By Tyler W.
June 25, 2020
Installing Jitsi as your video meeting platform
With dangers of video web hosting platforms being under constant attack, you can avoid some of the concerns by spinning up your own Jitsi server on some old hardware you might have laying around!
If you think Zoom is convenient, you are right, but that convenience comes at a cost...
It is no secret the amount of attacks Zoom went through that gave me cause for concern in regards to user security and privacy. When I was looking for an alternative, I went to all the usual places, the tried and tested, and to be fair to Zoom they were very proactive in addressing their security shortcomings, but their continued failures (they cannot even get their end to end encryption offering consistent or correct) caused this to become a priority. When I was helping people canvas the solutions their implicit risk tolerance was much higher than mine with the most common response being “I’m too small to get hacked.”. Ultimately, they are probably correct, but that excuse won’t hold water when they are attacked. I say when, because that type of security mindset it is a case of when, not if.
For some time I had heard of Jitsi but basically just thought it was another alternative to Zoom, Skype/Teams, GoToMeeting and so on. Upon further investigation I discovered it was a very intriguing piece of open source software, especially when it can be hosted privately (on your own physical or virtual server) therefore ensuring data is not being stored / shared / decrypted on hardware out of your controlled environment.
To get Jitsi set up and fully operations did take me a little while, largely due to me requiring to open / forward the ports on my router, to allow incoming traffic. Having said that, if you have a server (or any old computer to be honest) out of rotation, and an internet correction, just follow the steps at https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart and you will have your secure Jitsi web meeting server.
The specific steps I took to get my Jitsi server running were:
Locate an old computer or laptop (a Raspberry Pi will not suffice in this instance). It does not need a great deal of hard drive space or RAM. I repurposed an old ASUS laptop with 8GB of RAM, so am laughing, but a virtual private server with only 1 to 2 gb of RAM will be fine too. As you can see you do not need much!
Download a server image and install on to your physical machine. If you are using a virtual private server these will likely come with a linux distro ready to go. You will need to be command line savvy as there will be no graphical user interface. I installed the Ubuntu server image 18.04 from here: https://releases.ubuntu.com/18.04.4/ [note I have used the 18.04 image, as the latest 20.04 is not yet fully supported from a Jitsi perspective] I am going to assume you know how to flash an .iso file on to a USB, but if not, my preferred tool is Etcher: https://belena.io
You do not need to do anything further on the server. As you install it, it will confirm internet access, and assuming all fine, I would recommend you run [apt-get update] and [apt-get upgrade] to make sure your server is running the latest and most secure version of the OS.
Once you have installed the server OS (or got your VPS up and running) you are good to go. However, if you have not already, you will need to create a subdomain or new DNS record so you can set up your Jitsi web meeting address. For example, Cyberwise host their meetings at meet.cyberwi.se – so we set up the subdomain DNS ´meet´ and pointed this DNS / subdomain to our public IP address. You can get your public ipaddress with a simple [curl ifconfig.me] command or if using a VPS it will probably be provided to you in the set up interface.
From here it is about carefully following the steps as listed out by Jitsi themselves at: https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart My tip however, if setting this up on a physical device is that when you allow the ports to be opened you will need to do so on the router. You need to be aware of the risk of doing this and thankfully my router is sophisticated enough that I could specify the ports be opened for one device only, my server. Before you open up your router ports you should be aware of what you are doing and the risks you may place your network at.
Assuming you have done this correctly you should be able to now run your Jitsi webmeeting server. If you are feeling adventurous you can head to the config files and change the logos like we did) and customise the page a little more, however, this is likely less important if you are sending direct meeting link invites.
As a word of advice, we have not covered off here the additional security measures that you may need / want to undertake to ensure the integrity of your meetings and prevent “Zoom Bombing” from occurring. You will need to amend some of the config files on your server to do this. The steps above help you with the quick and ‘basic’ install. If you are going to use this for extended commercial purposes then you would be well advised to undertake the additional security precautions.
As you can see, it is quite possible to leave the proprietary market and own your digital world. Given most of my clients are dealing in confidential information, and have an old computer that can be easily converted to a server (although I do recommend a VPS) you can easily get a Jitsi web-meeting server up and running in no time and if nothing else, have a back up option should your meeting platform of choice ever go away or services become disrupted for a period of time.
If this is something of interest to you, and you would like a video tutorial, or a one-on-one, please leave a comment below, or email me and we can get it underway.