Month: April 2020

Posted on

Create your own #Jitsi *and* #XMPP instance

So the best, and quickest, way to get your own Jitsi instance is to follow this instructions:

https://dev.to/noandrea/self-hosted-jitsi-server-with-authentication-ie7

As far as I can tell there is no such easy peasy way to have it running in CentOS, and I won’t be diving into it for the moment although I certainly intend to do so in the future, but I think it’s very much worth it to just build upon those instructions in order to set up (what would seem to me as essential for the free federated communication world) an XMPP instance that already is built-in in your Jitsi server!

  1. If you only want the video conference part, you only need 443/tcp (https) and 10000:20000/udp and you can skip the rest of this blog entry. You don’t need to enable http as it only redirects into https, and if you don’t plan on allowing remote public ssh you don’t have to enable it either. That’s just there as a helpful reminder in case you just created a virtual machine on some VPS provider and so you don’t get locked out by accident;
  2. But if you’d like to have your own instant messaging server, you can additionally follow the instructions below in order to expose Jitsi’s integrated XMPP address as well, and your identity will be your.user@your.jitsi.website

So you start by setting up additional permissions you’ll be needing in order to re-use the same Let’s Encrypt certificate managed by certbot:

cd /etc/letsencrypt/
chmod a+rx live live/*
chmod g+rx archive
chgrp -R ssl-cert archive
chmod g+s archive archive/*
chmod g+r archive/*/*key*pem

You’ll also have to change prosody’s certificates in order to use the correct ones, and then restart it:

cd /etc/prosody/certs
ln -sf your.jitsi.website.crt /etc/letsencrypt/live/your.jitsi.website/fullchain.pem
ln -sf your.jitsi.website.key /etc/letsencrypt/live/your.jitsi.website/privkey.pem
systemctl restart prosody

Finally, you’ll need to open prosody’s port in the firewall as well:

ufw allow 5222/tcp

That’s it. Now you have your Jitsi video conference properly integrated with XMPP/Jabber, neat hey?

PS: Oh, a minor but relevant update… use the following ufw rule rather than the correspondent one in the article above to be able to allow multiple UDP streams for the video conference, as TCP and only one UDP port will be a bit painful…

ufw allow 10000:20000/udp
Posted on

How to connect to a different Jitsi site

So you have now setup your own Jitsi site, or you want to connect to your friend’s Jitsi site. How to do it?

If you’re using a computer, it’s simple: all you need is to type the address of the website and room in your browser’s url bar: https://your.jitsi.website/SomeFancyRoomEatingIcecream

But if this was all to it, then it would be a very boring short blog. 🙂 What about the app?

At least for the Android version, Jitsi Meet doesn’t make it easy to change the server, although it’s quite easy, it could be a lot simpler.

Just press the “menu” button (the three horizontally stacked bars on the top left part of the Jitsi Meet app window):

Choose Settings:

Then choose your display name and, most importantly, the website (without any room reference, just the root):

Done. Now go back and write your desired room name.

That’s it, that’s really just all there is to it.

Now go and have fun. 🙂