The wikis are now using the new authentication system.
If you did not migrate your account yet, visit


Jump to: navigation, search

Jitsi is a secure, simple and scalable video conference application that you can use as a standalone app or embed in your web application.

It consists of the following components:

  • Jitsi-Meet
  • Jitsi-Videobridge
  • Jitsi-Jicofo
  • Jitsi-Jibri
  • Jitsi-Jigasi

In the following you will find help for configuring the applications.

This document describes the steps for a quick Jitsi-Meet installation, paired with a single Videobridge and a single Jicofo on openSUSE Leap 15.2.

Note: Many of the installation steps require root access.


  1. Add the OBS repository:
    Note: When Jitsi-Meet is merged into openSUSE Factory, this will be obsolete.
    zypper addrepo
  2. Refresh the repositories:
    zypper refresh
  3. Install Jitsi-Meet and its dependencies:
    zypper install nginx prosody lua51-zlib jitsi-meet jitsi-videobridge jitsi-jicofo

optional Add-Ons

  • Install the Jibri Add-On:
    zypper install jitsi-jibri
  • Install the Jigasi Add-On:
    zypper install jitsi-jigasi


The following sections describe how to configure the different packages. Replace <FQDN> with your domain name and YOURSECRET3 with a strong password.


Open and adjust the Prosody configuration file under /etc/prosody/prosody.cfg.lua:

---------- Server-wide settings ----------
admins = { "focus@auth.<FQDN>" }
cross_domain_bosh = true;
component_ports = { 5347 }
modules_enabled = {
        -- HTTP modules
                "bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
        -- jitsi

Create a new configuration file named <FQDN>.cfg.lua in /etc/prosody/conf.avail/ with the following content:

plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }

-- As per
consider_bosh_secure = true

-- domain mapper options, must at least have domain base set to use the mapper
muc_mapper_domain_base = "<FQDN>";

turncredentials_secret = "YOURSECRET3";

turncredentials = {
  { type = "stun", host = "<FQDN>", port = "3478" },
  { type = "turn", host = "<FQDN>", port = "3478", transport = "udp" },
  --  { type = "turns", host = "<FQDN>", port = "443", transport = "tcp" }

VirtualHost "<FQDN>"
    authentication = "anonymous"
    ssl = {
        key = "/var/lib/prosody/<FQDN>.key";
        certificate = "/var/lib/prosody/<FQDN>.crt";
    speakerstats_component = "speakerstats.<FQDN>"
    conference_duration_component = "conferenceduration.<FQDN>"
    modules_enabled = {
    c2s_require_encryption = false

Component "conference.<FQDN>" "muc"
    modules_enabled = {
    admins = { "focus@auth.<FQDN>" }
    muc_room_locking = false
    muc_room_default_public_jids = true

-- internal muc component
Component "internal.auth.<FQDN>" "muc"
    modules_enabled = {
    admins = { "focus@auth.<FQDN>" }
    muc_room_locking = false
    muc_room_default_public_jids = true
    muc_room_cache_size = 1000

Component "jitsi-videobridge.<FQDN>"
    component_secret = "YOURSECRET3"

VirtualHost "auth.<FQDN>"
    ssl = {
        key = "/var/lib/prosody/auth.<FQDN>.key";
        certificate = "/var/lib/prosody/auth.<FQDN>.crt";
    authentication = "internal_plain"

Component "focus.<FQDN>"
    component_secret = "YOURSECRET3"

Component "speakerstats.<FQDN>" "speakerstats_component"
    muc_component = "conference.<FQDN>"

Component "conferenceduration.<FQDN>" "conference_duration_component"
    muc_component = "conference.<FQDN>"

Create a symlink for the configuration:

ln --symbolic /etc/prosody/conf.avail/<FQDN>.cfg.lua /etc/prosody/conf.d/<FQDN>.cfg.lua

Create the certificates via prosodyctl cert generate <DOMAIN> - The value <DOMAIN> represents the following URLs.

  • auth.<FQDN>
  • conference.<FQDN>
  • conferenceduration.<FQDN>
  • internal.auth.<FQDN>
  • FQDN
  • focus.<FQDN>
  • jitsi-videobridge.<FQDN>
  • callcontrol.<FQDN>
    Note: This is only needed if you deploy Jigasi
  • recorder.<FQDN>
    Note: This is only needed if you deploy Jibri

Symlink all generated *.crt and *.key files from /var/lib/prosody/ to /etc/prosody/certs/. Note: Please do not link other certificates.

Add the certificates to the system keystore:

ln --symbolic --force /var/lib/prosody/auth.<FQDN>.crt /usr/local/share/ca-certificates/auth.<FQDN>.crt
update-ca-certificates --fresh

Create conference focus user:

prosodyctl register focus auth.<FQDN> YOURSECRET3


Edit the file /etc/nginx/vhosts.d/jitsi-meet.conf (which was installed along with jitsi-meet) and do the following:

  • Check the server_name value.
  • Check the TLS certificates (Let's Encrypt for production use, Prosody for testing, for example).

Note: If you are using an existing server, please make sure to adjust the websocket and bosh part, too.


Edit the file /srv/jitsi-meet/config.js:

var config = {
    hosts: {
        domain: '<FQDN>',
        muc: 'conference.<FQDN>',
        bridge: 'jitsi-videobridge.<FQDN>',
        focus: 'focus.<FQDN>'
    useNicks: false,
    bosh: '//<FQDN>/http-bind',

Note: Please be aware that this is the minimal configuration.


Note: We use a combination of the new Videobridge configuration and the legacy one with the file. We have to do this because of the STATISTICS_TRANSPORT property.

If we remove org.jitsi.videobridge.STATISTICS_TRANSPORT=muc,colibri from, the videobridge will not work!

  1. Go to the directory /etc/jitsi/videobridge
  2. Edit the file jitsi-videobridge.conf
  3. Set JVB_HOSTNAME to your <FQDN>.
  4. Set JVB_SECRET to your own secret.
  5. Edit the file application.conf and adjust the values under apis and websockets, especially set a unique ID as muc_nickname with uuidgen for example.
apis {
    xmpp-client {
      configs {
        xmpp-server-1 {
          domain = "auth.${FQDN}"
          username = "focus"
          password = "YOURSECRET3"
          muc_jids = "JvbBrewery@internal.auth.${FQDN}"
          # The muc_nickname must be unique across all jitsi-videobridge instances
          muc_nickname = "unique-id"
          disable_certificate_verification = true
websockets {


  • Go to the directory /etc/jitsi/jicofo
  • Edit the file jitsi-jicofo.conf
    • Set the property JICOFO_HOSTNAME to <FQDN>.
    • Set the property JICOFO_SECRET to the password the Prosody user got in above setup.
    • Set the property JICOFO_AUTH_DOMAIN to auth.<FQDN>.
    • Set the property JICOFO_AUTH_USER to the Prosody user from above setup.
  • Edit the file
    • Set the property org.jitsi.jicofo.BRIDGE_MUC to JvbBrewery@internal.auth.<FQDN>.
    • Set the property org.jitsi.jicofo.jibri.BREWERY to JibriBrewery@internal.auth.<FQDN>.
    • Depending on your cert setup set org.jitsi.jicofo.ALWAYS_TRUST_MODE_ENABLED to true or false.


Edit the file /etc/prosody/conf.avail/<FQDN>.cfg.lua and the following snippet at the end of the file:

VirtualHost "recorder.<FQDN>"
  modules_enabled = {
  authentication = "internal_plain"
  1. Run prosodyctl register jibri auth.<FQDN> YOURSECRET3 and replace YOURSECRET3 with an appropiate one.
  2. Run prosodyctl register recorder recorder.<FQDN> YOURSECRET3 and replace YOURSECRET3 with an appropriate one.
  3. Go to the directory /etc/jitsi/jibri and edit the following properties you see listed below. The rest can be left as is.
        environments = [
                xmpp-domain = "<FQDN>"
                control-muc {
                    domain = "internal.<FQDN>"
                control-login {
                    domain = "recorder.<FQDN>"
                    username = "recorder"
                    password = "YOURSECRET3"
                call-login {
                    domain = "recorder.<FQDN>"
                    username = "recorder"
                    password = "YOURSECRET3"

Edit the file /etc/jitsi/jicofo/ and add the following properties:


Edit the file /srv/jitsi-meet/config.js and set the following properties:

fileRecordingsEnabled: true, // If you want to enable file recording
liveStreamingEnabled: true, // If you want to enable live streaming
hiddenDomain: 'recorder.<FQDN>',

Edit /srv/jitsi-meet/interface_config.js and make sure the TOOLBAR_BUTTONS array contains the recording and the livestreaming value if you want those features.

        'microphone', 'camera', 'closedcaptions', 'desktop', 'embedmeeting', 'fullscreen',
        'fodeviceselection', 'hangup', 'profile', 'chat', 'recording',
        'livestreaming', 'etherpad', 'sharedvideo', 'settings', 'raisehand',
        'videoquality', 'filmstrip', 'invite', 'feedback', 'stats', 'shortcuts',
        'tileview', 'videobackgroundblur', 'download', 'help', 'mute-everyone', 'security'


Note from openSUSE packagers: We've packaged it but we don't have the infrastructure to set up this component. Hence we can't provide a guide for this so far.


Now everything should be working. That means you are ready to start everything up:

systemctl start prosody
systemctl start jitsi-videbridge
systemctl start jitsi-jicofo
systemctl start jitsi-jibri (if configured and installed beforehand)
systemctl start jitsi-jigasi (if configured and installed beforehand)
systemctl start nginx

Final notes

  • The Jitsi Software has a lot of dependencies and thus we recommend to run this on a dedicated host for Jitsi.
  • Updating Jitsi is crucial to get rid of bugs and updated dependencies with possible security fixes.
  • Although tempted through Chrome: Don't install a full X11 stack like KDE or Gnome for this.
  • Don't mix the rpms or debs with a source installation of the same component.
  • Securely backup your configuration, preferably in a VCS. This saves time and pain when doing rollbacks or dealing with other problems.