Jitsi: Setting up TURN

In order to achieve better performance on video calls with only two people, a TURN server can be setup. This TURN server is used to get the direct ip address of devices behind a NAT or firewalls blocking certain types of traffic. This allows a P2P connection to be established and not waste bandwidth passing throught the server. This can be done by follow this. Although if you have another website on the same machine you will have to manage it to get it to co-exist alongside jitsi. Here are a few of the additional fixes they neglect to tell you about.

Make sure ports are opened

Need to enable the following ports:

ufw allow 4444
ufw allow 4445
ufw allow 10000:20000/udp  # Allows ports 10000 to 20000 on udp open

Add your websites to the TURN server config and change listening port

In the configuration file you created in the TURN guide, under map your websites served need to be added. This is because the TURN server while acting as a TURN server will also need to redirect website requests appropriately. Here is my for example:

stream {
    map $ssl_preread_server_name $name {
        # Need to add every website hosted here
        connorjarvis.xyz web_backend;
        wiki.connorjarvis.xyz web_backend;
        meet.connorjarvis.xyz web_backend;

        turn.connorjarvis.xyz turn_backend;
    }

    upstream web_backend {
        server 127.0.0.1:4444;
    }
# ...

The websites then need to be configured to listen on port 4444 as the TURN server is configured to redirect it:

server {
    # ...

    listen [::]:4444 ssl ipv6only=on; # managed by Certbot
    listen 4444 ssl; # managed by Certbot

    # ...

“ipv6only=on” must be configured on only one website else it will cause port redefinition errors. Simply remove the “ipv6only=on” from your other websites. This is the same if you have a “default_server” option, it can only be in one website configuration as well.

E2E Ping module is broken

Need to disable e2eping in /etc/jitsi/meet/meet.YOUR_DOMAIN-config.js. This is because it is broken and will kill your session when attempting to determine the ping time.

Change/add the lines:

e2eping: {
    pingInterval: -1,
    analyticsInterval: -1,
},

Conclusion

If you have added all these changes then, it should work. However my experience has been that it is quite unstable at times. Especially on the very underpowered server instance I am running. Sometimes Jitsi can fail for no apparent reason and solutions seem varied. These were what worked for me.