Get Rewarded! We will reward you with up to €50 credit on your account for every tutorial that you write and we publish!

Install Jitsi Meet on Debian/Ubuntu

profile picture
Author
Noah Seefried
Published
2024-08-29
Time to read
6 minutes reading time

Introduction

Jitsi Meet is an open-source (Apache) WebRTC JavaScript application that uses Jitsi Videobridge to provide high quality, secure and scalable video conferences. It can be used as a replacement for proprietary services like Zoom, Whereby, Teams, Skype and many others.

You can try it out on meet.jit.si. There are more public instances available in the Jitsi Meet Handbook.

This tutorial should work with Debian 11 (Bullseye) or later, and Ubuntu 22.04 or later. Of course it is recommended to use the latest available (LTS) version of either Debian or Ubuntu.

Prerequisites

  • At least a small virtual server, e.g. Cloud Server CAX11
  • Access to the root user or a user with sudo permissions
  • Basic knowledge about linux

Example terminology

  • Domain: talk.example.com
  • Server:
    • Public IPv4: 10.0.0.1
    • Public IPv6: 2001:db8:1234::1

Step 1 - Choose a domain and setup DNS

First of all you need to choose a domain. In this tutorial we will use talk.example.com. In your DNS zone, create two simple records:

talk.example.com. 14400 IN A    10.0.0.1
talk.example.com. 14400 IN AAAA 2001:db8:1234::1

Step 2 - Add repository and install

  • Install prerequisites

    Depending on how simple and minimal your operating system is, you may need an additional package to support HTTPS repositories.

    sudo apt update
    sudo apt install apt-transport-https
  • Add repository and GPG key

    Jitsi ships pre-built packages for jitsi-meet in its own repository. Since these packages are signed with their own key, we also need to add the GPG from Jitsi to our keyring.

    curl -sL https://download.jitsi.org/jitsi-key.gpg.key | sudo sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg'
    echo "deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/" | sudo tee /etc/apt/sources.list.d/jitsi-stable.list
  • Update your package list

    sudo apt update

Step 3 - Configure the hostname (optional)

If this server is for jitsi-meet only, then you should set the hostname with hostnamectl set-hostname talk. Also edit the hosts file under /etc/hosts and replace the default with the chosen FQDN, in this tutorial talk.example.com.

Step 4 - Jitsi Installation

Choose one of the following installation options:

Step 4.1 - Automatic Installation

Jitsi Meet can install and configure a webserver and certificates itself. If you do not have any existing setup on this machine yet, you can use these steps.
Otherwise scroll down to the manual installation.

  • Install Jitsi Meet

    Perform the jitsi-meet installation:

    sudo apt install jitsi-meet -y

    During the installation process, you need to enter your chosen domain name (not the example talk.example.com!). It will be used to configure the virtual host.


  • Register a certificate

    Next, we register Let's Encrypt certificates for TLS encryption. Jitsi Meet also offers a script for this task. Simply run it:

    sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

Next, continue with "Step 5" below.

Step 4.2 - Manual Installation

These steps describe the manual installation process.


  • Install a webserver

    In case you already have a webserver installed you can skip this step. For performance reasons, we install a webserver otherwise jitsi-meet will use a builtin java webserver called jetty.

    sudo apt install nginx -y

  • Register a certificate

    Next we register Let's Encrypt certificates for TLS encryption. ork with this script at the moment).

    We will use certbot from EFF for the Let's Encrypt certificates.

    sudo apt install snapd
    sudo snap install --classic certbot
    sudo ln -s /snap/bin/certbot /usr/bin/certbot

    Time to register your certificate (don't forget to replace the email and domain with your certificate):

    sudo certbot certonly --nginx --rsa-key-size 4096 -m holu@example.com -d talk.example.com

  • Install Jitsi Meet

    Finally we can install jitsi-meet on our server.

    sudo apt install jitsi-meet -y

    During the installation process you need to enter your chosen domain name (not the example talk.example.com!) and select the option to generate a self-signed certificate.

    We let the installer generate the certificate but won't use it.


  • Modify shipped nginx configuration

    The jitsi-meet package ships with an nginx configuration. It is located under /etc/nginx/sites-available/talk.example.com.conf.

    What do we need to change? Please note that the steps below are only minimal required changes, you can tweak a lot more in this nginx configuration.


    SSL certificate
    Remove the lines starting with ssl_certificate and ssl_certificate_key and add the following lines instead:

    ssl_certificate /etc/letsencrypt/live/talk.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/talk.example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/talk.example.com/chain.pem;

    IPv6 Support (optional)
    Depending on your operating system and the Jitsi Meet version you install, the shipped nginx configuration does not support IPv6. If your server does, you can add IPv6 support with the following:
    First add listen [::]:80; below listen 80;.
    Then add listen [::]:443 ssl; below listen 443 ssl;.


    TLS configuration (optional)
    If your operating system is a recent and up-to-date version, you should also modify the TLS configuration.
    Replace the line starting with ssl_protocols with ssl_protocols TLSv1.2 TLSv1.3;

Step 5 - Additional configuration

Open /etc/jitsi/meet/talk.example.com-config.js:

Uncomment and change // disableThirdPartyRequests: false to true

You should add more than one STUN server under stunServers: in case one of them does not work. There is a list available on this GitHub gist. I can recommend you to use the following:

{ urls: 'stun:stun.nextcloud.com:443' },
{ urls: 'stun:stun.stunprotocol.org:3478' },
{ urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' }

Of course the best solution would be to host your own STUN server.

Step 6 - Restart all services

Restart all services to be sure all configuration changes are applied:

sudo systemctl restart nginx.service jicofo.service jitsi-videobridge2.service

In case you get an error during room creation, reboot your server and try again.

Conclusion

We installed a privacy respecting, self-hosted video conferencing platform in a few simple steps. If everything went fine you can now visit the domain you setup and start your first meeting!

License: MIT
Want to contribute?

Get Rewarded: Get up to €50 in credit! Be a part of the community and contribute. Do it for the money. Do it for the bragging rights. And do it to teach others!

Report Issue
Try Hetzner Cloud

Get €20/$20 free credit!

Valid until: 31 December 2024 Valid for: 3 months and only for new customers
Get started
Want to contribute?

Get Rewarded: Get up to €50 credit on your account for every tutorial you write and we publish!

Find out more