Notes on setting up [[https://jitsi.org/jitsi-meet/|Jitsi Meet]] on a personal server. Main thing is to note what we'd need to do to get this set up on an hcoop server <> == Possible Alternatives == * https://github.com/edumeet/edumeet promises better performance by using VP9 instead of VP8 (40% reduced bandwidth). Advantage might be negated soon: [[https://community.jitsi.org/t/flagship-vp9-support-notes-and-discussion/33921/66|Jitsi Meet has VP9 support actively under development]]. == Setup Script == https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart Followed the script and got a working install. * We'll need to set config to provide our own cert * jitsi-meet needs nginx out of the box * `/etc/nginx/sites-available/sites-available/meet.unknownlamer.org.conf` * Has its own xmpp server, prosidy (I think in theory we could integrate the videobridge with jabber but in practice probably not worth it at our scale) Working config out of the box, if we accept having to run this on a dedicated server. == Testing == Using https://meet.unknownlamer.org on my personal DigitalOcean account. With a 2CPU/2G RAM setup, a 4 person conference used around 4Mbps and 10% CPU. == Security == https://jitsi.github.io/handbook/docs/devops-guide/secure-domain Need to adapt to kerberos, will have to use SASL: https://prosody.im/doc/cyrus_sasl (we have saslauthd in place for exim, so should be straightforward) == Open Questions == * Can we limit room sizes? == FSF setup == https://vcs.fsf.org/?p=jitsi-ansible.git review === Useful snippets === {{{ - name: custom css lineinfile: path: /usr/share/jitsi-meet/css/all.css line: ".header-text-description, .unsupported-desktop-browser__description {display:none!important}" - name: fellow hacker replace: path: /usr/share/jitsi-meet/interface_config.js regexp: "Fellow Jitster" replace: "Fellow Hacker" - name: link replace: path: /usr/share/jitsi-meet/interface_config.js regexp: "https://jitsi.org" replace: "https://{{ inventory_hostname }}/" - name: hide logo replace: path: /usr/share/jitsi-meet/interface_config.js regexp: "SHOW_WATERMARK_FOR_GUESTS: true," replace: "SHOW_WATERMARK_FOR_GUESTS: false," - name: hide logo replace: path: /usr/share/jitsi-meet/interface_config.js regexp: "SHOW_JITSI_WATERMARK: true," replace: "SHOW_JITSI_WATERMARK: false," - name: copy watermark logo copy: src: files/LPlogo.png dest: /usr/share/jitsi-meet/images/watermark.png owner: root group: root mode: 0444 when: j.stat.exists }}} === Custom index === https://vcs.fsf.org/?p=jitsi-ansible.git;a=blob;f=files/index.html;h=ab0a76f3973b53069ec884b7dcea67931c585a5f;hb=HEAD We'll want to customize the css at least to match our usual color schema and insert the hcoop logo, and something like the blurb about the coop we include on git.hcoop.net Also, do we want to add librejs info? Not sure what the licensing on the youtube stuff is... == Config changes == * If we leave youtube support on, do we need to generate our own API keys, or is using the ones built into jitsi fine? https://jitsi.github.io/handbook/docs/dev-guide/dev-guide-web-integrations === /etc/jitsi/meet/meet.hcoop.net-config.js === * `fileRecordingsEnabled` defaults to true, since we will not support dropbox integration and don't want local recordings, we should set this to `false` to hide the interface elements that don't work * `resolution: 720` is the default (so 720p) max resolution, which seems reasonable for video conferencing * Jiti by defaults starts with the mic and camera of participants on. The FSF starts with participants muted. I think that would be a more reasonable, privacy respecting default? {{{ // Every participant after the Nth will start audio muted. // startAudioMuted: 10, // Start calls with audio muted. Unlike the option above, this one is only // applied locally. FIXME: having these 2 options is confusing. // startWithAudioMuted: false, // Every participant after the Nth will start video muted. // startVideoMuted: 10, // Start calls with video muted. Unlike the option above, this one is only // applied locally. FIXME: having these 2 options is confusing. // startWithVideoMuted: false, }}} * should we use our own STUN server instead of the default provided by jitsi?: {{{ stunServers: [ // { urls: 'stun:meet.unknownlamer.org:3478' }, { urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' } ] }}} * Instead of patching internal data, maybe we could just have a static json file on hcoop.net and use this to override logos? (My attempt to get this work on my local install didn't work, the react frontend should be making a request to brandingDataUrl but it never does for me) {{{ /** External API url used to receive branding specific information. If there is no url set or there are missing fields, the defaults are applied. None of the fields are mandatory and the response must have the shape: { // The hex value for the colour used as background backgroundColor: '#fff', // The url for the image used as background backgroundImageUrl: 'https://example.com/background-img.png', // The anchor url used when clicking the logo image logoClickUrl: 'https://example-company.org', // The url used for the image used as logo logoImageUrl: 'https://example.com/logo-img.png' } */ // brandingDataUrl: '', }}} * Maybe some bandwidth savings to be had? {{{ // Enable / disable layer suspension. If enabled, endpoints whose HD // layers are not in use will be suspended (no longer sent) until they // are requested again. // enableLayerSuspension: false, // Optional desktop sharing frame rate options. Default value: min:5, max:5. // desktopSharingFrameRate: { // min: 5, // max: 5 // }, }}} * Misc {{{ // Require users to always specify a display name. // requireDisplayName: true, // If true, shows the unsafe room name warning label when a room name is // deemed unsafe (due to the simplicity in the name) and a password is not // set or the lobby is not enabled. // enableInsecureRoomNameWarning: false, // Privacy // // If third party requests are disabled, no other server will be contacted. // This means avatars will be locally generated and callstats integration // will not function. // disableThirdPartyRequests: false, }}} === /usr/share/jitsi-meet/interface_config.js === * Override mobile download link to use F-Droid? {{{ /** * Specify custom URL for downloading android mobile app. */ // MOBILE_DOWNLOAD_LINK_ANDROID: 'https://play.google.com/store/apps/details?id=org.jitsi.meet', }}} * Might want/need to customize these {{{ JITSI_WATERMARK_LINK: 'https://jitsi.org', POLICY_LOGO: null, PROVIDER_NAME: 'Jitsi', SHOW_POWERED_BY: false, SUPPORT_URL: 'https://community.jitsi.org/', /* probably should point to our support */ TOOLBAR_BUTTONS: [ ... ] /* disable things like video recording that we aren't going to support */ // HIDE_KICK_BUTTON_FOR_GUESTS: false, }}} === /usr/share/jitsi-meet/logging_config.js === Make sure we don't log more than the bare minimum. == Add-Ons / Etc == * [[https://github.com/jitsi/jitsi-meet/wiki/Etherpad-addition-example|Etherpad integration]] not sure how complete this is, but could be useful * Packages come with an example apache config `/usr/share/jitsi-meet-web-config/jitsi-meet.example-apache`. Looks like all directives would work with domtool.