In this article, you'll create a new DigitalOcean account using a free credit link. Then, you will clone a GitHub repository, and use Terraform code to initialize, plan and apply resources to your account, using a preconfigured image from DigitalOcean and your custom domain name. Finally, you will access your account remotely via SSH and execute two scripts to configure both your video conference server and Let's Encrypt SSL to enable HTTPS. is a secured, fully featured, and completely free video conference server. Jitsi Meet Jitsi isn't just for video conferencing. It also has room chat, virtual hand raise, screen sharing and streaming a YouTube video. Using your own Jitsi server, you don't have to be tied down to any free public servers, which maybe laggy or not available 24/7, or to be dependent on premium servers. And if you're a serious user, you can create a scalable, optimized video conferencing server, or even a frontend graphical user interface to wrap around your server. Prerequisites * Custom domain name. The article walks you through changing DNS for your domain name. How to Change DNS for a Domain * account. The tutorial walks you through creating a DigitalOcean access token. DigitalOcean How to Create a Personal Access Token * SSH Keygen. Requires a Windows Subsystem for Linux or macOS. * . The installation walks you through installing and configuring your Terraform program. Terraform Install Terraform Step 1 - Clone GitHub Repository Free Credit You can signup a DigitalOcean ["DO"] account with up to , which should last you up to 2 months, as unused credit expires after 60 days. $100 credit here After using up the free credits in one DO account, you can then re-signup for a another DO account using the same link above. However, there are some limitations: (1) Your credit card details is required for each DO account (but you will not be charged until the credits are used up). (2) You will need to redeploy all your dockerized web apps, and reroute all your links to new DO IP addresses. (3) You will need to use a new email address for each DO account. You can use an anonymous email forwarding app, such as , to create unlimited email aliases. AnonAddy.com Clone Repository Clone this repository to your folder : myproject $ git https://github.com/dennislwm/terraform-jitsi-ssl myproject clone Step 2 - Generate a SSH Key You can create an SSH key with either OpenSSH, which is included in on Windows Subsystem for Linux ["WSL"] and macOS. (1) Open a Command Prompt or Terminal window and enter the following command: > ssh-keygen (2) Enter file in which to save the key. For example, c:\users\denbrige\.ssh\id_rsa_do1 When prompted to enter a paraphrase, just press the Enter key for an empty paraphrase. (3) Open the config file using Notepad: > notepad c:\users\denbrige\.ssh\config (4) Append the following line in the file: IdentityFile c:\users\denbrige\.ssh\id_rsa_do1 The SSH checks each ssh key within the file when attempting to establish an SSH connection. config Step 3 - Terraform Initialize, Plan and Apply Configuration (a) In the folder, edit the file and change the default values for: root variables.tf * - path to local SSH folder, e.g. "c:\\users\\dennislwm\\.ssh\\" strSshPath * - name of local SSH public_key *.pub* file, e.g. "id_rsa.pub" strSshId * - path to this project root folder, e.g. "c:\\users\\dennislwm\\terraform-jitsi-ssl\\" strRootPath * - name of custom domain, e.g. "example.com" strDoDomain (b) Create a file and add the following (replace the "token" with your DigitalOcean API access token string): terraform.tfvars = "token" strDoToken Warning: Keep your file (add to ) a secret to prevent unauthorized access to your DigitalOcean account. terraform.tfvars .gitignore Execution Terraform has commands to deploy resources in a very simple way. This consists of three steps: * Init * Plan * Apply (1) In the folder, initialize Terraform nested modules by typing the following command: tf $ terraform init Note: You must execute the init command after each nested module changes. (2) Create Terraform plan by typing the following command: $ terraform plan (3) Execute Terraform plan by typing the following command: $ terraform apply Warning: Before typing 'yes', ensure ALL resources Terraform will create and DESTROY are correct. Step 4 - Access Your Droplet Console This article walks you through DNS for your domain name. How to Change DNS for a Domain Warning: If you do not change the DNS, you will NOT be able to configure Jitsi in the next step. Preconfigured Scripts The preconfigured image has scripts to configure Jitsi in a very straightforward way. This consists of two steps: * Configure Jitsi Server * Configure Let's Encrypt SSL Login to your DigitalOcean account and access the console for your droplet via SSH. (1) Configure Jitsi server by typing the following: $ ./01_videoconf.sh The menu will ask you to type a domain name, which you added to your project above. Enter exactly the same, eg. markit.work. When prompted, select the menu option to "Generate a Self-Signed Certificate", unless you want to import your own certificate. Warning: If you enter an IP address instead, you will NOT be able to configure HTTPS in the next step. (2) Configure Let's Encrypt SSL to enable HTTPS by running the following: $ ./02_https.sh The script will ask you for an Email, which will be used to notify you when it's time to renew the certificates to maintain your website with a secure connection. You have successfully deployed and configured your secure video conferencing server. Congratulations! To test your new server, open a web browser and navigate to your domain via HTTPS, e.g. https://markit.work Understand Terraform Project and Resources Project Structure Your project folder should look like this: Resources Let's take a peek at how Terraform resources work, in particular the and files. main.tf jitsi.tf Terraform requires a file, in the folder, that accesses global variables and global return values in and files, respectively. main.tf root variables.tf outputs.tf The primary function of file is to contain all global resources, such as provider and resource . main.tf digitalocean digitalocean_ssh_key The secondary function of file is to import all modules and their return values, such as module . main.tf jitsi For example, this is the source code for importing a module: module jitsi { source = objSshKey = [digitalocean_ssh_key ] strSshPath = strSshPte = strRootPath = strDoRegion = } // // Use relative path to root folder "./modules/jitsi/" // // Use default variables.tf in root folder // Override variables.tf file in modules folder (exclude from main) // strDoProject // strDoImage // strDoSize // .objSshKey .fingerprint var .strSshPath var .strSshPte var .strRootPath var .strDoRegion Modules Each module contains resources for a droplet, e.g. , which has a separate folder, under the folder. jitsi modules Terraform requires a resource file, such as , in the folder, that access module variables and module return values in and files, respectively. jitsi.tf modules variables.tf outputs.tf The folder structure, which consists of THREE (3) TF files, is similar to the folder structure. However, the declaration overrides any global declaration in the folder. modules root modules root The primary function of is to contain all local resources, such as resource , resource , etc. It also inherits any global resources from , such as provider . jitsi.tf digitalocean_droplet digitalocean_domain main.tf digitalocean The secondary function of is to contain any provisions, which are non-state objects, such as provisioner , , etc. These are specific tasks that depends on the resources deployed. jitsi.tf remote-exec file Variables Terraform loads variables in the following order, with later sources taking precedence over earlier ones: 1. Environment variables 2. The terraform.tfvars or terraform.tfvars.json files, if present. 3. Any *.auto.tfvars or *.auto.tfvars.json files, processed in lexical order of their filenames. 4. Any -var and -var-file options on the command line, in the order they are provided. (This includes variables set by a Terraform Cloud workspace.) 5. There is no mention of *.tf files, this is because variables declared in *.tf files are concatenated into a single entity before being processed by terraform. Hence this declaration have highest precedence. Any variables or return values declared within the local module files will override the global variables declared in the main folder. As an analogy to writing code, this is similar to a function's local variables overriding the global variables declared in its parent function. However, unlike code, the local file must declare all the global variables even if there is no overriden values. For example: variables.tf In the folder, the file contains: root variables.tf variable strDoRegion { = description = } variable strDoSize { = description = } default "sgp1" "Region for droplet (override in modules)" default "s-1vcpu-1gb" "Size for droplet (override in modules)" The global variables and contain the default values "sgp1" and "s-1vcpu-1gb", respectively. strDoRegion strDoSize In the folder, the file contains: modules variables.tf variable strDoRegion { description = } variable strDoSize { = description = } "Region for droplet (use default in root)" default "c-4" "Size for droplet (override in modules)" The local variable is declared, but its default value is not set (inherits from global), while the local variable is overridden by setting default to "c-4". strDoRegion strDoSize In practice, it is recommended to set ALL default values in the main file, even if you intend to override these values in the modules file. variables.tf variables.tf Outputs The modules file consists of return values from a remote server, e.g. an IP address. outputs.tf Any local return values can be accessed from both the and the files. For example: jitsi.tf main.tf In the folder, the file contains: modules outputs.tf output { value = digitalocean_droplet } "server_ip" .objJitsi .ipv4_address The local return value contains the ipv4_address from the module resource. server_ip jitsi In order to access the local return value above from the file, you must declare it in the main file. main.tf outputs.tf In the folder, the file contains: root outputs.tf output { value = module } "server_ip_jitsi" .jitsi .server_ip The global return value is declared, and the value is set to the local return value . server_ip_jitsi server_ip Conclusion In this article, you have successfully achieved: * clone a GitHub repository * generate a SSH key * execute Terraform Init, Plan and Apply to deploy resources * access your droplet console and execute scripts via SSH Get the Source Code You can download the above source code from GitHub repository . terraform-jitsi-ssl What To Do Next You can further explore Jitsi in several meaningful ways: * Read - This helps you to have a deeper knowledge of Jitsi server. Jitsi Documentation * Read - This helps you explore a collection of projects within Jitsi ecosystem. Jitsi Projects * Read - This helps you find relevant information about Jitsi features. Jitsi Blog * Participate in - This helps you to have a meaninful discussion online with other users of Jitsi Jitsi Community * Read . Terraform Documentation
![featured image - Deploying an Open Source Secure Video Conference Server [A How To Guide]](https://hackernoon.imgix.net/images/b35z33yuq.gif?auto=format&fit=max&w=3840)
![[A Step by Step Guide] Build Your Expert Advisor Telegram Bot to Query Forex Trade Orders via MT4](https://hackernoon.imgix.net/images/h4beg32xe.jpg?auto=format&fit=max&w=3840)
