What with the pandemic, we’ve all been videoconferencing a lot, and I guess a lot of people here know about the Jitsi videoconference server. For running your own setup, they kindly provide Debian/Ubuntu repositories, but sadly no RPM.
Well, I finally got around to creating RPM packages for it. For a standard setup on a single machine, you should be able to simply install the jitsi metapackage, which will pull in all the components. Since Jitsi offloads all of the video processing onto the user’s machines and really just shuffles some streams around it usually does not need a powerful server, any small virtual machine from a cloud provider should do.
Setup instructions follow below & are also contained in the packages’ docdir /usr/share/doc/<package>/README-fedora.md, but they mostly follow upstream’s debian packages, so any guide you find for those will likely be valid, too.
I’ve only been testing these packages on my one Jitsi server, so obviously I’d be interested in other’s experiences with them,
Installation/setup instructions
In general, the package mostly follows the official Debian package. Notable differences are
- Slightly different file locations
- Both Jicofo and Jitsi Videobridge log to syslog instead of their own logfiles
- Jicofo runs from a service, rather than a init script
Prerequisites
You’ll need a small server that can be accessed from the Internet, a domain name as well as a SSL certificate for that domain. This is because most browsers refuse to do WebRTC (the protocol used for video transport) over non-encrypted connections. You can get one for free via LetsEncrypt.
Installation
A full Jitsi server consists of multiple components, that are split into different packages, as they can be run separately on different machines.
A default single-machine installation can be performed by installing the jitsi metapackage.
The full stack consists of
-
Jitsi-meet, the web interface:
jitsi-meet - Webserver configuration:
jitsi-meet-nginxorjitsi-meet-apache - Configuration for Prosody, for user management:
jitsi-meet-prosody -
Jicofo, the conference room manager:
jicofo -
Jitsi Videobridge, the video/audio transport:
jitsi-videobridge
Optional further components are (these are work in progress, no packages yet, sorry)
-
Jibri, Jitsi Broadcasting Infrastructure, for recoding and streaming:
jibri -
Jigasi, Jitsi Gateway to SIP, to bridge Jitsi rooms to SIP:
jigasi
Configuration
After installation, there are a few additional configuration steps to perform.
Mostly, that consists of replacing various placeholder variables with their correct values. Placeholders variables are identified by underscores/camelCase __variableName__.
In all files, replace __jitsiFQDN__ with the fully-qualified domain name of your instance and __<component>Secret__ with a strong random password. There are three of these needed, __focusSecret__, __focusUserSecret__ and __jvbUserSecret__. They don’t need to be memorable in any way, they are only used by the different components to talk to each other.
Prosody config
Prosody configuration for Jitsi is found in /etc/prosody/conf.d/jitsi-meet.cfg.lua .
- in the config file, replace placeholder variables
__jitsiFQDN__&__focusSecret__ - generate certificates for
__jitsiFQDN__andauth.__jitsiFQDN__and add them to your system’s trust database:
$ prosodyctl cert generate __jitsiFQDN__
$ prosodyctl cert generate auth.__jitsiFQDN__
$ trust anchor /var/lib/prosody/__jitsiFQDN__
$ trust anchor /var/lib/prosody/auth.__jitsiFQDN__
- add users for Jicofo (
focus) and Jitsi Videobridge (jvb)
$ prosodyctl register focus auth.__jitsiFQDN__ __focusUserSecret__
$ prosodyctl register jvb auth.__jitsiFQDN__ __jvbUserSecret__
- start the prosody service
Jitsi Meet
Configuration is located in /etc/jitsi-meet. Only config.js contains placeholder variables that need to be replaced.
Webserver config
Webserver configuration is located in /etc/nginx/conf.d/jitsi-meet.conf (for Nginx) and /etc/httpd/conf.d/jitsi-meet.conf (for Apache). Additionally you’ll need to set up HTTPS for __jitsiFQDN__. Edit the configuration, then start/restart the webserver.
Jicofo config
Configuration is located in /etc/jicofo/. Replace __jitsiFQDN__, __focusSecret__ and __focusUserSecret__ in config and sip-communicator.properties.
Start jicofo.service
Jitsi Videobridge
Configuration is located in /etc/jitsi-videobridge. Replace __jitsiFQDN__ and __jvbUserSecret__ in jvb.conf.
Jitsi-videobridge communicates on port 10000/udp, so it needs to be opened or forwarded if you’re behind NAT. The jitsi-videobridge-firewalld package provides a jitsi-videobridge service definition for firewalld that you can enable to open that port.
Start jitsi-videobridge.service. Additional service configuration can be found in /etc/sysconfig/jitsi-videobridge
Troubleshooting
- When you go to your
__jitsiFQDN__with a browser, you should see a welcome page offering you to join a room. If not, there is a problem with your webserver and/or the jitsi-meet web app - If you can’t join a room or get kicked out all the time, or if everybody is always alone in the room even if multiple people join, the issue is most likely with jicofo & prosody not talking correctly
- if you see other people in a room but their audio and/or video doesn’t work, then the issue is most likely with jitsi-videobridge
- Check the logs. Jicofo and Jitsi Videobridge log to syslog, prosody by default logs to
/var/log/prosody/*. The former’s logs are a mess, but usually informative. Errors are usually related to a) leftover placeholder variables and b) issues with the certificates. - As the package mostly follows the official Debian package, most help you can find for that applies here too.
Thanks!