Categories
Uncategorized

Jitsi private video conferencing on synology NAS

In these days of physical isolation I wanted to spend my free time to check and implement a videoconferencing solution for my private use.

After googling I found Jitsi and in few minutes I was able to setup a test environment on my computer using docker.

I wanted to implement this on my Synology NAS (DS918) using docker containers. All explanations below are coming from the Jitsi github page, with a little customization to fit my needs.

I assume that you are familiar with docker, SSH access & certificate installation/request.

You need to download the file https://github.com/jitsi/docker-jitsi-meet/archive/master.zip

Upload and extract on your NAS the content of the zip file. In my installation it is the folder /volume1/docker

Open an SSH console to your NAS

Go to the folder you just created it will be something like:

cd /volume1/docker/docker-jitsi-meet-master

Copy the environment file:

cp env.example .env

Set strong passwords:

./gen-passwords.sh

Create a folder where to store the configuration files:

mkdir /volume1/docker/docker-jitsi-config/

mkdir -p /volume1/docker/docker-jitsi-config/{web/letsencrypt,transcripts,prosody/config,prosody/prosody-plugins-custom,jicofo,jvb,jigasi,jibri}

Edit the .env file and change the line CONFIG=~/.jitsi-meet-cfg to CONFIG=/volume1/docker/docker-jitsi-config

Enable authentication, guest access and internal authentication:

ENABLE_AUTH=1

ENABLE_GUESTS=1

AUTH_TYPE=internal

Customize the lines related to your environment and the docker host IP (your NAS interface). I use afraid DNS route my personal domain to my NAS public IP.

PUBLIC_URL=https://meet.mydomain.com

DOCKER_HOST_ADDRESS=192.168.X.X

You can now create and run the docker containers:

docker-compose up -d

To protect access to your meeting solution connect to the prosody container:

docker exec -it docker-jitsi-meet-master_prosody_1 /bin/bash

and create register your user:
prosodyctl --config /config/prosody.cfg.lua register TheDesiredUsername meet.jitsi TheDesiredPassword

You can use the Synology NAS reverse proxy to redirect your domain HTTPS to your container on port 8443 (Application Portal > Reverse Proxy > Create). This is mandatory to have a fully working solution. (avoiding problem with video content)

You need also to generate a certificate and install it on your NAS (Security > Certificates > Create)

I use a letsencrypt certificate but you can also import one.

Configure the certificate to be presented for meet.mydomain.com (Security > Certificates > Configure)

After completing these steps you should have a working private videoconferencing solution, with authenticated host and guest access activated on your Synology NAS.

9 Sept. 2020 – Edited after Mchl Grdlv comments.

11 replies on “Jitsi private video conferencing on synology NAS”

Hi,

this looks for me very interesting: I’m having a Synology DS920+, used for our Cohousing.

I’m looking for a video-conference solution on which the (audio and video) data does not go over the Internet, but stays on our local-LAN, when the participating-user is working from the local-LAN.

I would like to try what you have explained in this post. But I assume after reading the article briefly (need to read in more details), that the traffic just stays on the Local-LAN ?

Thanks for your answer

Hi, I’m trying to install. I’m on the step to “protect access to your meeting solution connect to the prosody container:

I can successfully execute :

docker exec -it docker-jitsi-meet-master_prosody_1 /bin/bash

But on the command

prosodyctl –config /config/prosody.cfg.lua register meet.jitsi

I have an error :

**************************
Prosody was unable to find the configuration file.
We looked for: /etc/prosody/prosody.cfg.lua
A sample config file is included in the Prosody download called prosody.cfg.lua.dist
Copy or rename it to prosody.cfg.lua and edit as necessary.
More help on configuring Prosody can be found at https://prosody.im/doc/configure
Good luck!
**************************

I see there is no directory /etc/prosody

Do I have to install something about prosody, prior to execute this step ?

Many thanks, Eddy

Thanks. Now I have that error anymore. But now I have another error:

The given hostname does not exist in the config

I’m new to Jitsi and Prosody (and as well to Docker). I read many pages of the Prosody-manuals in the last hours. And I will do more.

What I understand from now is that the error I have has probably to do with the host-name I mentioned in my command. I have used first was :

prosodyctl –config /config/prosody.cfg.lua register meet.jitsi

Then I thought I had to use, as hostname, the one I specified in the variable PUBLIC_URL in the .env file.

I have set PUBLIC_URL as : https://meet.MyDomainName.be

So, I had used, as command:

prosodyctl –config /config/prosody.cfg.lua register meet.MyDomainName.be

Then I have another error:

The given hostname does not exist in the config

Which makes me believe my errors have indeed to see with the host-name.

I searched in several documentation-pages what they mean by that host-name in the “prosodyctl” command. But I cannot really find it.

Your help would be much appreciated

Many thanks!
Eddy

Hi , I was able to install it. The error I made is that I forgot to uncomment

ENABLE_AUTH=1
ENABLE_GUESTS=1
AUTH_TYPE=internal

in the .env file . So my bad 🙁

Now I was able to complete the installation. I see the dockers running in the docker=package-center on my Synology DS920+

But now I’m struggling with the URL’s. In your instructions, you mentioned, as example :

PUBLIC_URL=https://meet.mydomain.com

My NAS, which is accessible from the Internet, has (sub)domain-name :
nas..be

Ideally, I would like to have. for this Jitsi-application, the sub-domain :
meet..be

But I guess this will not be possible, isn’t it ? As all https-traffic (port 443) traffic , initiated by somebody on the internet will go to port 5001 (Synology DSM). This because my router has a NAT-translation from the public IP-address of my NAS (port 443) to the internal IP-address (192.168.1.207) of my NAS (port 5001).

Maybe I’m wrong , but is the only way to have the Jitsi on my NAS accessible from the internet, is to register a new domain-name ?

Also : apart from the access from Internet, I had expected that I could see the Jitsi-pages (application), by going (on my local-PC, same LAN as my Synology) ) to https://192.168.1.207:8443 . But that does not work at all. Should that not work ?

Hi,

external access:
You need to declare the meet..be as a cname for your domain, then the reverse proxy configuration should redirect the traffic to your docker container based on the domain name.

For the internal access
Did you also put DOCKER_HOST_ADDRESS=192.168.1.207 in the .env file?
what do you get with the command below?
telnet 192.168.1.207 8443

Cheers

Aho, ok, I will setup a CNAME. Once replicated after some hours, I will test.

About the Telnet to port 8443 : I had tried that already before : it’s working, but it’s getting closed immediately. Normally, with a telnet to a port, and when it works, you get connected and the screen stays black, until you hit -Z

Here, it connects, but closes immediately (so I get the command-prompt again). Which looks for me something is wrong

Leave a Reply

Your email address will not be published. Required fields are marked *