Install Jitsi Meet on Ubuntu 20.04 – Self-Hosted Video Conferencing

This tutorial is going to show you how to install Jitsi Meet on Ubuntu 20.04 server. Jitsi Meet is a free open-source video conferencing software that works on Linux, macOS, Windows, iOS and Android. If you don’t trust Zoom, you can run your own video conferencing platform on your own server.

Features of Jitsi Meet

  • Completely free of charge
  • Share your computer screen with others.
  • The presenter mode allows you to share your screen and camera at the same time, so attendees can see the presenter and their body language throughout the presentation.
  • You can share the system audio while sharing your screen.
  • You can assign authorized users as moderators. A moderator can mute every participant with one click.
  • Communication over the network is encrypted using DTLS-SRTP.
  • End to end encryption (work in progress)
  • You can set a password for your conference to prevent random strangers coming in.
  • Record the meeting/conference and save it to Dropbox.
  • Stream to YouTube Live and store the recording on YouTube.
  • Android and iOS apps
  • Text chatting
  • Share text document
  • Telephone dial-in to a conference
  • Dial-out to a telephone participant
  • You can embed a Jits Meet call into any webpage with just a few lines of code.

Requirements of Installing Jitsi Meet on Ubuntu 20.04

To run Jitsi Meet, you need a server with at least 1GB RAM. You can click this referral link to create an account at Vultr to get $50 free credit (for new users only). Once you have an account at Vultr, install Ubuntu 20.04 on your server and follow the instructions below. When you have dozens of users, consider upgrading your server hardware. The server should be close to your users, or the delay will be noticiable during online meetings.

You also need a domain name. I registered my domain name at NameCheap because the price is low and they give whois privacy protection free for life.

Step 1: Install Jitsi Meet from the Official Package Repository

Jitsi Meet isn’t included in the default Ubuntu repository. We can install it from the official Jitsi package repository, which also contains several other useful software packages. Log into your server via SSH, then run the following command to add the official Jitsi repository.

echo 'deb https://download.jitsi.org stable/' | sudo tee /etc/apt/sources.list.d/jitsi-stable.list

Import the Jitsi public key, so the APT package manager can verifiy the integrity of packages downloaded from this repository.

wget -qO -  https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -

Because the Jitsi repository requires HTTPS connection so we need to install apt-transport-https package to make APT establish HTTPS connection to the Jitsi repository.

sudo apt install apt-transport-https

Next, update local package index and install Jitsi Meet on Ubuntu.

sudo apt update 
sudo apt install jitsi-meet

During the installation, you need to enter a hostname for your Jitsi instance. This is the hostname that will appear in the web browser address bar when attendees join your video conference. You can use a descriptive hostname like meet.example.com.

install-jitsi-meet-on-ubuntu-20.04

In the next screen, you can choose to generate a new self-signed TLS certificate, so later you can obtain and install a trusted Let’s Encryption certificate.

jitsi-meet-web-config-ssl-certificate

The installation process will configure some Linux kernel parameters, which is saved to the /etc/sysctl.d/20-jvb-udp-buffers.conf file. Once the installation is complete, Jitsi Meet will automatically start. You can check its status with:

systemctl status jitsi-videobridge2

Sample Output:

 jitsi-videobridge2.service - Jitsi Videobridge
     Loaded: loaded (/lib/systemd/system/jitsi-videobridge2.service; enabled; vendor preset: enabled)
     Active: active (running) since Sat 2020-04-25 03:07:16 UTC; 8min ago
   Main PID: 3721 (java)
      Tasks: 35 (limit: 65000)
     Memory: 168.5M
     CGroup: /system.slice/jitsi-videobridge2.service
             └─3721 java -Xmx3072m -XX:+UseConcMarkSweepGC -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath>

Hint: If the above command doesn’t quit immediately, you can press the Q key to make it quit.

The jitsi-meet package also pulled other packages as dependencies, such as

  • openjdk-8-jre-headless: Java runtime environment. It’s needed because Jitsi Meet is written in the Java language.
  • jicofo: Jitsi conference Focus (systemctl status jicofo)
  • prosody: Lightweight Jabber/XMPP server (systemctl status prosody)
  • coturn: coturn TURN Server

Step 2: Open Ports in Firewall

Jitsi Meet listens on several UDP ports, as can be seen with the following command. (If your Ubuntu server doesn’t have the netstat command, you can run sudo apt install net-tools command to install it.)

sudo netstat -lnptu | grep java

Jitsi Meet Ubuntu 20.04 listening ports

To allow attendees to join a video conference from a web browser, you need to open TCP port 80 and 443. And to transfer video over the network, open UDP port 10000 and 5000. If you are using the UFW firewall, then run the following command to open these ports.

sudo ufw allow 80,443/tcp

sudo ufw allow 10000,5000/udp

Step 3: Obtain a Trusted Let’s Encrypt TLS Certificate

Go to your DNS hosting service (usually your domain registrar) to create DNS A record for your Jitsi hostname (meet.example.com). Then run the following script to obtain a trusted Let’s Encrypt TLS certificate:

sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

Enter your email address to receive important account notifications. Then it will download certbot-auto and obtain TLS certificate.

jitsi-meet-https-letsencrypt-ubuntu-20.04

If everything is Ok, you will see the following message, indicating the TLS certificates has been successfully obtained and installed.

jitsi meet https letsencrypt

If you are using a clean Ubuntu 20.04 installation (not upgraded from 18.04 or 19.10), you will probably see the following error when obtaining Let’s Encrypt certificate.

Package python-virtualenv is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

E: Package 'python-virtualenv' has no installation candidate

This is due to Ubuntu 20.04 repository doesn’t have the python-virtualenv package. Instead of using the upstream certbot-auto binary to obtain TLS certificate, we can install the certbot package from the Ubuntu 20.04 repository and use it to obtain TLS certificate.

sudo apt install certbot

Next, we need to change instance of certbot-auto to certbot in the script with the following command.

sudo sed -i 's/\.\/certbot-auto/certbot/g' /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

Run the script again, and you should be able to successfully obtain TLS certificate from Let’s Encrypt.

sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

Note that this script uses the http-01 challenge, which means your Apache or Nginx web server needs to listen on port 80 of the public IP address. If your server environment doesn’t support the http-01 challenge, then you should not run the above script. You need to use other challenge types. In my case, I use the DNS challenge.

sudo certbot --agree-tos -a dns-cloudflare -i nginx --redirect --hsts --staple-ocsp --email me@linuxbabe.com -d meet.linuxbabe.com

Where:

  • --agree-tos: Agree to terms of service.
  • -a dns-cloudflare: I use the cloudflare DNS plugin to authenticate, because I use Cloudflare DNS service.
  • -i nginx: Use the nginx plugin to install the TLS certificate. If you use Apache, you need to replace nginx with apache.
  • --redirect: Force HTTPS by 301 redirect.
  • --hsts: Add the Strict-Transport-Security header to every HTTP response. Forcing browser to always use TLS for the domain. Defends against SSL/TLS Stripping.
  • --staple-ocsp: Enables OCSP Stapling. A valid OCSP response is stapled to the certificate that the server offers during TLS.

Step 4: Enable HTTP2

HTTP2 can improve web page loading speed. To enable HTTP2 in Nginx, edit the virtual host config file.

sudo nano /etc/nginx/sites-enabled/meet.example.com.conf

Find the following two lines.

listen 443 ssl;
listen [::]:443 ssl;

Add http2 at the end.

listen 443 ssl http2;
listen [::]:443 ssl http2;

Save and close the file. Then reload Nginx for the change to take effect.

sudo systemctl reload nginx

Step 5: Start a New Online Meeting

Now visit https://meet.example.com and you will be able to start a conference. To transfer audio, you need to allow the web browser to use your microphone. And to tranfer video, you need to allow the web browser to access your camera.

Jitsi meet start a new meeting

Give your meeting a name and click the Go button. After the meeting is started, you can optionally choose to set a password for your meeting.

Step 6: Set Up User Authentication

By default, anyone can go to your Jitsi Meet instance, create a room and start a meeting. To set up user authentication, edit the Prosody configuration file.

sudo nano /etc/prosody/conf.d/meet.example.com.cfg.lua

Find the following line.

authentication = "anonymous"

Change it to the following, which will require the user to enter username and password to start a conference.

authentication = "internal_plain"

However, we don’t want attendees to enter username and password when joining the conference, so we need to create an anonymous login for guests, by adding the following lines at the end of this file. Note that you don’t need to create DNS A record for guest.meet.example.com.

VirtualHost "guest.meet.example.com"
    authentication = "anonymous"
    c2s_require_encryption = false

jitsi meet prosody user authentication

Save and close the file.

Next, edit the Jitsi Meet configuration file.

sudo nano /etc/jitsi/meet/meet.example.com-config.js

Find the following line,

// anonymousdomain: 'guest.example.com',

Remove the double slashes and change the guest domain. Replace meet.example.com with your real Jitsi Meet hostname.

anonymousdomain: 'guest.meet.example.com',

Save and close the file.

Then edit the Jicofo configuration file.

sudo nano /etc/jitsi/jicofo/sip-communicator.properties

Add the following line at the end of this file.

org.jitsi.jicofo.auth.URL=XMPP:meet.example.com

Save and close the file. Restart the systemd services for the changes to take effect.

sudo systemctl restart jitsi-videobridge2 prosody jicofo

To create user accounts in Jisi Meet, run the following command. You will be promoted to enter a password for the new user.

sudo prosodyctl register username meet.example.com

Now if you create a room in Jitsi Meet, you will need to enter a username and password.

jitsi meet user authentication

Optional: Set Up Jigasi For Telephone Dial-in or Dial-Out

Jitsi offers a telephony interface that allows users to dial into a conference or place dial-out reminder calls. Install the jigasi package (Jitsi gateway for SIP).

sudo apt install jigasi

During the installation, you will need to enter your SIP username and password. If you don’t have one, you can create a free SIP account at OnSIP.com.

jitsi meet jigasi SIP gateway

If you have set up user authentication in step 6, then you need to edit Jigasi configuration file.

sudo nano /etc/jitsi/jigasi/sip-communicator.properties

Find the following lines.

# org.jitsi.jigasi.xmpp.acc.USER_ID=SOME_USER@SOME_DOMAIN
# org.jitsi.jigasi.xmpp.acc.PASS=SOME_PASS
# org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false

Uncomment them and enter an account and password that you created in step 6.

org.jitsi.jigasi.xmpp.acc.USER_ID=user1@meet.example.com
org.jitsi.jigasi.xmpp.acc.PASS=user1_password
org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false

Save and close the file. Restart the jigasi systemd service.

sudo systemctl status jigasi

Optional: Configure Coturn

If you see the following message during the installation of Jitsi Meet, you need to configure Coturn to make it work properly.

Warning! Could not resolve your external ip address! Error:^
Your turn server will not work till you edit your /etc/turnserver.conf config file.
You need to set your external ip address in external-ip and restart coturn service.

Edit the Coturn configuration file.

sudo nano /etc/turnserver.conf

Find the following line.

external-ip=127.0.0.1

Replace 127.0.0.1 with your server’s public IP address. Save and close the file. Then restart Coturn.

sudo systemctl restart coturn

Troubleshooting Tips

If you encounter errors, you can check the Nginx error log (/var/log/nginx/error.log) to find out what’s wrong. You can also check the logs of the systemd services.

sudo journalctl -eu jitsi-videobridge2 
sudo journalctl -eu prosody 
sudo journalctl -eu jicofo

Wrapping Up

I hope this tutorial helped you set up a Jitsi Meet server on Ubuntu 20.04. As always, if you found this post useful, then subscribe to our free newsletter to get new tutorials. Take care 🙂

Rate this tutorial
[Total: 7 Average: 5]

22 Responses to “Install Jitsi Meet on Ubuntu 20.04 – Self-Hosted Video Conferencing

  • 😃😃😃❤️❤️❤️👍👍👍

  • MorphZan
    6 months ago

    Thank you for this – worked perfectly and was up and running within 25min or so 🙂

  • So unfortunately I am unable to create my LE certificate. I keep getting 404: Not Found even though nginx is set up appropriately to listen on port 80, ufw is set to allow port 80, and the Digital Ocean firewall is set to allow port 80 as well. ):

    If I type in my jitsi.website.com address into my browser, it does take me to the Jitsi page, but of course only self-signed.

    I configured my server and a Matrix installation using this guide here, for reference: https://matrix.org/blog/2020/04/06/running-your-own-secure-communication-service-with-matrix-and-jitsi

    I’m at a loss for what to do here!

    • Maybe you can use the dns-01 challenge in certbot instead of the default http-01 chenllenge. It’s more reliable in my experience.

      You need to install certbot DNS plugins, depending on which DNS hosting service you are using. You can find available certbot DNS plugins with this command.

      apt search python3-certbot-dns
      

      Sample output:

      python3-certbot-dns-cloudflare/focal,focal,now 0.39.0-1 all [installed]
        Cloudflare DNS plugin for Certbot
      
      python3-certbot-dns-digitalocean/focal,focal 0.23.0-2 all
        DigitalOcean DNS plugin for Certbot
      
      python3-certbot-dns-dnsimple/focal,focal 0.31.0-1 all
        DNSimple DNS plugin for Certbot
      
      python3-certbot-dns-gandi/focal,focal 1.2.5-2 all
        Gandi LiveDNS plugin for Certbot
      
      python3-certbot-dns-gehirn/focal,focal 0.31.0-1 all
        Gehirn DNS plugin for Certbot
      
      python3-certbot-dns-google/focal,focal 0.23.0-2 all
        Google DNS plugin for Certbot
      
      python3-certbot-dns-linode/focal,focal 0.35.1-1 all
        Linode DNS plugin for Certbot
      
      python3-certbot-dns-ovh/focal,focal 0.31.0-1 all
        OVH DNS plugin for Certbot
      
      python3-certbot-dns-rfc2136/focal,focal 0.35.1-1 all
        RFC 2136 DNS plugin for Certbot
      
      python3-certbot-dns-route53/focal,focal 0.35.1-1 all
        Route53 DNS plugin for Certbot
      
      python3-certbot-dns-sakuracloud/focal,focal 0.31.0-1 all
        SakuraCloud DNS plugin for Certbot
      
      

      For example, my DNS zone is hosted by Cloudflare, so I install the cloudflare plugin.

      sudo apt install python3-certbot-dns-cloudflare

      Then I use the following command to obtain and install TLS certificate.

      sudo certbot --agree-tos -a dns-cloudflare -i nginx --redirect --hsts --staple-ocsp --email me@linuxbabe.com -d meet.linuxbabe.com
      • Thank you for this idea! I did try that while reading the article, but my DNS host doesn’t look to have a plugin available.

    • Can you paste the exact certbot error message here when running the script to obtain TLS certificate?

      • –2020-04-29 15:09:28– https://dl.eff.org/certbot
        Resolving dl.eff.org (dl.eff.org)… 151.101.0.201, 151.101.64.201, 151.101.128.201, …
        Connecting to dl.eff.org (dl.eff.org)|151.101.0.201|:443… connected.
        HTTP request sent, awaiting response… 404 Not Found
        2020-04-29 15:09:28 ERROR 404: Not Found.

        I wonder if this is due to the nginx setup I have from the guide I followed in my original comment

    • The upstream certbot binary should be download from https://dl.eff.org/certbot-auto, not https://dl.eff.org/certbot.

      You can also install certbot from Ubuntu 20.04 repository and obtain the certificate yourself I think.

      sudo apt install certbot python3-certbot-nginx
      • Okay, I think we are getting somewhere now. When I changed the download URL, this is what I get now:

        –2020-04-29 15:34:20– https://dl.eff.org/certbot-auto
        Resolving dl.eff.org (dl.eff.org)… 151.101.0.201, 151.101.64.201, 151.101.128.201, …
        Connecting to dl.eff.org (dl.eff.org)|151.101.0.201|:443… connected.
        HTTP request sent, awaiting response… 200 OK
        Length: 80073 (78K) [application/octet-stream]
        Saving to: ‘certbot-auto.1’

        certbot-auto.1 100%[===================>] 78.20K –.-KB/s in 0.001s

        2020-04-29 15:34:20 (83.9 MB/s) – ‘certbot-auto.1’ saved [80073/80073]

        chmod: cannot access ‘./certbot’: No such file or directory

        *****

        I do have certbot installed, so seems like one last hurdle now…

  • Luis Sanhueza
    6 months ago

    Excelent!, thanks!

  • T.Paul Lee
    6 months ago

    Great post just in time for the new 20-04 LTS release.
    Thanks you!
    I benefit a great deal on the optional jigasi package for dial-in and dial-out. I was looking for that how-to all over the places.

  • Hello,
    thank you for the very good how-to!

    I had this as a problem after initialising jigasi:

    “Mai 03 19:28:15 server systemd[1]: /lib/systemd/system/jigasi.service:11: PIDFile= references a path below legacy directory /var/run/, updating /var/run/jigasi/jigasi.pid → /run/jigasi/jigasi.pid; please update the unit file accordingly.”

    To solve this, I replaced every “/var/run” by “/run” in /lib/systemd/system/jigasi.service.

    Hope this helps someone.

    Have a great day!

  • Firstly I would like to thank you for these tips.i hosted jitsi on my premises.and configured Jigasi . I’m using FreePBX for my sip server.FreePBX operator panel shows that sip extension I assign to jigasi is Online.
    but I don’t know how to dial in or dial out with jitsi.
    can you explain it?

  • ricky bayu
    6 months ago

    It’s work, Thank You…

    Now,

    How can we add recording video ?

    How to save record conference on my own computer?

    Thanks for Help…

  • Hi,

    Many thanks for your work !

    Everything is fine, I just have an error in the logs :

    prosody[7578]: portmanager: Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281

    Any hints would be highly apreciated !

    Thanks again

  • hi

    The installation of Jitsi meet is done successfully but wen I invite others to the meeting they cannot see me nor hear me nor see the screen I am sharing.
    Jitsi meet is installed on Ubuntu 16+ (bionic). please let me know how should I proceed on troubleshooting this issue.
    Thanks

    • Cyberian
      5 months ago

      Very similar entry in the log.
      prosody[946]: portmanager: Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281

      Appreciate your suggestions.

  • davidrn9
    5 months ago

    Hi Xiao,
    I have a problem similar to the above. I installed Jitsi Meet on Ubuntu 20.04, as the above tutorial & it worked initially. However when I rebooted the server the next day, it didn’t work & shows no access on Port 80 from another IP.
    I think, using the forums this is because there is no program listening on port 80, so it’s closed and you can’t connect to the machine, & therefore Jitsi.
    They gave the solution for this: run a simple web server listening on port 80,
    something like , sudo python3 SimpleHTTPServer -m 80

    I am a newbie in Linux, but I know that cmd is wrong, there is no SimpleHTTPServer installed in Ubuntu 20.04.
    I would be very grateful if you would correct it, & suggest a suitable simple HTTPServer? Or any other solution, of course.
    Thanks for the tutorial,
    davidrn9

  • Hello, thank you very much for your work. One question. In main subdomain jitsi.example.com works correctly, but in the one I created for guests, guest.jitsi.example.com, the browsers detect an error in the certificate. In fact, when inspecting the certificate, it points to the domain jitsi.example.com but not to the sub-subdomain. Should we run the certbot again for the guest domain and configure it somehow?

  • Seems to fail on ubuntu 20.04 maybe they changed something. The offical instructions are here if anyone wants to try https://jitsi.org/downloads/ubuntu-debian-installations-instructions/

    • I have it up and running on 20.04 without issue so far. Been up for almost 21 hours now. The instructions here were flawless in my experience.

  • Insignia
    4 seconds ago

    This works perfectly. Thanks Linuxbabe for another great tutorial

Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • Please use the community (https://community.linuxbabe.com) for questions unrelated to this article.
  • I don't have time to answer every question. Making a donation would incentivize me to spend more time answering questions.


The maximum upload file size: 2 MB.
You can upload: image.