lxc-create -t download -n jitsimeet -- -d debian -r buster -a amd64
Mise à jour du fichier de configuration LXC pour la partie réseau
vim /var/lib/lxc/jitsimeet/config ... # Network configuration lxc.net.0.type = veth lxc.net.0.link = br0 lxc.net.0.flags = up lxc.net.0.name = eth0 lxc.net.0.hwaddr = XX:XX:XX:XX:XX:XX lxc.net.0.ipv4.address = x.y.z.t/32 lxc.net.0.ipv4.gateway = a.b.c.d lxc.net.0.ipv6.address = 2001:41d0:.../64 lxc.net.0.ipv6.gateway = 2001:41d0:...
Démarrage et raccordement
lxc-start -n jitsimeet lxc-attach -n jitsimeet
Modification réseau, ajout des serveurs de noms
vim /etc/network/interfaces auto eth0 iface eth0 inet manual
vim /etc/resolv.conf nameserver 213.186.33.99 nameserver 8.8.8.8
dpkg-reconfigure locales apt install sudo wget man bash-completion gpg less bind9-host inetutils-ping vim /etc/bash.bashrc # Décommenter les lignes concernant bash-completion source /etc/bash.bashrc wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add - sudo sh -c "echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list" apt update apt -y install jitsi-meet # Renseigner le domaine à créer
vim /etc/hosts 127.0.1.1 visio.example.com visio
hostname visio hostname --fqdn
Installation des certificats letsencrypt
apt install python-certbot-nginx nginx -s stop certbot certonly -d visio.example.com vim /etc/nginx/sites-enabled/visio.example.com.conf #Remplacer les certificats auto-signés par les certificats LE ssl_certificate_key /etc/letsencrypt/live/visio.example.com/privkey.pem; ssl_certificate /etc/letsencrypt/live/visio.example.com/fullchain.pem; vim /etc/letsencrypt/renewal/visio.example.com.conf nginx -s reload
Activer l'authentification
vim /etc/prosody/conf.avail/visio.example.com.cfg.lua VirtualHost "visio.example.com" -- enabled = false -- Remove this line to enable this host authentication = "internal_hashed" ... VirtualHost "guest.visio.example.com" authentication = "anonymous" c2s_require_encryption = false ...
vim /etc/jitsi/meet/visio.example.com-config.js anonymousdomain: 'guest.visio.example.com', ... <code> echo "org.jitsi.jicofo.auth.URL=XMPP:visio.example.com" >> /etc/jitsi/jicofo/sip-communicator.properties
Certificats pour Prosody
prosodyctl --root cert import /etc/letsencrypt/live service prosody restart
Renouvellement des certificats Prosody
vim /etc/letsencrypt/renewal-hooks/post/00-prosody-auth.sh #!/bin/bash prosodyctl --root cert import /etc/letsencrypt/live service prosody restart chmod +x /etc/letsencrypt/renewal-hooks/post/00-prosody-auth.sh
Enregistrer un utilisateur (modérateur)
prosodyctl register user visio.example.com service prosody restart