Jitsi Meet Server and Videobridge Installation on Raspberry Pi 4 with Ubuntu Server 21.04

raspberry-pi-install.md

Jitsi Meet install on a Raspberry Pi 4 with Ubuntu Server 21.04

This guide helps you host your own Jitsi server on a Raspberry Pi 4B. It is adapted from Jitsi's quick install guide and the Jitsi on ARM guide written by crouchingtigerhiddenadam. The biggest difference is this is designed to work with a Pi running Ubuntu Server 21.04 instead of Raspbian.

I did this because I'd rather set up Jitsi Meet on a Raspberry Pi I already own than add a dedicated VPS (and pay AWS's bandwidth costs) just for that. I used Ubuntu 21.04 because I'm more familiar with Ubuntu than with Raspbian, and using an arm64 OS makes the setup easier than on armhf. I also tried to use distribution packages instead of manually downloading individual deb files throughout.

Prerequisites

This guide assumes you already have a DNS name set up with an A record pointing to the public IP address of your Raspberry Pi.

Get Ubuntu Server 21.04 for Raspberry Pi

You can get this from https://ubuntu.com/download/raspberry-pi - I used the 64-bit image for Raspberry Pi 4. The default username and password on that are both "ubuntu"; it will prompt you to set a new password on first login.

You'll want to set that up the same way you would any other distribution for a Pi, and set yourself up for SSH access if you don't have a conveniently-placed keyboard connected to your Pi. If you're not familiar with how to get started writing that disk image to a microSD card there's a tutorial you can follow at https://ubuntu.com/tutorials/how-to-install-ubuntu-on-your-raspberry-pi#1-overview for this step.

Install the Jitsi packages

Generally speaking this means you'll need to follow the instructions at https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart, but stop before the Let's Encrypt certificate step.

In slightly more detail:

Set up your Fully-Qualified Domain Name

I assume you already have an FQDN set up in DNS that you want to use for this Jitsi install - suppose that's jitsi.example.com. First, change the hostname on the machine to match that:

sudo hostnamectl set-hostname jitsi.example.com

Then use vim or your favorite editor to put the same FQDN in the /etc/hosts file, associating it with your public IP address. This means you'll edit the top of that file so it looks like:

127.0.0.1 localhost
x.x.x.x jitsi.example.com

Where x.x.x.x is your external IP address.

When this is done, test that you can ping your domain name with ping "$(hostname)". If it worked, you should see a response from your domain name.

Add the Jitsi package repository

curl https://download.jitsi.org/jitsi-key.gpg.key | sudo sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg'
echo 'deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/' | sudo tee /etc/apt/sources.list.d/jitsi-stable.list > /dev/null

Open ports in your firewall

Open 80/TCP, 443/TCP and 10000/UDP on your firewall, making sure those ports are forwarded to your Pi if it's behind a NAT.

Install the Jitsi Meet packages

# Ensure support is available for apt repositories served via HTTPS
sudo apt install apt-transport-https

# Retrieve the latest package versions across all repositories
sudo apt update

# Perform jitsi-meet installation
sudo apt install jitsi-meet

The installer will ask you for the hostname of your Jitsi Meet instance; set that to the same FQDN you entered earlier. Then it'll ask about an SSL certificate; pick "Generate a new self-signed certificate". We'll set up a real SSL cert with Let's Encrypt in the next step.

Generate an SSL certificate with Let's Encrypt

First, install certbot from the Ubuntu repositories:

sudo apt install certbot

Then run the script to generate a Let's Encrypt certificate:

sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

At this point you should see the landing page load correctly at https://jitsi.example.com! Yay! Unfortunately we're not done yet, because as you'll see it doesn't actually work if you try to connect multiple clients to a jitsi meeting; we'll fix that in the next step.

Install SCTP from source

This section is cribbed off jitsi-meet issue 6449.

Install build requirements

sudo apt install openjdk-8-jdk build-essential libtool maven

Stop services

sudo systemctl stop prosody jitsi-videobridge2 jicofo

Recompile jniwrapper-native-1.0-SNAPSHOT

git clone https://github.com/sctplab/usrsctp.git
git clone https://github.com/jitsi/jitsi-sctp
mv ./usrsctp ./jitsi-sctp/usrsctp/
cd ./jitsi-sctp
mvn package -DbuildSctp -DbuildNativeWrapper -DdeployNewJnilib -DskipTests

Copy libjnisctp.so

cp ./jniwrapper/native/target/libjnisctp-linux-aarch64.so \
 ./jniwrapper/native/src/main/resources/lib/linux/libjnisctp.so

Re-package and Copy jniwrapper-native-1.0-SNAPSHOT.jar into Jitsi VideoBridge2

When running mvn package ensure all unit tests are successful. You will see some warnings about "Using platform encoding", but that's fine because we're building on the platform that we intend to run this on anyway.

mvn package
sudo cp ./jniwrapper/native/target/jniwrapper-native-1.0-SNAPSHOT.jar \
 /usr/share/jitsi-videobridge/lib/jniwrapper-native-1.0-SNAPSHOT.jar

Restart the services

sudo systemctl start prosody jitsi-videobridge2 jicofo

Check if it worked!

systemctl status jitsi-videobridge2

Fire up your web browser, start a jitsi meeting, join it from another tab or another device, and check the jitsi logs at sudo less /var/log/jitsi/jvb.log if something is amiss.

Ok, it is working now
My bad is missed port forwarding for 443 and 10000 port on my router
Success!!!

I have another challenge.
Is it possible to create headless jitsi client with usb camera on raspberry and connect to own server room?
I`m going to use raspberry as a web camera host with two way audio stream (video intercom)
maybe jitsi is too redundant solution for this purpose?

target/native/javah/org_jitsi_modified_sctp4j_SctpJni.h:2:10: fatal error: jni.h: No such file or directory
2 | #include <jni.h>
| ^~~~~~~
compilation terminated.

if you have already installed 'openjdk-8-jdk' or some 'jdk', try out following 2 extra steps:

sudo update-alternatives --config java
export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-arm64/

anyway maven is not finding 'jni.h'.. that is the problem. you have jdk somewhere in the system. which might differ than mine (/usr/lib/jvm/java-8-openjdk-arm64/), good luck!

I was able to set up jitsi on my raspi 4 with this manual.

For some reason participants can normally join but cannot share the screen (own person can see own shared screen but not the others).
Unfortunately there is no useful error message in log file.

How can I get screen sharing working?

Three month ago the install-letsencrypt-cert.sh script has changed and they have replaced certbot-auto with certbot. So I think there is no modification needed any longer. Changed has obviously also the directory structure from openjdk-8-jdk. I suffered the same problem like johannes-schmatz since the compiler can't find several files not only 'jni.h which is placed now in a 'include' directory. Unfortunately i was not able to figure out where to change this, so any help is appreciated.

No sorry, as you were - I don't know how but I've overseen 'applecargos' update that solved the problem but, one of the next steps 'mvn package' runs in errors. If this log isn't helpful i can run Maven with enhanced output. So still any help is appreciatet.

[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary for jitsi-sctp 1.0-SNAPSHOT:
[INFO]
[INFO] jitsi-sctp ......................................... SUCCESS [ 0.031 s]
[INFO] usrsctp native library ............................. SUCCESS [ 3.655 s]
[INFO] jniwrapper ......................................... SUCCESS [ 0.007 s]
[INFO] usrsctp JNI wrapper (Java code) .................... SUCCESS [ 1.199 s]
[INFO] usrsctp JNI wrapper (native code) .................. SUCCESS [ 2.152 s]
[INFO] jnilib ............................................. SUCCESS [ 4.425 s]
[INFO] Java SCTP library .................................. FAILURE [ 1.697 s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 13.835 s
[INFO] Finished at: 2020-11-01T17:03:33Z
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M5:test (default-test) on project sctp: There are test failures.
[ERROR]
[ERROR] Please refer to /home/ubuntu/jitsi-sctp/sctp/target/surefire-reports for the individual test results.
[ERROR] Please refer to dump files (if any exist) [date].dump, [date]-jvmRun[N].dump and [date].dumpstream.
[ERROR] Error creating properties files for forking
[ERROR] org.apache.maven.surefire.booter.SurefireBooterForkException: Error creating properties files for forking
[ERROR] at org.apache.maven.plugin.surefire.booterclient.ForkStarter.fork(ForkStarter.java:604)
[ERROR] at org.apache.maven.plugin.surefire.booterclient.ForkStarter.run(ForkStarter.java:305)
[ERROR] at org.apache.maven.plugin.surefire.booterclient.ForkStarter.run(ForkStarter.java:265)
[ERROR] at org.apache.maven.plugin.surefire.AbstractSurefireMojo.executeProvider(AbstractSurefireMojo.java:1314)
[ERROR] at org.apache.maven.plugin.surefire.AbstractSurefireMojo.executeAfterPreconditionsChecked(AbstractSurefireMojo.java:1159)
[ERROR] at org.apache.maven.plugin.surefire.AbstractSurefireMojo.execute(AbstractSurefireMojo.java:932)
[ERROR] at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:137)
[ERROR] at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:210)
[ERROR] at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:156)
[ERROR] at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:148)
[ERROR] at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:117)
[ERROR] at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:81)
[ERROR] at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:56)
[ERROR] at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
[ERROR] at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:305)
[ERROR] at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:192)
[ERROR] at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:105)
[ERROR] at org.apache.maven.cli.MavenCli.execute(MavenCli.java:957)
[ERROR] at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:289)
[ERROR] at org.apache.maven.cli.MavenCli.main(MavenCli.java:193)
[ERROR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[ERROR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
[ERROR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[ERROR] at java.lang.reflect.Method.invoke(Method.java:498)
[ERROR] at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:282)
[ERROR] at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:225)
[ERROR] at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:406)
[ERROR] at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:347)
[ERROR] Caused by: java.net.BindException: Cannot assign requested address
[ERROR] at sun.nio.ch.Net.bind0(Native Method)
[ERROR] at sun.nio.ch.Net.bind(Net.java:461)
[ERROR] at sun.nio.ch.Net.bind(Net.java:453)
[ERROR] at sun.nio.ch.AsynchronousServerSocketChannelImpl.bind(AsynchronousServerSocketChannelImpl.java:163)
[ERROR] at org.apache.maven.plugin.surefire.extensions.SurefireForkChannel.(SurefireForkChannel.java:88)
[ERROR] at org.apache.maven.plugin.surefire.extensions.SurefireForkNodeFactory.createForkChannel(SurefireForkNodeFactory.java:39)
[ERROR] at org.apache.maven.plugin.surefire.booterclient.ForkStarter.fork(ForkStarter.java:576)
[ERROR] ... 27 more
[ERROR]
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
[ERROR]
[ERROR] After correcting the problems, you can resume the build with the command
[ERROR] mvn -rf :sctp

Hi crouchingtigerhiddenadam
I have installed successful with your instruction jitsi on a raspberry. It's in this time only with a 4 GB raspi. But the ram-consumtion is less, if we have only few participants.

Great thanks for your instruction.

So the RAM consumption i.e 1.8GB out of 3.7GB is including full desktop environment and chrome/chromium browser. but what is actual RAM consumption of just the Jitsi server?

The Jitsi Server is running an the Raspi. The View is the Session on my PC and the remote desktop of the graphical user interface of the Raspi. The system monitor is running on the raspi.

The Jitsi Server is running an the Raspi. The View is the Session on my PC and the remote desktop of the graphical user interface of the Raspi. The system monitor is running on the raspi.

Ok so a desktop environment is installed on Raspi?

On the raspi:
sudo apt-get install xrdp
Reading package lists... Done
Building dependency tree
Reading state information... Done
xrdp is already the newest version (0.9.12-1).

On the pc (ubuntu):
grdesktop

Hi @AnirudhChandupatla
I have change the description of the view. Thank you for the question.

Hi @AnirudhChandupatla
I have change the description of the view. Thank you for the question.

Thank you for the reply @holger49

The Jitsi Server is running an the Raspi. The View is the Session on my PC and the remote desktop of the graphical user interface of the Raspi. The system monitor is running on the raspi.

Oh, so the Raspberry Pi is being used purely as the server? Does this Gist address/intend to address running the client UI/video/camera on the Raspberry Pi itself, or is it purely focused on the getting the server end up and running so that it can be accessed from another device?

I was hoping to be able to use a Raspberry Pi 4 as a simple video endpoint. I don't need the power of the server features (they could run in the cloud or a VPS somewhere). What are the other two video endpoints in your screenshot?

When you only need a simple video endpoint, then ist jitsi to take a sledghammer to cack a nut. I recommend for your pc:
sudo apt-get install xawtv
With this you can display a usb-camera connected with usb on your pc.
with xawtv -device /dev/video1
It is also possible with raspi with grahpical desktop and with connected usb-camera.
When you want more comfort, then I recommend zoneminder. You can connect usb- and ip-camera and have also a database for store photo or video. You can select zones for alarm, when you have motion in the camera.

By simple video endpoint I mean a simple video endpoint to a VTC (two or three participants). Rather than connecting from a laptop, I'd like to be able to do so from a Raspberry Pi connected to a TV.

I think, it is only necessary on the raspi to launch a browser with the outside address of the jitsi on the raspi. You need ubuntu with desktop. Chromium is recommended.

[INFO] usrsctp JNI wrapper (native code) .................. FAILURE [ 7.427 s]
[INFO] jnilib ............................................. SKIPPED
[INFO] Java SCTP library .................................. SKIPPED
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[...]

if you have already installed 'openjdk-8-jdk' or some 'jdk', try out following 2 extra steps:

sudo update-alternatives --config java
export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-arm64/

anyway maven is not finding 'jni.h'.. that is the problem. you have jdk somewhere in the system. which might differ than mine (/usr/lib/jvm/java-8-openjdk-arm64/), good luck!

@applecargo: This did the trick for me - thank you for this! I also had the same problem that the maven package failed today on a fresh install of Ubuntu 20.04.1 on a Raspberry Pi 4 (4GB). Now it works.

@krithin: Thanks for this great tutorial! If more people run into this compiling error you might consider updating the instructions or adding a section...
Cheers and happy holidays to all of you!

I need a version without access to the internet. The setup is quite the same holger49 described. I use it for a dance performance. We perform all our performances in places, with poor or without internet and sometimes with no connection outside the country - like as an example Belarussia. I have 2 old Macbook air on stage. The video conference is projected to a screen - everything works well with eg. https://meet.adminforge.de/
I have a rock64 laying around - the rock64 should do it for 2 participants and there is a armbian ubuntu 20.04 iso available -

Do you think, I will get the rock64 as a jitsi meet server, without a connection to the internet?

I forgot to say, that the rooter is a fritzbox - if I write like talk.fritz.box in the browser it points to the ip address of the rock64 - 10.0.0.26 - some kind of internal DNS resolver

I don't understand the problem. You can also use jitsi, if the participants are all in the local network. But you must regardless use the public address of the jitsi-server.

@holger49
can you do me a favor? can you cut the internet connection of your router and see if you can connect between your clients?

You need a dns-server in the local network. Par example the pi hole. If the pi hole have receive the tables from the outside-dns-server, you can cut the connection and work inside the local network.
But, what is the reason for closing the connection?
The connection between the participants are encrypted with https. Also the us-american NSA cannot crack the connection. Only on the server are the data open. If you have the server under own control, it is save. It is probability only possible to crack the devices of the participants.

I just give you countries, where we played - Senegal, Marokko, Tunesia, Afganistan, Pakistan, India, Belarus. In some theaters, I dont eaven have a connection with my phone - like in Senegal I had to walk 500m to get a connection with my phone. The theaters dont have internet. I am not afraid of NSA - I am just afraid of no possibility to connect to the internet.

I just can tell success with the rock64 and without internet connection - you just have to stay on the "self-signed certificate", which is no problem, when you run it just with chromium and do not use the apps.
To compare with the pi, here the screenshot with 3 participiants and nmon (because I have no idea about grdesktop with xrdp

I followed the instructions on December 18th, 2020 and a running Jitsi server that works. It runs on a Pi 4 with 4 Gb, I have hosted conferences with 6 participants - everything is going very well. Thank you!! I wanted to update Ubuntu now and also included Jitsi. After that Jitsi runs in my network with camera and micro on the clients, but from the outside the camera and micro are off on the clients. The ICE test for the turn server works, port 10000 is open. If I follow the instructions on a new system, the result is the same. My Jitsi still has the blue background, the new Jitsi (which only works internally) has mountains. Does anyone know what has changed? My ports are all open, if I just update Ubuntu, my previous Jitsi will continue to work.
I would be happy to hear from you.

@superfino have you found a solution for the "Error creating properties files for forking" error? I have the same problem :(

Hello I wanted to install Jitsi-meet on rapbian with nspawan 64bit debian on rapberry 4 with 8Gb but unfortunately I coul not install openjdk-8-jdk. Only openjdk-11-jdk is availiable. When using this I get a compile error since javah is not available anymore.
Anyone found a solution for that?
Found it in meantime:
sudo apt-get update
sudo apt-get install software-properties-common
sudo apt-add-repository 'deb http://security.debian.org/debian-security stretch/updates main'
sudo apt-get update
sudo apt-get install openjdk-8-jdk

One important note when copying the new compiled jniwrapper-native-1.0-SNAPSHOT.jar
it is important to delete the old one on the target path. In my case Jitsi still crashes wehn a 3. person connects.
Maybe this could be added in the instructions above.

Hello I wanted to install Jitsi-meet on rapbian with nspawan 64bit debian on rapberry 4 with 8Gb but unfortunately I coul not install openjdk-8-jdk. Only openjdk-11-jdk is availiable. When using this I get a compile error since javah is not available anymore.
Anyone found a solution for that?
Found it in meantime:
sudo apt-get update
sudo apt-get install software-properties-common
sudo apt-add-repository 'deb http://security.debian.org/debian-security stretch/updates main'
sudo apt-get update
sudo apt-get install openjdk-8-jdk

One important note when copying the new compiled jniwrapper-native-1.0-SNAPSHOT.jar
it is important to delete the old one on the target path. In my case Jitsi still crashes wehn a 3. person connects.
Maybe this could be added in the instructions above.

I don't know your exact setup - but in your case, I would use DietPi 32 bit for this (the DietPi distro uses really low resources) (and, of course, without the X server :) ). It has opengl - with either the kms or the fkms driver. If you enforce h264 as a must - it might work even better (haven't tried it yet :) ). Let's hope h264 works out of the box through the onboard h264 hardware video decoder/encoder :) ...

Please tell us the results with this, if you want to implement what I just said :)
succes!...

jitsi-sctp have been updated these days and the related code need to be fixed.

I solved this error with the unstable repo.

https://community.jitsi.org/t/posibility-of-proper-arm-packaging-for-jvb2/102703/24