ClintonEbadi/JitsiMeet

Notes on setting up Jitsi Meet on a personal server. Main thing is to note what we'd need to do to get this set up on an hcoop server

1. Setup Script

https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart

Followed the script and got a working install.

Working config out of the box, if we accept having to run this on a dedicated server.

2. Puppet Module Notes

https://gitlab.com/shared-puppet-modules-group/jitsimeet

The puppet modules has a few rough edges that we should fix and contribute upstream.

2.1. Check for Staleness

2.2. Not sure if it's just me or not

2.3. Defects

3. Testing

Using https://meet.unknownlamer.org on my personal DigitalOcean account. With a 2CPU/2G RAM setup, a 4 person conference used around 4Mbps and 10% CPU.

3.1. Things to look out for

4. Security

https://jitsi.github.io/handbook/docs/devops-guide/secure-domain

Need to adapt to kerberos, will have to use SASL: https://prosody.im/doc/cyrus_sasl (we have saslauthd in place for exim, so should be straightforward)

There are some additional steps to auth against sasl:

lua-cyrussasl must be installed from buster-backports on Debian 10.

/etc/prosody/conf.avail/meet-test.hcoop.net.cfg.lua :

...
VirtualHost "meet-test.hcoop.net"
    -- enabled = false -- Remove this line to enable this host
    authentication = "cyrus"
    cyrus_application_name = "xmpp"
    --allow_unencrypted_plain_auth = true -- is this safe ? / it worked fine without it
...
    modules_enabled = {
        "auth_cyrus";
...
    }
...

/etc/sasl/xmpp.conf:

pwcheck_method: saslauthd
mech_list: PLAIN

5. Open Questions

6. FSF setup

https://vcs.fsf.org/?p=jitsi-ansible.git review

6.1. Useful snippets

- name: custom css
  lineinfile:
    path: /usr/share/jitsi-meet/css/all.css
    line: ".header-text-description, .unsupported-desktop-browser__description {display:none!important}"

- name: fellow hacker
  replace:
    path: /usr/share/jitsi-meet/interface_config.js
    regexp: "Fellow Jitster"
    replace: "Fellow Hacker"

- name: link
  replace:
    path: /usr/share/jitsi-meet/interface_config.js
    regexp: "https://jitsi.org"
    replace: "https://{{ inventory_hostname }}/"


- name: hide logo
  replace:
    path: /usr/share/jitsi-meet/interface_config.js
    regexp: "SHOW_WATERMARK_FOR_GUESTS: true,"
    replace: "SHOW_WATERMARK_FOR_GUESTS: false,"

- name: hide logo
  replace:
    path: /usr/share/jitsi-meet/interface_config.js
    regexp: "SHOW_JITSI_WATERMARK: true,"
    replace: "SHOW_JITSI_WATERMARK: false,"


- name: copy watermark logo
  copy:
    src: files/LPlogo.png
    dest: /usr/share/jitsi-meet/images/watermark.png
    owner: root
    group: root
    mode: 0444
  when: j.stat.exists

6.2. Custom index

https://vcs.fsf.org/?p=jitsi-ansible.git;a=blob;f=files/index.html;h=ab0a76f3973b53069ec884b7dcea67931c585a5f;hb=HEAD

We'll want to customize the css at least to match our usual color schema and insert the hcoop logo, and something like the blurb about the coop we include on git.hcoop.net

Also, do we want to add librejs info? Not sure what the licensing on the youtube stuff is...

7. Config changes

7.1. Performance

Recommends disabling currently speaking dot to lower client and server cpu use (fsf does this, I left it on in my testing instance): the detection apparently uses quite a bit of CPU.

Further suggested tweaks to reduce client cpu use:

disableAudioLevels: true

DISABLE_JOIN_LEAVE_NOTIFICATIONS: true,
DISABLE_VIDEO_BACKGROUND: true,
DISABLE_FOCUS_INDICATOR: true,
DISABLE_DOMINANT_SPEAKER_INDICATOR: true,
DISABLE_VIDEO_BACKGROUND: true,

7.2. /etc/jitsi/meet/meet.hcoop.net-config.js

Update: yes, enableLayerSuspension: true is essential, it's not clear why it is not enabled by default at all.

7.3. /usr/share/jitsi-meet/interface_config.js

7.4. /usr/share/jitsi-meet/logging_config.js

Make sure we don't log more than the bare minimum.

7.5. /etc/jitsi/videobridge/config

7.6. /etc/jitsi/jicofo/config

8. Add-Ons / Etc

9. Possible Alternatives

ClintonEbadi/JitsiMeet (last edited 2021-02-09 04:31:24 by ClintonEbadi)