Get Rewarded! We will reward you with up to €50 credit on your account for every tutorial that you write and we publish!

Install Jitsi Meet on Debian/Ubuntu

profile picture
Author
Noah Seefried
Published
2020-05-12
Time to read
6 minutes reading time

Introduction

Jitsi Meet is an open-source (Apache) WebRTC JavaScript application that uses Jitsi Videobridge to provide high quality, secure and scalable video conferences. It can be used as a replacement for proprietary services like Zoom, Whereby, Teams, Skype and many others.

You can try it out on meet.jit.si. There are more public instances available in the Jitsi Meet Handbook.

This tutorial should work with Debian 8 (Jessie) or later, and Ubuntu 14.04 or later. Of course it is recommended to use the latest available (LTS) version of either Debian or Ubuntu.

Prerequisites

  • At least a small virtual server, e.g. Cloud Server CX11, with a root shell
  • Basic knowledge about linux

Step 1 - Choose a domain and setup DNS

First of all you need to choose a domain. In this tutorial we will use talk.example.com. In your DNS zone create two simple records:

talk.example.com. 14400 IN A    10.0.0.1
talk.example.com. 14400 IN AAAA 2001:db8:1234::1

Step 2 - Add repository and install

Jitsi ships pre-built packages for jitsi-meet in its own repository. Since these packages are signed with their own key, we also need to add the GPG from Jitsi to our keyring.

echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | gpg --dearmor | tee /etc/apt/trusted.gpg.d/jitsi.gpg

Then update your package list:

apt-get update

Depending on how simple and minimal your operating system is, you may receive an error from this repository. You need an additional package to support HTTPS repositories. After that, update your package list again:

apt-get install apt-transport-https
apt-get update

Step 3 - Configure the hostname (optional)

If this server is for jitsi-meet only, then you should set the hostname with hostnamectl set-hostname talk. Also edit the hosts file under /etc/hosts and replace the default with the chosen FQDN, in this tutorial talk.example.com.

Step 4 - Jitsi Installation

Choose one of the following installation options:

Step 4.1 - Automatic Installation

Jitsi Meet can install and configure a webserver and certificates itself. If you do not have any existing setup on this machine yet, you can use these steps.
Otherwise scroll down to the manual installation.

  • Install Jitsi Meet

    Perform the jitsi-meet installation:

    apt-get install jitsi-meet -y

    During the installation process you need to enter your chosen domain name (not the example talk.example.com!). It will be used to configure the virtual host.


  • Register a certificate

    Next we register Let's Encrypt certificates for TLS encryption. Jitsi Meet also offers a script for this task. Simply run it:

    /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

Next, continue with "Step 5" below.

Step 4.2 - Manual Installation

These steps describe the manual installation process.


  • Install a webserver

    In case you already have a webserver installed you can skip this step. For performance reasons we install a webserver otherwise jitsi-meet will use a builtin java webserver called jetty.

    apt-get install nginx -y

  • Register a certificate

    Next we register Let's Encrypt certificates for TLS encryption. ork with this script at the moment).

    We will use certbot from EFF for the Let's Encrypt certificates.

    apt-get install snapd
    snap install --classic certbot
    ln -s /snap/bin/certbot /usr/bin/certbot

    Time to register your certificate (don't forget to replace the email and domain with your certificate):

    certbot certonly --nginx --rsa-key-size 4096 -m holu@example.com -d talk.example.com

  • Install Jitsi Meet

    Finally we can install jitsi-meet on our server.

    apt-get install jitsi-meet -y

    During the installation process you need to enter your chosen domain name (not the example talk.example.com!) and select the option to generate a self-signed certificate.

    We let the installer generate the certificate but won't use it.


  • Modify shipped nginx configuration

    The jitsi-meet package ships with an nginx configuration. It is located under /etc/nginx/sites-available/talk.example.com.conf.

    What do we need to change? Please note that the steps below are only minimal required changes, you can tweak a lot more in this nginx configuration.


    SSL certificate
    Remove the lines starting with ssl_certificate and ssl_certificate_key and add the following lines instead:

    ssl_certificate /etc/letsencrypt/live/talk.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/talk.example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/talk.example.com/chain.pem;

    IPv6 Support (optional)
    Depending on your operating system and the Jitsi Meet version you install, the shipped nginx configuration does not support IPv6. If your server does, you can add IPv6 support with the following:
    First add listen [::]:80; below listen 80;.
    Then add listen [::]:443 ssl; below listen 443 ssl;.


    TLS configuration (optional)
    If your operating system is a recent and up-to-date version, you should also modify the TLS configuration.
    Replace the line starting with ssl_protocols with ssl_protocols TLSv1.2 TLSv1.3;

Step 5 - Additional configuration

Open /etc/jitsi/meet/talk.example.com-config.js:

Uncomment and change // disableThirdPartyRequests: false to true

You should add more than one STUN server under stunServers: in case one of them does not work. There is a list available on this GitHub gist. I can recommend you to use the following:

{ urls: 'stun:stun.nextcloud.com:443' },
{ urls: 'stun:stun.stunprotocol.org:3478' },
{ urls: 'stun:meet-jit-si-turnrelay.jitsi.net:3478' }

Of course the best solution would be to host your own STUN server.

Step 6 - Restart all services

Restart all services to be sure all configuration changes are applied:

systemctl restart nginx.service jicofo.service jitsi-videobridge2.service

In case you get an error during room creation, reboot your server and try again.

Conclusion

We installed a privacy respecting, self-hosted video conferencing platform in a few simple steps. If everything went fine you can now visit the domain you setup and start your first meeting!

License: MIT
Want to contribute?

Get Rewarded: Get up to €50 in credit! Be a part of the community and contribute. Do it for the money. Do it for the bragging rights. And do it to teach others!

Report Issue
Try Hetzner Cloud

Get 20€ free credit!

Valid until: 31 December 2024 Valid for: 3 months and only for new customers
Get started
Want to contribute?

Get Rewarded: Get up to €50 credit on your account for every tutorial you write and we publish!

Find out more