Jitsi is an open-source voice, video conferencing and instant messaging application. We can use it to easily build and deploy secure communication solutions. It is developed in Java and supports many telephony and instant messaging protocols such as SIP, Jabber/XMPP etc. It is based on OSGi architecture and uses Felix implementation from Apache.
For this tutorial, we will be using Ubuntu 18 LTS as the host operating system. Here is a brief overview of the steps we will be following in the tutorial.
- Some pre-requisite operations
- Set up FQDN if available
- Add Firewall Rules
- Obtain a TLS certificate
- Understanding JITSI components
- NAT configuration
Step 1: Pre-requisites
To begin with, we will make sure that our system is up to date
sudo apt -y update && sudo apt -y upgrade
Now we will add Jitsi repository key
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -
We also require to make a sources.list.d file with the repository
sudo sh -c "echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list"
Now to update the package list
sudo apt -y update
Note – If you do not have FQDN then you can use the IP address of the host machine and can skip the following optional section.
Step 2: Optional: Setting up FQDN
If the host system has a Fully Qualified Domain Name (Example – meet.example.com) already set up in DNS then /etc/hostname should contain it. We can use the following commands to add it.
sudo hostnamectl set-hostname meet.example.com
We also require to add the same FQDN in /etc/hosts
sudo nano /etc/hosts
Now with our Domain name setup, we can proceed with the installation.
Step 3: Firewall Configuration
JITSI require the following ports opened in the firewall for the proper functionality.
To do this we will use the following commands
sudo ufw allow 80/tcp sudo ufw allow 443/tcp sudo ufu allow 10000/udp
To confirm our changes we can use
sudo ufw status
Step 4: Installation
We will now use the repository we added above to install Jitsi. (Note – The installer will check for Nginx or Apache on the host system. If none is present then it will move forward with Nginx. If one is found then it will configure the virtual host within the webserver.
sudo apt -y install apt-transport-https sudo apt -y install jitsi-meet
We will be asked to enter the hostname of the jitsi-meet instance. If you have the FQDN setup then use that only. If FQDN is not available then you can use the IP address of the host system.
When prompted we will select the option to generate a new self-signed certificate.
Now our Jitsi-meet install is finished.
Step 5: Obtaining TLS Certificate
JITSI is a WebRTC based communication solution and thus requires a SSL certificate to work out of the box. The easiest way to obtain one is using Let’s Encrypt. If you guys want to use your SSL certificate from other Authority then you just need to change settings in nginx conf file. To proceed with Let’s Encrypt use the following script
To test your installation you can use any web browser(Chrome, Firefox, Safari, etc) of your preference. Visit the hostname or the IP address you used to setup Jitsi-Meet. You should see a similar page as shown below.
Step 6: Understanding JITSI Components
Basic Jitsi config files can be found in the /etc/jitsi directory. It contains a config of each component installed.
Jitsi Conference Focus is a server-side component required for Jitsi-Meet. It is responsible for managing media sessions between users and video bridges and also helps in load balancing as it prioritizes the least loaded video bridge.
Jitsi Videobridge is a server component that allows multiuser video communication. It does not convert video channels into a composite video stream but only relays the video channels to all participants. Because of this, it only requires good network bandwidth and not processing power.
Jitsi uses prosody as it’s XMPP server. Prosody files can be found inside /etc/prosody/*
Step 7: NAT Configuration
If the host is behind NAT, we need to do further configuration in jitsi-videobridge. Given that the required ports are forwarded to the host (default ports are TCP/443, TCP/4443 and UDP/10000), We have to edit the sip-communicator.properties.
We are required to add the following lines. Change the local IP Address and Public IP Address as per your needs
And comment out or remove the following line
You have successfully installed your first JITSI-MEET server and I wish you all the best for your WebRTC journey. Thank you for reading this blog, if you guys have any questions or you got stuck anywhere please feel free to mention in the comment section below.