Educaship Jitsi

From CNM Wiki
Revision as of 17:54, 21 April 2023 by Sonya (talk | contribs)
Jump to: navigation, search

CNM Jitsi (formerly known as CNM Talkware; hereinafter, the Soft) is a CNM stable app built with Jitsi. At this moment, it is unclear where and how this app will be finally installed since its HA and storage solutions haven't been designed yet.

The Soft is the CNM app that is configured to power CNM Talk, TalkHandsOn, or TalkNext service of CNMCyber. The App is based on commercial off-the-shelf (COTS) webconferencing software, Jitsi. The App is a part of CNM Cloud.

Challenges

Load balancer

We are looking for solutions to implement a load balancer in CNM Jitsi.

Product specification

The Product specifications are:
What distinguishes CNM Jitsi from Jitsi:
  1. CNM Jitsi has LDAP authentication.
  2. CNM Jitsi instances are hosted on a CNM ProxmoxVE that ensures its high availability.
  3. CNM Jitsi does not use the Jigasi (Jitsi Gateway to SIP) - server-side application that allows regular SIP clients to join Jitsi Meet conferences.

Software instances

The software instance that powers core, hands-on training, and experiential systems.

Security

For security, we use Fail2ban because it operates by monitoring log files (e.g. /var/log/auth.log, /var/log/apache/access.log, etc.) for selected entries and running scripts based on them. Most commonly this is used to block selected IP addresses that may belong to hosts that are trying to breach the system's security. It can ban any host IP address that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator. Includes support for both IPv4 and IPv6.
Calls use the P2P mode, which is end-to-end encrypted via DTLS-SRTP between the two participants for encrypted communication (secure communication). Group calls also use DTLS-SRTP encryption, but rely on the Jitsi Videobridge (JVB) as video router, where packets are decrypted temporarily. All data is transmitted only through our server, and comprehensive TLS encryption provides protection against interception and unauthorized eavesdropping.

Malware protection

Previously, CNM Cloud developers struggled with the viruses, so an effective anti-virus strategy must be found -- what was the solution?

Standing operating procedures

Standing operating procedure

Monitoring process

Monitoring is done in Nagios Snapshots are made by hand, not on CNM Jitsi. Read more: CNM Nagios.

Backup

Usually the main backup is done on the farm, not on CNM Jitsi. So you can read more about backup on CNM Bureau Farm.

Snapshot

Versions and patch

System recovery

How to install & Configure Jitsi: https://drive.google.com/file/d/14ynvD3wqliwynQr7TrBf6B-slxqmsDnn/view?usp=sharing

Customization

To customize certain elements of Jitsi, you should:
  1. open the server where Jiti is installed in Terminal;
  2. open the Midnight Commander by using the command root@jitsi:/home/jitsi# mc;
  3. open catalog /usr (click /.. -> /.. -> /usr);
  4. open catalog /share -> /jitsi-meet
Customize Jitsi.png
Here you can select the element you want to change. Press F4 to edit.

Hands-on assignments

Hands-on assignments that CNM learners can use to get accustomed to the software while using its hands-on training systems and applications.

Presentations

Presentations that present the software to its new users in multimedia, video, just audio, and/or just graphic formats.

User group

CNM Social user group has not yet been created; the group may organize software-related events and produce newsletters.

Architecture

The App is a BigBlueButton instance that is run on the CNM Farms on a separate server.

Server requirements

The minimum server requirements for installing BigBlueButton 1.1 are:
  1. Ubuntu 16.04 64-bit OS;
  2. 4 GB of memory with swap enabled (8 GB of memory is better);
  3. Quad-core 2.6 GHZ CPU (or faster);
  4. TCP ports 80, 443, and 1935 are accessible;
  5. TCP port 7443 is accessible if you intend to configure SSL (recommended), otherwise port 5066 is Accessible;
  6. UDP ports 16384 - 32768 are accessible;
  7. Port 80 is not in use by another application.
Additional requirements are:
  • 500G of free disk space (or more) for recordings;
  • 100 Mbits / Sec bandwidth (symmetrical);
  • Dedicated (bare metal) hardware (not virtualized)

Availability

CNM app Available to:
Everyone Everyone registered Customer Student Partner or Vendor Employee Developer Admin
The App No Yes Yes Yes Yes Yes Yes Yes

See also

Development

Development of the Soft occurs under the Jitsi for CNM Cloud project.

Related lectios