Video Conferencing Software for Linux: Setting Up a Private Jitsi Server on Ubuntu

Video conferencing solutions for Linux are becoming essential as organizations demand accessible and secure communication tools. Jitsi Meet is a strong open-source choice that you can self-host. For DevOps engineers, sysadmins, and infrastructure architects, running a private Jitsi server on Ubuntu gives you full control over your video conferencing setup, better data privacy, and the ability to scale.

This guide covers installing Jitsi Meet on Ubuntu. You’ll see why Ubuntu works best, how to prepare your server, perform the installation, and configure vital parts like SSL, firewall, and Nginx. It also touches on common installation issues and best security practices to keep your setup reliable.

Why Linux (Ubuntu) is the recommended environment for Jitsi

Ubuntu, especially the 22.04 LTS release, offers a stable, well-supported platform for servers. Its long-term support means consistent security updates and compatibility with the packages Jitsi Meet relies on.

Jitsi Meet’s components—Prosody (XMPP server), Nginx (web server), Jicofo (Jitsi Focus component), and Videobridge—are packaged and optimized for Ubuntu. That simplifies installation and integration. Ubuntu’s large community and documentation also help troubleshoot and follow Linux best practices.

For a sysadmin, this translates to fewer surprises during installs or upgrades, reliable compatibility, and security features like AppArmor confinement to protect Jitsi processes. Ubuntu’s stable networking stack and built-in IPv6 support improve WebRTC, which keeps video calls smooth and low-latency.

Prerequisites - server specs, domain, DNS, and firewall rules

Before setting up your video conferencing server, make sure your environment meets these requirements to avoid common problems.

Server Specifications

• CPU: Minimum 2 dedicated cores. Video calls use lots of CPU, especially with many participants.
• RAM: At least 4 GB. Plan to increase to 8 GB or more if you expect heavy use or recording.
• Storage: SSD with 40 GB free space. Fast storage supports logging and caching without slowdown.
• Operating System: Ubuntu 22.04 LTS (64-bit recommended).

Domain and DNS

• Use a public domain pointing to your server’s IP. For example, meet.example.com.
• Set up DNS A record for proper resolution.
• Avoid using just an IP address. SSL certificates and WebRTC need a valid domain name.

Firewall and Network

Jitsi requires specific ports open and correctly routed:

• TCP 80 and 443 (HTTP and HTTPS) must allow client connections and certificate verification.
• UDP 10000 (default) handles media traffic via Videobridge.
• TCP 4443 serves as a TLS fallback when UDP 10000 is blocked.
• Configure your firewall (UFW or iptables) to reflect this.

Avoid NAT or carrier NAT issues. If behind NAT, make sure to forward UDP 10000. Jitsi doesn’t work well if critical UDP ports are blocked.

Step-by-step: Installing Jitsi Meet on Ubuntu 22.04

Here are the key steps and commands to install Jitsi Meet correctly.

Update System and Install Dependencies

sudo apt update && sudo apt upgrade -y
sudo apt install -y gnupg2 curl wget apt-transport-https

This updates packages and installs tools needed for key and repository management.

Add Jitsi Official Repository

Import Jitsi’s GPG key:

curl https://download.jitsi.org/jitsi-key.gpg.key | sudo gpg --dearmor -o /usr/share/keyrings/jitsi-keyring.gpg

Add the Jitsi repository:

echo 'deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/' | sudo tee /etc/apt/sources.list.d/jitsi-stable.list
sudo apt update

This ensures you get the latest stable Jitsi packages.

Install Jitsi Meet

sudo apt install -y jitsi-meet

You’ll be asked for your hostname during installation. Use your domain like meet.example.com.

Troubleshooting Prosody XMPP Issues

If Prosody doesn’t start or shows errors — often related to SSL or hostname misconfigurations — check its status:

sudo systemctl status prosody
sudo journalctl -xeu prosody

Verify your domain in /etc/prosody/prosody.cfg.lua. Check if port 5222 is in use:

sudo lsof -i:5222

Stop or reassign any conflicting services.

Configuring SSL with Let’s Encrypt

Securing your video conferencing setup with SSL is crucial for WebRTC and encrypted signaling.

Obtain SSL Certificate

Jitsi includes a script to automate this:

sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

This installs certbot if needed, requests the SSL certificate, configures Nginx, and sets up automatic renewal.

Manual Certbot Setup (if needed)

If automation fails or you want more control:

sudo apt install -y certbot
sudo certbot certonly --standalone -d meet.example.com

Then update your Nginx config to use these certificates manually.

SSL Troubleshooting

If the certificate request fails:

• Make sure port 80 is open and accessible from outside.
• Check for other web servers running that might block certbot.
• Confirm your DNS records have properly propagated.

Setting up the UFW firewall and Nginx correctly

Your firewall and web server must be set up to allow legitimate traffic and block unauthorized access.

Configure UFW Firewall

sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 10000/udp
sudo ufw allow 4443/tcp
sudo ufw enable
sudo ufw status verbose

Ports 80/443 handle HTTP(S), UDP 10000 carries media streams, and TCP 4443 acts as a fallback relay.

Make sure these rules persist after reboot and your firewall doesn’t allow overly broad access.

Nginx Configuration

Jitsi sets up its config at /etc/nginx/sites-available/jitsi.conf.

Ensure it has:

• Redirects from HTTP to HTTPS.
• Proper proxy settings for HTTP/2 and WebSocket support.
• Correct file and log permissions.

Test Nginx settings before reloading:

sudo nginx -t
sudo systemctl reload nginx

The 5 most common installation errors and fixes

1. Prosody Won’t Start

Usually caused by missing or mismatched SSL certificates. Check config files and logs, then restart Prosody.

2. Port Conflicts on UDP 10000 or TCP 4443

Other services may block these ports. Use lsof to identify conflicts, then stop or modify interfering programs.

3. Let’s Encrypt Renewal Failures

Often due to port 80 being blocked or multiple web servers competing. Make sure only Nginx listens on port 80 during renewal.

4. Video Freezes or No Audio

Most often caused by blocked UDP 10000 traffic. Confirm firewall, cloud provider, and router support UDP forwarding. Avoid relying on TCP fallback if possible.

5. JWT Authentication Issues

Typically caused by secret mismatches or config errors. Verify secrets and sync server time with NTP. Prosody logs help diagnose.

Securing with JWT and testing the setup

JWT authentication controls who can join your private conferences.

Enable JWT Authentication

Edit your Prosody config:

sudo nano /etc/prosody/conf.avail/your-domain.cfg.lua

Add and enable the token verification modules, then set the shared secret as documented. Restart Prosody afterward.

Testing Your Deployment

Open your meeting URL on different browsers and devices. Check that SSL certificates show as valid, JWT prompts work, and video/audio run smoothly. Review logs for any errors at /var/log/jitsi/*.

When we recently deployed this for a mid-size team, a server clock mismatch caused JWT failures. Setting up NTP fixes this immediately.

When managing Jitsi yourself becomes difficult

Running Jitsi yourself gives you control, but complexity grows fast if you need to:

• Manage many SSL renewals
• Add advanced auth like LDAP or SAML
• Ensure high availability and fault tolerance
• Load balance for hundreds of users
• Handle extensive logging and monitoring

Without experience, these tasks consume time and effort. Managed Jitsi services provide hardened environments, monitoring, and support, letting you focus on your business.

Conclusion

Installing Jitsi Meet on Ubuntu 22.04 provides a robust platform for private, secure video conferencing. By preparing your environment, following clear installation steps, and tackling common issues—especially with Prosody, ports, and SSL—you can deliver a reliable self-hosted server.

Securing your setup with JWT and proper firewall settings strengthens control over access. Still, operating and scaling the system yourself requires ongoing attention. When your needs grow, professional services offer a safer, more efficient path.

Review your video conferencing needs and resources. Decide if a DIY Ubuntu Jitsi server fits or if a managed service will better support your goals.

---

If you want to simplify your Jitsi setup or need expert guidance tailored to your infrastructure, connect with a Linux video conferencing specialist who can design a secure and scalable solution for your operations.