Config pointers for self-hosted server

[caewok]

Not a bug issue but rather some tips for setting up a self-hosted jitsi VM, after some long trial-and-error. Thought it might be helpful to users here.

I have set up a self-hosted server successfully both from an Ubuntu 20.04 VM and from Vultr's One-Click Jitsi app. The VTTA instructions are helpful, but in the end I did not follow their instructions for CORS or for enabling authentication (see below for how I did it). In both cases, I had to do the following:

Cloudflare DNS In order to generate the Let's Encrypt certificate, change the following beforehand in Cloudflare for your domain name:

• Set up DNS in cloudflare to point to jitsi server
• Change SSL/TLS to Flexible
• In Edge Certificates, turn off Always Use HTTPS

After you actually generate the Let's Encrypt certificate, you can revert these settings.

Firewall Before generating the Let's Encrypt certificate, allow ports 80 and 443:

sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw reload

You will also need to allow UDP ports for jitsi communications: sudo ufw allow 10000:20000/udp

CORS Foundry will fail to connect, logging CORS errors unless you switch the configuration to allow cross domains. Edit the Prosody configuration at /etc/prosody/config.avail/[DOMAIN].cfg.lua by adding or modifying: cross_domain_bosh = true

User authentication If you are using the Vultr one-click or a similar setup, follow those instructions to enable user authentication if you want. If you are installing from a Ubuntu VM, the instructions from the Jitsi Secure Domain setup worked for me. It is a bit simpler, however, to create users in Prosody by using sudo prosodytcl adduser username@DOMAINNAME.

Foundry settings In Foundry, your custom settings should look like (no https prefix, btw):

Server URL: DOMAINNAME Username: username@DOMAINNAME