communication solutions. It is developed in Java and supports many telephony and instant messaging protocols such as SIP, Jabber/XMPP etc. It is based on OSGi architecture and uses Felix implementation from Apache.

Installation

For this tutorial, we will be using Ubuntu 18 LTS as the host operating system. Here is a brief overview of the steps we will be following in the tutorial.

  1. Some pre-requisite operations
  2. Set up FQDN if available
  3. Add Firewall Rules
  4. Installation
  5. Obtain a TLS certificate
  6. Understanding JITSI components
  7. NAT configuration

Step 1: Pre-requisites

To begin with, we will make sure that our system is up to date

sudo apt -y update && sudo apt -y upgrade

Now we will add Jitsi repository key 

 wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -

We also require to make a sources.list.d file with the repository

 sudo sh -c "echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list"

Now to update the package list

 sudo apt -y update

Note – If you do not have FQDN then you can use the IP address of the host machine and can skip the following optional section.

Step 2: Optional: Setting up FQDN

If the host system has a Fully Qualified Domain Name (Example – meet.example.com) already set up in DNS then /etc/hostname should contain it. We can use the following commands to add it.

sudo hostnamectl set-hostname meet.example.com

We also require to add the same FQDN in /etc/hosts

sudo nano /etc/hosts

Now with our Domain name setup, we can proceed with the installation.

Step 3: Firewall Configuration

JITSI require the following ports opened in the firewall for the proper functionality.

  • 80/tcp
  • 443/tcp
  • 10000/udp

To do this we will use the following commands

sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufu allow 10000/udp

To confirm our changes we can use

sudo ufw status

Step 4: Installation

We will now use the repository we added above to install Jitsi. (Note – The installer will check for Nginx or Apache on the host system. If none is present then it will move forward with Nginx. If one is found then it will configure the virtual host within the webserver. 

sudo apt -y install apt-transport-https  
sudo apt -y install jitsi-meet

We will be asked to enter the hostname of the jitsi-meet instance. If you have the FQDN setup then use that only. If FQDN is not available then you can use the IP address of the host system.

When prompted we will select the option to generate a new self-signed certificate.

Now our Jitsi-meet install is finished.

Step 5: Obtaining TLS Certificate

JITSI is a WebRTC based communication solution and thus requires a SSL certificate to work out of the box. The easiest way to obtain one is using Let’s Encrypt. If you guys want to use your SSL certificate from other Authority then you just need to change settings in nginx conf file. To proceed with Let’s Encrypt use the following script

sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

To test your installation you can use any web browser(Chrome, Firefox, Safari, etc) of your preference. Visit the hostname or the IP address you used to setup Jitsi-Meet. You should see a similar page as shown below.

Step 6: Understanding JITSI Components

Basic Jitsi config files can be found in the /etc/jitsi directory. It contains a config of each component installed.

Jicofo

Jitsi Conference Focus is a server-side component required for Jitsi-Meet. It is responsible for managing media sessions between users and video bridges and also helps in load balancing as it prioritizes the least loaded video bridge.

Videobridge

Jitsi Videobridge is a server component that allows multiuser video communication. It does not convert video channels into a composite video stream but only relays the video channels to all participants. Because of this, it only requires good network bandwidth and not processing power.

Prosody XMPP

Jitsi uses prosody as it’s XMPP server. Prosody files can be found inside /etc/prosody/*

Step 7: NAT Configuration

If the host is behind NAT, we need to do further configuration in jitsi-videobridge. Given that the required ports are forwarded to the host (default ports are TCP/443, TCP/4443 and UDP/10000), We have to edit the sip-communicator.properties.

nano /etc/jitsi/videobridge/sip-communicator.properties

We are required to add the following lines. Change the local IP Address and Public IP Address as per your needs

org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=<Local.IP.Address> 

org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=<Public.IP.Address>

And comment out or remove the following line

org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES

You have successfully installed your first JITSI-MEET server and I wish you all the best for your WebRTC journey. Thank you for reading this blog, if you guys have any questions or you got stuck anywhere please feel free to mention in the comment section below.

Leave a Reply

Your email address will not be published. Required fields are marked *