Galaxy
is a web application for Jitsi
admins and users to organize their
Jitsi meetings, meeting schedules and attendees.
This version has a built-in identity managment system. Check
Galaxy-kc for version that uses
Keycloak
as the identity management system.
Try Galaxy
using publicly available implementation on
https://eparto.net
- Built-in highly secure identity management system. No need for external services. Thanks go to Ory/Kratos
- Add as many Jitsi servers as you want
- Allow your partners to access your Jitsi server for different use-cases:
domain partnership
: allow them to access the whole Jitsi server without sharing your secret key or the private keyroom partnership
: allow them to manage some Jitsi roomsmeeting membership
: allow them to access some meetings asmoderator
or aslimited participant
- Allow partnership using an invite link
- Allow membership using an invite link
- Create access links for unregistered users
- Create disposable or permanent access links
- Create scheduled meetings
- Calendar view for scheduled meetings
- Waiting room for scheduled meetings
- Manage your Jitsi profiles
- Ability to attach a profile to a specific meeting
- Unpredictable room name support. Create meeting links for anonymous Jitsi
servers (such as
meet.jit.si
) and share these links with your members. Although the actual meeting link is updated periodically in the background (using some hashing algorithm), members can always join the meeting using its staticGalaxy
link. So, only your members can join this unprotected meeting room. - Built-in JWT support
- Built-in JaaS support
- Transfer all your Jitsi resources (rooms, meetings, partners, members, etc.) in one simple step to a new Jitsi server.
Debian 12 Bookworm
server
Use a dedicated server, not shared one... It will be heavily customized.- At least 2 GB RAM and 8 GB disk space
- An
FQDN
for the web application. e.g.app.galaxy.corp
- An
FQDN
for the identity service. e.g.id.galaxy.corp
- Both FQDNs must be subdomains of the same domain.
- A DNS
A record
for the web application pointing to the server. - A DNS
A record
for the identity service pointing to the server. - An email account for SMTP.
- Allow the following ports if the server is behind a firewall
TCP/80
(needed for Let's Encrypt certificate)TCP/443
Run the following commands as root
.
Update the value of APP_FQDN
and KRATOS_FQDN
according to your domain
names.
Update the value of KRATOS_SMTP_CONNECTION_URI
and KRATOS_SMTP_FROM_ADDRESS
according to your email system.
username
and password
in KRATOS_SMTP_CONNECTION_URI
should be URL encoded
if there is special character in it. For example if SMTP's username is
[email protected]
then you should set it as
smtp://noreply%40mydomain.corp:[email protected]:587
.
For more details about KRATOS_SMTP_CONNECTION_URI
, see SMTP configuration
inside
Ory Kratos reference.
wget https://raw.githubusercontent.com/emrahcom/bookworm-lxc-base/main/installer/eb
wget https://raw.githubusercontent.com/emrahcom/galaxy/main/installer/eb-galaxy.conf
export APP_FQDN=app.galaxy.corp
export KRATOS_FQDN=id.galaxy.corp
export KRATOS_SMTP_CONNECTION_URI="smtp://username:[email protected]:587"
export KRATOS_SMTP_FROM_ADDRESS="[email protected]"
bash eb eb-galaxy
If this is a test setup and you don't have resolvable FQDNs, please set
SKIP_DNS_CHECK
before installation
export SKIP_DNS_CHECK=true
Let's say the host address of the web application is app.galaxy.corp
and the
host address of the identity service is id.galaxy.corp
. To set the Let's
Encrypt certificate:
set-letsencrypt-cert app.galaxy.corp,id.galaxy.corp
Be careful, no space between host addresses.