In the current time of the Coronavirus (COVID-19) pandemic many more people are working and meeting online. Many of those people have moved to using Free services like Zoom and others; however those solutions have been prone to something called “zoombombing” where someone drops in on a meeting they weren’t invited to and disrupts the meeting (sometimes even NSFW!) As a result, it’s better to use a more private option for video conferencing. Thankfully, the Open Source project Jitsi provides software that you can easily use to build your own private video conferencing solution, and it’s extremely easy to get it up and running within Microsoft Azure!

What is Jitsi?

Jitsi is a multi-platform, open source, video conferencing solution. This project allows you to set up your own private video conferencing solution similar to what is more publicly available from other commercial video conferencing providers. This project is 100% free to use, open source, and WebRTC compatible.

As a video conferencing solution, it enables a few familiar features we’ve all grown accustomed to with other video conferencing services:

• Audio / Video
• Chat
• Password protected conference sessions
• Support for MANY simultaneously connected users

The Jitsi Meet project is the open source software that enables you to install your own secure, simple and scalable video conferencing solution that you use as a standalone app or embed in your own web applications. The Jitsi Meet client runs in your browser, without installing anything else on your computer, and can be tried out for free at https://meet.jit.si.

Install Jitsi on Microsoft Azure VM

Jitsi can be installed on a Linux VM with only a few steps, as much of the process is scripted / automated by the Jitsi project team (Go Open Source!). Hosting a service like this will require the use of an Ubuntu Linux server with Internet access, and the Microsoft Azure cloud makes this easily accessible to set up.

You can follow these steps to set up your own private Jitsi Video Conferencing solution within your own Azure Subscription:

1. Provision a new Ubuntu Server virtual machine (VM) in your Azure Subscription. At the time of writing this tutorial, the Ubuntu Server 18.04 LTS is the most recent long term support version supported within Azure, and is the version tested with these steps.
   
2. Once the VM has been provisioned, use the Azure Portal or your favorite CLI tool, to modify the Network Security Group Inbound Rules to open the following ports to the VM:
   • Port 22 – SSH (So you can remote to the server and install Jitsi)
   • Port 80 – HTTP
   • Port 443 – HTTPS
   • Port 10000 – Jitsi Videobridge
     
     
3. Go to the IP Address for the Virtual Machine, and configure the DNS name label so you have a DNS name that maps to the Virtual Machine, instead of just an IP Address. This is necessary since the IP Address is dynamic, and you will need to map the DNS name to your custom domain name later.
   
   
4. Go to your DNS Provider (such as GoDaddy, Hover, or others) and add a new CNAME record that maps to the DNS Name for your VM.
   
   In the above screenshot, you can see the DNS name for my VM is build5nines-jitsi.southcentralus.cloudapp.azure.com. In my DNS provider, I’ll create a CNAME record for the subdomain of jitsi.build5nines.com.
   
   
   
5. Connect to the Virtual Machine using SSH.
   
   This can be done directly in the Azure Portal using the Azure Cloud Shell, or even the Serial Console feature of VM management blade within the Azure Portal.
   
6. You’ll want to run the following commands using sudo. I recommend you open sudo shell using the sudo -s command, and use that to run the following commands below.
   
7. Run the following Bash script on the VM to install and setup Jisti. Be sure to replace the HOSTNAME and EMAIL values with the appropriate values for your environment.
   • HOSTNAME: This is your DNS hostname for your Jitsi server. Use your custom domain or subdomain that was configured (such as jitsi.build5nines.com), not the IP Address DNS name that was configured.
   • EMAIL: Your email address. This is used for the Let’s Encrypt configuration of the SSL / TLS certificate. Such as: chris@build5nines.com

# config variables
# BE SURE TO ENTER YOUR CUSTOM VALUES HERE
HOSTNAME="custom-domain-name-here"
EMAIL="your-email-address-here"

# set hostname
hostnamectl set-hostname $HOSTNAME
echo -e "127.0.0.1 localhost $HOSTNAME" >> /etc/hosts

# add Jitsi to sources
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -
sh -c "echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list"
apt update 
echo -e "DefaultLimitNOFILE=65000\nDefaultLimitNPROC=65000\nDefaultTasksMax=65000" >> /etc/systemd/system.conf
systemctl daemon-reload

# Configure Jits install
debconf-set-selections <<< $(echo 'jitsi-videobridge jitsi-videobridge/jvb-hostname string '$HOSTNAME)
debconf-set-selections <<< 'jitsi-meet-web-config   jitsi-meet/cert-choice  select  "Generate a new self-signed certificate"';

# Install Jitsi 
apt install -y jitsi-meet

# letsencrypt
echo $EMAIL | /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

Once you have completed the setup steps to install Jitsi on your Ubuntu Linux VM in Azure, and configured your custom domain name, you will be able to navigate your browser to your custom domain name. This will enable you, or anyone else on your team, to access the Jitsi Meet web client and begin video conferencing on your own private hosted video conferencing solution!

In my example used in the steps above, I would be able to access jitsi.build5nines.com as my video conferencing server. FYI, I used this DNS subdomain as an example for this article, but it’s not a live site for you to use.

Secure Jitsi Meeting with Password

Once you have your own private Jitsi server setup to host your own private video conferences, you will want to make sure you and your users setup a password to protect each conference session / meeting.

You can do this by following a couple easy steps within the Jitsi Meet web interface:

1. In the lower right corder of the Jitsi Meet web interface, click the information button / icon.
2. On the Share popup you will find the Link you can copy to invite people to your meeting.
3. Click on Add password here, then enter a password for the meeting, and press Enter.

Once a password has been set for the Jitsi meeting, all those looking to join the meeting will be asked for the password. This will keep out anyone who may know the meeting Link URL, but haven’t actually been invited.

Wrap Up

With a few short steps, and a little time (about 15-30 minutes) you’ll have your very own private video conferencing server up and running using Jitsi. Keep in mind the solutions described in this article will only setup a single VM server, so it wont be very high availability for enterprise scenarios. If you do need to add additional availability and resiliency to your own Jitsi solution, you’ll want to look deeper into the custom configurations and features within Jitsi.

In the age of privacy concerns and security vulnerabilities, it’s nice to know there is a relatively simple solution to setup like Jitsi to build your own video conferencing / meeting solution. Also, by using Microsoft Azure to host it, you don’t need to worry so much about having the compute resources or bandwidth necessary for hosting. Although, you’ll certainly want to keep tabs on your usage and consumption costs as streaming video will use more Internet bandwidth than other types of activities and you will need to pay for the bandwidth used.

I hope everyone is staying healthy during this Coronavirus (COVID-19) pandemic, and I hope this article helps you stay safe from a security perspective with your video conferencing / meeting needs. Also, if you are concerned about the security of Jitsi, it is open source so you can view the source code, or even contact the Jitsi community to find out more.

Happy remote working everyone!