turboLinux_White Box Enterprise Linux_Fedora Core_Red Hat Memo/JitsiMeet Ubuntu22.04LTS
をテンプレートにして作成
[
トップ
] [
新規
|
一覧
|
検索
|
最終更新
|
ヘルプ
]
開始行:
*JitsiMeet Ubuntu22.04LTS [#kf968178]
RIGHT:更新日&lastmod();
RIGHT:作成日:2022年10月26日
iPadからPCに画像が送れないという現象が出たので、この機会...
**インストール環境 [#x2e5e9b6]
-Ubuntu22.04LTS(ISO:ubuntu-22.04.1-live-server-amd64.iso)
-jitsi-meet:2.0.7882
**Ubuntuのインストール [#r182d018]
インストール開始時言語は「English」を選択
&ref("./ubuntu-inst1.png");
&ref("./ubuntu-inst2.png");
-GWはWAN側だけ指定、LAN側は空白
&ref("./ubuntu-inst3.png");
&ref("./ubuntu-inst4.png");
-Proxyは空欄
&ref("./ubuntu-inst5.png");
-Mirror address、ストレージはデフォルト
&ref("./ubuntu-inst6.png");
&ref("./ubuntu-inst7.png");
&ref("./ubuntu-inst8.png");
&ref("./ubuntu-inst9.png");
-sshサーバをインストール(Enterで「X」が入る)
&ref("./ubuntu-inst10.png");
-追加パッケージはなし
&ref("./ubuntu-inst11.png");
-再起動
-インストール開始
**Ubuntuの設定 [#dd4f4f42]
***rootのパスワード設定 [#kdad5a71]
$ sudo passwd root
***ipv6停止 [#n483e638]
-/etc/default/grub
RUB_TIMEOUT_STYLE=hidden
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo...
GRUB_CMDLINE_LINUX_DEFAULT=""
GRUB_CMDLINE_LINUX="ipv6.disable=1" ←ipv6.disable=1を追加
-grubのアップデート
# update-grub
Sourcing file `/etc/default/grub'
Sourcing file `/etc/default/grub.d/init-select.cfg'
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-5.4.0-65-generic
Found initrd image: /boot/initrd.img-5.4.0-65-generic
done
-再起動
# reboot
-以下のコマンドで何も表示しなことを確認
# ip -6 a
***NTP クライアントの設定 [#p407b916]
''設定ファイル''
-/etc/systemd/timesyncd.conf
#
# See timesyncd.conf(5) for details.
[Time]
#NTP=
NTP=ntp.nict.jp ← NTPサーバ追加
#FallbackNTP=ntp.ubuntu.com
#RootDistanceMaxSec=5
-NTPサービスの再起動と確認
# systemctl restart systemd-timesyncd
# systemctl status systemd-timesyncd
● systemd-timesyncd.service - Network Time Synchronization
Loaded: loaded (/lib/systemd/system/systemd-timesyn...
Active: active (running) since Mon 2022-10-24 05:37...
Docs: man:systemd-timesyncd.service(8)
Main PID: 14614 (systemd-timesyn)
Status: "Initial synchronization to time server 133...
Tasks: 2 (limit: 6985)
Memory: 1.3M
CPU: 109ms
CGroup: /system.slice/systemd-timesyncd.service
mq14614 /lib/systemd/systemd-timesyncd
***Time ZoneをJSTに変更 [#e1c61a04]
-現在のZoneの確認
# timedatectl
Local time: Mon 2022-10-24 05:39:38 UTC
Universal time: Mon 2022-10-24 05:39:38 UTC
RTC time: Mon 2022-10-24 05:39:38
Time zone: Etc/UTC (UTC, +0000)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
-JSTに変更
# timedatectl set-timezone Asia/Tokyo
-変更を確認
# timedatectl
Local time: Mon 2022-10-24 14:41:01 JST ...
Universal time: Mon 2022-10-24 05:41:01 UTC
RTC time: Mon 2022-10-24 05:41:00
Time zone: Asia/Tokyo (JST, +0900) ...
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
***ファイアウォールの設定 [#x39b78c4]
-Iptableが起動していない確認
# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
-ファイアウォールでTCPの22,80,443、およびUDPの10000-20000...
# ufw status
Status: inactive
-ファイアーウォールを有効化
# ufw enable
Command may disrupt existing ssh connections. Proceed wi...
[ファイアウォールはアクティブかつシステムの起動時に有効...
Firewall is active and enabled on system startup
# ufw allow in ssh
Rule added
# ufw allow in 80/tcp
Rule added
# ufw allow in 443/tcp
Rule added
# ufw allow in 10000:20000/udp
Rule added
-ファイアウォールでアクセス許可元IPを設定する
# ufw allow from 192.168.0.0/24 to any port ssh
Rule added
-ファイアウォールの確認
# ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
10000:20000/udp ALLOW Anywhere
22/tcp ALLOW 192.168.0.0/24
***jitsimeetのリポジトリを登録 [#mec47d99]
# cd ~okada
# wget https://download.jitsi.org/jitsi-key.gpg.key
--2022-10-24 14:58:11-- https://download.jitsi.org/jits...
Resolving download.jitsi.org (download.jitsi.org)... 34....
Connecting to download.jitsi.org (download.jitsi.org)|34...
HTTP request sent, awaiting response... 200 OK
Length: 3114 (3.0K) [application/octet-stream]
Saving to: ‘jitsi-key.gpg.key’
jitsi-key.gpg.key 100%[===================>] 3.04K ...
2022-10-24 14:58:12 (759 MB/s) - ‘jitsi-key.gpg.key’ sav...
-Keyのダウンロードを確認
# ls
jitsi-key.gpg.key
-Keyの登録
# apt-key add jitsi-key.gpg.key
Warning: apt-key is deprecated. Manage keyring files in ...
OK
-リポジトリ追加
/etc/apt/sources.list.d/jitsi-stable.listを作成し、以下の...
deb https://download.jitsi.org stable/
# apt update
# apt upgrade
以下の画面が表示されたら「OK」を選択する
&ref("./ubuntu-update.png");
Ubuntu 22.04 LTS には needrestart というパッケージが入っ...
-上記の確認をなくす方法(未確認)
# echo "\$nrconf{restart} = 'a';" | sudo tee /etc/needre...
#cat /etc/needrestart/conf.d/50local.conf
$nrconf{restart} = 'a';
**nginxインストール [#je4109ce]
以下でインストールは出来るが起動に失敗する。ipv6を停止し...
# apt install nginx
(略)
invoke-rc.d: initscript nginx, action "start" failed.
× nginx.service - A high performance web server and a re...
Loaded: loaded (/lib/systemd/system/nginx.service; ...
Active: failed (Result: exit-code) since Mon 2022-1...
Docs: man:nginx(8)
Process: 15889 ExecStartPre=/usr/sbin/nginx -t -q -g...
CPU: 15ms
Oct 24 15:07:00 vmmeeting systemd[1]: Starting A high pe...
Oct 24 15:07:00 vmmeeting nginx[15889]: nginx: [emerg] s...
Oct 24 15:07:00 vmmeeting nginx[15889]: nginx: configura...
(最終行)
dpkg: error processing package nginx (--configure):
dependency problems - leaving unconfigured
Processing triggers for ufw (0.36.1-4build1) ...
No apport report written because the error message indic...
Processing triggers for man-db...
Processing triggers for libc-bin (2.35-0ubuntu3.1) ...
Errors were encountered while processing:
nginx-core
nginx
needrestart is being skipped since dpkg has failed
E: Sub-process /usr/bin/dpkg returned an error code (1)
&color(red){''エラー対応''};
IPv6を停止したため発生したようなのでIPv6の部分をコメント...
-/etc/nginx/sites-available/default
server {
listen 80 default_server;
## listen [::]:80 default_server; ←コメントアウト
# SSL configuration
(略)
***nginxを起動 [#oa2b1b80]
# systemctl start nginx
root@vmmeeting:/etc/nginx/sites-available# systemctl sta...
● nginx.service - A high performance web server and a re...
Loaded: loaded (/lib/systemd/system/nginx.service; ...
Active: active (running) since Mon 2022-10-24 15:17...
Docs: man:nginx(8) ←起動確認
Process: 16050 ExecStartPre=/usr/sbin/nginx -t -q -g...
Process: 16051 ExecStart=/usr/sbin/nginx -g daemon o...
Main PID: 16052 (nginx)
Tasks: 9 (limit: 6985)
(略)
**JDKのインストール [#fd676940]
# apt install -y openjdk-8-jre-headless
***確認 [#a14f970d]
# dpkg -l | grep openjdk
ii openjdk-11-jre-headless:amd64 11.0.16+8-0ubu...
ii openjdk-8-jre-headless:amd64 8u342-b07-0ubu...
**Jitsi-Meetのインストール [#l821117c]
# apt install -y jitsi-meet
&ref("./jitsimeet-inst1.png");
&ref("./jitsimeet-inst2.png");
''「Let's Encrrypt certificates」を選択
&ref("./jitsimeet-inst3.png");
&ref("./jitsimeet-inst4.png");
&ref("./jitsimeet-inst5.png");
&ref("./jitsimeet-inst6.png");
''Noを選択''
[ダイヤルイン サポートを会議に簡単に追加できます。~
無料の JaaS (Jitsi as a Service) アカウントを作成する許可...
Jitsi ミーティングにテレフォニーを追加することに興味があ...
***nginxのipv6のPort80, 443をコメントアウト [#t6455399]
-/etc/nginx/sites-available/meet.ism21.net.conf
server {
listen 80;
## listen [::]:80; ←ここ
server_name meet.ism21.net;
server {
listen 443 ssl;
## listen [::]:443 ssl; ←ここ
server_name meet.ism21.net;
-nginxの再起動と確認
# systemctl restart nginx
# systemctl status nginx
● nginx.service - A high performance web server and a re...
Loaded: loaded (/lib/systemd/system/nginx.service; ...
Active: active (running) since Tue 2022-10-25 11:42...
Docs: man:nginx(8)
(略)
***jitsimeetのインストール確認 [#ob911761]
# apt list --installed | grep jitsi
WARNING: apt does not have a stable CLI interface. Use w...
jitsi-meet-prosody/stable,now 1.0.6644-1 all [installed,...
jitsi-meet-web-config/stable,now 1.0.6644-1 all [install...
jitsi-meet-web/stable,now 1.0.6644-1 all [installed,auto...
jitsi-meet/stable,now 2.0.7882-1 all [installed]
jitsi-videobridge2/stable,now 2.2-45-ge8b20f06-1 all [in...
lua-basexx/stable,now 0.4.1-jitsi1 all [installed,automa...
lua-cjson/stable,now 2.1.0.10-jitsi1 amd64 [installed,au...
''jitsi-meetインストール完了''
**Let’s Encryptの証明書の取得 [#f8959e84]
サーバをインターネットからport80とport443でアクセス可能に...
# cd /usr/share/jitsi-meet/scripts
# ./install-letsencrypt-cert.sh
--------------------------------------------------------...
This script will:
- Need a working DNS record pointing to this machine(for...
- Install additional dependencies in order to request Le...
- Configure and reload nginx or apache2, whichever is used
- Configure the coturn server to use Let's Encrypt certi...
- Configure renew of certificate
(略)
[Tue Oct 25 12:02:23 PM JST 2022] Installing key to: /et...
[Tue Oct 25 12:02:23 PM JST 2022] Installing full chain ...
[Tue Oct 25 12:02:23 PM JST 2022] Run reload cmd: system...
[Tue Oct 25 12:02:23 PM JST 2022] Reload success
***証明書のフィンガープリントの確認 [#n983f05a]
以下のファインガープリントとブラウザの証明書と一致する。
# openssl x509 -sha1 -fingerprint -noout -in meet.ism21....
sha1 Fingerprint=B2:02:31:C5:40:A0:64:56:BB:9F:D0:8D:BE:...
# openssl x509 -sha256 -fingerprint -noout -in meet.ism2...
sha256 Fingerprint=0A:F6:50:3D:52:43:72:65:C2:B9:7A:9A:B...
&ref("./fingerprint.png");
**証明書自動更新のためcertbotのインストール [#f578ea96]
Jitsi-meetのインストールで証明書は取得しているので、自動...
***インストール [#ud1f0af8]
# apt -y install certbot
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
(略)
-インストール後certbot.timerが起動してるか確認
# systemctl status certbot.timer
● certbot.timer - Run certbot twice daily
Loaded: loaded (/lib/systemd/system/certbot.timer; ...
Active: active (waiting) since Wed 2022-10-26 11:02...
Trigger: Wed 2022-10-26 14:52:34 JST; 3h 49min left
Triggers: ● certbot.service
Oct 26 11:02:34 vmmeeting systemd[1]: Started Run certbo...
インストールした certbotパッケージは、systemdタイマーを追...
***次回実行時間の確認 [#iff07611]
-Wed 2022-10-26 14:52:34 JST に実行 3h 47min 後
# systemctl list-timers
NEXT LEFT LAST ...
Wed 2022-10-26 12:11:45 JST 1h 6min left Tue 2022-10-25...
Wed 2022-10-26 12:59:51 JST 1h 54min left Tue 2022-10-25...
Wed 2022-10-26 14:52:34 JST 3h 47min left n/a ...
Wed 2022-10-26 14:58:26 JST 3h 52min left Tue 2022-10-25...
Wed 2022-10-26 17:34:50 JST 6h left Wed 2022-10-26...
Wed 2022-10-26 21:45:36 JST 10h left Tue 2022-10-25...
(略)
**WEB会議の作成できるユーザーをID、Passwordで制限する設定...
-/etc/prosody/conf.avail/meet.ism21.net.cfg.lua
VirtualHost "meet.ism21.net"
-- authentication = "jitsi-anonymous" -- do not delet...
authentication = "internal_plain" ←追加
-- Properties below are modified by jitsi-meet-tokens...
-- and authentication above is switched to "token"
(略)
main_muc = "conference.meet.ism21.net"
-- muc_lobby_whitelist = { "recorder.meet.ism21.net"...
---Add to JE2ISM ----
VirtualHost "guest.meet.ism21.net"
authentication = "anonymous"
c2s_require_encryption = false
---ここまで----------
Component "conference.meet.ism21.net" "muc"
restrict_room_creation = true
(略)
Component "metadata.meet.ism21.net" "room_metadata_compo...
muc_component = "conference.meet.ism21.net"
breakout_rooms_component = "breakout.meet.ism21.net"
[最終行に追加]
-- Edit By JE2ISM
VirtualHost "guest.meet.ism21.net"
authentication = "anonymous"
c2s_require_encryption = falseroot@vmmeeting:/e...
-/etc/jitsi/meet/meet.ism21.net-config.js
hosts: {
// XMPP domain.
domain: 'meet.ism21.net',
// Add by JE2ISM
anonymousdomain: 'guest.meet.ism21.net',
// When using authentication, domain for guest u...
// anonymousdomain: 'guest.example.com',
以下のファイルが無いときは作成し、存在するときは最終行に...
-/etc/jitsi/jicofo/sip-communicator.properties
org.jitsi.jicofo.auth.URL=XMPP:meet.ism21.net
**ユーザ登録方法 [#h0a09954]
# prosodyctl adduser okada@meet.ism21.net
Enter new password:
Retype new password:
**jitsiMeetサービス再起動 [#b211f188]
# systemctl restart jicofo
# systemctl restart prosody
# systemctl restart jitsi-videobridge2.service
''ブラウザ、スマホで確認''
終了行:
*JitsiMeet Ubuntu22.04LTS [#kf968178]
RIGHT:更新日&lastmod();
RIGHT:作成日:2022年10月26日
iPadからPCに画像が送れないという現象が出たので、この機会...
**インストール環境 [#x2e5e9b6]
-Ubuntu22.04LTS(ISO:ubuntu-22.04.1-live-server-amd64.iso)
-jitsi-meet:2.0.7882
**Ubuntuのインストール [#r182d018]
インストール開始時言語は「English」を選択
&ref("./ubuntu-inst1.png");
&ref("./ubuntu-inst2.png");
-GWはWAN側だけ指定、LAN側は空白
&ref("./ubuntu-inst3.png");
&ref("./ubuntu-inst4.png");
-Proxyは空欄
&ref("./ubuntu-inst5.png");
-Mirror address、ストレージはデフォルト
&ref("./ubuntu-inst6.png");
&ref("./ubuntu-inst7.png");
&ref("./ubuntu-inst8.png");
&ref("./ubuntu-inst9.png");
-sshサーバをインストール(Enterで「X」が入る)
&ref("./ubuntu-inst10.png");
-追加パッケージはなし
&ref("./ubuntu-inst11.png");
-再起動
-インストール開始
**Ubuntuの設定 [#dd4f4f42]
***rootのパスワード設定 [#kdad5a71]
$ sudo passwd root
***ipv6停止 [#n483e638]
-/etc/default/grub
RUB_TIMEOUT_STYLE=hidden
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo...
GRUB_CMDLINE_LINUX_DEFAULT=""
GRUB_CMDLINE_LINUX="ipv6.disable=1" ←ipv6.disable=1を追加
-grubのアップデート
# update-grub
Sourcing file `/etc/default/grub'
Sourcing file `/etc/default/grub.d/init-select.cfg'
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-5.4.0-65-generic
Found initrd image: /boot/initrd.img-5.4.0-65-generic
done
-再起動
# reboot
-以下のコマンドで何も表示しなことを確認
# ip -6 a
***NTP クライアントの設定 [#p407b916]
''設定ファイル''
-/etc/systemd/timesyncd.conf
#
# See timesyncd.conf(5) for details.
[Time]
#NTP=
NTP=ntp.nict.jp ← NTPサーバ追加
#FallbackNTP=ntp.ubuntu.com
#RootDistanceMaxSec=5
-NTPサービスの再起動と確認
# systemctl restart systemd-timesyncd
# systemctl status systemd-timesyncd
● systemd-timesyncd.service - Network Time Synchronization
Loaded: loaded (/lib/systemd/system/systemd-timesyn...
Active: active (running) since Mon 2022-10-24 05:37...
Docs: man:systemd-timesyncd.service(8)
Main PID: 14614 (systemd-timesyn)
Status: "Initial synchronization to time server 133...
Tasks: 2 (limit: 6985)
Memory: 1.3M
CPU: 109ms
CGroup: /system.slice/systemd-timesyncd.service
mq14614 /lib/systemd/systemd-timesyncd
***Time ZoneをJSTに変更 [#e1c61a04]
-現在のZoneの確認
# timedatectl
Local time: Mon 2022-10-24 05:39:38 UTC
Universal time: Mon 2022-10-24 05:39:38 UTC
RTC time: Mon 2022-10-24 05:39:38
Time zone: Etc/UTC (UTC, +0000)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
-JSTに変更
# timedatectl set-timezone Asia/Tokyo
-変更を確認
# timedatectl
Local time: Mon 2022-10-24 14:41:01 JST ...
Universal time: Mon 2022-10-24 05:41:01 UTC
RTC time: Mon 2022-10-24 05:41:00
Time zone: Asia/Tokyo (JST, +0900) ...
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
***ファイアウォールの設定 [#x39b78c4]
-Iptableが起動していない確認
# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
-ファイアウォールでTCPの22,80,443、およびUDPの10000-20000...
# ufw status
Status: inactive
-ファイアーウォールを有効化
# ufw enable
Command may disrupt existing ssh connections. Proceed wi...
[ファイアウォールはアクティブかつシステムの起動時に有効...
Firewall is active and enabled on system startup
# ufw allow in ssh
Rule added
# ufw allow in 80/tcp
Rule added
# ufw allow in 443/tcp
Rule added
# ufw allow in 10000:20000/udp
Rule added
-ファイアウォールでアクセス許可元IPを設定する
# ufw allow from 192.168.0.0/24 to any port ssh
Rule added
-ファイアウォールの確認
# ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
10000:20000/udp ALLOW Anywhere
22/tcp ALLOW 192.168.0.0/24
***jitsimeetのリポジトリを登録 [#mec47d99]
# cd ~okada
# wget https://download.jitsi.org/jitsi-key.gpg.key
--2022-10-24 14:58:11-- https://download.jitsi.org/jits...
Resolving download.jitsi.org (download.jitsi.org)... 34....
Connecting to download.jitsi.org (download.jitsi.org)|34...
HTTP request sent, awaiting response... 200 OK
Length: 3114 (3.0K) [application/octet-stream]
Saving to: ‘jitsi-key.gpg.key’
jitsi-key.gpg.key 100%[===================>] 3.04K ...
2022-10-24 14:58:12 (759 MB/s) - ‘jitsi-key.gpg.key’ sav...
-Keyのダウンロードを確認
# ls
jitsi-key.gpg.key
-Keyの登録
# apt-key add jitsi-key.gpg.key
Warning: apt-key is deprecated. Manage keyring files in ...
OK
-リポジトリ追加
/etc/apt/sources.list.d/jitsi-stable.listを作成し、以下の...
deb https://download.jitsi.org stable/
# apt update
# apt upgrade
以下の画面が表示されたら「OK」を選択する
&ref("./ubuntu-update.png");
Ubuntu 22.04 LTS には needrestart というパッケージが入っ...
-上記の確認をなくす方法(未確認)
# echo "\$nrconf{restart} = 'a';" | sudo tee /etc/needre...
#cat /etc/needrestart/conf.d/50local.conf
$nrconf{restart} = 'a';
**nginxインストール [#je4109ce]
以下でインストールは出来るが起動に失敗する。ipv6を停止し...
# apt install nginx
(略)
invoke-rc.d: initscript nginx, action "start" failed.
× nginx.service - A high performance web server and a re...
Loaded: loaded (/lib/systemd/system/nginx.service; ...
Active: failed (Result: exit-code) since Mon 2022-1...
Docs: man:nginx(8)
Process: 15889 ExecStartPre=/usr/sbin/nginx -t -q -g...
CPU: 15ms
Oct 24 15:07:00 vmmeeting systemd[1]: Starting A high pe...
Oct 24 15:07:00 vmmeeting nginx[15889]: nginx: [emerg] s...
Oct 24 15:07:00 vmmeeting nginx[15889]: nginx: configura...
(最終行)
dpkg: error processing package nginx (--configure):
dependency problems - leaving unconfigured
Processing triggers for ufw (0.36.1-4build1) ...
No apport report written because the error message indic...
Processing triggers for man-db...
Processing triggers for libc-bin (2.35-0ubuntu3.1) ...
Errors were encountered while processing:
nginx-core
nginx
needrestart is being skipped since dpkg has failed
E: Sub-process /usr/bin/dpkg returned an error code (1)
&color(red){''エラー対応''};
IPv6を停止したため発生したようなのでIPv6の部分をコメント...
-/etc/nginx/sites-available/default
server {
listen 80 default_server;
## listen [::]:80 default_server; ←コメントアウト
# SSL configuration
(略)
***nginxを起動 [#oa2b1b80]
# systemctl start nginx
root@vmmeeting:/etc/nginx/sites-available# systemctl sta...
● nginx.service - A high performance web server and a re...
Loaded: loaded (/lib/systemd/system/nginx.service; ...
Active: active (running) since Mon 2022-10-24 15:17...
Docs: man:nginx(8) ←起動確認
Process: 16050 ExecStartPre=/usr/sbin/nginx -t -q -g...
Process: 16051 ExecStart=/usr/sbin/nginx -g daemon o...
Main PID: 16052 (nginx)
Tasks: 9 (limit: 6985)
(略)
**JDKのインストール [#fd676940]
# apt install -y openjdk-8-jre-headless
***確認 [#a14f970d]
# dpkg -l | grep openjdk
ii openjdk-11-jre-headless:amd64 11.0.16+8-0ubu...
ii openjdk-8-jre-headless:amd64 8u342-b07-0ubu...
**Jitsi-Meetのインストール [#l821117c]
# apt install -y jitsi-meet
&ref("./jitsimeet-inst1.png");
&ref("./jitsimeet-inst2.png");
''「Let's Encrrypt certificates」を選択
&ref("./jitsimeet-inst3.png");
&ref("./jitsimeet-inst4.png");
&ref("./jitsimeet-inst5.png");
&ref("./jitsimeet-inst6.png");
''Noを選択''
[ダイヤルイン サポートを会議に簡単に追加できます。~
無料の JaaS (Jitsi as a Service) アカウントを作成する許可...
Jitsi ミーティングにテレフォニーを追加することに興味があ...
***nginxのipv6のPort80, 443をコメントアウト [#t6455399]
-/etc/nginx/sites-available/meet.ism21.net.conf
server {
listen 80;
## listen [::]:80; ←ここ
server_name meet.ism21.net;
server {
listen 443 ssl;
## listen [::]:443 ssl; ←ここ
server_name meet.ism21.net;
-nginxの再起動と確認
# systemctl restart nginx
# systemctl status nginx
● nginx.service - A high performance web server and a re...
Loaded: loaded (/lib/systemd/system/nginx.service; ...
Active: active (running) since Tue 2022-10-25 11:42...
Docs: man:nginx(8)
(略)
***jitsimeetのインストール確認 [#ob911761]
# apt list --installed | grep jitsi
WARNING: apt does not have a stable CLI interface. Use w...
jitsi-meet-prosody/stable,now 1.0.6644-1 all [installed,...
jitsi-meet-web-config/stable,now 1.0.6644-1 all [install...
jitsi-meet-web/stable,now 1.0.6644-1 all [installed,auto...
jitsi-meet/stable,now 2.0.7882-1 all [installed]
jitsi-videobridge2/stable,now 2.2-45-ge8b20f06-1 all [in...
lua-basexx/stable,now 0.4.1-jitsi1 all [installed,automa...
lua-cjson/stable,now 2.1.0.10-jitsi1 amd64 [installed,au...
''jitsi-meetインストール完了''
**Let’s Encryptの証明書の取得 [#f8959e84]
サーバをインターネットからport80とport443でアクセス可能に...
# cd /usr/share/jitsi-meet/scripts
# ./install-letsencrypt-cert.sh
--------------------------------------------------------...
This script will:
- Need a working DNS record pointing to this machine(for...
- Install additional dependencies in order to request Le...
- Configure and reload nginx or apache2, whichever is used
- Configure the coturn server to use Let's Encrypt certi...
- Configure renew of certificate
(略)
[Tue Oct 25 12:02:23 PM JST 2022] Installing key to: /et...
[Tue Oct 25 12:02:23 PM JST 2022] Installing full chain ...
[Tue Oct 25 12:02:23 PM JST 2022] Run reload cmd: system...
[Tue Oct 25 12:02:23 PM JST 2022] Reload success
***証明書のフィンガープリントの確認 [#n983f05a]
以下のファインガープリントとブラウザの証明書と一致する。
# openssl x509 -sha1 -fingerprint -noout -in meet.ism21....
sha1 Fingerprint=B2:02:31:C5:40:A0:64:56:BB:9F:D0:8D:BE:...
# openssl x509 -sha256 -fingerprint -noout -in meet.ism2...
sha256 Fingerprint=0A:F6:50:3D:52:43:72:65:C2:B9:7A:9A:B...
&ref("./fingerprint.png");
**証明書自動更新のためcertbotのインストール [#f578ea96]
Jitsi-meetのインストールで証明書は取得しているので、自動...
***インストール [#ud1f0af8]
# apt -y install certbot
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
(略)
-インストール後certbot.timerが起動してるか確認
# systemctl status certbot.timer
● certbot.timer - Run certbot twice daily
Loaded: loaded (/lib/systemd/system/certbot.timer; ...
Active: active (waiting) since Wed 2022-10-26 11:02...
Trigger: Wed 2022-10-26 14:52:34 JST; 3h 49min left
Triggers: ● certbot.service
Oct 26 11:02:34 vmmeeting systemd[1]: Started Run certbo...
インストールした certbotパッケージは、systemdタイマーを追...
***次回実行時間の確認 [#iff07611]
-Wed 2022-10-26 14:52:34 JST に実行 3h 47min 後
# systemctl list-timers
NEXT LEFT LAST ...
Wed 2022-10-26 12:11:45 JST 1h 6min left Tue 2022-10-25...
Wed 2022-10-26 12:59:51 JST 1h 54min left Tue 2022-10-25...
Wed 2022-10-26 14:52:34 JST 3h 47min left n/a ...
Wed 2022-10-26 14:58:26 JST 3h 52min left Tue 2022-10-25...
Wed 2022-10-26 17:34:50 JST 6h left Wed 2022-10-26...
Wed 2022-10-26 21:45:36 JST 10h left Tue 2022-10-25...
(略)
**WEB会議の作成できるユーザーをID、Passwordで制限する設定...
-/etc/prosody/conf.avail/meet.ism21.net.cfg.lua
VirtualHost "meet.ism21.net"
-- authentication = "jitsi-anonymous" -- do not delet...
authentication = "internal_plain" ←追加
-- Properties below are modified by jitsi-meet-tokens...
-- and authentication above is switched to "token"
(略)
main_muc = "conference.meet.ism21.net"
-- muc_lobby_whitelist = { "recorder.meet.ism21.net"...
---Add to JE2ISM ----
VirtualHost "guest.meet.ism21.net"
authentication = "anonymous"
c2s_require_encryption = false
---ここまで----------
Component "conference.meet.ism21.net" "muc"
restrict_room_creation = true
(略)
Component "metadata.meet.ism21.net" "room_metadata_compo...
muc_component = "conference.meet.ism21.net"
breakout_rooms_component = "breakout.meet.ism21.net"
[最終行に追加]
-- Edit By JE2ISM
VirtualHost "guest.meet.ism21.net"
authentication = "anonymous"
c2s_require_encryption = falseroot@vmmeeting:/e...
-/etc/jitsi/meet/meet.ism21.net-config.js
hosts: {
// XMPP domain.
domain: 'meet.ism21.net',
// Add by JE2ISM
anonymousdomain: 'guest.meet.ism21.net',
// When using authentication, domain for guest u...
// anonymousdomain: 'guest.example.com',
以下のファイルが無いときは作成し、存在するときは最終行に...
-/etc/jitsi/jicofo/sip-communicator.properties
org.jitsi.jicofo.auth.URL=XMPP:meet.ism21.net
**ユーザ登録方法 [#h0a09954]
# prosodyctl adduser okada@meet.ism21.net
Enter new password:
Retype new password:
**jitsiMeetサービス再起動 [#b211f188]
# systemctl restart jicofo
# systemctl restart prosody
# systemctl restart jitsi-videobridge2.service
''ブラウザ、スマホで確認''
ページ名:
![[PukiWiki]](image/../localimages/Atom.gif "[PukiWiki]")
