loader

Categories

One click apps (20 Articles)

Tutorials about the VPSie app templates

How To’s (168 Articles)

In this category goes all How To’s related to VPSie

PCS( 5 Articles)

Tutorials about different scenarios configuring VPSie private cloud
Feb 17, 2021

How to Lock Add Password Jitsi Meet Server

How to Lock Add Password Jitsi Meet Server with a VPSie

Locking Conference Creation

Tested on Ubuntu 18 (64bit)

In this step, you will configure your Jitsi Meet server to only allow registered users to create conference rooms. The files that you will edit were generated by the installer and are configured with your domain name.

Jitsi

The variable jitsi.your_domain will be used in place of a domain name in the following examples.

(whatever.yourdomain.com)

If not using a sub-domain use: yourdomain.com

First, open /etc/prosody/conf.avail/jitsi.your_domain.cfg.lua with a text editor:

nano /etc/prosody/conf.avail/your_domain.cfg.lua

 Copy

Edit this line:/etc/prosody/conf.avail/jitsi.your_domain.cfg.lua

authentication = "anonymous"

 Copy

To/etc/prosody/conf.avail/jitsi.your_domain.cfg.lua

authentication = "internal_plain"

 Copy

This configuration tells Jitsi Meet to force username and password authentication before allowing conference room creation by a new visitor.

Then, in the same file, add the following section to the end of the file: /etc/prosody/conf.avail/whatever.yourdomain.cfg.lua

Copy code in the block below and add at the end of your: /etc/prosody/conf.avail/whatever.yourdomain.com.cfg.lua file.

VirtualHost "guest.jitsi.your_domain"
    authentication = "anonymous"
    c2s_require_encryption = false

 Copy

This configuration allows anonymous users to join conference rooms that were created by an authenticated user. However, the guest must have a unique address and an optional password for the room to enter it.

Here, you added guest. to the front of your domain name. For example, the correct name to put here for jitsi.your_domain is guest.jitsi.your_domain. The guest. hostname is only used internally by Jitsi Meet, you will never enter it into a browser or need to create a DNS record for it.

Open another configuration file at /etc/jitsi/meet/jitsi.your_domain-config.js with a text editor:

nano /etc/jitsi/meet/jitsi.your_domain-config.js

 Copy

Edit this line:/etc/jitsi/meet/your_domain-config.js

// anonymousdomain: 'guest.jitsi.your_domain',

 Copy

To:/etc/jitsi/meet/your_domain-config.js

anonymousdomain: 'guest.jitsi.your_domain',

 Copy

Again, using the guest.jitsi.your_domain hostname that you used previously. This configuration tells Jitsi Meet what internal hostname to use for the un-authenticated guests.

Next, open /etc/jitsi/jicofo/sip-communicator.properties:

nano /etc/jitsi/jicofo/sip-communicator.properties

 Copy

And add the following line to complete the configuration changes:/etc/jitsi/jicofo/sip-communicator.properties

org.jitsi.jicofo.auth.URL=XMPP:jitsi.your_domain

 Copy

This configuration points one of the Jitsi Meet processes to the local server that performs the user authentication that is now required.

Your Jitsi Meet instance is now configured so that only registered users can create conference rooms. After a conference room is created, anyone can join it without needing to be a registered user. All they will need is the unique conference room address and an optional password set by the room’s creator.

Now that Jitsi Meet is configured to require authenticated users for room creation you need to register these users and their passwords. You will use the prosodyctl utility to do this.

Run the following command to add a user to your server:

prosodyctl register user your_domain password

 Copy

The user that you add here is not a system user. They will only be able to create a conference room and are not able to log in to your server via SSH.

Finally, restart the Jitsi Meet processes to load the new configuration:

systemctl restart prosody.service
systemctl restart jicofo.service
systemctl restart jitsi-videobridge2.service

 Copy

The Jitsi Meet server will now request a username and password with a dialog box when a conference room/meeting is created.