Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente | Prochaine révision Les deux révisions suivantes | ||
welcome:self_hosting:installing_a_server_jitsimeet [2020/07/05 19:24] |
welcome:self_hosting:installing_a_server_jitsimeet [2020/07/05 19:26] 127.0.0.1 modification externe |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
+ | <color # | ||
+ | This server provides you your own system for video conferencing. It should be available at URL " | ||
+ | ====== Installing the container ====== | ||
+ | Installation of a container " | ||
+ | < | ||
+ | # pveam download local debian-10.0-standard_10.0-1_amd64.tar.gz | ||
+ | The template is stored under " | ||
+ | The rest of the installation is done from the GUI.I set 2 Cores and 4GB RAM. \\ | ||
+ | The next step (not mandatory) is to activate SSH on the container (more comfortable than using the Console of the Proxmox). => you knwo what to do.... | ||
+ | ====== Installation of JitsiMeet ====== | ||
+ | Following theses tutos: \\ https:// | ||
+ | https:// | ||
+ | https:// | ||
+ | |||
+ | * The hostname **" | ||
+ | * < | ||
+ | # sed -i ' | ||
+ | # sed -i ' | ||
+ | * no installation of nginx nor apache | ||
+ | * < | ||
+ | # sh -c "echo 'deb https:// | ||
+ | # apt update </ | ||
+ | * < | ||
+ | |||
+ | ====== Settings of the internal network ====== | ||
+ | The jitsi machine must be reachable at ports 80 TCP, 443 TCP and 10000 UDP. \\ | ||
+ | In my case, the container " | ||
+ | My main web server is a Nethserver placed into the DMZ too. The firewall forwards all http/https request to this Nethserver (NAT). | ||
+ | |||
+ | ===== Settings for firewall/ | ||
+ | * port opening and forwarding for 10000 UDP to the jitsi | ||
+ | * into the DNS-resolver: | ||
+ | * jitsi.mydomain.tld => as an alias of the Nethserver | ||
+ | * container-jitsi.mydomain.tld => the IP of the container (I use it for SSH connections with the container) | ||
+ | |||
+ | ===== Settings of the ReverseProxy ===== | ||
+ | The webserver Nethserver acts as [[https:// | ||
+ | This will allows to use the valid SSL certificate of the Nethserver for " | ||
+ | * Get the Letsencrypt certificate covering the subdomain " | ||
+ | * Settings of the ReverseProxy: | ||
+ | * URL: https://IP of the jitsi container | ||
+ | * Certificate SSL/TLS: default | ||
+ | * Accept non valid SSL certificate from the target: ticked | ||
+ | * Forward the name of the host to the target: ticked | ||
+ | |||
+ | |||
+ | ====== Enabling the authentication ====== | ||
+ | Following this tuto: https:// | ||
+ | |||
+ | ====== Settings for using with a dynamic IP====== | ||
+ | __Target:__ the current external IP must be present into the conf file in order that Jitsi runs correctly. \\ | ||
+ | Following steps are therefore necessary by using a dynamic IP: | ||
+ | * a script in order to compare the current external IP with the IP present into the conf file and to replace it if it has changed since last IP-check | ||
+ | * run the script at bootup | ||
+ | * run the script regularly | ||
+ | ===== Finding the current external IP and enter it into the conf file ===== | ||
+ | (this script comes from an internet forum!) | ||
+ | < | ||
+ | < | ||
+ | #!/bin/sh | ||
+ | |||
+ | ### BEGIN INIT INFO | ||
+ | # Provides: | ||
+ | # Required-Start: | ||
+ | # Required-Stop: | ||
+ | # Default-Start: | ||
+ | # Default-Stop: | ||
+ | # Short-Description: | ||
+ | # Description: | ||
+ | ### END INIT INFO | ||
+ | |||
+ | |||
+ | DNSNAME=" | ||
+ | |||
+ | # get the actual IP from the Internet | ||
+ | IPint=$(host -tA $DNSNAME 8.8.8.8 | grep address | cut -d " " -f4 ) | ||
+ | |||
+ | # get the configured IP of Jitsi | ||
+ | IPjitsi=$(grep ' | ||
+ | |||
+ | if [ " | ||
+ | then | ||
+ | echo "IP has not been changed!" | ||
+ | exit 0 | ||
+ | fi | ||
+ | |||
+ | #clear config | ||
+ | sed -i '/ | ||
+ | |||
+ | #get IP and renew line | ||
+ | echo org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=$IPint >> / | ||
+ | |||
+ | #restart services | ||
+ | systemctl restart jicofo | ||
+ | systemctl restart prosody | ||
+ | systemctl restart jitsi-videobridge2 | ||
+ | </ | ||
+ | < | ||
+ | |||
+ | ===== run the script at bootup ===== | ||
+ | Source: https:// | ||
+ | < | ||
+ | # update-rc.d script_IP.sh defaults </ | ||
+ | |||
+ | ===== run the script every hour ===== | ||
+ | < | ||
+ | < | ||
+ | < |