Jitsi + Niginx + Reverse proxy + CA
https://gist.github.com/krithin/e50a6001c8435e46cb85f5c6c78e2d66
# Change username > pi
#login 1st time:
#ubuntu:ubuntu
sudo adduser bar
sudo -i
adduser bar sudo
#logout and login bar
# change username
sudo usermod -l pi ubuntu
#change home-folder
sudo usermod -d /home/pi -m pi
# setup root passwd
sudo -i #login as root
passwd #new root password
# delete bar user
deluser bar sudo
deluser bar
pi:rasp...
# uninstall Cloud-init
sudo -i
sudo dpkg-reconfigure cloud-init
sudo apt-get purge cloud-init
sudo rm -rf /etc/cloud/ && sudo rm -rf /var/lib/cloud/
sudo reboot
# Change Timezone
sudo mv /etc/localtime /etc/localtime.backup
sudo ln -s /usr/share/zoneinfo/Europe/Brussels /etc/localtime
timedatectl
sudo apt-get update -y
sudo apt-get dist-upgrade -y
sudo reboot
sudo ln -s /usr/share/zoneinfo/Europe/Brussels /etc/localtime
timedatectl
sudo apt-get install apt-transport-https ca-certificates
sudo hostnamectl set-hostname raiv.cc ### jitsi (192.168.100.14)
sudo nano /etc/hosts
127.0.0.1 raiv.cc
127.0.0.1 ca.raiv.cc
127.0.0.1 traccar.raiv.cc
127.0.0.1 jitsi.raiv.cc
127.0.0.1 jevany.raiv.cc
127.0.0.1 draytek.raiv.cc
192.168.100.102 backupserver
##### INstall RASPI-CONFIG to Ubuntu
wget https://archive.raspberrypi.org/debian/pool/main/r/raspi-config/raspi-config_20200601_all.deb -P /tmp
sudo apt-get install libnewt0.52 whiptail parted triggerhappy lua5.1 alsa-utils -y
# Auto install dependancies on eg. ubuntu server on RPI
sudo apt-get install -fy
sudo dpkg -i /tmp/raspi-config_20200601_all.deb
sudo reboot
#FTP Server
sudo apt-get install vsftpd
sudo nano /etc/vsftpd.conf
listen=YES
anonymous_enable=No
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
ascii_upload_enable=YES
ascii_download_enable=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem
sudo /etc/init.d/vsftpd restart
##
#Add the Jitsi package repository
sudo echo 'deb https://download.jitsi.org stable/' | sudo tee /etc/apt/sources.list.d/jitsi-stable.list
sudo wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -
###Install the Jitsi Meet packages
# Retrieve the latest package versions across all repositories
sudo apt-get update -y
export LD_LIBRARY_PATH=/usr/lib/
# Perform jitsi-meet installation
sudo apt-get install jitsi-meet -y
#add IP address instread DNS name (Android will NOT working!!!)
#IF want remove Jitsi with purge config (re-enable insert domain in new install):
#sudo apt-get remove --purge jitsi-meet jitsi-meet-prosody jitsi-meet-web-config jitsi-meet-web jicofo jitsi-videobridge jitsi-videobridge2
######### NGIX config
sudo nginx -T
#if error (e.g. TLS 1.3.):
cd /etc/nginx/sites-available
sudo nano "domain".conf
#delete TLS 1.3 (ctl+x + Y)
sudo reboot
################## IF Yuo have public IP + DNS
###Generate an SSL certificate with Let's Encrypt
sudo apt install certbot
# Backup the cert install script
sudo cp /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh ~/install-letsencypt-cert.sh.bak
## Edit the install script (not needed)
##sudo nano /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
## Edit the file by hand in nano:
## 1. remove the call to install certbot-auto, and all references to $CRON_FILE (lines 28-38, 78, 99 and 103-104 in my version)
## 2. replace all the remaining calls to './certbot-auto' to 'certbot' - there should be three of them.
sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
'/etc/jitsi/meet/raiv.cc.key'
/var/lib/prosody/raiv.cc.key
# check NGIX ports - should be there 443
netstat -lvnt
##### Remove Watermark "Jitsi"
cd /usr/share/jitsi-meet
sudo nano /usr/share/jitsi-meet/interface_config.js
SHOW_WATERMARK: false