Difference between revisions of "Educaship Jitsi"
Line 12: | Line 12: | ||
===Software instances=== | ===Software instances=== | ||
: The software instance that powers core, hands-on training, and experiential systems. | : The software instance that powers core, hands-on training, and experiential systems. | ||
− | :* [[CNM Talk]] | + | :* Core Jitsi -- [[CNM Talk]] |
− | :* [[Kryvi app|Kryvi]] Jitsi | + | :* [[Kryvi app|Kryvi]] Jitsi -- [[TalkHandsOn]] |
− | :* [[Inplz app|Inplz]] Jitsi -- | + | :* [[Inplz app|Inplz]] Jitsi -- [[TalkNext]] |
===Security=== | ===Security=== |
Revision as of 15:32, 14 April 2023
CNM Jitsi (formerly known as CNM Talkware; hereinafter, the Soft) is a CNM stable app built with Jitsi. At this moment, it is unclear where and how this app will be finally installed since its HA and storage solutions haven't been designed yet.
The Soft is the CNM app that is configured to power CNM Talk, TalkHandsOn, or TalkNext service of CNMCyber. The App is based on commercial off-the-shelf (COTS) webconferencing software, Jitsi. The App is a part of CNM Cloud.
Contents
Product specification
- The Product specifications are:
- CNM Jitsi has LDAP authentication and is hosted on a Proxmox cluster that ensures its high stability that distinguishes CNM Jitsi from Jitsi.
- Jitsi Gateway to SIP (jigasi) - server-side application that allows regular SIP clients to join Jitsi Meet conferences -- not used
Software instances
- The software instance that powers core, hands-on training, and experiential systems.
- Core Jitsi -- CNM Talk
- Kryvi Jitsi -- TalkHandsOn
- Inplz Jitsi -- TalkNext
Security
- For security, we use Fail2ban because it operates by monitoring log files (e.g. /var/log/auth.log, /var/log/apache/access.log, etc.) for selected entries and running scripts based on them. Most commonly this is used to block selected IP addresses that may belong to hosts that are trying to breach the system's security. It can ban any host IP address that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator. Includes support for both IPv4 and IPv6.
- Calls use the P2P mode, which is end-to-end encrypted via DTLS-SRTP between the two participants for encrypted communication (secure communication). Group calls also use DTLS-SRTP encryption, but rely on the Jitsi Videobridge (JVB) as video router, where packets are decrypted temporarily. All data is transmitted only through our server, and comprehensive TLS encryption provides protection against interception and unauthorized eavesdropping.
Malware protection
- Previously, CNM Cloud developers struggled with the viruses, so an effective anti-virus strategy must be found -- what was the solution?
Standing operating procedures
Monitoring process
- Monitoring is done in Nagios Snapshots are made by hand, not on CNM Jitsi. Read more: CNM Nagios.
Backup
- Usually the main backup is done on the farm, not on CNM Jitsi. So you can read more about backup on CNM EndUser Farm.
Snapshot
Versions and patch
System recovery
- How to install & Configure Jitsi: https://drive.google.com/file/d/14ynvD3wqliwynQr7TrBf6B-slxqmsDnn/view?usp=sharing
Customization
- To customize certain elements of Jitsi, you should:
- open the server where Jiti is installed in Terminal;
- open the Midnight Commander by using the command root@jitsi:/home/jitsi# mc;
- open catalog /usr (click /.. -> /.. -> /usr);
- open catalog /share -> /jitsi-meet
Hands-on assignments
- Hands-on assignments that CNM learners can use to get accustomed to the software while using its hands-on training systems and applications.
Presentations
- Presentations that present the software to its new users in multimedia, video, just audio, and/or just graphic formats.
User group
- CNM Social user group has not yet been created; the group may organize software-related events and produce newsletters.
Architecture
The App is a BigBlueButton instance that is run on the CNM Farms on a separate server.
Server requirements
- The minimum server requirements for installing BigBlueButton 1.1 are:
- Ubuntu 16.04 64-bit OS;
- 4 GB of memory with swap enabled (8 GB of memory is better);
- Quad-core 2.6 GHZ CPU (or faster);
- TCP ports 80, 443, and 1935 are accessible;
- TCP port 7443 is accessible if you intend to configure SSL (recommended), otherwise port 5066 is Accessible;
- UDP ports 16384 - 32768 are accessible;
- Port 80 is not in use by another application.
- The minimum server requirements for installing BigBlueButton 1.1 are:
- Additional requirements are:
- 500G of free disk space (or more) for recordings;
- 100 Mbits / Sec bandwidth (symmetrical);
- Dedicated (bare metal) hardware (not virtualized)
- Additional requirements are:
Availability
CNM app | Available to: | |||||||
Everyone | Everyone registered | Customer | Student | Partner or Vendor | Employee | Developer | Admin | |
---|---|---|---|---|---|---|---|---|
The App | No | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
See also
Development
- Development of the Soft occurs under the Jitsi for CNM Cloud project.