How to Lock Add Password Jitsi Meet Server
How to Lock Add Password Jitsi Meet Server with a VPSie
Locking Conference Creation
Tested on Ubuntu 18 (64bit)
In this step, you will configure your Jitsi Meet server to only allow registered users to create conference rooms. The files that you will edit were generated by the installer and are configured with your domain name.
The variable jitsi.your_domain will be used in place of a domain name in the following examples.
(whatever.yourdomain.com)
If not using a sub-domain use: yourdomain.com
First, open /etc/prosody/conf.avail/jitsi.your_domain.cfg.lua with a text editor:
nano /etc/prosody/conf.avail/your_domain.cfg.lua
Copy
Edit this line:/etc/prosody/conf.avail/jitsi.your_domain.cfg.lua
authentication = "anonymous"Copy
To/etc/prosody/conf.avail/jitsi.your_domain.cfg.lua
authentication = "internal_plain"Copy
This configuration tells Jitsi Meet to force username and password authentication before allowing conference room creation by a new visitor.
Then, in the same file, add the following section to the end of the file: /etc/prosody/conf.avail/whatever.yourdomain.cfg.lua
Copy code in the block below and add at the end of your: /etc/prosody/conf.avail/whatever.yourdomain.com.cfg.lua file.
VirtualHost "guest.jitsi.your_domain"
authentication = "anonymous"
c2s_require_encryption = falseCopy
This configuration allows anonymous users to join conference rooms that were created by an authenticated user. However, the guest must have a unique address and an optional password for the room to enter it.
Here, you added guest. to the front of your domain name. For example, the correct name to put here for jitsi.your_domain is guest.jitsi.your_domain. The guest. hostname is only used internally by Jitsi Meet, you will never enter it into a browser or need to create a DNS record for it.
Open another configuration file at /etc/jitsi/meet/jitsi.your_domain-config.js with a text editor:
nano /etc/jitsi/meet/jitsi.your_domain-config.js
Copy
Edit this line:/etc/jitsi/meet/your_domain-config.js
// anonymousdomain: 'guest.jitsi.your_domain',Copy
To:/etc/jitsi/meet/your_domain-config.js
anonymousdomain: 'guest.jitsi.your_domain',Copy
Again, using the guest.jitsi.your_domain hostname that you used previously. This configuration tells Jitsi Meet what internal hostname to use for the un-authenticated guests.
Next, open /etc/jitsi/jicofo/sip-communicator.properties:
nano /etc/jitsi/jicofo/sip-communicator.properties
Copy
And add the following line to complete the configuration changes:/etc/jitsi/jicofo/sip-communicator.properties
org.jitsi.jicofo.auth.URL=XMPP:jitsi.your_domainCopy
This configuration points one of the Jitsi Meet processes to the local server that performs the user authentication that is now required.
Your Jitsi Meet instance is now configured so that only registered users can create conference rooms. After a conference room is created, anyone can join it without needing to be a registered user. All they will need is the unique conference room address and an optional password set by the room’s creator.
Now that Jitsi Meet is configured to require authenticated users for room creation you need to register these users and their passwords. You will use the prosodyctl utility to do this.
Run the following command to add a user to your server:
prosodyctl register user your_domain password
Copy
The user that you add here is not a system user. They will only be able to create a conference room and are not able to log in to your server via SSH.
Finally, restart the Jitsi Meet processes to load the new configuration:
systemctl restart prosody.service
systemctl restart jicofo.service
systemctl restart jitsi-videobridge2.service
Copy
The Jitsi Meet server will now request a username and password with a dialog box when a conference room/meeting is created.
