Thursday, May 21, 2020

Day 62: Setting up a Jitsi-Server (Part 1)

This article is part of The 100 Days Offensive. Go to Day 61 or Day 63.

On Saturday, I want to celebrate my birthday. But a classic party is out of the question. So my idea was to host a video conference for my friends and drink coffee and eat cake virtually together.

Though I use Teams, Zoom, WebEx and Hangouts on my job and Discord for private purposes, I want something people can use without registering, installing a client or working with a provider they dislike.

The solution seemed easy: setting up my own Jitsi instance.

The initial progress was fine. I installed a clean Ubuntu based on version 18.04, created SSH Key Pair and logged in.

The next steps were:

  1. Adding the repository for Jitsi:

    # echo 'deb https://download.jitsi.org stable/' >> /etc/apt/sources.list.d/jitsi-stable.list

    # wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -

    # apt-get update
  2. Adding some lines to "/etc/systemd/system.conf":

    DefaultLimitNOFILE=65000
    DefaultLimitNPROC=65000
    DefaultTasksMax=65000


    followed by a

    # systemctl daemon-reload
  3. The install Jitsi:

    # apt-get -y install jitsi-meet
    When asked for the certificate, I recommend to go for the self signed at first and get the correct one later. For this step you need to know the FQDN for your Jitsi instance and the DNS entry should point to the correct IP.
  4. Then get a correct certificate via Let's Encrypt:

    # /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
After a few seconds you'll have you own Jitsi server up and running. You can now connect to your server using Firefox or Chrome (WebRTC is required). You can now create your own Meetings.

BUT SO CAN EVERYONE ELSE who knows the FQDN of your server. He just connects to https://<your-fqdn>/<new-room-name> and a new meeting spawns into existence.

Up to this point everything was pretty easy. But that was not what I wanted to achieve. My plan was:
  • To create a new meetings, one has to be a registered user and to authenticate
  • Anonymous users are still allowed, but can only connect to existing meetings.
In theory this should have been easy as well. There is a short tutorial available. Unluckily it turned out to be much more complex. I can count myself lucky as a I had a lot of help from a friend. Tomorrow I will write down the steps I needed to take.





No comments:

Post a Comment