Page tree
Skip to end of metadata
Go to start of metadata

Install nginx

Debian Ubuntu RHEL CentOS SUSE

We wil now install kopano-webmeetings and kopano-webapp-plugin-meetings

Debian and Ubuntu RHEL and CentOS SUSE

Configure Apache

We need to change to listen port of apache as they  being used by Nginx

Debian and Ubuntu RHEL and CentOS SUSE


Nginx configuration 

Add the followin in a new set in you nginx site (/etc/nginx/site-sites-available or /etc/nginx/conf.d depending on your OS)

     server {
        listen 443 ssl;
        server_name _;
        ssl on;
        ssl_certificate /path/to/fullchain.pem;
    	ssl_certificate_key /path/to/privkey.pem;e
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES128-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256:AES128:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK ;
        ssl_prefer_server_ciphers on;
        #
        # ssl_dhparam require you to create a dhparam.pem, this takes a long time
        #ssl_dhparam /etc/ssl/certs/dhparam.pem;
        #
        location /webmeetings {
                proxy_pass http://localhost:8090;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
        location /webapp {
                proxy_pass http://localhost:8000;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
}
map $http_upgrade $connection_upgrade {
        default upgrade;
        '' close;
}
proxy_buffering on;
proxy_ignore_client_abort off;
proxy_redirect off;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_next_upstream error timeout invalid_header http_502 http_503 http_504;

Add your certificate and certificate key at  'the ssl_certificate' and 'ssl_certificate_key ' parameters.

Make sure you have a dhparam.pem file in /etc/ssl/certs/ if not execute the following (this is going to take a long time)

cd /etc/ssl/certs && openssl dhparam -out dhparam.pem 4096


Verify if the Nginx config is valid

$ sudo nginx -t 
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Now reload Nginx to use the new config

$ sudo systemctl reload nginx

Configure WebMeetings

We need 2 secret keys that are 32 bytes long

xxd -ps -l 32 -c 32 /dev/random

In this example we will use the following keys

webmeetings shared secret = 423f4308d0ffbb8e6a589894f6eda003addf6da40932105991e1867a5bd9bdf6
presence shared secret = 8fb26dc0adccc82fcbc5c46f59973bbf83413c3a42e328de1214333b1815f422


Add the webmeetings  key in /etc/kopano/webmeetings.cfg 

sharedsecret_secret = 423f4308d0ffbb8e6a589894f6eda003addf6da40932105991e1867a5bd9bdf6


Add the presence key in /etc/kopano/presence.cfg

server_secret_key = 8fb26dc0adccc82fcbc5c46f59973bbf83413c3a42e328de1214333b1815f422

Add both keys in /etc/kopano/webapp/config-meetings.php

/etc/kopano/webapp/config-meetings.php
DEFINE('PLUGIN_SPREEDWEBRTC_USER_DEFAULT_ENABLE', true);

DEFINE('PLUGIN_SPREEDWEBRTC_WEBMEETINGS_SHARED_SECRET', '423f4308d0ffbb8e6a589894f6eda003addf6da40932105991e1867a5bd9bdf6');

DEFINE('PLUGIN_SPREEDWEBRTC_PRESENCE_SHARED_SECRET', '8fb26dc0adccc82fcbc5c46f59973bbf83413c3a42e328de1214333b1815f422');

Open Kopano Webapp and you should be able to see this icon 

If not please enable the plugin first in WebApp settings.

Click on the icon and you should see the following



  • No labels