Set up and configure a self hosted private jitsi server with docker-compose.
Table Of Contents
The Goal
The goal is to create a jitsi server on which meetings can only be created by users registered by the server administrator. Also the possibility should exist that other users can join your meeting via a weblink. In addition, an etherpad will be included to share documents during a meeting.
Getting started
The following programs are required for an easy setup:
And That’s it. If you need to install the programs then run
sudo apt update
sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
sudo apt update
sudo apt install docker-ce docker-compose git
for debian based distributions and
sudo pacman -S docker docker-compose git
for arch linux.
Step-by-step setup
This guide is based on the official jitsi git repository. Here we will go into more detail about the individual steps to build a private server with user authentication.
Cloning the git repository
Simply change to the home directory and execute:
cd $HOME && git clone https://github.com/jitsi/docker-jitsi-meet && cd docker-jitsi-meet
Generate a .env file with strong passwords
To do this, copy the file env.example to .env:
cp env.example .env
Afterwards the script gen-passwords.sh generates strong passwords, these are not valid for the users:
./gen-passwords.sh
Then edit the .env file with the text editor of your choice. I use nano because there are only small changes:
nano .env
Now uncomment the following lines by deleting the “#” symbols in front of them: (If you also want to have a let's encrypt certificate then either use a reverse proxy or rent a domain and add it to the .env file. This is not required, but recommended.)
ETHERPAD_URL_BASE=http://etherpad.meet.jitsi:9001
ENABLE_AUTH=1
ENABLE_GUESTS=1
AUTH_TYPE=internal
Warning: If the .env file is changed, then all the following steps must be repeated!
Create the storage folders
To save files the following folders must be created:
mkdir -p ~/.jitsi-meet-cfg/{web/letsencrypt,transcripts,prosody,jicofo,jvb,jigasi,jibri}
The folder ~/.jitsi-meet-cfg should now look like this:
ls ~/.jitsi-meet-cfg
jibri jicofo jigasi jvb prosody transcripts web
Run docker-compose
the last task the docker containers have to be started:
docker-compose -f docker-compose.yml -f etherpad.yml up -d
There should be a similar ouput like this:
Creating network "docker-jitsi-meet_meet.jitsi" with the default driver
Creating docker-jitsi-meet_web_1 ... done
Creating docker-jitsi-meet_prosody_1 ... done
Creating docker-jitsi-meet_etherpad_1 ... done
Creating docker-jitsi-meet_jvb_1 ... done
Creating docker-jitsi-meet_jicofo_1 ... done
Register a user
After the containers have been statet, a user can be registered. For this purpose a command is executed in the prosody container. The placeholders USER and PASSWORD should be replaced because they are the username and password for the user you want to create. Note that the command produces no output.
docker-compose exec prosody prosodyctl --config /config/prosody.cfg.lua register USER meet.jitsi PASSWORD
Repeat this step for multiple users, with different usernames.
Testing jitsi
Jitsi is now fully configured and can be used at https://IPADDRESS:8443. You can ignore the certificate error message, because there is no valid ssl certificate. It is no longer possible to create a meeting room on your jitsi server as a user without an account. Only a user with an registered account can create a meeting room and invite other users to join. The etherpad can be found in jitsi under open a shared document.
If you need help, feel free to contact me on twitter.
Things to do after installation
Look at lets encrypt to get a valid ssl certificate. If you want to host more webservices on your server then look up how to configure and use a reverse proxy.