This tutorial is for jitsi-meet installation using 2 server or more. The main server will contain jitsi-meet react source code, prosody, nginx, and jicofo. The videobridge will be installed seperatelly on the second server and so on.
- Minimum 2 servers with 1 IP Public each
- Ubuntu 18.04
Before starting make sure there are no permission issues on the installation.
sudo suOn this server we will run the nginx, prosody, and jicofo.
apt-get updateapt-get install nginxnote that we need to install nginx before installing jitsi-meet so the jitsi-meet will not use jetty as the web server
ufw status
ufw allow ssh
ufw allow 443/tcp
ufw allow 4443/tcp
ufw allow 5222/tcp
ufw allow 10000:20000/udp
ufw enablewget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -
sudo sh -c "echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list"
echo deb http://packages.prosody.im/debian $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list
wget https://prosody.im/files/prosody-debian-packages.key -O- | sudo apt-key add -
sudo apt-get update
sudo apt-get install --no-install-recommends jitsi-meet lua-secyou will be asked for the domain, and ssl option when installing jitsi-meet. Initially you can use a self-signed certificate for the install, once fully complted install a let's encrypt (or other) certficate.
remove default site config files on nginx
rm /etc/nginx/site-enabled/default
rm /etc/nginx/site-available/defaultstop jitsi videbridge as it will be running on the second server, not in the main server
/etc/init.d/jitsi-videobridge stopcurl -sL https://deb.nodesource.com/setup_10.x -o nodesource_setup.sh
bash nodesource_setup.sh
apt install nodejsapt-get install makeopen global prosody configuration file /etc/prosody/prosody.cfg.lua and add this statement:
component_interface = "0.0.0.0"
compinent_ports = { 5347 }
network_backend = "epoll"
and if you're still using the old configuration file, you will find
daemonize = true;
if you find this, change it to false, if you dont find it, just leave it
Open your config /etc/prosody/conf.d/<your.domain.com>.cfg.lua and adjust your file like this
consider_bosh_secure = true;
VirtualHost "<your.domain.com>"
-- enabled = false -- Remove this line to enable this host
authentication = "anonymous"
-- Properties below are modified by jitsi-meet-tokens package config
-- and authentication above is switched to "token"
--app_id="example_app_id"
--app_secret="example_app_secret"
-- Assign this host a certificate for TLS, otherwise it would use the one
-- set in the global section (if any).
-- Note that old-style SSL on port 5223 only supports one certificate, and will always
-- use the global one.
ssl = {
key = "/etc/prosody/certs/<your.domain.com>.key";
certificate = "/etc/prosody/certs/<your.domain.com>.crt";
}
-- we need bosh
modules_enabled = {
"bosh";
"pubsub";
"ping"; -- Enable mod_ping
}
c2s_require_encryption = false
Component "conference.<your.domain.com>" "muc"
storage = "memory"
admins = { "focus@auth.<your.domain.com>" }
-- internal muc component
Component "internal.auth.<your.domain.com>" "muc"
storage = "memory"
modules_enabled = {
"ping";
}
muc_room_cache_size = 1000
admins = { "focus@auth.<your.domain.com>", "jvb@auth.<your.domain.com>" }
VirtualHost "auth.<your.domain.com>"
ssl = {
key = "/etc/prosody/certs/auth.<your.domain.com>.key";
certificate = "/etc/prosody/certs/auth.<your.domain.com>.crt";
}
authentication = "internal_plain"
Component "focus.<your.domain.com>"
component_secret = "<jicofo focus secret>"
You can comment or delete other lines if there are any differences with your file.
/etc/init.d/prosody restartYou can check the password by execute this command
cat /var/lib/prosody/auth%2e<your%2edomain%2ecom>/accounts/jvb.datThis password will be used by jvb on the second server to connect to prosody
On this server we will run just jitsi videobridge2.
ufw status
ufw allow ssh
ufw allow 443/tcp
ufw allow 4443/tcp
ufw allow 10000:20000/udp
ufw enablewget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -
sudo sh -c "echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list"
sudo apt-get update
sudo apt-get install jitsi-videobridge2you will be asked for the domain, input the domain of the main server. This JVB server doesn't need a domain.
open /etc/jitsi/videobridge/config make sure your config is set as follows:
# Jitsi Videobridge settings
# sets the XMPP domain (default: none)
JVB_HOSTNAME= --> leave this blank
# sets the hostname of the XMPP server (default: domain if set, localhost otherwise)
JVB_HOST= --> leave this blank
# sets the port of the XMPP server (default: 5275)
JVB_PORT=5347 --> adjust this value to prosody listen port
# sets the shared secret used to authenticate to the XMPP server
JVB_SECRET=6iHFEg3U --> it doesn't matter anymore
# extra options to pass to the JVB daemon
JVB_OPTS="--apis=rest," --> add rest
# adds java system props that are passed to jvb (default are for home and logging config file)
JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=videobridge -Dnet.java.sip.communicator.SC_LOG$open /etc/jitsi/videobridge/sip-communicator.properties and then add or adjust these statements:
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc,colibri
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=<your.domain.com>
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.<your.domain.com>
org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb
org.jitsi.videobridge.xmpp.user.shard.PASSWORD=<your jvb password> --> from jvb.dat
org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.<your.domain.com>
org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=<unique name for the jvb>
org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=trueIf your JVB server is behind NAT, also add this 2 statement on this file
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=<Local.IP.Address>
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=<Public.IP.Address>on main server
/etc/init.d/prosody restart
/etc/init.d/jicofo restarton jvb server
/etc/init.d/jitsi-videobridge2 restartTo test the installation, shutdown the videobridge on main Jitsi-Meet Server and check if you can still connect to JitsiMeet and do a video-meeting. If completed correctly the Jicofo Service will automatically use the available server(s) on your second videobridge server.
/etc/init.d/jitsi-videobridge2 stopif you checked all, start the videobridge on Jitsi-Meet Server:
/etc/init.d/jitsi-videobridge2 startTo make sure the setup is completed, you can check jicofo log
grep 'Added new videobridge' /var/log/jitsi/jicofo.logYou should see your videobridge nickname there.
To add more Videobridge, install just the jitsi-videobridge on the new server and follow the Second Server installation.
Tried to setup the Jitsi with videobridge as per the procedure, but i am unable to add the videobridge.
while running :- grep 'Added new videobridge' /var/log/jitsi/jicofo.log
it lists the videobridge installed during jitsi-meet server. Doesnot list the second videobridge
Firewall NOT Enabled for Testing.
Default authentication settings in jitsi meet installation of VirtualHost "auth.<your.domain.com>" in /etc/prosody/conf.d/<your.domain.com>.cfg.lua is authentication = "internal_hashed" , but in this procedure is authentication = "internal_plain"
Is there any changes to be made.
I have attached the files for reference.
Config Files