Jitsi Meet stands as an open-source video-conferencing application, making use of WebRTC technology. This application offers multi-person video conference rooms, effortlessly accessible through web browsers, and delivers comparable functionality to popular platforms like Zoom or Skype for conference calls with implementation of end-to-end TLS encryption guarantees secure and private communication. Your conversations remain impervious to any unauthorized intrusion.
What to expect from this Blog post :
- Installing and configuring a Jitsi Meet server
- How to configure Jitsi Meet to permit only registered users to create new conference rooms.
- Users can participate in the meetings by using the unique address and an optional password, ensuring secure and controlled access to the virtual gatherings.
- Scaling Jitsi based on network traffic.
Prerequisites :
- AWS Account
- Configured Domain Name: Have a domain name registered and properly configured to point to your server. For the purposes of this guide, the example domain name used is “jitsi.yourdomain”. (Replace “your_domain” with your actual domain name.)
Install and Configure Jitsi Meet with Authentication
Step 1 : Create EC2 and connect to it
Create an EC2 with following configurations :
Os : Ubuntu
Instance type : t2.medium (2 cpu, 4gb Ram)
Step 2 : Connect to the EC2 and run the following commands
sudo apt update && sudo apt -y upgrade sudo apt -y install gnupg2 nginx-full apt-transport-https
Step 3 : Setup system hostname and do some local mapping
sudo hostnamectl set-hostname jitsi.yourdomain
local mapping of the server’s hostname to its public IP addrss
sudo vim /etc/hosts
publicip jitsi.yourdomain
Step 4 : Update Jitsi repository
curl https://download.jitsi.org/jitsi-key.gpg.key | sudo sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg' echo 'deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/' | sudo tee /etc/apt/sources.list.d/jitsi-stable.list > /dev/null sudo apt update
Step 5 : Install Jitsi
sudo apt -y install jitsi-meet
During the Jitsi Meet installation, you’ll be asked to provide the domain name (like jitsi.your-domain) for your instance.
Subsequently, you’ll come across a prompt regarding certificates. Opt for the self-signed certificate at this stage.
Step 6 : Obtain a Signed TLS Certificate
sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
It will prompt for email id
Step 7 : Locking Conference Room Creation for Jitsi meet
Configure your Jitsi Meet server to only allow registered users to create conference rooms.
sudo vim /etc/prosody/conf.avail/jitsi.yourdomain.cfg.lua
Update the following parameters
- Update variable
authentication = “anonymous”
To :
authentication = “internal_hashed” - Add virtual host for guest usersVirtualHost “guest.jitsi.your_domain”
authentication = “anonymous”
c2s_require_encryption = false
Step 7 : Make some changes in meet config for guest users
vim sudo vim/etc/jitsi/meet/jitsi.your_domain-config.js
Uncomment the following line :
anonymousdomain: 'guest.jitsi.yourdomain',
Step 8 : Make config changes in jicofo
sudo vim /etc/jitsi/jicofo/sip-communicator.properties
Added the following line
org.jitsi.jicofo.auth.URL=XMPP:jitsi.yourdomain
Step 9 : Add user to start the meeting
With Jitsi Meet now set up to demand authenticated users for creating rooms, you must proceed to register these users along with their respective passwords. The tool you’ll employ for this task is “prosodyctl.”
Execute the provided command to add a user to your server:
sudo prosodyctl register user your_domain password
Example : sudo prosodyctl register test_user jitsi.example.com user123
Step 10 : Restart all services
In conclusion, restart all Jitsi Meet processes to implement the updated configuration:
sudo systemctl restart prosody.service jicofo.service jitsi-videobridge2.service
Step 11 – Creating Conference Room and Inviting Participants to the meet
You are now ready to access and begin using your freshly set up Jitsi Meet server. Simply open your web browser and enter your Jitsi domain name in the address bar, preceded by “https://jitsi.yourdomain”.
To initiate a meeting, click on the “Start Meeting” button located on the landing page:
The credentials you established during Step 9 using the prosodyctl utility will be used for logging in. Input the username and password, then click “Login.” This action will generate the new meeting and designate you as the moderator.
With the meeting in progress, you can now extend invitations to participants. Access the bottom panel and click on the participants icon:
Get the link and share it with other users to join…
Jitsi Scaling
Step 1 : Setup the Signalling server (Videobridge1 of the Jitsi, we configured in the above steps)
To set up the signalling server, follow these steps:
- Add module name mod_admin_rest in jvb1 :
Go inside prosody module folder and place the “mod_admin_rest.lua” module. You can find the module here: mod_admin_rest.luacp mod_admin_rest.lua /usr/lib/prosody/modules/
- Modify prosody.cfg.lua:
Edit the configuration file located at /etc/prosody/prosody.cfg.lua.- Add an admin account, for instance, “admin@meet.jit.si”
- Enable the admin_rest module
- Reload Prosody:
After making changes, reload the Prosody service to apply the modifications.Note : Open Port 5280 in the security group, Ensure port 5280 is accessible for communication with the JVB instances.
Step 2 : Creating and Configuring videobridge2
- Create and Configure videobridge2 Instance:
Set up a videobridge2 instance in a similar manner to how you created the Jitsi instance. - Modify jvb.sh:
On a fresh installation of videobridge2, At the top of the jvb.sh, insert the following lines:/usr/share/jitsi-videobridge/jvb.sh
- Restart jvb and check for any errors.
systemctl restart jitsi-videobridge2
If no errors, enable auto start
systemctl enable jitsi-videobridge2
Step 3 : Create your image of the Videobridge2 for autoscaling.
Step 4 : Create Autoscaling group with the Videobridge2 image and target tracking policy for Network In
You are all set, Now if there will be Network load greater than the limit you specified. Autoscaling group will launch another videobridge and if the load goes down it will reduce the videobridge.
