Install Apache OpenMeetings on CentOS 7

Apache OpenMeetings is an open-source platform designed for web conferencing. Developed in Java, it supports a variety of database servers. Key features include audio and video communication, screen sharing, file management, user moderation tools, private messaging, a contact list, a built-in calendar for scheduling, and more. Sessions can also be recorded. OpenMeetings offers SOAP/REST APIs and multiple plugins for seamless integration with applications like Moodle, Jira, Joomla, Confluence, and others.

Requirements

• A CentOS 7 server instance with a minimum of 4GB RAM.
• Access to a sudo-enabled user account.
• A domain name correctly pointing to the server.

In this guide, 192.168.1.1 will represent the server’s public IP, and meetings.example.com will serve as the domain name directed to the instance. Replace these examples with your actual IP and domain wherever applicable.

First, update your system by following the instructions in the “How to Update CentOS 7” guide. Once the updates are complete, continue with Java installation.

Install Java

Since OpenMeetings relies on Java, it requires the Java Runtime Environment (JRE). Begin by downloading the latest Oracle SE JDK 8 RPM package, which contains both JRE and JDK.

wget --header 'Cookie: oraclelicense=a' http://download.oracle.com/otn-pub/java/jdk/8u161-b12/2f38c3b165be4555a1fa6e98c45e0808/jdk-8u161-linux-x64.rpm

Proceed to install the downloaded RPM package:

sudo rpm -Uvh jdk-8u161-linux-x64.rpm

After successful installation, verify the Java version:

java -version

You should observe an output similar to:

[user@centron~]$ java -version
java version "1.8.0_161"
Java(TM) SE Runtime Environment (build 1.8.0_161-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.161-b12, mixed mode)

Before moving forward, set up the JAVA_HOME and JRE_HOME environment variables. Locate the Java executable’s absolute path:

readlink -f $(which java)

The output should resemble:

[user@centron~]$ readlink -f $(which java)
/usr/java/jdk1.8.0_161/jre/bin/java

Configure the JAVA_HOME and JRE_HOME variables based on the Java installation path:

echo "export JAVA_HOME=/usr/java/jdk1.8.0_161" >> ~/.bash_profile
echo "export JRE_HOME=/usr/java/jdk1.8.0_161/jre" >> ~/.bash_profile

Activate the profile to apply the changes:

source ~/.bash_profile

Finally, verify the JAVA_HOME variable:

[user@centron~]$ echo $JAVA_HOME
/usr/java/jdk1.8.0_161

Install Required Dependencies

Begin by installing the ImageMagick and GhostScript libraries:

sudo yum -y install epel-release
sudo yum -y install ImageMagick ghostscript

ImageMagick allows uploading and importing images onto the whiteboard, while GhostScript provides functionality to upload PDF files onto it.

After installation, confirm that ImageMagick and GhostScript are properly installed by checking their versions:

[user@centron~]$ identify -version
Version: ImageMagick 6.7.8-9 2016-06-16 Q16 http://www.imagemagick.org
Copyright: Copyright (C) 1999-2012 ImageMagick Studio LLC
Features: OpenMP

[user@centron ~]$ ghostscript -v
GPL Ghostscript 9.07 (2013-02-14)
Copyright (C) 2012 Artifex Software, Inc. All rights reserved.

Additionally, you must install either Apache OpenOffice or LibreOffice. This enables OpenMeetings to import documents in formats like .doc, .docx, .ppt, .pptx, and .xls. In this guide, Apache OpenOffice will be installed.

Navigate to the temporary directory and download the Apache OpenOffice RPM package:

cd /tmp
wget https://downloads.sourceforge.net/project/openofficeorg.mirror/4.1.5/binaries/en-US/Apache_OpenOffice_4.1.5_Linux_x86-64_install-rpm_en-US.tar.gz

Extract the downloaded archive and install all RPM packages:

tar xf Apache_OpenOffice_4.1.5_Linux_x86-64_install-rpm_en-US.tar.gz
cd en-US/RPMS
sudo rpm -Uvh *.rpm
sudo rpm -Uvh desktop-integration/openoffice4.1.5-redhat-menus-*.rpm

To verify OpenOffice installation and functionality, run:

[user@centron~]$ openoffice4 -h
OpenOffice 4.1.5 415m1(Build:9789)
Usage: soffice [options] [documents...]
Options:
  -minimized  keep startup bitmap minimized.
...

Install FFmpeg and SoX

Install the RPMFusion repository, which provides precompiled packages for FFmpeg and Sound eXchange (SoX):

sudo rpm -Uvh https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm

Now install FFmpeg and SoX:

sudo yum -y install ffmpeg sox

FFmpeg and SoX are essential for recording meetings and importing media files like .avi, .flv, .mov, and .mp4 into the whiteboard. Verify their installation by checking their versions:

[user@centron~]$ sox --version
sox: SoX v14.4.1

[user@centron~]$ ffmpeg -version
ffmpeg version 2.8.13 Copyright (c) 2000-2017 the FFmpeg developers
built with gcc 4.8.5 (GCC) 20150623 (Red Hat 4.8.5-11)

Install and Configure PostgreSQL for OpenMeetings

OpenMeetings can work with several types of database servers, including MySQL, PostgreSQL, Apache Derby, and Oracle. In this guide, PostgreSQL will be used as the database server for OpenMeetings.

PostgreSQL is a powerful object-relational database system recognized for its performance and reliability. Since CentOS’s default repository provides an outdated PostgreSQL version, add the official PostgreSQL repository to your system to access the latest version:

sudo yum -y install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-centos10-10-1.noarch.rpm

Install the PostgreSQL server and its additional packages:

sudo yum -y install postgresql10-server postgresql10-contrib postgresql10

Initialize the database cluster:

sudo /usr/pgsql-10/bin/postgresql-10-setup initdb

Start the PostgreSQL server and configure it to launch automatically at system boot:

sudo systemctl start postgresql-10
sudo systemctl enable postgresql-10

Change the password for the default PostgreSQL user:

sudo passwd postgres

Switch to the PostgreSQL user account:

sudo su - postgres

Create a new PostgreSQL user specifically for OpenMeetings:

createuser openmeetings

(You can substitute openmeetings with any preferred username.) Access the PostgreSQL shell:

psql

Assign a secure password to the newly created user:

ALTER USER openmeetings WITH ENCRYPTED password 'DBPassword';

Remember to replace DBPassword with a strong, secure password.

Now, create a new database for OpenMeetings and assign ownership to the new user:

CREATE DATABASE openmeetings OWNER openmeetings;

Exit the PostgreSQL shell:

\q

Return to the sudo user environment:

exit

Modify the pg_hba.conf file to activate MD5-based authentication:

sudo nano /var/lib/pgsql/10/data/pg_hba.conf

Locate the following lines and update the METHOD column from ident to md5:

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     peer

# IPv4 local connections:
host    all             all             127.0.0.1/32            md5

# IPv6 local connections:
host    all             all             ::1/128                 md5

Save the changes and close the editor. Restart the PostgreSQL service to apply the new settings:

sudo systemctl restart postgresql-10

Install and Configure Apache OpenMeetings

With all required dependencies in place, proceed to create a dedicated user account for OpenMeetings. Running OpenMeetings under a non-root user enhances the server’s security:

sudo adduser -b /var -s /sbin/nologin openmeetings

This command also creates the home directory /var/openmeetings for the OpenMeetings user.

Visit the Apache OpenMeetings download page to get the latest release link. Download the archive file:

cd /tmp
wget http://www-us.apache.org/dist/openmeetings/4.0.1/bin/apache-openmeetings-4.0.1.tar.gz

Extract the downloaded archive into the OpenMeetings user’s directory:

sudo tar xf apache-openmeetings-4.0.1.tar.gz -C /var/openmeetings

Assign ownership of the extracted files to the OpenMeetings user:

sudo chown -R openmeetings:openmeetings /var/openmeetings

Adjust Firewall Rules

Before starting OpenMeetings, update the firewall settings to permit access on ports 5080 and 1935:

sudo firewall-cmd --zone=public --permanent --add-port=5080/tcp
sudo firewall-cmd --zone=public --permanent --add-port=1935/tcp
sudo firewall-cmd --reload

Start Apache OpenMeetings

Launch the OpenMeetings application using the following command:

sudo su -s /bin/bash -c 'cd /var/openmeetings/ && sh red5.sh' openmeetings

Open your web browser and navigate to:

http://192.168.1.1:5080/openmeetings

You should see the welcome page providing installation instructions for GhostScript.

Since GhostScript has already been installed earlier, proceed to the next step. You will be asked to supply your database details. Select PostgreSql as the database type and enter the credentials you configured previously.

Click the “Check” button to validate your settings. A successful connection will show the message: “Database check was successful.”

Configure OpenMeetings Installation

Enter your administrator account details and a group name in the respective fields. Next, define the basic configuration options, including:

• Enabling or disabling self-registration.
• Email address verification settings.
• Selecting a default language for the platform.

Additionally, input your SMTP server details. If you do not have an SMTP server available at this point, you can configure it later through the administrator dashboard.

When prompted for the binary paths of external tools, set the paths as follows:

• /usr/bin for ImageMagick, FFmpeg, and SoX binaries.
• /opt/openoffice4 for OpenOffice binaries.

If any errors occur regarding binary paths, use the following command to find the correct path:

which <binary_name>

For example:

which ffmpeg

should output:

/usr/bin/ffmpeg

In the subsequent configuration step, you can skip making additional adjustments since the default values will suffice.

Finally, click the “Finish” button to complete the installation and write the database.

Post-Installation Steps

Apache OpenMeetings is now successfully installed on your server. For a more production-ready setup, the next steps involve configuring Systemd to manage the OpenMeetings service and setting up Nginx with Let’s Encrypt SSL as a secure reverse proxy for the application.

Configure Systemd for Apache OpenMeetings

Although OpenMeetings can be manually started and stopped, setting up a Systemd service is highly recommended. It ensures the application automatically starts at boot and restarts after failures.

First, stop the OpenMeetings server either by pressing Ctrl+C or by terminating the OpenMeetings user’s session:

sudo pkill -KILL -u openmeetings

Create a new Systemd unit file for managing the OpenMeetings service:

sudo nano /etc/systemd/system/openmeetings.service

Insert the following content into the file:

[Unit]
Description=OpenMeeting Service
After=network.target

[Service]
Type=simple
User=openmeetings
WorkingDirectory=/var/openmeetings
ExecStart=/var/openmeetings/red5.sh
Restart=always

[Install]
WantedBy=multi-user.target

Start the OpenMeetings service and enable it to launch automatically at startup:

sudo systemctl start openmeetings
sudo systemctl enable openmeetings

Check the service status:

sudo systemctl status openmeetings

Example output:

[root@centron openmeetings]# sudo systemctl status openmeetings
● openmeetings.service - OpenMeeting Service
   Loaded: loaded (/etc/systemd/system/openmeetings.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2018-01-31 15:40:56 UTC; 38s ago
 Main PID: 10522 (java)
   CGroup: /system.slice/openmeetings.service
           └─10522 /bin/java -Dred5.root=/var/openmeetings -Djava.security.debug=failure -Xms256m...

Configure Nginx as SSL Reverse Proxy

By default, OpenMeetings uses port 5080 without encryption, posing a potential security risk. To secure the communication, configure Nginx as a reverse proxy handling HTTPS connections.

Install Nginx:

sudo yum -y install nginx

Start and enable the Nginx service:

sudo systemctl start nginx
sudo systemctl enable nginx

Install Certbot to request SSL certificates from Let’s Encrypt:

sudo yum -y install certbot

Allow HTTP and HTTPS through the firewall:

sudo firewall-cmd --zone=public --add-service=http --permanent
sudo firewall-cmd --zone=public --add-service=https --permanent
sudo firewall-cmd --reload

Ensure the domain is correctly pointed to the server before proceeding. Generate SSL certificates using Certbot:

sudo certbot certonly --webroot -w /usr/share/nginx/html -d meetings.example.com

The certificates will typically be stored at:

• /etc/letsencrypt/live/meetings.example.com/fullchain.pem (SSL certificate)
• /etc/letsencrypt/live/meetings.example.com/privkey.pem (Private key)

Since Let’s Encrypt certificates expire every 90 days, set up a cron job for auto-renewal:

sudo crontab -e

Add the following line to schedule daily checks at 5:30 AM:

30 5 * * * /usr/bin/certbot renew --quiet

Configure Nginx for OpenMeetings

Edit Nginx’s default configuration to remove default_server:

sudo sed -i 's/default_server//g' /etc/nginx/nginx.conf

Create a new configuration file for OpenMeetings:

sudo nano /etc/nginx/conf.d/meetings.example.com.conf

Insert the following content:

server {
    listen 80;
    server_name meetings.example.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443;
    server_name meetings.example.com;

    ssl_certificate /etc/letsencrypt/live/meetings.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/meetings.example.com/privkey.pem;
    ssl on;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    access_log /var/log/nginx/openmeetings.access.log;

    location / {
        proxy_pass http://localhost:5080;
        proxy_set_header host $host;
        proxy_http_version 1.1;
        proxy_set_header upgrade $http_upgrade;
        proxy_set_header connection "upgrade";
    }
}

Check Nginx configuration for errors:

sudo nginx -t

If you see output indicating “syntax is ok” and “test is successful,” restart Nginx:

sudo systemctl restart nginx

Finalize OpenMeetings Configuration

Login to your OpenMeetings administrative dashboard. Navigate to Administration >> Configuration. Find application.base.url and change its value to https://meetings.example.com. Save the changes.

Restart OpenMeetings to apply the new settings:

sudo systemctl restart openmeetings

Now, access your OpenMeetings installation via:

https://meetings.example.com

Apache OpenMeetings is fully installed and secured. You can now invite others and start conducting online meetings.

Conclusion

By following this tutorial, you have successfully installed and configured Apache OpenMeetings on a CentOS 7 server. The application is now secured using Nginx as a reverse proxy with SSL certificates issued by Let’s Encrypt. Systemd has been configured to manage the OpenMeetings service, ensuring reliable startup and recovery. With this setup, you can confidently use OpenMeetings for online conferences, meetings, webinars, and collaborative sessions in a secure environment. Invite your colleagues and start hosting your own web conferences today!