Jitsi is an open source app for videoconferencing and chat. Works with Windows, Linux, Mac OS X and Android clients.
Droplets created by using this image allow videoconferencing between Windows, Mac, Linux, Android and iOS users, just requiring to open a new browser tab on laptops/desktops or to install the Jitsi app from the Play Store/App Store on mobile.
This is a pre-configured image with pre-configured dependencies. You’ll only need a domain and we provide the scripts for an effortless setup with HTTPS enabled for secure communication with your team.
Package | Version | License |
---|---|---|
Jitsi Server | Latest | Apache 2.0 |
NGINX | 1.18.0 | NGINX License |
Fail2ban | 0.11.2 | GPL-2 |
Click the Deploy to DigitalOcean button to create a Droplet based on this 1-Click App. If you aren’t logged in, this link will prompt you to log in with your DigitalOcean account.
In addition to creating a Droplet from the Jitsi Server 1-Click App using the control panel, you can also use the DigitalOcean API. As an example, to create a 4GB Jitsi Server Droplet in the SFO2 region, you can use the following curl
command. You need to either save your API access token) to an environment variable or substitute it in the command below.
curl -X POST -H 'Content-Type: application/json' \
-H 'Authorization: Bearer '$TOKEN'' -d \
'{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image": "jitsiserver-20-04"}' \
"https://api.digitalocean.com/v2/droplets"
Create a droplet from the image available in the Marketplace.
We recommend using Premium-CPU Optimized Droplets for production deployment. Please review this benchmark analysis and tutorial for running your own performance test and benchmark comparison data.
Before accessing the fresh droplet, add a domain to your project. This is required because most browsers require HTTPS in order to allow you to use the camera and microphone in a website, and it’s not possible to enable HTTPS just with an IP.
Here’s an excellent guide to do that: https://www.digitalocean.com/docs/networking/dns/how-to/add-domains/.
It is mandatory to add an A record (i.e. jitsi-example.digitalocean.com) pointing to the IP associated with your droplet.
Access the console (i.e via ssh by running ssh root@123.456.789
). We have created a single script to configure Jitsi in a very straightforward way so please follow the instructions displayed in the terminal. During the first boot you’ll be asked to include your domain and your email shall be asked in order to create the HTTPS certificates. You’ll be notified when it’s time to renew the certificates and maintain your website with a secure connection.
Here’s an excellent guide if you have questions with respect to HTTPS and encryption: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04
You can optionally add a password to control who can create a meeting. If you want to restrict that, edit nano /etc/prosody/conf.avail/jitsi-example.digitalocean.com.cfg.lua
. There, look for the line that starts with VirtualHost
, below it, there is a line that says authentication = "anonymous"
, it should be changed to authentication = "internal_plain"
.
After you saved the authentication changes, you can set one or more Jitsi users that will be able to create a meeting after providing a password. This can be configured with the command:
prosodyctl register the-user jitsi-example.digitalocean.com the-password
To allow users entering the videoconferences without providing them the user and password just created, go back to edit /etc/prosody/conf.avail/jitsi-example.digitalocean.com.cfg.lua
and at the end of the file paste these lines:
VirtualHost "guest.jitsi-example.digitalocean.com"
authentication = "anonymous"
c2s_require_encryption = false
Edit /etc/jitsi/meet/jitsi-example.digitalocean.com-config.js
and uncomment the line that says:
// anonymousdomain: 'guest.jitsi-example.digitalocean.com',
Edit /etc/jitsi/jicofo/jicofo.conf
by switching to a configuration like this
jicofo {
xmpp: {
client: {
client-proxy: focus.jitsi-example.digitalocean.com
}
trusted-domains: [ "recorder.`jitsi-example.digitalocean.com`" ]
}
bridge: {
brewery-jid: "JvbBrewery@internal.auth.`jitsi-example.digitalocean.com`"
}
authentication: {
enabled: true
type: XMPP
login-url:jitsi-example.digitalocean.com
}
}
This shall enable users to enter the conference with and URL or the URL and a plain password that can be configured in the browser and is the same for all users. See Jitsi documentation for the details.
Finally restart the services by typing:
systemctl restart {prosody,jicofo,jitsi-videobridge2,nginx}
Connect to the host via the hostname you set up in the earlier. Just open a browser tab and visit jitsi-example.digitalocean.com (i.e. the domain that you previously configured).