user:jan001:jitsi_docker
This is an old revision of the document!
Table of Contents
Deploy Jitsi with Docker + High Quality
Every eolab.de has to be changed to your URL.
Prerequisits
- Ubuntu Server 20.04
- Docker and Docker-Compose are installed
- Running NGINX Reverse Proxy
- A SSL certificate for the desired url
Downloading Jitsi
git clone https://github.com/jitsi/docker-jitsi-meet.git
mv docker-jitsi-meet/ jitsi-meet/
cd jitsi-meet/
cp env.example .env
./gen-passwords.sh
mkdir -p ~/.jitsi-meet-cfg/{web/letsencrypt,transcripts,prosody,jicofo,jvb,jigasi,jibri}
Configuring Jitsi
nano .env
- make sure it uses an unused port
HTTP_PORT=8000
- set timezone
TZ=Europe/Berlin
- set the later used public URL
PUBLIC_URL=https://meet.eolab.de
Configuring NGINX
sudo nano /etc/nginx/sites-available/eolab.de
- make sure there is a redirect from HTTP to https (port 80 to 443)
- add this to the top
upstream jitsi { server localhost:8000; }change the port if needed
- add this to the bottom
server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name meet.eolab.de; ssl_certificate /etc/letsencrypt/live/meet.eolab.de/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/meet.eolab.de/privkey.pem; include snippets/ssl-params.conf; add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"; add_header X-Xss-Protection "1; mode=block"; add_header X-Content-Type-Options nosniff; add_header Referrer-Policy same-origin; proxy_cookie_path / "/; HTTPOnly; Secure"; add_header Expect-CT "enforce, max-age=21600"; add_header Feature-Policy "payment none"; keepalive_timeout 70; sendfile on; client_max_body_size 0; gzip on; gzip_disable "msie6"; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_buffers 16 8k; gzip_http_version 1.1; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascri$ location / { log_not_found off; proxy_cache_valid 200 120m; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Scheme $scheme; proxy_pass http://jitsi/; } location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) { tcp_nodelay on; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_pass http://jitsi/colibri-ws/$1/$2$is_args$args; } location /xmpp-websocket { tcp_nodelay on; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_pass http://jitsi/xmpp-websocket; } }make sure to change the
server_name,ssl_certificateandssl_certificate_key - Save and quit the file
sudo systemctl restart nginx
Start Jitsi
docker-compose up -d
Configure Jitsi with internal authentication for creating rooms
- make sure Jitsi was run at least once
- stop it if its running
docker-compose stop
rm -r ~/.jitsi-meet-cfg
mkdir -p ~/.jitsi-meet-cfg/{web/letsencrypt,transcripts,prosody,jicofo,jvb,jigasi,jibri}nano .env
ENABLE_AUTH=1
ENABLE_GUESTS=1
AUTH_TYPE=internal
- Save and quit the file
docker-compose up -d
- find the container id of the jitsi_prosody container and copy that
docker ps -a
docker exec -it CONTAINER-ID-HERE /bin/bash
su
- change the
usernameandpasswordin this command:prosodyctl --config /config/prosody.cfg.lua register username meet.jitsi password
These credentials are now needed to create a new room
exit
exit
Configure Jitsi for high quality webcams and screenshares
- make sure Jitsi was run at least once
- stop it if its running
docker-compose stop
sudo nano ~/.jitsi-meet-cfg/web/config.js
resolution: 1080,
constraints: { video: { height: { ideal: 1080, max: 1440, min: 480 } } },desktopSharingFrameRate: { min: 5, max: 24 },
user/jan001/jitsi_docker.1617289799.txt.gz · Last modified: 2023/01/05 14:38 (external edit)