Meet Jitsi Meet

Jigasi is a server-side application acting as a gateway to Jitsi Meet conferences. It allows regular SIP clients to join meetings and provides transcription capabilities. Sudo apt install jigasi During the installation, you will be asked to enter your SIP account and password. Jitsi Meet is an OpenSource (Apache) WebRTC JavaScript application that uses Jitsi Videobridge to provide high quality, scalable video conferences. You can try it out yourself at This extension provides calendar integrations to schedule meetings for meet.jit.si site.

How to tell if my server instance is behind NAT?

In general, if the tool ifconfig (or ipconfig) shows the assigned IPv4 address to be a private / local address (10.x.x.x, or 172.16.x.x - 172.31.x.x, or 192.168.x.x) but you know that its public IPv4 address is different from that, the server is most probably behind NAT.

If you are hosting your server on a VPS, and you are not sure, ask your VPS provider's support team.

Clients could communicate well in room created at meet.jit.si. The same clients still could connect to my self-hosted instance but can neither hear nor see one another. What's wrong?

Most probably, the server is behind NAT, but you haven't added the NAT-specific configuration. See this resolved question. You need to follow the steps detailed here.

It works with two participants, but crashes or does not work properly when a third joins

P2P mode is working, but it fails when you are trying to pass traffic via jitsi-videobridge2.

Check you've got your firewall / NAT set up correctly — especially UDP 10000. For more information, see here.

Can I mute and unmute other participants?

If you are the moderator of a conference (everyone is a moderator if you are using meet.jit.si), you can mute everyone's microphone. You cannot unmute other people's microphones, and they can unmute their microphone at any time.

You may want to set some 'ground rules' for who can talk and when, just as with any physical meeting or classroom.

If you would like to limit who can become a moderator, you need to set up your own instance of Jitsi and enable 'secure domain'. Please see here for more information.

How can I protect my meetings with Jitsi?

1. Create a 'strong' room name.

Use a strong room name, which no-one else is likely to be using. Use the name generator on the welcome page, or else generate your own 'strong' name.

For example, on macOS, in terminal, you can use uuidgen to generate a string of letters of numbers (e.g. B741B63E-C5E6-4D82-BAC4-048BE25D8CC7).

Your room name would be meet.jit.si/B741B63E-C5E6-4D82-BAC4-048BE25D8CC7 on the hosted meet.jit.si platform.

If you use 'test' or 'LucysMeeting' or 'pilates' or similar, then it's highly likely that other users will have had the same idea.

2. Use a different room name for each meeting / conference you have.

If you are going to have multiple meetings, ideally use a different room name for each one.

If that is not practical, at least use a different room name for each group of people.

3. Add a password to the room.

Once you have started your room, set a password for it. Only people who have the password can join from that point on, but it does not affect people who have already joined.

You will need to tell everyone the password.

If they give the password to others, those other people can also join.

4. Enable 'secure domain' if you are using your own instance of Jitsi.

In addition to the tips above, consider enabling the 'secure domain' configuration. This requires you (or someone else) to enter a username and password to open a room. It also allows you to become a moderator.

It's working when I connect from a browser, but not from the iOS or Android apps

This probably means that you are not serving the fullchain for your TLS certificate. You can check if your cert chainis properly configured here.

In nginx, if you are using Let's Encrypt, you should have a line like this:

ssl_certificate /etc/letsencrypt/live/jitsi.example.com/fullchain.pem;

Can I record and save the video?

Jitsi Meet Online

Yes. There are multiple methods (using external software or services):

Note: If you want to use a privacy-friendly method, use method 1 or 2.

  1. OBS: Use OBS to record your Session (e.g. your browser window).

  2. RTMP-Server: For this you have to setup your own RTMP-Server and then use your RTMP URL + Stream key instead of the Youtube Stream key as described here. Self-installed Jitsi Meet deployments will need to setup Jibri to do this.

  3. Dropbox: Connect to Dropbox with Jitsi Meet and save the video in the Dropbox.

  4. Video Services/Websites: Stream your conference to YouTube or other sites (e.g. Twitch) and access the recording there (see howto). Self-installed Jitsi Meet deployments will need to setup Jibri to do this.

More methods might be implemented in the future, but are not ready yet (e.g. Local Recording.

I set the password in meeting but it is not working the next time

Once the meeting ends it's password also gets removed, so you need to set the password again for next meeting.

How to limit the number of participants?

  1. Use the command prosodytl about to view the version of prosody and plug directory, similar to the output below.
  1. Check if there is a mod_muc_max_occupants.lua file in your plugin directory.
Meet Jitsi Meet

If not, please create a new file mod_muc_max_occupants.lua in the plugin directory And copy everything from here to paste.

If it exists, please ignore this step.

3.Edit your /etc/prosody/conf.avail/meet.example.com.cfg.lua file and add muc_max_occupants as a module_enabled in the conference.meet.example.com 'muc' section.

Then, add the options below that. You need both muc_max_occupants and muc_access_whitelist defined.

Example:

Jitsi Meet Download

Note: the relationship between storage = ' and your prosody version, and you need to modify all storage=' .

  • Prosody nightly747 storage = 'null'
  • Prosody 0.10 storage = 'none'
  • Prosody 0.11 storage = 'memory'
  1. You need to use the command prosodyctl restart to see the effect.

  2. If you want to update to use prosody, you can check here.

Follow these steps for a quick Jitsi-Meet installation on a Debian-based GNU/Linux system.The following distributions are supported out-of-the-box:

  • Debian 9 (Stretch) or newer
  • Ubuntu 18.04 (Bionic Beaver) or newer

Note: Many of the installation steps require root or sudo access.

Required packages and repository updates

You will need the following packages:

  • gnupg2
  • nginx-full
  • sudo # only needed if you use sudo

OpenJDK 8 or OpenJDK 11 must be used.

Make sure your system is up-to-date and required packages are installed:

On Ubuntu systems, Jitsi requires dependencies from Ubuntu's universe package repository. To ensure this is enabled, run this command:

Install Jitsi Meet

Domain of your server and set up DNS

Decide what domain your server will use. For example, meet.example.org.

Set a DNS A record for that domain, using:

  • your server's public IP address, if it has its own public IP; or
  • the public IP address of your router, if your server has a private (RFC1918) IP address (e.g. 192.168.1.2) and connects through your router via Network Address Translation (NAT).

If your computer/server or router has a dynamic IP address (the IP address changes constantly), you can use a dynamic dns-service instead.

Set up the Fully Qualified Domain Name (FQDN) (optional)

If the machine used to host the Jitsi Meet instance has a FQDN (for example meet.example.org) already set up in DNS, you can set it with the following command:

sudo hostnamectl set-hostname meet.example.org

Then add the same FQDN in the /etc/hosts file:

Note: x.x.x.x is your server's public IP address.

Finally on the same machine test that you can ping the FQDN with:

ping '$(hostname)'

If all worked as expected, you should see:meet.example.org

Add the Jitsi package repository

This will add the jitsi repository to your package sources to make the Jitsi Meet packages available.

Setup and configure your firewall

The following ports need to be open in your firewall, to allow traffic to the Jitsi Meet server:

  • 80 TCP - for SSL certificate verification / renewal with Let's Encrypt
  • 443 TCP - for general access to Jitsi Meet
  • 10000 UDP - for general network video/audio communications
  • 22 TCP - if you access you server using SSH (change the port accordingly if it's not 22)
  • 3478 UDP - for quering the stun server (coturn, optional, needs config.js change to enable it)
  • 5349 TCP - for fallback network video/audio communications over TCP (when UDP is blocked for example), served by coturn

If you are using ufw, you can use the following commands:

Check the firewall status with:

Using SSH

For more details on using and hardening SSH access, see the corresponding Debian or Ubuntu documentation.

Jitsi Meet

Forward ports via your router

If you are running Jitsi Meet on a server behind NAT, forward the ports on your router to your server's IP address.

Note: if participants cannot see or hear each other, double check your firewall / NAT rules.

TLS Certificate

In order to have encrypted communications, you need a TLS certificate.

During installation of Jitsi Meet you can choose between different options:

  1. The recommended option is to choose Generate a new self-signed certificate and create a Lets-Encrypt Certificate later (see below) (this will replace the self-signed certificate).

  2. But if you want to use a different certificate or you want to choose a different challenge type of Let's Encrypt (see below for details), you should create that certificate first and then install jitsi-meet and choose I want to use my own certificate.

  3. You could also use the self-signed certificate but this is not recommended for the following reasons:

    • Using a self-signed certificate will result in warnings being shown in your users browsers, because they cannot verify your server's identity.

    • Jiffy lube nearest me. Jitsi Meet mobile apps require a valid certificate signed by a trusted Certificate Authority and will not be able to connect to your server if you choose a self-signed certificate.

Install Jitsi Meet

Note: The installer will check if Nginx or Apache are present (in that order) and configure a virtual host within the web server it finds to serve Jitsi Meet.

If you are already running Nginx on port 443 on the same machine, turnserver configuration will be skipped as it will conflict with your current port 443.

SSL/TLS certificate generation:You will be asked about SSL/TLS certificate generation.See above for details.

Hostname:You will also be asked to enter the hostname of the Jitsi Meet instance. If you have a domain, use the specific domain name, for example:meet.example.org.Alternatively you can enter the IP address of the machine (if it is static or doesn't change).

This hostname will be used for virtualhost configuration inside Jitsi Meet and also, you and your correspondents will be using it to access the web conferences.

Access Control

Jitsi Meet server:Note: By default, anyone who has access to your Jitsi Meet server will be able to start a conference: if your server is open to the world, anyone can have a chat with anyone else.If you want to limit the ability to start a conference to registered users, follow the instructions to set up a secure domain.

Conferences/Rooms:The access control for conferences/rooms is managed in the rooms, you can set a password on the webpage of the specific room after creation.See the User Guide for details: https://jitsi.github.io/handbook/docs/user-guide/user-guide-start-a-jitsi-meeting

Generate a Let's Encrypt certificate (optional, recommended)

In order to have encrypted communications, you need a TLS certificate.

The best method is to create a certificate that is signed by a Certificate Authority.This way you can avoid problems with a self-signed certificate (see above for details).The easiest way is to use Let's Encrypt.

Simply run the following in your shell:

Note that this script uses the HTTP-01 challenge type and thus your instance needs to be accessible from the public internet on both ports 80 and 443. If you want to use a different challenge type, don't use this script and instead choose I want to use my own certificate during jitsi-meet installation.

Advanced configuration

If the installation is on a machine behind NAT jitsi-videobridge should configure itself automatically on boot. If three way calls do not work, further configuration of jitsi-videobridge is needed in order for it to be accessible from outside.

Provided that all required ports are routed (forwarded) to the machine that it runs on. By default these ports are (TCP/443 or TCP/4443 and UDP/10000).

The following extra lines need to be added to the file /etc/jitsi/videobridge/sip-communicator.properties:

And comment the existing org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES.

See the documentation of ice4jfor details.

Systemd/Limits:Default deployments on systems using systemd will have low default values for maximum processes and open files. If the used bridge will expect higher number of participants the default values need to be adjusted (the default values are good for less than 100 participants).

To update the values edit /etc/systemd/system.conf and make sure you have the following values if values are smaller, if not do not update.

To check values just run:

To load the values and check them see below for details.

Systemd details

To reload the systemd changes on a running system execute sudo systemctl daemon-reload and sudo systemctl restart jitsi-videobridge2.To check the tasks part execute sudo systemctl status jitsi-videobridge2 and you should see Tasks: XX (limit: 65000).To check the files and process part execute cat /proc/`cat /var/run/jitsi-videobridge/jitsi-videobridge.pid`/limits and you should see:

Confirm that your installation is working

Launch a web browser (such as Firefox, Chrome or Safari) and enter the hostname or IP address from the previous step into the address bar.

If you used a self-signed certificate (as opposed to using Let's Encrypt), your web browser will ask you to confirm that you trust the certificate. If you are testing from the iOS or Android app, it will probably fail at this point, if you are using a self-signed certificate.

You should see a web page prompting you to create a new meeting.
Make sure that you can successfully create a meeting and that other participants are able to join the session.

If this all worked, then congratulations! You have an operational Jitsi conference service.

Uninstall

Sometimes the following packages will fail to uninstall properly:

  • jigasi
  • jitsi-videobridge

When this happens, just run the uninstall command a second time and it should be ok.

The reason for the failure is that sometimes the uninstall script is faster than the process that stops the daemons. The second run of the uninstall command fixes this, as by then the jigasi or jitsi-videobridge daemons are already stopped.

Debugging problems

Jitsi Meet Download For Windows 10

  • Web Browser:You can try to use a different web browser. Some versions of some browsers are known to have issues with Jitsi Meet.

  • WebRTC, Webcam and Microphone:You can also visit https://test.webrtc.org to test your browser's WebRTC support.

  • Firewall:If participants cannot see or hear each other, double check your firewall / NAT rules.

  • Nginx/Apache:As we prefer the usage of Nginx as webserver, the installer checks first for the presence of Nginx and then for Apache. In case you desperately need to enforce the usage of apache, try pre-setting the variable jitsi-meet/enforce_apache for package jitsi-meet-web-config on debconf.

  • Log files:Take a look at the various log files:

Jitsi Meet App

Additional Functions

Adding sip-gateway to Jitsi Meet

Install Jigasi

Jigasi is a server-side application acting as a gateway to Jitsi Meet conferences. It allows regular SIP clients to join meetings and provides transcription capabilities.

During the installation, you will be asked to enter your SIP account and password. This account will be used to invite the other SIP participants.

Jitsi Meet App

Reload Jitsi Meet

Launch again a browser with the Jitsi Meet URL and you'll see a telephone icon on the right end of the toolbar. Use it to invite SIP accounts to join the current conference.

Enjoy!