:::

20. 安裝Jitsi meet

  1. 先設好DNS,底下以 meet.lces.tn.edu.tw 網域為例,伺服器用 nginx,先安裝好 cert-bot,以便安裝憑證。
  2. 安裝必要套件
    apt install gnupg

     

  3. 安裝 Jitsi repository key
    wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -

     

  4. 添加套件來源
    sh -c "echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list"

     

  5. 更新套件庫
    apt-get -y update

     

  6. 安裝 Jitsi Meet
    apt-get -y install jitsi-meet

     

  7. 安裝憑證
    /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

    若裝不起來請用

    cert-bot --nginx

     

  8. 修改設定檔
    vi /etc/nginx/sites-available/default
    server_names_hash_bucket_size 64;
    
    server {
        listen 80;
        listen [::]:80;
        server_name meet.lces.tn.edu.tw;
    
        location ^~ /.well-known/acme-challenge/ {
           default_type "text/plain";
           root         /usr/share/jitsi-meet;
        }
        location = /.well-known/acme-challenge/ {
           return 404;
        }
        location / {
           return 301 https://$host$request_uri;
        }
    }
    server {
        listen 443 ssl;
        listen [::]:443 ssl;
        server_name meet.lces.tn.edu.tw;
    
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED";
        
        add_header Strict-Transport-Security "max-age=31536000";
    
        ssl_certificate /etc/letsencrypt/live/meet.lces.tn.edu.tw/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/meet.lces.tn.edu.tw/privkey.pem; # managed by Certbot
    
        root /usr/share/jitsi-meet;
    
        # ssi on with javascript for multidomain variables in config.js
        ssi on;
        ssi_types application/x-javascript application/javascript;
    
        index index.html index.htm;
        error_page 404 /static/404.html;
    
        gzip on;
        gzip_types text/plain text/css application/javascript application/json;
        gzip_vary on;
    
        location = /config.js {
            alias /etc/jitsi/meet/meet.lces.tn.edu.tw-config.js;
        }
    
        location = /external_api.js {
            alias /usr/share/jitsi-meet/libs/external_api.min.js;
        }
    
        #ensure all static content can always be found first
        location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$
        {
            add_header 'Access-Control-Allow-Origin' '*';
            alias /usr/share/jitsi-meet/$1/$2;
        }
    
        # BOSH
        location = /http-bind {
            proxy_pass      http://localhost:5280/http-bind;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header Host $http_host;
        }
    
        # xmpp websockets
        location = /xmpp-websocket {
            proxy_pass http://127.0.0.1:5280/xmpp-websocket?prefix=$prefix&$args;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header Host $http_host;
            tcp_nodelay on;
        }
    
        location ~ ^/([^/?&:'"]+)$ {
            try_files $uri @root_path;
        }
    
        location @root_path {
            rewrite ^/(.*)$ / break;
        }
    
        location ~ ^/([^/?&:'"]+)/config.js$
        {
           set $subdomain "$1.";
           set $subdir "$1/";
    
           alias /etc/jitsi/meet/meet.lces.tn.edu.tw-config.js;
        }
    
        #Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
        location ~ ^/([^/?&:'"]+)/(.*)$ {
            set $subdomain "$1.";
            set $subdir "$1/";
            rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
        }
    
        # BOSH for subdomains
        location ~ ^/([^/?&:'"]+)/http-bind {
            set $subdomain "$1.";
            set $subdir "$1/";
            set $prefix "$1";
    
            rewrite ^/(.*)$ /http-bind;
        }
    
        # websockets for subdomains
        location ~ ^/([^/?&:'"]+)/xmpp-websocket {
            set $subdomain "$1.";
            set $subdir "$1/";
            set $prefix "$1";
    
            rewrite ^/(.*)$ /xmpp-websocket;
        }
    }
    

     

  9. 重啟伺服器
    systemctl restart nginx

     

  10. 大功告成~

:::

書籍目錄

展開 | 闔起

https%3A%2F%2Fcampus-xoops.tn.edu.tw%2Fmodules%2Ftad_book3%2Fpage.php%3Ftbdsn%3D1557

計數器

今天: 611611611
昨天: 2027202720272027
總計: 7971652797165279716527971652797165279716527971652