Setting Up Jitsi and TURN With the Installer

Configure the Installer to install Jitsi and TURN

Prerequisites

Firewall

You will have to open the following ports to your microk8s host to enable coturn and jitsi :

For jitsi :

30301/tcp
30300/udp

For coturn, allow the following ports :

3478/tcp
3478/udp
5349/tcp
5349/udp

You will also have to allow the following port range, depending on the settings you define in coturn.ymlthe installer (see below) :

<coturn min port>-<coturn max port>/udp

DNS

The jitsi and coturn domain names must resolve to the VM access IP. You must not use host_aliases for these hosts to resolve to the private IP locally on your setup.

Coturn

~~Copy sample file from~~ config-sample/coturn/coturn.yml to
From the coturnInstaller's ~~sub-directory~~Integrations ~~within~~page, ~~your~~click ~~config~~"Install" ~~folder~~

under

~~Edit~~"Coturn".

For the coturn.yml presented by the installer, edit the file and ~~add~~ensure the following values :are set:
- coturn_fqdn: The access address to coturn. It should match something like coturn.<fqdn.tld>. It must resolves to the public-facing IP of the VM.
- shared_secret: A random value, you can generate it with pwgen 32
- min_port: The minimal UDP Port used by coturn for relaying UDP Packets, in range 32769-65535
- max_port: The maximum UDP Port used by coturn for relaying UDP Packets, in range 32769-65535

Further,

for the coturn_fqdn, you will need to provide certificates for the installer outside of the GUI. Please find your ~/.element-enterprise-server/config directory and create a directory called ~/.element-enterprise-server/config/legacy/certs under which to put a .crt/.key PEM encoded certificate for this fqdn. If your fqdn was coturn.airgap.local, your filenames would need to be coturn.airgap.local.crt and coturn.airgap.local.key. You will need to have these certeficate files in place before running the installer.

Jitsi

~~Copy sample file from~~ config-sample/jitsi/jitsi.yml to
From the jitsiInstaller's ~~sub-directory~~Integrations ~~within~~page, ~~your~~click ~~config~~"Install" ~~folder~~

under

~~Edit~~"Jitsi".

For the jitsi.yml presented by the installer, edit the file and ~~add~~ensure the following values :are set:
- jitsi_fqdn: The access address to jitsi. It should match something like jitsi.<fqdn.tld>. It must resolves to the public-facing IP of the VM.
- jicofo_auth_password: # a secret internal password for jicofo auth
- jicofo_component_secret: # a secret internal password for jicofo component
- jvb_auth_password: # a secret internal password for jvb
- helm_override_values: {} # if needed, to override helm settings automatically set by the installer
- timezone: Europe/Paris # The timezone in TZ format
- stun_servers: Needed if you don't setup coturn using the installer. Should be a yaml list of server:port entries. Example:
```
stun_servers: 
- ip:port
- ip:port
```

Further, for the jitsi_fqdn, you will need to provide certificates for the installer outside of the GUI. Please find your ~/.element-enterprise-server/config directory and create a directory called ~/.element-enterprise-server/config/legacy/certs under which to put a .crt/.key PEM encoded certificate for this fqdn. If your fqdn was jitsi.airgap.local, your filenames would need to be jitsi.airgap.local.crt and jitsi.airgap.local.key. You will need to have these certeficate files in place before running the installer.

Element

~~Copy~~

~~sample~~

~~file~~

Please ~~from~~ config-sample/element/jitsi.jsongo to the element"Element ~~sub-directory~~Web" ~~within~~page ~~your config folder~~

~~Edit~~of the ~~file~~installer, click on "Advanced" and add the following to "Additional Configuration":
```
{
  "jitsi": {
    "preferredDomain": "<jitsi_fqdn>"
  }
}
```
In the above text, you will want to replace <jitsi_fqdn> bywith the ~~value of jitsi~~actual fqdn.

~~Restart the install script once everyting is set.~~

Configure the installer to use an existing Jitsi instance

~~Create~~

~~file~~

Please ~~called~~go jitsi.json into the "Element ~/.element-onpremise-config/elementWeb" ~~directory.~~page

~~Edit~~of the ~~file~~installer, click on "Advanced" and add the following to "Additional Configuration":

{
      "jitsi": {
            "preferredDomain": "your.jitsi.example.org"
      }
}

replacing your.jitsi.example.org with the hostname of your Jitsi server.

You

~~Restart~~will need to re-run the ~~install~~installer ~~script~~

for

this change to take effect.

Configure the installer to use an existing Coturn instance

Follow the instructions here: https://ems-docs.element.io/books/element-on-premise-documentation/page/single-node-installations#bkmrk-turn-server