Jitsi Meet
Jitsi Meet is a fully encrypted, open source video conferencing solution.
You can create a cloud server with a ready-made Jitsi Meet application.
Create a cloud server with Jitsi Meet
You can create a cloud server with Jitsi Meet:
- with access from the Internet. To do this, you need to create a private subnet and connect a public IP address — you can do this when creating the server. After the server is created, a free license will be automatically released TLS Certificate from Let's Encrypt® for the domain you specify. To issue a certificate, you must add an A record for the domain and specify the public IP address of the server in the record value. The domain can be add to Selectel DNS hosting (actual);
- on a private subnet without access from the Internet. After the server is created, a TLS certificate from Let's Encrypt® will not be issued, but you can independently add a user certificate.
To configure Jitsi Meet when creating a server, you need to specify user data — custom configuration settings for the server operating system.
For a server with access from the Internet, you will need to configure mandatory authorization and create users with the ability to create a conference. For a server on a private subnet, authorization can be disabled — access to Jitsi Meet will be possible domain name.
-
В control panels go to Cloud platform → Servers.
-
Click Create a server.
-
In the block Name and location:
3.1 In the field Name enter the server name. This will be set as the host name in the operating system.
3.2 In the fields Region и Poole select region and pool segment The pool segment determines the list of available server configurations and the cost of resources. The list of available server configurations and the cost of resources depends on the pool segment. Once the server is created, the pool segment cannot be changed.
-
In the block Source select the source from which the server will be created.
Click on the default source name, open the tab Appendicesselect
Jitsi <version>
and press Select. -
In the block Configuration select server configuration from 4 vCPUs, RAM from 8 GB and boot disk size from 10 GB:
- fixed configuration — rulers in which the ratio of resources is fixed;
- or arbitrary configuration, where any resource ratio can be specified.
The configurations use different processors depending on the lineup and pool segment.
5.1. To select a fixed configuration, press FixedOpen the tab with the desired ruler and select the configuration.
5.2 To select an arbitrary configuration, press Arbitrary, specify the number of vCPUs and the size of RAM.
5.3. To select the following as the server boot disk local disk and check the box Local SSD NVMe disk. To select a boot disk as the boot disk network disk don't check the box.
The amount of RAM that is allocated to the server may be less than specified in the configuration — the operating system kernel reserves some RAM depending on the kernel version and distribution. You can check the allocated amount on the server using the command
sudo dmesg | grep Memory
.Once the server is created, you can reconfigure.
-
If you have not checked the checkbox Local SSD NVMe disk in step 5.3, the first specified network disk will be used as the server boot disk. In the block Disks:
6.1 In the field Disk type select network boot disk type.
6.2 Specify the size of the network boot disk in GB or TB. Take into account network disk limits to the maximum size.
-
Optional: add additional network drives of the server. In the block Disks:
7.1 In the field Disk type select network drive type.
7.2 Specify the size of the network disk in GB or TB. Take into account network disk limits to the maximum size.
7.3 To add another additional drive, press AddSelect the type of disk and specify its size.
Once the server is created, you can disconnect additional disks from it or connect new ones.
-
In the block Network:
-
To create a private subnet with access from the Internet and a static public IP address, in the field Subnetwork select Private + 1 public IP. A private network will be automatically created
nat
, private subnet, router.router-nat
and a public IP address.If a private subnet and a cloud router connected to an external network are created, in the field Subnetwork select Private + 1 public IPin the field Private subnet select the created subnet, in the Private IP specify the private IP address of the server. If a public IP address is created, click Connect existing and select a public IP address;
-
To create a private subnet without access from the Internet, in the field Subnetwork select Private. Optional: change the default network settings by entering the following in the field CIDR subnets Specify the CIDR of the subnet, turn the toggle switch on or off DHCPin the field Gateway Specify the IP address of the default gateway, in the field A sub-network will be established on the network select New network and enter the name of the network.
If a private subnet is created, in the field Subnetwork select an existing subnet and in the Private IP specify the private IP address of the server.
-
-
In the block Access:
9.1 Place on the server SSH key for the project for a secure connection.
To add a new SSH key for a project to the cloud platform, click Add an SSH keyenter the key name, insert the public SSH key in OpenSSH format, and then click Add.
If an SSH key is added to the cloud platform, in the field SSH key select an existing key.
The SSH key is only available in the pool in which it is hosted.
9.2 Optionally: in the field Password for "root" copy the user's password
root
(a user with unlimited rights to all system operations). Save the password in a safe place and do not share it in public. -
In the block Additional settings:
10.1 Optionally: if you plan to create multiple servers and want to increase the fault tolerance of your infrastructure, add a server in the placement group. To create a new group, press Create a group, enter a group name, and select a policy for hosting on different hosts:
- preferably soft-anti-affinity. The system will try to place servers on different hosts. If there is no suitable host when creating a server, it will be created on the same host;
- anti-affinity is mandatory. Servers in a group must be located on different hosts. If there is no suitable host when creating a server, the server will not be created.
If the group is created, in the field Accommodation group select a placement group.
10.2 Optional: add tags servers to add additional information or filter the servers in the list. Operating system and configuration tags are automatically added. To add a new tag, in the Tags enter tag.
-
In the block Automation in the field User data insert a script that will be executed when the system boots:
Creating a server with access from the Internet
Creating a server without access from the Internet
#cloud-config
write_files:
- path: "/opt/gomplate/values/user-values.yml"
permissions: "0644"
content: |
jitsi_HTTP_PORT: "80"
jitsi_HTTPS_PORT: "443"
jitsi_TZ: "<time_zone>"
jitsi_PUBLIC_URL: "<jitsi_meet_public_url>"
jitsi_IP: "<public_ip_address>"
jitsi_ENABLE_HTTP_REDIRECT: "1"
letsencrypt:
enable: true
letsencryptDomain: "<example.com>"
letsencryptEmail: "<root@example.com>"
auth:
enable: trueSpecify:
<time_zone>
— time zone, e.g.UTC
;<jitsi_meet_public_url>
— public URL of Jitsi Meet in the formathttps://jitsi.example.com
;<public_ip_address>
— the public IP address that you specified in step 8. You can look in control panels under Cloud platform → Network → tab Public IP addresses;letsencrypt: enable: true
— parameter to automatically issue a TLS certificate from Let's Encrypt®;<example.com>
— domain to access Jitsi Meet. For the domain, you need to add an A record and specify the public IP address you specified in step 8 in the record value. If the domain added to Selectel DNS hosting (actual) use the instruction manual. Add a resource record. After the server is created, a TLS certificate from Let's Encrypt® will be automatically issued for the domain;<root@example.com>
— Jitsi Meet administrator email to create an account and receive Let's Encrypt® notifications;auth: enable: true
— parameter to enable mandatory authorization for conference creation.
#cloud-config
write_files:
- path: "/opt/gomplate/values/user-values.yml"
permissions: "0644"
content: |
jitsi_HTTP_PORT: "80"
jitsi_HTTPS_PORT: "443"
jitsi_TZ: "<time_zone>"
jitsi_PUBLIC_URL: "<jitsi_meet_private_url>"
jitsi_IP: "<private_ip_address>"
jitsi_ENABLE_HTTP_REDIRECT: "1"
letsencrypt:
enable: falseSpecify:
<time_zone>
— time zone, e.g.UTC
;<jitsi_meet_private_url>
— Jitsi Meet private URL in the format ofhttps://meet.local
;<private_ip_address>
— the private IP address you specified in step 8. You can look in control panels under Cloud platform → Network → tab Private networks;letsencrypt: enable: false
— parameter indicates that a TLS certificate from Let's Encrypt® will not be issued. You can add a user certificate.
-
Check the price of the cloud server.
-
Click Create.
Create a user with the ability to create a conference
If the cloud server with Jitsi Meet has access from the internet, create users who can create video conferences.
-
Log in as a user
root
. -
Create a user with the ability to create a conference:
docker exec jitsi-prosody-1 prosodyctl --config /config/prosody.cfg.lua register <username> meet.jitsi <password>
Specify:
<username>
— the login of the new user;<password>
— the password of the new user.
Access Jitsi Meet
If the cloud server with Jitsi Meet does not have access from the internet, you can access Jitsi Meet by domain name. To do this:
- create an A-record on the local DNS server for the private URL of Jitsi Meet in the following format
https://meet.local
; - or add an A-record to the file
hosts
on the clients.
Add a custom certificate
A cloud server with Jitsi Meet can be added to the cloud server with Jitsi Meet user certificate.
- If you use a full certificate chain and a private key in the format of
.pem
rename them tocert.crt
иcert.key
. - Connect to the cloud server.
- Log in as a user
root
. - Copy the files
cert.crt
иcert.key
in the folder/opt/jitsi/data/.jitsi-meet-cfg/web/keys
- Perform a program reset of the cloud server.