Install nginx
Versions that are shipped with Debian/Ubuntu
OS | Nginx version |
---|---|
Debian 7 | 1.2.1-2 |
Debian 8 | 1.6.2-5 |
Debian 9 | 1.10.3-1 |
Ubuntu 14.04 | 1.4.6-1 |
Ubuntu 16.04 | 1.10.3 |
We are not covering the installation of Nginx through the repository of Nginx itself (Needed for Debian 7) See the howto on http://nginx.org/en/linux_packages.html for that.
$ sudo apt-get install nginx-light
To verify that we have the a version an above 1.4 run dpkg -l
$ sudo dpkg -l | grep nginx ii nginx-common 1.6.2-5+deb8u4 all small, powerful, scalable web/proxy server - common files ii nginx-light 1.6.2-5+deb8u4 amd64 nginx web/proxy server (standard version)
CentOS doesn't have Nginx by default so we using the Nginx repository.
Install Nginx
$ sudo rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
$ sudo yum install nginx-light
Install Nginx from the SUSE repository
$ sudo zypper install nginx
We wil now install kopano-webmeetings and kopano-webapp-plugin-meetings
Create a file called kopano.list in /etc/apt/sources.list.d/ and add the following.
Take note that the following is an example for Debian 8. Adjust them according to your specific distribution if needed, such as Ubuntu_16.04
#Core deb https://serial:<INSERT_SERIALKEY>@download.kopano.io/supported/webmeetings:/final/Debian_8.0/ ./
Our packages are signed so we need to add the key as well.
$ sudo curl https://serial:<INSERT_SERIALKEY>@download.kopano.io/supported/webmeetings:/final/Debian_8.0/Release.key | apt-key add -
All our packages are signed by the same key so you only need to add the key once
Now install kopano-webmeetings
$ sudo apt-get update $ sudo apt-get install kopano-webmeetings kopano-webapp-plugin-meetings
Create a file called kopano.repo in /etc/yum.repos.d/kopano.repo and add the following.
Take note that the following is an example for RHEL 7 and CentOS 7. Adjust them according to your specific distribution if needed
[Kopano-webmeetings] name=Final repository for Kopano-webmeetings (RHEL_7) type=rpm-md baseurl=https://serial:<INSERT_SERIALKEY>@download.kopano.io/supported/webmeetings:/final/RHEL_7/ gpgcheck=1 gpgkey=https://serial:<INSERT_SERIALKEY>@download.kopano.io/supported/webmeetings:/final/RHEL_7/repodata/repomd.xml.key enabled=1
$ sudo yum update $ sudo yum install kopano-webmeetings kopano-webapp-plugin-meetings
Create a file called kopano.repo in /etc/zypp/repos.d/kopano.repo and add the following.
Take note that the following is an example for SLE 12. Adjust them according to your specific distribution if needed.
[Kopano-webmeetings] enabled=1 autorefresh=0 baseurl=https://serial:<INSERT_SERIALKEY>@download.kopano.io/supported/webmeetings:/final/SLE_12/ gpgcheck=1 gpgkey=https://serial:<INSERT_SERIALKEY>@download.kopano.io/supported/webmeetings:/final/SLE_12/repodata/repomd.xml.key type=rpm-md
$ sudo zypper update $ sudo zypper install kopano-webmeetings kopano-webapp-plugin-meetings
Configure Apache
We need to change to listen port of apache as they being used by Nginx
Edit /etc/apache2/ports.conf
NameVirtualHost *:8000 Listen 127.0.0.1:8000
Disable the ssl module
$ sudo a2dismod ssl
To enable presence add te following to you apache webapp site /etc/apache2/sites-available/kopano-webapp.conf
Alias /webapp /usr/share/kopano-webapp ProxyPass /webapp/presence http://localhost:1234/ ProxyPassReverse /webapp/presence http://localhost:1234/
Enable the proxy mod
$sudo a2enmod proxy $sudo a2enmod proxy_http
Restart Apache
$ sudo service apache2 restart
Or use systemd
$ sudo systemctl restart apache2
Replace the listen value in
NameVirtualHost *:8000 Listen 127.0.0.1:8000
To enable presence add te following to you apache webapp site /etc/httpd/conf.d/kopano-webapp.conf
Alias /webapp /usr/share/kopano-webapp ProxyPass /webapp/presence http://localhost:1234/ ProxyPassReverse /webapp/presence http://localhost:1234/
Restart Httpd
$ sudo service httpd restart
Or use systemd
$ sudo systemctl restart httpd
Edit /etc/apache2/listen.conf
NameVirtualHost *:8000 Listen 127.0.0.1:8000
To enable presence add te following to you apache webapp site /etc/apache2/conf.d/kopano-webapp.conf
Alias /webapp /usr/share/kopano-webapp ProxyPass /webapp/presence http://localhost:1234/ ProxyPassReverse /webapp/presence http://localhost:1234/
Enable the proxy mod
$sudo a2enmod proxy
Restart Apache
$ sudo service apache2 restart
Or use systemd
$ sudo systemctl restart apache2
Nginx configuration
Add the followin in a new set in you nginx site (/etc/nginx/site-sites-available or /etc/nginx/conf.d depending on your OS)
server { listen 443 ssl; server_name _; ssl on; ssl_certificate /path/to/fullchain.pem; ssl_certificate_key /path/to/privkey.pem;e ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES128-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256:AES128:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK ; ssl_prefer_server_ciphers on; # # ssl_dhparam require you to create a dhparam.pem, this takes a long time #ssl_dhparam /etc/ssl/certs/dhparam.pem; # location /webmeetings { proxy_pass http://localhost:8090; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /webapp { proxy_pass http://localhost:8000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } map $http_upgrade $connection_upgrade { default upgrade; '' close; } proxy_buffering on; proxy_ignore_client_abort off; proxy_redirect off; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_next_upstream error timeout invalid_header http_502 http_503 http_504;
Add your certificate and certificate key at 'the ssl_certificate' and 'ssl_certificate_key ' parameters.
Make sure you have a dhparam.pem file in /etc/ssl/certs/ if not execute the following (this is going to take a long time)
cd /etc/ssl/certs && openssl dhparam -out dhparam.pem 4096
Verify if the Nginx config is valid
$ sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Now reload Nginx to use the new config
$ sudo systemctl reload nginx
Configure WebMeetings
We need 2 secret keys that are 32 bytes long
xxd -ps -l 32 -c 32 /dev/random
In this example we will use the following keys
webmeetings shared secret = 423f4308d0ffbb8e6a589894f6eda003addf6da40932105991e1867a5bd9bdf6 presence shared secret = 8fb26dc0adccc82fcbc5c46f59973bbf83413c3a42e328de1214333b1815f422
Add the webmeetings key in /etc/kopano/webmeetings.cfg
sharedsecret_secret = 423f4308d0ffbb8e6a589894f6eda003addf6da40932105991e1867a5bd9bdf6
Add the presence key in /etc/kopano/presence.cfg
server_secret_key = 8fb26dc0adccc82fcbc5c46f59973bbf83413c3a42e328de1214333b1815f422
Add both keys in /etc/kopano/webapp/config-meetings.php
DEFINE('PLUGIN_SPREEDWEBRTC_USER_DEFAULT_ENABLE', true); DEFINE('PLUGIN_SPREEDWEBRTC_WEBMEETINGS_SHARED_SECRET', '423f4308d0ffbb8e6a589894f6eda003addf6da40932105991e1867a5bd9bdf6'); DEFINE('PLUGIN_SPREEDWEBRTC_PRESENCE_SHARED_SECRET', '8fb26dc0adccc82fcbc5c46f59973bbf83413c3a42e328de1214333b1815f422');
Open Kopano Webapp and you should be able to see this icon
If not please enable the plugin first in WebApp settings.
Click on the icon and you should see the following