Set Up a Secure Jitsi Meet Video Conferencing Server
Jitsi Meet is an open-source video conferencing platform that offers advanced features, including excellent audio quality, robust encryption and privacy settings, and support across multiple platforms. With Jitsi Meet, you can effortlessly deploy your own professional-grade video conferencing system.
Manual Installation Guide
Follow the instructions below to manually install a Jitsi Meet server on your infrastructure.
Prerequisites
- An Ubuntu 20.04 LTS x64 server installation.
- At least 2 GB of memory is suggested for optimal performance, ideally on a high-performance compute instance.
- A non-root user with sudo privileges.
- A Fully Qualified Domain Name (FQDN) pointing to your server’s IP address.
Example Configuration
- Hostname:
jitsi - FQDN:
jitsi.example.com - IP Address:
192.0.2.123
Create a Swap Partition
For systems with 2 GB of RAM, creating a 2 GB (2048 MB) swap partition can enhance performance. Adjust the swap size according to your needs.
$ sudo dd if=/dev/zero of=/swapfile count=2048 bs=1M
$ sudo chmod 600 /swapfile
$ sudo mkswap /swapfile
$ sudo swapon /swapfile
$ echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
$ free -m
Set the Hostname and FQDN
Before generating an HTTPS certificate with Let’s Encrypt, ensure your server hostname and Fully Qualified Domain Name (FQDN) are properly configured. For example, use the hostname jitsi and the domain name jitsi.example.com.
Configure Firewall Rules for Jitsi Meet
To allow necessary traffic for Jitsi Meet, configure your firewall to permit OpenSSH, HTTP, HTTPS, and incoming UDP packets on ports 10000 through 20000.
$ sudo ufw allow OpenSSH
$ sudo ufw allow http
$ sudo ufw allow https
$ sudo ufw allow in 10000:20000/udp
$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
When prompted, type Y and press Enter to continue.
Update the System
It is recommended to update your Ubuntu system to ensure the latest security patches and performance improvements are applied.
Install OpenJDK Java Runtime Environment (JRE) 8
Jitsi requires Java Runtime Environment (JRE). Install OpenJDK 8 and verify the installation as follows:
$ sudo apt install -y openjdk-8-jre-headless
$ java -version
openjdk version "1.8.0_252"
OpenJDK Runtime Environment (build 1.8.0_252-8u252-b09-1ubuntu1-b09)
OpenJDK 64-Bit Server VM (build 25.252-b09, mixed mode)
Set the JAVA_HOME environment variable:
$ echo "JAVA_HOME=$(readlink -f /usr/bin/java | sed "s:bin/java::")" | sudo tee -a /etc/profile
$ source /etc/profile
Install the Nginx Web Server
Jitsi works efficiently with Nginx, which is automatically configured if installed in advance.
$ sudo apt install -y nginx
$ sudo systemctl start nginx.service
$ sudo systemctl enable nginx.service
Install Jitsi Meet
Proceed to install Jitsi Meet from the official Jitsi repository.
$ wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -
$ echo "deb https://download.jitsi.org stable/" | sudo tee -a /etc/apt/sources.list.d/jitsi-stable.list
$ sudo apt update
$ sudo apt install -y jitsi-meet
During the installation process, you’ll be asked to provide your server’s fully-qualified domain name (FQDN). Input the domain such as jitsi.example.com.
When prompted about SSL setup, choose the option to generate a new self-signed certificate.
Install Let’s Encrypt SSL Certificate
Use the following script to obtain a Let’s Encrypt SSL certificate for your Jitsi Meet installation:
$ sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
The script will ask for your email address. Enter the email and press Enter:
Enter your email and press [ENTER]: admin@example.com
Fix certbot-auto Error
If you encounter the following error message during SSL certificate setup:
Package python-virtualenv is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or is only available from another source.E: Package ‘python-virtualenv’ has no installation candidate
You can resolve this by applying a workaround.
Install Certbot from the Ubuntu Repository
Install certbot using the default Ubuntu 20.04 repository:
$ sudo apt install certbot
Modify the Jitsi Script
Update the SSL installation script to use certbot instead of the deprecated certbot-auto:
$ sudo sed -i 's/\.\/certbot-auto/certbot/g' /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
Next, create a symbolic link for the script, since the script expects certbot to be located in /usr/sbin, while Ubuntu installs it in /usr/bin:
$ sudo ln -s /usr/bin/certbot /usr/sbin/certbot
Now rerun the SSL certificate installation script:
$ sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
Start a Meeting
Once the installation is complete and SSL is configured, you can access your video conferencing service by visiting the domain in a web browser, for example:
Conclusion
By following this guide, you have successfully set up a secure and feature-rich Jitsi Meet server. Your installation supports HTTPS, is optimized with a properly configured firewall, and includes a fully functioning web interface for video conferencing. This setup allows you to host reliable and private meetings with full control over your infrastructure.
