This document provides step-to-step guide on how to install Jitsi Meeting on Debian Operation System
- Debian OS 9 (Skretch) or Later
- A Domain name pointing to your server (e.g. meeting.yourdomain.com)
Step 1. Set domain name
Go to your domain name host, and DNS provider, add an A DNS record pointing to your EC2 public IP.
Step 2. Set hostname on server
SSH on to your EC2 server, edit the following files to include your domain name e.g.
First edit the
/etc/hostname file to ensure the domain
meeting.yourdomain.com is included
Then, edit the
Once this is set, you should be able to ping the hostname on the server.
Step 3. Open ports in your firewall
Go to AWS Console, and go to the security group associated with your EC2 instance. Add the following rules to the SG:
- 80 TCP
- 443 TCP
- 10000 UDP
Step 4. Install Jitsi Meet
Add the Jitsi package library
Run following command as super user.
If you hit an error like
gnupg, gnupg2 and gnupg1 do not seem to be installed, you will need to install
apt-get install gnupg2. Then you can add the key after that.
During the installation, you will be asked to enter the hostname of the Jitsi Meet instance. If you have a Domain name in Step 1, enter it there. If you don't have a resolvable hostname, you can enter the IP address of the machine (if it is static or doesn't change).
This hostname (or IP address) will be used for virtualhost configuration inside the Jitsi Meet and also, you and your correspondents will be using it to access the web conferences.
Install SSL Certificate
During the installation you will be asked to install a SSL Certificate. If you don't have a SSL cerificate for domain, and your DNS is set in step 1, select the Generate a new self-signed certificate option. Otherwise, you can install a SSL certificate manually later.
Once the installation is complete, Jitsi is up and running on the server
Confirm that your installation is working
Jitsi Aws Software
Launch a web browser (Chrome, Chromium or latest Opera) and enter the hostname
meeting.yourdomain.com or IP address from the previous step into the address bar.
If you used a self-signed certificate (as opposed to using Let's Encrypt), your web browser will ask you to confirm that you trust the certificate.
You should see a web page prompting you to create a new meeting. Make sure that you can successfully create a meeting and that other participants are able to join the session.
If this all worked, then congratulations! You have an operational Jitsi conference service.
Step 5. Secure conference creation using username and password
Once Jsiti is up and running on the server, you will have the following configuration files.
Change Prosody configuration
Edit the Prosody configuration file
/etc/prosody/conf.avail/meeting.yourdomain.com.cfg.luaa. Enable authentication for your main hostname
b. Add new virtual host with anonymous login method for guests: (note you don't need to setup DNS for the guest.meeting.yourdomain.com domain)
Change Meet Config
Edit the following file
/etc/jitsi/meet/meeting.yourdomain.com-config.js. Uncomment out the following two lines, and make sure the domain name is replace with your own domain, e.g.
Change SIP-Communicator properties
/etc/jitsi/jicofo/sip-communicator.properties fileAdd the
org.jitsi.jicofo.auth.URL=XMPP:meeting.yourdomain.com to the file
Jitsi Aws Cost
Step 6. Create an user for meeting
Restart the service and Done
Even before COVID-19, most of us were in need for some kind of conference solution. Some use proprietary ones like Google Hangouts, Zoom or one of the other popular ones out there.
But if you are in tightly-regulated industry or just want to have full control over your data and like to use open-source, then chances are high you already stumbled upon Jitsi Meet.
In this post I describe the process to setup a fully-functional Jitsi-Meet instance on AWS (+ Terraform code!)
- Jitsi Meet (Ubuntu 18.04)
- Terraform code available (>= 0.12 / HCL2)
- Authentication (Users need to be authenticated to create new conferences) + Guest access (can only join existing conferences)
- LetsEncrypt certificate for HTTPS
- Collaborative working on a shared document during Jitsi conference (etherpad-lite)
- SQL Database for Jitsi authorized accounts
- Aurora Serverless (MySQL)
- Scale down to 0 to reduce costs
- ASG notifications (+ SNS Topic)
- CloudWatch Logs (+ CloudWatch Agent)
- Route53 Public & Private records
- OPTIONAL: Cross-Account for Public & Private records
- Allow SSH by workstation IPv4 (can be disabled)
- Add other allowed IPv4 CIDRs for SSH
- Restrict Jitsi access CIDRs (Default: not restricted)
- Clone the git repository
git clone https://github.com/hajowieland/terraform-aws-jitsi.git
- Create a
terraform.tfvarsand fill in the below variables as key = value one per line
- If your Route53 Public & Private Hosted Zones are in the same AWS Account as where you want to deploy Jitsi, it’s just this:
|public_subnet_ids||Public Subnet IDs||list(string)|
|public_zone_id||Public Zone ID||string|
|private_zone_id||Private Zone ID||string|
Of course you can use it as Terraform module, too:
Here I show you the process of manually setting up Jitsi-Meet on AWS on a single EC2 instance. For a production-ready solution, please use the Terraform code above !)
It shows how the important steps of the EC2 Userdata in the Terraform code work.
- EC2 Instance with Ubuntu 18.04
- You can connect to the instance with SSH
- MySQL / PostgreSQL database
Raise system limits
Jitsi needs increased files and process limits, so we set them in systemd:
Update System, install Jitsi
During install you get ask these two questions:
- Hostname: Set to the desired FQDN for your Jitsi instance (e.g.: meet.example.com)
- Certificate: Choose
Generate a new self-signed certificate(we will get a LetsEncrypt certificate later)
Now export the Hostname as environment variable which we will use in the next steps (replace with the FQDN you configured during install):
Now we are going to install etherpad-lite, which is integrated in Jitsi-Meet and allows us to collaboratively work together on a shared document during conferences.
Download node, clone etherpad-lite git repository and add a etherpad-lite system user:
To enable etherpad-lite at startup and be controlled by systemd, create a systemd unit file and enable the service:
You can check if everything is working with:
Enable ethterpad in Meet
The Meet component needs to know that it can now use Ethterpad:
To allow users to be created and stored in an SQL database, configure Prosody (the XMPP component of Jitsi) to use the database instead of local filestore:
Now fill in the MySQL / PostgreSQL credentials of your database (database name, user, password and host)
Prosody initially used to local filestore for the focus and jvb users, we need them to be converted to our SQL backend.
We can use Prosody Migrator for this task. First we createa Migrator config (fill in your Database data like in the previous step):
And then we migrate the local filestore to the SQL database:
Larkspur cove is friendly in our digital library an online entry to it is set as public for that reason you can download it instantly. Our digital library saves in merged countries, allowing you to acquire the most less latency era to download any of our books past this one. Larkspur cove pdf free download full. Larkspur Cove PDF book by Lisa Wingate Read Online or Free Download in ePUB, PDF or MOBI eBooks. Published in December 30th 2010 the book become immediate popular and critical acclaim in christian fiction, romance books. The main characters of Larkspur Cove novel are John, Emma.
By default, no authentication is set which means every (unauthenticated!) user can create new conferences (and if you have a public Jitsi instance, this means everyone).
This exposes Jitsi to various spam/flood attacks and the Jitsi instance may be used for unintended purposes.
So we definitely need to set up authentication. In the previous step we configured the database backend for the internal Jitsi users and our authenticated users we can add later.
In Jitsi Meet and Prosody we set up a guest domain:
In Jicofo (the focus component), we configure the XMPP auth url so it connects to XMPP (= Prosody) for authentication:
Finally we configure nginx for etherpad-lite and for a seperate interface configuration.
The latter allows us for example to modify the visible Toolbar Buttons (
TOOLBAR_BUTTONS) in Jitsi.
We use a seperate config file for this so it does not get overwritten by a Jitsi update.
As a last step we request a LetsEncrypt certificate. Luckily, Jitsi already provides us with a handy script:
(You get asked for an email adress).
All necessary configuration and auto-renewal (cronjob) will be configured by the script 👍
Now restart all services and then you are ready to use your shiny new Jitsi-Meet instance 👏
Add authenticated users
If you visit Jitsi-Meet with your browser and create a new conference, you have to authenticate as host:
New users can be created in Prosody via
Now try right away to log in with this new user and voilâ –> Now you can invite guests to your conference (they do not have to authenticate - but can only conferences with are created by authenticated users).
To collaborate together on a shared document:
If you encounter any problems or have some ideas on how to enhance the IaC code ➡️ please let me know!
I would be very happy to see some Pull Requests on GitHub for the Terraform code of this blog post: