|
…
|
||
|---|---|---|
| .. | ||
| files | ||
| Makefile | ||
| README.md | ||
SecuBox Jitsi Meet
Self-hosted video conferencing with end-to-end encryption for SecuBox.
Features
- Secure Video Calls: End-to-end encrypted video conferences
- No Account Required: Guests can join without registration
- Screen Sharing: Share your screen with participants
- Chat & Reactions: In-meeting chat and emoji reactions
- Breakout Rooms: Split meetings into smaller groups
- Recording: Optional recording to Dropbox (requires setup)
- Mobile Support: iOS and Android apps available
- HAProxy Integration: Automatic SSL and reverse proxy setup
- Mesh Federation: Announce service on SecuBox mesh network
Requirements
- Docker and docker-compose
- 2GB+ RAM (4GB recommended)
- Public domain with DNS pointing to your SecuBox
- SSL certificate (via Let's Encrypt or HAProxy)
Quick Start
# Install
opkg install secubox-app-jitsi luci-app-jitsi
# Configure domain
uci set jitsi.main.domain='meet.example.com'
uci set jitsi.main.enabled='1'
uci commit jitsi
# Install Docker containers
jitsctl install
# Start service
/etc/init.d/jitsi start
Configuration
Via LuCI
Navigate to Services > Jitsi Meet in the LuCI web interface.
Via CLI
# Show status
jitsctl status
# View logs
jitsctl logs
# Add authenticated user
jitsctl add-user admin secretpassword
# Regenerate configuration
jitsctl generate-config
# Restart containers
jitsctl restart
UCI Options
config jitsi 'main'
option enabled '1'
option domain 'meet.example.com'
option timezone 'Europe/Paris'
config jitsi 'web'
option port '8443'
option enable_guests '1'
option enable_auth '0'
option default_language 'en'
config jitsi 'jvb'
option port '10000'
option enable_tcp_fallback '0'
option stun_servers 'meet-jit-si-turnrelay.jitsi.net:443'
config jitsi 'security'
option lobby_enabled '1'
option password_required '0'
option jwt_enabled '0'
HAProxy Integration
If secubox-app-haproxy is installed, Jitsi will automatically configure a vhost:
jitsctl configure-haproxy
This creates:
- HTTPS frontend on port 443
- WebSocket support for real-time communication
- SSL termination (using your certificate)
Firewall
The following ports are required:
| Port | Protocol | Description |
|---|---|---|
| 443 | TCP | HTTPS (via HAProxy) |
| 8443 | TCP | Direct web access |
| 10000 | UDP | Video/audio streams |
| 4443 | TCP | TCP fallback (optional) |
Firewall rules are automatically added during installation.
Mesh Integration
Enable mesh federation to:
- Announce Jitsi on the SecuBox mesh network
- Auto-register DNS entry (e.g., meet.c3box.mesh.local)
- Enable multi-node video bridge deployment
uci set jitsi.mesh.enabled='1'
uci commit jitsi
/etc/init.d/jitsi restart
Troubleshooting
Containers not starting
# Check Docker status
docker ps -a
# View container logs
jitsctl logs web
jitsctl logs prosody
jitsctl logs jicofo
jitsctl logs jvb
Video/audio not working
- Check UDP port 10000 is open on firewall
- Verify STUN servers are reachable
- Enable TCP fallback if behind strict NAT
Authentication issues
# List users
jitsctl list-users
# Reset user password
jitsctl remove-user admin
jitsctl add-user admin newpassword
Backup & Restore
# Create backup
jitsctl backup /tmp/jitsi-backup.tar.gz
# Restore
jitsctl restore /tmp/jitsi-backup.tar.gz
Architecture
┌─────────────────────────────────────────────────────────┐
│ HAProxy (443) │
│ SSL Termination │
└──────────────────────┬──────────────────────────────────┘
│
┌──────────────────────┴──────────────────────────────────┐
│ Docker Network: meet.jitsi │
│ ┌─────────┐ ┌─────────┐ ┌─────────┐ ┌─────────────┐ │
│ │ Web │ │ Prosody │ │ Jicofo │ │ JVB │ │
│ │ :8443 │ │ :5222 │ │ :8888 │ │ :10000/UDP │ │
│ │ React │ │ XMPP │ │ Focus │ │ Media │ │
│ └─────────┘ └─────────┘ └─────────┘ └─────────────┘ │
└─────────────────────────────────────────────────────────┘
License
Apache 2.0 - See LICENSE file for details.