Install Jitsi Meet on Ubuntu 18.04/20.04 – Self-Hosted Video Conferencing
This tutorial is going to show you how to install Jitsi Meet on Ubuntu 18.04/20.04 server. Jitsi Meet is a free open-source video conferencing software that works on Linux, macOS, Windows, iOS and Android. If you don’t trust Zoom, you can run your own video conferencing platform on your own server.
Features of Jitsi Meet
- Completely free of charge
- Share your computer screen with others.
- The presenter mode allows you to share your screen and camera at the same time, so attendees can see the presenter and their body language throughout the presentation.
- You can share the system audio while sharing your screen.
- You can assign authorized users as moderators. A moderator can mute every participant with one click.
- Communication over the network is encrypted using DTLS-SRTP.
- End to end encryption (work in progress)
- You can set a password for your conference to prevent random strangers coming in.
- Record the meeting/conference and save it to Dropbox.
- Stream to YouTube Live and store the recording on YouTube.
- Android and iOS apps
- Text chatting
- Share text document
- Telephone dial-in to a conference
- Dial-out to a telephone participant
- You can embed a Jits Meet call into any webpage with just a few lines of code.
Requirements of Installing Jitsi Meet on Ubuntu 18.04/20.04
To run Jitsi Meet, you need a server with at least 1GB RAM. You can click this referral link to create an account at Vultr to get $50 free credit (for new users only). Once you have an account at Vultr, install Ubuntu 18.04/20.04 on your server and follow the instructions below. When you have dozens of users, consider upgrading your server hardware. The server should be close to your users, or the delay will be noticiable during online meetings.
You also need a domain name. I registered my domain name at NameCheap because the price is low and they give whois privacy protection free for life.
Step 1: Install Jitsi Meet from the Official Package Repository
Jitsi Meet isn’t included in the default Ubuntu repository. We can install it from the official Jitsi package repository, which also contains several other useful software packages. Log into your server via SSH, then run the following command to add the official Jitsi repository.
echo 'deb https://download.jitsi.org stable/' | sudo tee /etc/apt/sources.list.d/jitsi-stable.list
Import the Jitsi public key, so the APT package manager can verifiy the integrity of packages downloaded from this repository.
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -
Because the Jitsi repository requires HTTPS connection so we need to install apt-transport-https package to make APT establish HTTPS connection to the Jitsi repository.
sudo apt install apt-transport-https
Next, update local package index and install Jitsi Meet on Ubuntu.
sudo apt update sudo apt install jitsi-meet
During the installation, you need to enter a hostname for your Jitsi instance. This is the hostname that will appear in the web browser address bar when attendees join your video conference. You can use a descriptive hostname like meet.example.com.
In the next screen, you can choose to generate a new self-signed TLS certificate, so later you can obtain and install a trusted Let’s Encryption certificate.
The installation process will configure some Linux kernel parameters, which is saved to the /etc/sysctl.d/20-jvb-udp-buffers.conf file. Once the installation is complete, Jitsi Meet will automatically start. You can check its status with:
systemctl status jitsi-videobridge2
Sample Output:
● jitsi-videobridge2.service - Jitsi Videobridge Loaded: loaded (/lib/systemd/system/jitsi-videobridge2.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2020-04-24 12:11:13 UTC; 3min 27s ago Main PID: 3665 (java) Tasks: 37 (limit: 65000) CGroup: /system.slice/jitsi-videobridge2.service └─3665 java -Xmx3072m -XX:+UseConcMarkSweepGC -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi -Dnet.java.sip.communicator.SC_HO
Hint: If the above command doesn’t quit immediately, you can press the Q key to make it quit.
The jitsi-meet package also pulled other packages as dependencies, such as
- openjdk-8-jre-headless: Java runtime environment. It’s needed because Jitsi Meet is written in the Java language.
- jicofo: Jitsi conference Focus (
systemctl status jicofo) - prosody: Lightweight Jabber/XMPP server (
systemctl status prosody) - coturn: TURN and STUN server for VoIP (
systemctl status coturn)
Step 2: Open Ports in Firewall
Jitsi Meet listens on several UDP ports, as can be seen with the following command. (If your Ubuntu server doesn’t have the netstat command, you can run sudo apt install net-tools command to install it.)
sudo netstat -lnptu | grep java
To allow attendees to join a video conference from a web browser, you need to open TCP port 80 and 443. And to transfer video over the network, open UDP port 10000 and 5000. If you are using the UFW firewall, then run the following command to open these ports.
sudo ufw allow 80,443/tcp sudo ufw allow 10000,5000/udp
Step 3: Obtain a Trusted Let’s Encrypt TLS Certificate
Go to your DNS hosting service (usually your domain registrar) to create DNS A record for your Jitsi hostname (meet.example.com). Then run the following script to obtain a trusted Let’s Encrypt TLS certificate:
sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
Enter your email address to receive important account notifications. Then it will download certbot and obtain TLS certificate.
If everything is Ok, you will see the following message, indicating the TLS certificates has been successfully obtained and installed.
Note that this script uses the http-01 challenge, which means your Apache or Nginx web server needs to listen on port 80 of the public IP address. If your server environment doesn’t support the http-01 challenge, then you should not run the above script. You need to use other challenge types. In my case, I use the DNS challenge.
sudo certbot --agree-tos -a dns-cloudflare -i nginx --redirect --hsts --staple-ocsp --email [email protected] -d meet.linuxbabe.com
Where:
--agree-tos: Agree to terms of service.-a dns-cloudflare: I use the cloudflare DNS plugin to authenticate, because I use Cloudflare DNS service.-i nginx: Use the nginx plugin to install the TLS certificate. If you use Apache, you need to replacenginxwithapache.--redirect: Force HTTPS by 301 redirect.--hsts: Add the Strict-Transport-Security header to every HTTP response. Forcing browser to always use TLS for the domain. Defends against SSL/TLS Stripping.--staple-ocsp: Enables OCSP Stapling. A valid OCSP response is stapled to the certificate that the server offers during TLS.
Step 4: Enable HTTP2
HTTP2 can improve web page loading speed. To enable HTTP2 in Nginx, edit the virtual host config file.
sudo nano /etc/nginx/sites-enabled/meet.example.com.conf
Find the following two lines.
listen 443 ssl; listen [::]:443 ssl;
Add http2 at the end of each line.
listen 443 ssl http2; listen [::]:443 ssl http2;
Save and close the file. Then reload Nginx for the change to take effect.
sudo systemctl reload nginx
Step 5: Start a New Online Meeting
Now visit https://meet.example.com and you will be able to start a conference. To transfer audio, you need to allow the web browser to use your microphone. And to tranfer video, you need to allow the web browser to access your camera.
Give your meeting a name and click the Go button. After the meeting is started, you can optionally choose to set a password for your meeting.
Step 6: Set Up User Authentication
By default, anyone can go to your Jitsi Meet instance, create a room and start a meeting. To set up user authentication, edit the Prosody configuration file.
sudo nano /etc/prosody/conf.d/meet.example.com.cfg.lua
Find the following line.
authentication = "anonymous"
Change it to the following, which will require the user to enter username and password to start a conference.
authentication = "internal_plain"
However, we don’t want attendees to enter username and password when joining the conference, so we need to create an anonymous login for guests, by adding the following lines at the end of this file. Note that you don’t need to create DNS A record for guest.meet.example.com.
VirtualHost "guest.meet.example.com"
authentication = "anonymous"
c2s_require_encryption = false
Save and close the file. Next, edit the Jitsi Meet configuration file.
sudo nano /etc/jitsi/meet/meet.example.com-config.js
Find the following line,
// anonymousdomain: 'guest.example.com',
Remove the double slashes and change the guest domain. Replace meet.example.com with your real Jitsi Meet hostname.
anonymousdomain: 'guest.meet.example.com',
Save and close the file.
Then edit the Jicofo configuration file.
sudo nano /etc/jitsi/jicofo/sip-communicator.properties
Add the following line at the end of this file.
org.jitsi.jicofo.auth.URL=XMPP:meet.example.com
Save and close the file. Restart the systemd services for the changes to take effect.
sudo systemctl restart jitsi-videobridge2 prosody jicofo
To create user accounts in Jisi Meet, run the following command. You will be promoted to enter a password for the new user.
sudo prosodyctl register username meet.example.com
Now if you create a room in Jitsi Meet, you will need to enter a username and password.
Troubleshooting Tips
If you encounter errors, you can check the Nginx error log (/var/log/nginx/error.log) to find out what’s wrong. Also check the logs of the systemd services.
sudo journalctl -eu jitsi-videobridge2 sudo journalctl -eu prosody sudo journalctl -eu jicofo
If you see the “You have been disconnected” error when starting a meeting in Jitsi, it might be that you forgot to change meet.example.com to your real Jitsi Meet hostname in the configuration files.
Optional: Set Up Jigasi For Telephone Dial-in or Dial-Out
Jitsi offers a telephony interface that allows users to dial into a conference or place dial-out reminder calls. Install the jigasi package (Jitsi gateway for SIP).
sudo apt install jigasi
During the installation, you will need to enter your SIP username and password. If you don’t have one, you can create a free SIP account at OnSIP.com.
If you have set up user authentication in step 6, then you need to edit Jigasi configuration file.
sudo nano /etc/jitsi/jigasi/sip-communicator.properties
Find the following lines.
# org.jitsi.jigasi.xmpp.acc.USER_ID=SOME_USER@SOME_DOMAIN # org.jitsi.jigasi.xmpp.acc.PASS=SOME_PASS # org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
Uncomment them and enter an account and password that you created in step 6.
org.jitsi.jigasi.xmpp.acc.USER_ID=[email protected] org.jitsi.jigasi.xmpp.acc.PASS=user1_password org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
Save and close the file. Restart the jigasi systemd service.
sudo systemctl restart jigasi
Optional: Configure Coturn
If you see the following message during the installation of Jitsi Meet, you need to configure Coturn to make it work properly.
Warning! Could not resolve your external ip address! Error:^ Your turn server will not work till you edit your /etc/turnserver.conf config file. You need to set your external ip address in external-ip and restart coturn service.
Edit the Coturn configuration file.
sudo nano /etc/turnserver.conf
Find the following line.
external-ip=127.0.0.1
Replace 127.0.0.1 with your server’s public IP address. Save and close the file. Then restart Coturn.
sudo systemctl restart coturn
Wrapping Up
I hope this tutorial helped you set up a Jitsi Meet server on Ubuntu 18.04/20.04. As always, if you found this post useful, then subscribe to our free newsletter to get new tutorials. Take care 🙂
Indeed an useful tutorial for work from home.
Thx for auth!!! U best!
Very interesting article… thanks!
Thank you! This is much better than the installation instructions on the Jitsi Debian page.
Thank you!
Can I do a clean install, I had installed using the quick install instruction but it does not seem to work when I launched the jitsi page and clicked go, the page showed error stated “this is disconnected, will try again…”
I did used your page to do some correction and but the page still not working, I used Nginx as web server and also use NoIP as my DNS service.
You can purge your Jitsi installation with the following command.
Then install Jitsi again by following the instructions on this page. Be sure to enter a hostname when it asks you to. You need to create the same hostname in your NoIP account. If you are behind a NAT, you need to configure port forwarding for these ports:
You also need to edit the following file if you are behind NAT.
Add the following lines in the file.
Save and close the file. Then restart Jitsi.
Hi Xiao
Thanks for your reply, I will try to do this again and should I purge Nginx’s config file just to be sure all are clean install? Do I need to enter the local address 127.0.0.1 of the local machine and do I use domain name for the public ip address, since the isp not assigning static ip, i used ddns service from NoIP to bridge the server.
Yes, purge your Nginx configs.
For the local IP address, enter the LAN IP address, not the 127.0.0.1 address.
You should create a hostname in your NoIP account and enter this hostname for the public IP address.
Hi Xiao
I followed the instruction after the letsencrypt installed I used your suggestion as the following “sudo certbot –agree-tos -a dns-noip -i nginx –redirect –hsts –staple-ocsp –email [email protected] -d vmeet.ddns.net”
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The requested dns-noip plugin does not appear to be installed
Is the dns-noip the same as DUC, if yes, I installed it, should i run the DUC?
You can use the script to obtain Let’s Encrypt certificate. There’s no certbot DNS plugin for NoIP, you can’t use my method.
What’s DUC?
DUC is dynamic update client reside in the local machine for NoIP to talk to.
I did follow your suggestion and it showed the welcome page.
However, I am not sure the following:
Do I need to grant permission on the server machine Mic, and camera?
I am not planning to use this machine as participant but act as the bridge for multiple clients within seven to 10 conference rooms.
I am wondering if i dont grant mic and camera permission to the server, will it not working, at the moment, it is disconnecting and try to reconnect again.
I using my mobile phone to enter into the site, it seems to allow me in but the circle is spinning but also stating that i am the only one in the room..
I have not yet set up the user / pw installation due to these issues, thank you for taking time out to help me, BTW, this server is going to be installed in a senior care home (non profit government funded facility) because our residents are not receiving visiting from their family members (Almost 2 months now) , this Jitsi-Meet can sure will help them, I am setting the unit up with a HD camera and wireless bridge to a small web enable PC HDMI to a large monitor LED TV, welcome suggestion for this set up.
You only need to grant mic and camera if you are a participant.
Hi Xiao,
Thanks and will try this, btw, can you tell me how to check the error for page disconnection,
I have the welcome page display, but when I click on the go tap after created room, no prompt of user name and PW showed but the error of page disconnection showed instead.
You can check the Nginx error log (/var/log/nginx/error.log).
You can also check the logs of the systemd services.
Hi Xiao,
thanks for the howto. I have prosody installed, and so, jitsi-meet-prosody fails to install.
Any hint?
TIA
Hi Xiao
Also the section of add user, “prosodyctl register username meet.example.com”
Can I add more than one user here for different rooms represent different floors?
(i.e register MunroEast our domain.com?)
(i.e register MunroWest our domain.com?)
and so on …
Do I need to do this same command line for each one of the user added ?
The intention of the question is to allow each of the added user to maintain its integrity of the call and the visitor know the designation of the invite.
Another issue I encountered during this installation, is when I sent the invite using messaging text, my service provider rejected the short sms and blocked it, do you know if this happened to other jitsi-meet installers?
Thanks again
I am wondering if I am entered the right value in the area you suggested?
1. Do I need to insert the on each end of the value in local_address and public_address?
2. I used ddns / vmeet.ddns.net as public address or I must enter the IP assigned by ISP?
See the following:
Can you make a tutorial about Jibri to record Jitsi automatically. thx
Does Jitsi only work with a fresh install of Ubuntu? I have an install- LAMP with Webmin- and I cannot get Jitsi to work at all. After some tweaking, including moving Webmin to another port, I am able to get the Jitsi head to show up and a gradient background, but nothing functional. Is there a way to get it to work like this or do I need a fresh install?
BTW, thank you so much for these tutorials, the are great!
Hello, first of all, congratulations on your article, very useful and easy to understand.
I have installed it in a VM in Proxmox, and I have an NGINX proxy reverse, with which I manage all the certificates.
I have tried this NGINX configuration from the official page
https://github.com/jitsi/jitsi-meet/blob/master/doc/debian/jitsi-meet/jitsi-meet.example#L29
but I always get the same error.
Can you tell me where the error is, thanks in advance.
Could provide a tutorial to use as recordings and transmissions via jibri – I was stuck here – modprobe snd_aloop
modprobe: FATAL: Module snd_aloop not found in the /lib/modules/5.3.0-1022 directory
Following this tutorial. https://nerdonthestreet.com/wiki?find=Set+Up+Jibri+for+Jitsi+Recording%3Aslash%3AStreaming
My Jitsi works, but just for one person. The problem seems to belong to the media server (Prosody and RMS for Dolphin before).? Does anyone have an idea/ similar experience?
https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker#jitsi-broadcasting-infrastructure-jibri-configuration do this first
Hi Xiao, thanks a lot for this tutorial.
Can you make a tutorial for Jibri please.
And maybe, how can we do from Jitsi+Jibri an HA service?
Thank you so much
Hi Xiao, Thanks for the valuable tutorial
Can you tell me how I can add user authentication while creating a room? And other Can I use LDAP authentication as an authentication method than an internal user. How?
Great write up, thank you for that. I got everything up and working but am falling a bit short on the dial in part with the SIP. I have my own Pbx and it is registered I’m just not sure where/how I’m supposed to configure.
Thanks for your tutorial.
I could successfully install the Letsencrypt Certificate. However, when i go to ssllabs, it gives me a B Certificate. I followed your instructions from your other tutorial but I still can’t get an A Certificate.
These are the errors I get
1. HTTP status code Request failed
2. Safari 6 / iOS 6.0.1 Server sent fatal alert: handshake_failure
Safari 7 / iOS 7.1 R Server sent fatal alert: handshake_failure
Safari 7 / OS X 10.9 R Server sent fatal alert: handshake_failure
Safari 8 / iOS 8.4 R Server sent fatal alert: handshake_failure
Safari 8 / OS X 10.10 R Server sent fatal alert: handshake_failure
How do I fix these issues?
I get an A+ score with the default configuration.
Here are some tips to get A+ score.
1.) Enable TLS 1.3 in your web server and disable TLS 1.0 and TLS 1.1
2.) Enable HSTS for your site.
3.) Add DNS CAA record to your domain.
How to install and configure jitsi meet wih latest prosody 0.11 if we use jitsi repo we will get 0.10 .
I have tried by installing prosody first and jitsi after that but application wont work and meeting disconnects frequently.
Please suggest
Thank you in advance.
I want to ask you about changing the text in homepage and logo, What do I have to do?
Hire a developer.