How to Lock Add Password Jitsi Meet Server with a VPSie
Locking Conference Creation
Tested on Ubuntu 18 (64bit)
In this step, you will configure your Jitsi Meet server to only allow registered users to create conference rooms. The files that you will edit were generated by the installer and are configured with your domain name.
jitsi.your_domain will be used in place of a domain name in the following examples.
If not using a sub-domain use: yourdomain.com
/etc/prosody/conf.avail/jitsi.your_domain.cfg.lua with a text editor:
Edit this line:/etc/prosody/conf.avail/jitsi.your_domain.cfg.lua
authentication = "anonymous"
authentication = "internal_plain"
This configuration tells Jitsi Meet to force username and password authentication before allowing conference room creation by a new visitor.
Then, in the same file, add the following section to the end of the file: /etc/prosody/conf.avail/whatever.yourdomain.cfg.lua
Copy code in the block below and add at the end of your: /etc/prosody/conf.avail/whatever.yourdomain.com.cfg.lua file.
VirtualHost "guest.jitsi.your_domain" authentication = "anonymous" c2s_require_encryption = false
This configuration allows anonymous users to join conference rooms that were created by an authenticated user. However, the guest must have a unique address and an optional password for the room to enter it.
Here, you added
guest. to the front of your domain name. For example, the correct name to put here for
guest. hostname is only used internally by Jitsi Meet, you will never enter it into a browser or need to create a DNS record for it.
Open another configuration file at
/etc/jitsi/meet/jitsi.your_domain-config.js with a text editor:
Edit this line:/etc/jitsi/meet/your_domain-config.js
// anonymousdomain: 'guest.jitsi.your_domain',
Again, using the
guest.jitsi.your_domain hostname that you used previously. This configuration tells Jitsi Meet what internal hostname to use for the un-authenticated guests.
And add the following line to complete the configuration changes:/etc/jitsi/jicofo/sip-communicator.properties
This configuration points one of the Jitsi Meet processes to the local server that performs the user authentication that is now required.
Your Jitsi Meet instance is now configured so that only registered users can create conference rooms. After a conference room is created, anyone can join it without needing to be a registered user. All they will need is the unique conference room address and an optional password set by the room’s creator.
Now that Jitsi Meet is configured to require authenticated users for room creation you need to register these users and their passwords. You will use the
prosodyctl utility to do this.
Run the following command to add a user to your server:
prosodyctl register user your_domain password
The user that you add here is not a system user. They will only be able to create a conference room and are not able to log in to your server via SSH.
Finally, restart the Jitsi Meet processes to load the new configuration:
systemctl restart prosody.service systemctl restart jicofo.service systemctl restart jitsi-videobridge2.service
The Jitsi Meet server will now request a username and password with a dialog box when a conference room/meeting is created.