Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente | Révision précédente | ||
welcome:self_hosting:installing_a_server_jitsimeet [2020/05/05 19:14] |
welcome:self_hosting:installing_a_server_jitsimeet [2023/09/21 16:54] (Version actuelle) arnaud [Enabling the authentication] |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
+ | <color # | ||
+ | This server provides you your own system for video conferencing. It should be available at URL " | ||
+ | The server is a LCX contaienr running on Proxmox. It is placed behind an OPNSense which works as a reverse proxy (HAProxy).\\ | ||
+ | The conf of OPNSense (incl. DNS etc...) is out of the scope of this tuto.\\ | ||
+ | The jitsi machine must be reachable at ports 80 TCP, 443 TCP and 10000 UDP. \\ | ||
+ | ====== Installing the container ====== | ||
+ | Installation of a container " | ||
+ | The next step (not mandatory) is to activate SSH on the container (more comfortable than using the Console of the Proxmox). => you know what to do.... \\ | ||
+ | |||
+ | ===== Installing nginx ===== | ||
+ | < | ||
+ | No config needed. | ||
+ | |||
+ | |||
+ | ====== Installation of JitsiMeet ====== | ||
+ | Following this tuto: https:// | ||
+ | * The hostname **" | ||
+ | |||
+ | * < | ||
+ | # apt-add-repository universe | ||
+ | # apt update | ||
+ | |||
+ | # curl -sL https:// | ||
+ | # echo "deb [signed-by=/ | ||
+ | # apt install lua5.2 | ||
+ | |||
+ | # curl -sL https:// | ||
+ | # echo "deb [signed-by=/ | ||
+ | |||
+ | # apt-get update | ||
+ | | ||
+ | # apt install jitsi-meet </ | ||
+ | During the installation let Jitsi generate a self signed cert. \\ | ||
+ | Reboot and " | ||
+ | | ||
+ | |||
+ | |||
+ | ====== Settings behind a NAT and for using with a dynamic IP====== | ||
+ | ===== NAT ===== | ||
+ | The following extra lines need to be added to the file ''/ | ||
+ | |||
+ | < | ||
+ | # org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES | ||
+ | |||
+ | org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=< | ||
+ | |||
+ | ===== dynamic IP ===== | ||
+ | __Target:__ the current external IP must be present into the conf file in order that Jitsi runs correctly. \\ | ||
+ | Following steps are therefore necessary by using a dynamic IP: | ||
+ | * a script in order to compare the current external IP with the IP present into the conf file and to replace it if it has changed since last IP-check | ||
+ | * run the script at bootup | ||
+ | * run the script regularly | ||
+ | | ||
+ | ==== Finding the current external IP and enter it into the conf file ==== | ||
+ | (this script comes from an internet forum... and is modified!) | ||
+ | < | ||
+ | < | ||
+ | #!/bin/sh | ||
+ | |||
+ | ### BEGIN INIT INFO | ||
+ | # Provides: | ||
+ | # Required-Start: | ||
+ | # Required-Stop: | ||
+ | # Default-Start: | ||
+ | # Default-Stop: | ||
+ | # Short-Description: | ||
+ | # Description: | ||
+ | ### END INIT INFO | ||
+ | |||
+ | |||
+ | DNSNAME=" | ||
+ | |||
+ | # get the actual IP from the Internet | ||
+ | IPint=$(curl ifcfg.me) | ||
+ | |||
+ | # get the configured IP of Jitsi | ||
+ | IPjitsi=$(grep ' | ||
+ | |||
+ | if [ " | ||
+ | then | ||
+ | echo "IP has not been changed!" | ||
+ | exit 0 | ||
+ | fi | ||
+ | |||
+ | #clear config | ||
+ | sed -i '/ | ||
+ | |||
+ | #get IP and renew line | ||
+ | echo org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=$IPint >> / | ||
+ | |||
+ | #restart services | ||
+ | systemctl restart jicofo | ||
+ | systemctl restart prosody | ||
+ | systemctl restart jitsi-videobridge2 | ||
+ | </ | ||
+ | < | ||
+ | |||
+ | ===== run the script at bootup ===== | ||
+ | Source: https:// | ||
+ | < | ||
+ | # update-rc.d script_IP.sh defaults </ | ||
+ | |||
+ | ===== run the script every hour ===== | ||
+ | < | ||
+ | < | ||
+ | < | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | ====== Enabling the authentication ====== | ||
+ | |||
+ | * into ''/ | ||
+ | authentication = " | ||
+ | |||
+ | ... and add another virtualhost after it: | ||
+ | |||
+ | VirtualHost " | ||
+ | authentication = " | ||
+ | c2s_require_encryption = false | ||
+ | </ | ||
+ | |||
+ | * into ''/ | ||
+ | authentication: | ||
+ | enabled: true | ||
+ | type: XMPP | ||
+ | login-url: jitsi.domain.tld | ||
+ | } </ | ||
+ | |||
+ | * create the authenticated user < | ||
+ | |||
+ | \\ | ||
+ | or follow this tuto: https:// |