Installation of serverside components for video conferencing

This document describes the installation of Videoconferencing backend.

You will need a server with the latest stable Debian installed and you should be able to create DNS records for your chosen domain.

In this installation guide we will install the following items on the machine:

  • Jisti backend
  • Web UI frontend
  • Conference management server
  • SSO server

Different parts are distributed in different ways:

  • Jitsi backend: Debian packages, Luarocks packages, zip package.
  • Web UI frontend: zip package
  • Conference management server (and possibly SSO server): Our docker repository
  • videobridge (possibly multiple videobridge servers): Debian repository

The DNS names for this tutorial will be

  • for your backend
  • for Web UI frontend
  • for SSO

Videobridge does not need any DNS name.

Download the zipfile from Acrobits with some additional files. We will use them during installation.

This is the address of the zipfile:

Jitsi backend

Begin the installation by enabling our Debian repository


This step is the same as in the SIPIS installation guide.


You can use the official Jitsi repositories instead of our repository. We just keep the package version that is known to work.

wget -O - | apt-key add -

Create file /etc/apt/sources.list.d/Acrobits.list with

deb buster main

Start by installing the package jitsi-videobridge2. The installation will ask for your domain ( in this guide).

Stop and disable the jitsi-videobridge2 service using appropriate systemctl commands, unless you expect low traffic and wish to use the same machine for your videobridge.

Keep the files from /etc/jitsi/videobridge. You will need them later.

Then install the following packages:

  • jitsi-meet-prosody
  • jicofo
  • nginx
  • luarocks
  • liblua5.2-dev

Use luarocks to install packages basexx and net-url:

luarocks install basexx
luarocks install net-url

Additional files we will use in this section are from our Zip package in backend directory.

Apply the patch from the zip file. That is, run the following command:

patch /usr/lib/prosody/modules/muc/muc.lib.lua < muc_owner_allow_kick.patch

Replace file /usr/share/jitsi-meet/prosody-plugins/mod_token_verification.lua with the one from our zipfile.

Place file mod_muc_status.lua to /usr/share/jitsi-meet/prosody-plugins/.

Run luarocks make in luajwtjitsi directory from our ZIP file. This will install fixed version of luajwtjitsi package.

Open the prosody configuration file for your server: /etc/prosody/conf.d/


In the following steps, replace with your domain.

Add the following to the top of the file, just below plugin_paths:

admins = { "" }

Change cross_domain_bosh to true.

In section for your domain (VirtualHost "") set the following

authentication = "token"
asap_key_server = ""
enable_domain_verification = true

Also add the following modules to the modules_enabled section

  • presence_identity
  • muc_status

In the conference subdomain section (under Component "" "muc") set the same app_id and asap_key_server as in previous main section. Enable module token_verification and set restrict_room_creation = "local"

Get the TLS certificate for your domain ( in this guide) and for your auth subdomain ( Place the certificate (along with keys) into /etc/prosody/certs. You should have the following files there:


Make sure that the access rights of the certificates and keys are set so that prosody can access them.


auth subdomain is used for connection from videobridges to prosody. It is not strictly necessary to use valid certificate here, but if you use self signed certificate, you need to configure your videobridges to accept it.

Make sure that /etc/jitsi/jicofo/ contains

Place config.js file from our zipfile to /var/www/conferencing/config.js. Edit it and replace all occurences of with your domain. Also replace with the domain for your web UI.

The nginx configuration file for the backend is nginx_backend.conf. Place it into /etc/nginx/sites-enabled and edit the server name and paths to your certificates.

Restart services prosody, nginx and jicofo.

Conferencing management server

Conferencing management server is a service that controls access to your conference server. It uses a SSO server and an external authentication service to check the user’s credentials.

Start by installing Docker and Docker Compose. Then add our Docker registry.

docker login -u customer -p Aen1ieB5sh

There are three options for how to install conference management server:

# You do not have your own SSO server. # You have one but wish to run conference management server on a different machine # You have one and wish to run conference management server on the same machine

Without own SSO

In this section we will use files in conferencing-management/separate_sso directory in provided ZIP file.

Place a file application.yml to /etc/acrobits/conferencing_management/application.yml.

Create a directory (let’s call it conferencing somewhere on the server and place the file docker-compose.yml there. Then run docker-compose up -d in this directory. This should download the needed docker images and start them up.

Install nginx (using Debian package manager) and place nginx_conferencing.conf into /etc/nginx/sites-enabled/. Edit it and change the domain name and paths to the TLS certificate and key. Then reload the nginx configuration.

With own SSO on a different machine

The procedure is identical to the previous case. The only difference is that you need to edit the file /etc/acrobits/conferencing_management/application.yml and put the address of your SSO server there.

With SSO on the same machine

Find snippets of configuration files in with_sso directory.

Edit docker-compose.yml that you used for your current SSO and Contact server installation. Add an additional service section to it with the content from docker-compose.snip. Then run docker-compose up -d to start it.

Then edit the nginx configuration and add an additional location section with the content from nginx_conferencing.snip. Reload the nginx configuration.



This part is not yet available.

Install nginx from Debian packages.

Download the package with Web GUI. Unpack it into /var/www/conferencing/conferencing (you should have a file /var/www/conferencing/conferencing/index.html there).

Place ui.conf into /etc/nginx/sites-enabled and edit it to set the TLS certificate and the server name. Reload nginx.


Enable our Debian repository. Then install package jitsi-videobridge2.

Replace the file /etc/jitsi/videobridge/ with the one from your backend server and change the item org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME to a different random string (every videobridge needs to have a different MUC_NICKNAME). Restart the service jitsi-videobridge2.


You can use command uuid to generate a random nickname for your videobridge.