gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
master
secubox-openwrt/package/secubox/secubox-app-jitsi/README.md
CyberMind-FR 00082fe066 feat(jitsi): Add Jitsi Meet video conferencing integration 
- secubox-app-jitsi: Docker-based Jitsi stack with jitsctl control CLI
- luci-app-jitsi: LuCI web configuration interface
- Catalog entry for SecuBox AppStore

Features:
- End-to-end encrypted video conferencing
- HAProxy integration with WebSocket/SSL support
- Mesh federation for SecuBox P2P network
- User authentication management
- Backup/restore functionality

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-31 13:29:06 +01:00

189 lines
5.0 KiB
Markdown
Raw Permalink Blame History

# SecuBox Jitsi Meet
Self-hosted video conferencing with end-to-end encryption for SecuBox.
## Features
- **Secure Video Calls**: End-to-end encrypted video conferences
- **No Account Required**: Guests can join without registration
- **Screen Sharing**: Share your screen with participants
- **Chat & Reactions**: In-meeting chat and emoji reactions
- **Breakout Rooms**: Split meetings into smaller groups
- **Recording**: Optional recording to Dropbox (requires setup)
- **Mobile Support**: iOS and Android apps available
- **HAProxy Integration**: Automatic SSL and reverse proxy setup
- **Mesh Federation**: Announce service on SecuBox mesh network
## Requirements
- Docker and docker-compose
- 2GB+ RAM (4GB recommended)
- Public domain with DNS pointing to your SecuBox
- SSL certificate (via Let's Encrypt or HAProxy)
## Quick Start
```bash
# Install
opkg install secubox-app-jitsi luci-app-jitsi
# Configure domain
uci set jitsi.main.domain='meet.example.com'
uci set jitsi.main.enabled='1'
uci commit jitsi
# Install Docker containers
jitsctl install
# Start service
/etc/init.d/jitsi start
```
## Configuration
### Via LuCI
Navigate to **Services > Jitsi Meet** in the LuCI web interface.
### Via CLI
```bash
# Show status
jitsctl status
# View logs
jitsctl logs
# Add authenticated user
jitsctl add-user admin secretpassword
# Regenerate configuration
jitsctl generate-config
# Restart containers
jitsctl restart
```
### UCI Options
```
config jitsi 'main'
option enabled '1'
option domain 'meet.example.com'
option timezone 'Europe/Paris'
config jitsi 'web'
option port '8443'
option enable_guests '1'
option enable_auth '0'
option default_language 'en'
config jitsi 'jvb'
option port '10000'
option enable_tcp_fallback '0'
option stun_servers 'meet-jit-si-turnrelay.jitsi.net:443'
config jitsi 'security'
option lobby_enabled '1'
option password_required '0'
option jwt_enabled '0'
```
## HAProxy Integration
If secubox-app-haproxy is installed, Jitsi will automatically configure a vhost:
```bash
jitsctl configure-haproxy
```
This creates:
- HTTPS frontend on port 443
- WebSocket support for real-time communication
- SSL termination (using your certificate)
## Firewall
The following ports are required:
| Port | Protocol | Description |
|------|----------|-------------|
| 443 | TCP | HTTPS (via HAProxy) |
| 8443 | TCP | Direct web access |
| 10000 | UDP | Video/audio streams |
| 4443 | TCP | TCP fallback (optional) |
Firewall rules are automatically added during installation.
## Mesh Integration
Enable mesh federation to:
- Announce Jitsi on the SecuBox mesh network
- Auto-register DNS entry (e.g., meet.c3box.mesh.local)
- Enable multi-node video bridge deployment
```bash
uci set jitsi.mesh.enabled='1'
uci commit jitsi
/etc/init.d/jitsi restart
```
## Troubleshooting
### Containers not starting
```bash
# Check Docker status
docker ps -a
# View container logs
jitsctl logs web
jitsctl logs prosody
jitsctl logs jicofo
jitsctl logs jvb
```
### Video/audio not working
1. Check UDP port 10000 is open on firewall
2. Verify STUN servers are reachable
3. Enable TCP fallback if behind strict NAT
### Authentication issues
```bash
# List users
jitsctl list-users
# Reset user password
jitsctl remove-user admin
jitsctl add-user admin newpassword
```
## Backup & Restore
```bash
# Create backup
jitsctl backup /tmp/jitsi-backup.tar.gz
# Restore
jitsctl restore /tmp/jitsi-backup.tar.gz
```
## Architecture
```
┌─────────────────────────────────────────────────────────┐
│ HAProxy (443) │
│ SSL Termination │
└──────────────────────┬──────────────────────────────────┘
┌──────────────────────┴──────────────────────────────────┐
│ Docker Network: meet.jitsi │
│ ┌─────────┐ ┌─────────┐ ┌─────────┐ ┌─────────────┐ │
│ │ Web │ │ Prosody │ │ Jicofo │ │ JVB │ │
│ │ :8443 │ │ :5222 │ │ :8888 │ │ :10000/UDP │ │
│ │ React │ │ XMPP │ │ Focus │ │ Media │ │
│ └─────────┘ └─────────┘ └─────────┘ └─────────────┘ │
└─────────────────────────────────────────────────────────┘
```
## License
Apache 2.0 - See LICENSE file for details.
Reference in New Issue View Git Blame Copy Permalink