This documentation hasn't been updated in a while. Some information might no longer be valid. You can find the latest version of the upstream documentation at https://jitsi.github.io/handbook/docs/devops-guide/
Jitsi video conferencing stack enables users to create virtual meetings, conferences, and collaboration sessions among other notable use-cases. Jitsi video conferencing stack provides:
* Jitsi Meet (`jitsi-meet`): a web-based client application used by conference participants
* Jitsi Videobridge (`jitsi-videobridge`): a server-side component of the Jitsi stack. Acts as a central hub for video conferences, where participants can join by accessing a uniquely generated conference URL from the server. Jitsi Videobridge conducts negotiation of audio and video streams between conference participants and also provides the necessary infrastructure for seamless experience.
* Webserver configurations (`jitsi-meet-nginx`) and (`jitsi-meet-apache`): components that help serve the Jitsi Meet web client to handle incoming HTTPS requests.
* Configuration for Prosody (`jitsi-meet-prosody`): a server-side component providing user authentication and management, conference room management. Ensures secure communication within Jitsi video conferencing stack.
* Jicofo (`jicofo`): a server-side component for conference management, participant control and media routing.
== Installing Jitsi
The installation instructions are similar to the official Debian/Ubuntu instructions. Notable differences are:
* Slightly different file locations
* The `Jicofo` and `Jitsi Videobridge` components log to `syslog` instead of to their own logfiles.
* The `Jicofo` component runs from a service, not from an `init` script.
.Prerequisites
* Small server, which is accessible from the Internet
* Domain name and an SSL certificate for that domain
.Procedure
. Enable the `jitsi` repository:
+
----
$ sudo dnf copr enable lcts/jitsi
----
. Install the `jitsi` meta package to be able to configure a Jitsi server:
+
----
$ sudo dnf install jitsi
----
+
Alternatively, you can install other packages from the `jitsi` repository:
+
* `jitsi-meet` - the Jitsi Meet web app
* `jitsi-meet-nginx` - Jitsi configuration for NGinx
* `jitsi-meet-apache` -Jitsi configuration for Apache
* `jitsi-meet-prosody` - Jitsi configuration for Prosody
* `jitsi-videobridge` - the Jitsi Videobridge component
* `jicofo` - the Jitsi Conference Focus component
.Additional resources
* After installation, you need to configure all packages before you use them. For more information, see the `/usr/share/doc/<package>/README-fedora.md` file.
* You can report issues with packages at link:https://pagure.io/jitsi-rpm/issues[jitsi-rpm queue].
+
[IMPORTANT]
====
If you encounter problems with software, contact the respective upstream developers.
After installation, you need to perform a few additional configuration steps. The steps consist of replacing various placeholder variables with your values to ensure that Jitsi is correctly configured to work in your specific deployment. The placeholders are identified by underscores for example `\___variableName___`.
In all files, replace `\___jitsiFQDN___` with the fully-qualified domain name of your instance and `\____<component>Secret__` with a strong random password. You need three secrets:
* `\___focusSecret___`
* `\___focusUserSecret___`
* `\___jvbUserSecret___`
You do not need to memorize the secrets. They are only used by different Jitsi components to communicate to each other.
You can find Prosody configuration for Jitsi in the `/etc/prosody/conf.d/jitsi-meet.cfg.lua` file.
.Procedure
. Generate the SSL/TLS certificate for the Jitsi domain:
+
----
$ prosodyctl cert generate __jitsiFQDN__
----
+
You need to replace `\___jitsiFQDN___` with the actual domain name of your Jitsi installation. The generated certificate secures the Jitsi Meet web interface and enables encrypted communication.
. Generate the SSL/TLS certificate for the auth subdomain:
+
----
$ prosodyctl cert generate auth.__jitsiFQDN__
----
+
The `auth` subdomain is typically used for authentication purposes in Jitsi Meet. Replace `\___jitsiFQDN___` with your Jitsi domain name to generate the certificate for the auth subdomain.
. Add the Jitsi domain certificate as a trusted anchor to ensure that it is recognized as a valid certificate by the system:
+
----
$ trust anchor /var/lib/prosody/__jitsiFQDN__
----
+
The certificate file is typically located at `/var/lib/prosody/\___jitsiFQDN___`. Therefore you need to replace `\___jitsiFQDN___` with the actual domain name to specify the correct file path.
. Add the auth subdomain certificate as a trusted anchor:
The certificate file is expected to be located at `/var/lib/prosody/auth.\___jitsiFQDN___`. Replace `\___jitsiFQDN___` with your Jitsi domain name to provide the accurate file path.
. Register a user with the username `focus` in the Prosody XMPP server:
The `focus` user is a special user for Jitsi Meet conference management and coordination. It is responsible for example for creating and controlling conferences. The `auth.\___jitsiFQDN___` portion specifies the domain where the user is registered.
+
Replace `\___jitsiFQDN___` with your Jitsi domain name. The `\___focusUserSecret___` is the password or secret associated with the `focus` user. Replace `\___focusUserSecret___` with a strong and secure password.
. Register a user with the username `jvb` in the Prosody XMPP server:
The `jvb` user is used by Jitsi Videobridge component to handle video streams in Jitsi Meet. The `auth.\___jitsiFQDN___` portion specifies the domain where the user is registered.
+
Replace `\___jitsiFQDN___` with your Jitsi domain name. The `\___jvbUserSecret___` is the password or secret associated with the `jvb` user. Replace `\___jvbUserSecret___` with a strong and secure password.
. Enable and start the prosody service:
+
----
$ sudo systemctl enable --now prosody
----
=== Configuring Jitsi Meet
.Procedure
. Locate the `/etc/jitsi-meet/config.js` configuration file.
. Replace the placeholder variables in `config.js`.
=== Configuring Jitsi webserver
.Prerequisites
* Configure an HTTPS server for `\___jitsiFQDN___`.
.Procedure
* For Apache:
** Replace the placeholders in the `/etc/httpd/conf.d/jitsi-meet.conf` file.
** Restart the `httpd` service:
+
----
$ sudo systemctl restart httpd
----
* For Nginx:
** Replace the placeholders in the `/etc/nginx/conf.d/jitsi-meet.conf` file.
** Restart the `nginx` service:
+
----
$ sudo systemctl restart nginx
----
=== Configuring Jicofo
.Procedure
. Replace the `\___jitsiFQDN___` and `\___focusSecret___` placeholder variables in `/etc/jicofo/config` and `/etc/jicofo/sip-communicator.properties` files.
. Enable and start `jicofo.service`:
+
----
$ sudo systemctl enable --now jicofo.service
----
=== Configuring Jitsi Videobridge
.Prerequsites
* Open the port `10000/udp` if you use Network Address Translation (NAT):
. Install the `jitsi-videobridge-firewalld` package to obtain service definition for `jitsi-videobridge.service`
. Use the service definition to configure `firewalld` to open `10000/udp` for Jitsi Videobridge.
.Procedure
. Replace the `\___jitsiFQDN___` and `\___jvbUserSecret___` placeholders in the `/etc/jitsi-videobridge/jvb.conf` file.
