Installing Jitsi and Jibri on Same Machine

This post is heavily inspired from this community post by https://community.jitsi.org/u/Woodworker_Life. However, the original installation document is based on typical split Jitsi on one VM and Jibri on seperate VM. 

A little reworked version is deployed and tested for several client based with no performance issue- this post covers a single VM with Jitsi Videobridge and Jibri Reocording system.

Prerequisites:

  • Works only on Ubuntu 16 Distribution
  • Only following DNS entries are needed to be available:
    • meet.ensii.net -> 123.45.67.89
    • recording.ensii.net-> 123.45.67.89
    • recorder.ensii.net-> 123.45.67.89
  • update /etc/hosts file as following:
    • 127.0.0.1    meet.ensii.net
      123.45.67.89    recording.ensii.net
      123.45.67.89    recorder.ensii.net

Part-1: Setup Jitsi Meet on the server

You will need to login to the server you created in step 1. For this, on my Windows laptop, I use PuTTy. Login with initial password and change it to your own.

Update server:

apt update && apt upgrade -y

Continue reading “Installing Jitsi and Jibri on Same Machine” »

Share

Install h5ai – file indexer on Centos 7

H5ai is a modern file indexer for HTTP web servers with focus on your files. Directories are displayed in a appealing way and browsing them is enhanced by different views, a breadcrumb and a tree overview. Initially h5ai was an acronym for HTML5 Apache Index but now it supports other web servers too.

Step 1 – Installing (Requires PHP 5.5+)

wget https://release.larsjung.de/h5ai/h5ai-0.29.2.zip
unzip h5ai-0.29.2.zip

Copy folder _h5ai to the document root directory of the web server: DOC_ROOT/_h5ai.

DOC_ROOT
 ├─ _h5ai
 ├─ your files
 └─ and folders

Add /_h5ai/public/inde to http conf file Continue reading “Install h5ai – file indexer on Centos 7” »

Share

Proxmox Cloud-Init OS template creation

Introduction

In this guide we will go over creating a Proxmox KVM Template from a Cloud Image. This same process will work for any Cloud-Init Openstack based image type you can find online.

Having done a number of these for our Proxmox based VPS service I wanted to post up a guide to help anyone else looking to do the same thing.

My workflow for customizing one of those for use with Proxmox with cloud-init deployment from WHMCS and root login is below. Once you setup one template you can rapidly reinstall new containers and test stuff.

Setup Environment

If not installed already installed you will need libguestfs-tools :

apt-get install libguestfs-tools

To edit the image before importing. We will use virt-edit which is a part of libguestfs-tools. Continue reading “Proxmox Cloud-Init OS template creation” »

Share

Accessing private network using pritunl VPN

This tutorial will describe securing access to a private network using a Pritunl server. The diagram below shows the network topology for this tutorial.

First remove the 0.0.0.0/0 route from the server. This route tunnels all internet traffic over the vpn, for this setup only the traffic for the private network will be tunneled. Continue reading “Accessing private network using pritunl VPN” »

Share

Apache error fix on Forbidden You don’t have permission to access this resource

Tested and works on Debian/Ubuntu apache installation. For this open the apache2.conf file using the nano editor

sudo nano /etc/apache2/apache2.conf

Replace the general directory settings with this.

<Directory />
#Options FollowSymLinks
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order deny,allow
Require all granted
</Directory><Directory /usr/share>
AllowOverride None
Require all granted
</Directory><Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
#<Directory /srv/>
# Options Indexes FollowSymLinks
# AllowOverride None
# Require all granted
#</Directory>

Ensure your virtual host configuration file in /etc/apache2/sites-available directory is in this manner Continue reading “Apache error fix on Forbidden You don’t have permission to access this resource” »

Share

Install Pritunl on Ubuntu 16

Update your bare-bone and freshly installed Ubuntu 16 system.

sudo apt-get update && sudo apt-get upgrade

Add Pritunl’s APT repository and update the package lists:

echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.0 multiverse" > /etc/apt/sources.list.d/mongodb-org-3.0.list
echo "deb http://repo.pritunl.com/stable/apt trusty main" > /etc/apt/sources.list.d/pritunl.list

Add repo keys for apt to validate against

apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7F0CEB10
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv CF8E292A

Update the package cache

sudo apt-get update

If you have a firewall running on the Linode, add exceptions for Pritunl’s Web UI and server:

sudo iptables -A INPUT -p udp -m udp --sport 9700 --dport 1025:65355 -j ACCEPT
sudo iptables -A INPUT -p tcp -m tcp --sport 9700 --dport 1025:65355 -j ACCEPT
sudo iptables -A INPUT -p `your protocol here` -m `your protocol here` --sport `your_port_here` --dport 1025:65355 -j ACCEPT

NoteIf you’ve configured the firewall according to the Securing Your Server guide, be sure to add these port ranges to the /etc/iptables.firewall.rules file.

Install Pritunl and its required dependencies:

sudo apt-get install python-software-properties pritunl mongodb-org

Start the Pritunl service:

sudo service pritunl start

Open a web browser on your computer, and navigate to https://123.45.67.89:9700, replacing 123.45.67.89 with your VM IP address. You will see a screen similar to this:

Continue reading “Install Pritunl on Ubuntu 16” »

Share

Install Discourse Forum with Nginx on Ubuntu 16.04

Step 1 – Install Docker on Ubuntu 16.04

The Discourse software is written in Ruby and Javascript, using PostgreSQL as the main database, and Redis as a cache and for transient data. We will install Discourse under the Docker container.
 
The installation process will be carried out on Ubuntu 16.04. So to begin with, install Docker using the command below.

wget -qO- https://get.docker.com/ | sh

 

After the installation is complete, check the docker service and make sure it’s already running on the system. Continue reading “Install Discourse Forum with Nginx on Ubuntu 16.04” »

Share

Linux Monitoring using Grafana InfluxDB and Telegraf on Debian 10

The basic installation of Grafana InfluxDB and Telegraf is described in my other post here-

Install Grafna, InfluxDB, Telegraf for Jitsi Video Meet Monitoring on Debian 10

All is needed is to create a telegraf configuration file:

nano /etc/telegraf.d/dashboard.conf

# Global tags can be specified here in key="value" format.
[global_tags]
# dc = "us-east-1" # will tag all metrics with dc=us-east-1
# rack = "1a"
## Environment variables can be used as tags, and throughout the config file
# user = "$USER"

# Configuration for telegraf agent
[agent]
interval = "10s"
round_interval = true
metric_batch_size = 1000
metric_buffer_limit = 10000
collection_jitter = "0s"
flush_interval = "10s"
flush_jitter = "0s"
precision = ""
debug = false
quiet = false
hostname = ""
omit_hostname = false

### OUTPUT

# Configuration for influxdb server to send metrics to
[[outputs.influxdb]]
urls = ["http://your_host:8086"]
database = "telegraf_metrics"

## Retention policy to write to. Empty string writes to the default rp.
retention_policy = ""
## Write consistency (clusters only), can be: "any", "one", "quorum", "all"
write_consistency = "any"

## Write timeout (for the InfluxDB client), formatted as a string.
## If not provided, will default to 5s. 0s means no timeout (not recommended).
timeout = "5s"
# username = "telegraf"
# password = "2bmpiIeSWd63a7ew"
## Set the user agent for HTTP POSTs (can be useful for log differentiation)
# user_agent = "telegraf"
## Set UDP payload size, defaults to InfluxDB UDP Client default (512 bytes)
# udp_payload = 512

# Read metrics about cpu usage
[[inputs.cpu]]
## Whether to report per-cpu stats or not
percpu = true
## Whether to report total system cpu stats or not
totalcpu = true
## Comment this line if you want the raw CPU time metrics
fielddrop = ["time_*"]

# Read metrics about disk usage by mount point
[[inputs.disk]]
## By default, telegraf gather stats for all mountpoints.
## Setting mountpoints will restrict the stats to the specified mountpoints.
# mount_points = ["/"]

## Ignore some mountpoints by filesystem type. For example (dev)tmpfs (usually
## present on /run, /var/run, /dev/shm or /dev).
ignore_fs = ["tmpfs", "devtmpfs"]

# Read metrics about disk IO by device
[[inputs.diskio]]
## By default, telegraf will gather stats for all devices including
## disk partitions.
## Setting devices will restrict the stats to the specified devices.
# devices = ["sda", "sdb"]
## Uncomment the following line if you need disk serial numbers.
# skip_serial_number = false

# Get kernel statistics from /proc/stat
[[inputs.kernel]]
# no configuration

# Read metrics about memory usage
[[inputs.mem]]
# no configuration

# Get the number of processes and group them by status
[[inputs.processes]]
# no configuration

# Read metrics about swap memory usage
[[inputs.swap]]
# no configuration

# Read metrics about system load & uptime
[[inputs.system]]
# no configuration

# Read metrics about network interface usage
[[inputs.net]]
# collect data only about specific interfaces
# interfaces = ["eth0"]

[[inputs.netstat]]
# no configuration

[[inputs.interrupts]]
# no configuration

[[inputs.linux_sysctl_fs]]
# no configuration

Update the necessary paramaters accordign to your installations.

Import the Grafana Dashboard Template from here-

https://grafana.com/grafana/dashboards/928

Share

Install Netbox on Docker

The first thing to do is the installation of Docker. To do this, open a terminal window and issue the following commands:

Install Docker with the command: 

sudo apt-get install docker.io -y

Add your user to the docker group with the command: 

sudo usermod -aG docker $USER.

Log out and log back in to the server. Install docker-compose with the command: 

sudo curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

Change the permission of the docker-compose command with the command: 

sudo chmod +x /usr/local/bin/docker-compose

Start the docker daemon with the command 

sudo systemctl start docker

Enable the docker daemon with the command 

sudo systemctl enable docker

To get Netbox Docker up and running run the following commands. There is a more complete Getting Started guide on our wiki which explains every step.

Create Direcotry:

mkdir /var/netbox
cd /var/netbox
git clone -b release https://github.com/netbox-community/netbox-docker.git
cd netbox-docker
tee docker-compose.override.yml <<EOF
version: '3.4'
services:
nginx:
ports:
- 8000:8080
EOF
docker-compose pull
docker-compose up (allow to run docker in the foregorund)
docker-compose up -d  (allow to run docker in the background)

The whole application will be available after a few minutes. Open the URL http://0.0.0.0:8000/ in a web-browser. You should see the Netbox homepage. In the top-right corner you can login. The default credentials are:

Username: admin
Password: admin
API Token: 0123456789abcdef0123456789abcdef01234567

How to access Netbox

It will take around two to five minutes before Netbox becomes available. During that time, issue the command:

echo "http://$(docker-compose port nginx 8080)/"

The above command will print out the exact port you should use to access Netbox. In my case the following output is printed:

http://0.0.0.0:8000/

Tips:

Before you deploy the container, you’ll want to edit the .env file and configure it to meet your needs. Issue the command:

nano env/netbox.env

In that file, you might want to change the line:

SUPERUSER_PASSWORD=admin

The above is the default password for the admin user. Change that to something unique and strong. Alter any other options you might want (such as SUPERUSER_EMAIL) and save the file. 

Src: 
https://www.techrepublic.com/article/how-to-deploy-the-netbox-network-documentationmanagement-tool-with-docker/
https://github.com/netbox-community/netbox-docker

Share

Install Grafna, InfluxDB, Telegraf for Jitsi Video Meet Monitoring on Debian 10

Step 1: Install InfluxDB

apt update && apt install -y gnupg2 curl wget
wget -qO- https://repos.influxdata.com/influxdb.key | sudo apt-key add -
echo "deb https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
apt update && apt install influxdb -y
systemctl enable --now influxdb
systemctl status influxdb

If you run a firewall (i.e. ufw) on this server, open the port for influxdb and grafana webserver:

ufw allow 8086/tcp
ufw allow 3000/tcp

Step 2: Install Grafana to display stats dashboards

curl https://packages.grafana.com/gpg.key | sudo apt-key add -
add-apt-repository "deb https://packages.grafana.com/oss/deb stable main"
apt update && apt install grafana -y
systemctl enable --now grafana-server
systemctl status grafana-server

Step 3: Install & configure telegraf

wget -qO- https://repos.influxdata.com/influxdb.key | sudo apt-key add -
echo "deb https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
apt update && apt install telegraf -y
mv /etc/telegraf/telegraf.conf /etc/telegraf/telegraf.conf.original
nano /etc/telegraf/telegraf.conf

Enter following contents in telegraf.conf:

[global_tags]

###############################################################################
# GLOBAL #
###############################################################################

[agent]
interval = "10s"
debug = false
hostname = "jitsi_host"
round_interval = true
flush_interval = "10s"
flush_jitter = "0s"
collection_jitter = "0s"
metric_batch_size = 1000
metric_buffer_limit = 10000
quiet = false
logfile = ""
omit_hostname = false
nano /etc/telegraf/telegraf.d/jitsi.conf

Enter following contents in jitsi.conf:

###############################################################################
# INPUTS #
###############################################################################
[[inputs.http]]
name_override = "jitsi_stats"
urls = [
"http://116.203.231.172:8080/colibri/stats"
]
data_format = "json"
###############################################################################
# OUTPUTS #
###############################################################################
[[outputs.influxdb]]
urls = ["http://localhost:8086"]
database = "jitsi"
timeout = "0s"
retention_policy = ""

We enable start on boot and start telegraf now on server “jitsi”:

systemctl enable --now telegraf
systemctl status telegraf

(Mind: We will not create a database as Telegraf will create our database if it does not find one)

Server: "jitsi"

Step 4: Adapt Jitsi onfiguration to expose stats

nano /etc/jitsi/videobridge/config

Make sure to configure the jvb options:

JVB_OPTS="--apis=rest,xmpp"

and

nano /etc/jitsi/videobridge/sip-communicator.properties

Here we configure colibri statistics:

org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc,colibri
service jitsi-videobridge2 restart

Check output in the terminal on the jitsi server:

curl -v http://127.0.0.1:8080/colibri/stats
Response: {"inactive_endpoints":0,"inactive_conferences":0,"total_ice_succeeded_relayed":0,"total_loss_degraded_participant_seconds":0,"bit_rate_download":0,"muc_clients_connected":1,"total_participants":0,"total_packets_received":0,"rtt_aggregate":0.0,"packet_rate_upload":0,"p2p_conferences":0,"total_loss_limited_participant_seconds":0,"octo_send_bitrate":0,"total_dominant_speaker_changes":0,"receive_only_endpoints":0,"total_colibri_web_socket_messages_received":0,"octo_receive_bitrate":0,"loss_rate_upload":0.0,"version":"2.1.169-ga28eb88e","total_ice_succeeded":0,"total_colibri_web_socket_messages_sent":0,"total_bytes_sent_octo":0,"total_data_channel_messages_received":0,"loss_rate_download":0.0,"total_conference_seconds":0,"bit_rate_upload":0,"total_conferences_completed":0,"octo_conferences":0,"num_eps_no_msg_transport_after_delay":0,"endpoints_sending_video":0,"packet_rate_download":0,"muc_clients_configured":1,"conference_sizes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"total_packets_sent_octo":0,"conferences_by_video_senders":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"videostreams":0,"jitter_aggregate":0.0,"total_ice_succeeded_tcp":0,"octo_endpoints":0,"current_timestamp":"2020-04-17 23:14:38.468","total_packets_dropped_octo":0,"conferences":0,"participants":0,"largest_conference":0,"total_packets_sent":0,"total_data_channel_messages_sent":0,"total_bytes_received_octo":0,"octo_send_packet_rate":0,"conferences_by_audio_senders":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"total_conferences_created":0,"total_ice_failed":0,"threads":37,"videochannels":0,"total_packets_received_octo":0,"graceful_shutdown":false,"octo_receive_packet_rate":0,"total_bytes_received":0,"rtp_loss":0.0,"total_loss_controlled_participant_seconds":0,"total_partially_failed_conferences":0,"endpoints_sending_audio":0,"total_bytes_sent":0,"mucs_configured":1,"total_failed_conferences":0,"mucs_joined":1}

With this response we see that the rest api responds and can be used for our purpose! To make sure that the colibri rest endpoint can be accessed by telegraf:

ufw allow 8080/tcp

Configure dashboards in Grafana

Open Grafana in browser: http://<Your-IP>:3000 31 and prepare your admin account

Add datasource.

We will add an InfluxDB datasource and set it to be the default.

Name: InfluxDB
Default: On
HTTP URL: http://localhost:8086 14
HTTP Access: Server (default)
Database: jitsi

Download a Dashboard.

https://grafana.com/grafana/dashboards/11969

A collection of all fields from the jitsi rest api response is available in the json attached for convenience.

Src: https://community.jitsi.org/t/how-to-to-setup-grafana-dashboards-to-monitor-jitsi-my-comprehensive-tutorial-for-the-beginner/38696

Share