How to Install OpenMeetings on CentOS 7

Updated on April 27, 2018
How to Install OpenMeetings on CentOS 7 header image

Apache OpenMeetings is an open source web conferencing application. It is written in Java and supports multiple database servers. It provides many features, such as audio and video conferencing, screen sharing, file explorer, a user moderation system, private messages and contacts, an integrated calendar for meeting plans and many more. You can also record a conferencing session. It provides SOAP/REST API and multiple plugins to easily integrate with Moodle, Jira, Joomla, Confluence and more.

Prerequisites

  • A Vultr CentOS 7 server instance with at least 4GB RAM.
  • A sudo user.
  • A domain name pointed towards the server.

For this tutorial, we will use 192.168.1.1 as the public IP address and meetings.example.com as the domain name pointed towards the Vultr instance. Please make sure to replace all occurrences of the example IP address and domain name with the actual one.

Update your base system using the guide How to Update CentOS 7. Once your system has been updated, proceed to install Java.

Install Java

OpenMeetings is written in Java, thus it requires Java Runtime Environment (JRE) to work. Download the latest available Oracle SE JDK 8 RPM package, which includes both JRE and JDK.

wget --header 'Cookie: oraclelicense=a' http://download.oracle.com/otn-pub/java/jdk/8u161-b12/2f38c3b165be4555a1fa6e98c45e0808/jdk-8u161-linux-x64.rpm

Install the downloaded package.

sudo rpm -Uvh jdk-8u161-linux-x64.rpm

If Java has installed successfully, then you will be able to verify its version.

java -version

You will see the following output.

[user@vultr ~]$ java -version
java version "1.8.0_161"
Java(TM) SE Runtime Environment (build 1.8.0_161-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.161-b12, mixed mode)

Before we can proceed further, we will need to set up the JAVA_HOME and JRE_HOME environment variables. Find the absolute path of the JAVA executable in your system.

readlink -f $(which java)

You will see a similar output.

[user@vultr ~]$ readlink -f $(which java)
/usr/java/jdk1.8.0_161/jre/bin/java

Now, set the JAVA_HOME and JRE_HOME environment variables according to the path of the Java directory.

echo "export JAVA_HOME=/usr/java/jdk1.8.0_161" >> ~/.bash_profile
echo "export JRE_HOME=/usr/java/jdk1.8.0_161/jre" >> ~/.bash_profile

Execute the bash_profile file.

source ~/.bash_profile

Now you can run the echo $JAVA_HOME command to ensure that the environment variable is set.

[user@vultr ~]$ echo $JAVA_HOME
/usr/java/jdk1.8.0_161

Install Dependencies

Install ImageMagick and GhostScript libraries.

sudo yum -y install epel-release
sudo yum -y install ImageMagick ghostscript

ImageMagick provides support to upload images and import them to the whiteboard. GhostScript enables you to upload PDFs to the whiteboard.

Verify the version of ImageMagick and GhostScript to ensure that they are installed successfully.

[user@vultr ~]$ identify -version
Version: ImageMagick 6.7.8-9 2016-06-16 Q16 http://www.imagemagick.org
Copyright: Copyright (C) 1999-2012 ImageMagick Studio LLC
Features: OpenMP

[user@vultr ~]$ ghostscript -v
GPL Ghostscript 9.07 (2013-02-14)
Copyright (C) 2012 Artifex Software, Inc.  All rights reserved.

Furthur, we will also need to install either Apache OpenOffice or LibreOffice on the system. Installing either of these will enable OpenMeetings to import the files in Office document formats such as .doc, .docx, .ppt, .pptx, or .xlx. In this tutorial, we will install Apache OpenOffice.

Switch to the temporary directory and download the Apache OpenOffice RPM.

cd /tmp
wget https://downloads.sourceforge.net/project/openofficeorg.mirror/4.1.5/binaries/en-US/Apache_OpenOffice_4.1.5_Linux_x86-64_install-rpm_en-US.tar.gz

Extract the archive and install all the RPM packages.

tar xf Apache_OpenOffice_4.1.5_Linux_x86-64_install-rpm_en-US.tar.gz
cd en-US/RPMS
sudo rpm -Uvh *.rpm
sudo rpm -Uvh desktop-integration/openoffice4.1.5-redhat-menus-*.rpm

To check if OpenOffice is installed correctly and working, type openoffice4 -h in the command line. It will print its version and short help.

[user@vultr ~]$ openoffice4 -h
OpenOffice 4.1.5  415m1(Build:9789)

Usage: soffice [options] [documents...]

Options:

-minimized      keep startup bitmap minimized.
...

Install the RPMFusion repository in your system as it provides pre-built packages for FFmpeg and Sound eXchange (SoX).

sudo rpm -Uvh https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm

Install FFmpeg and SoX.

sudo yum -y install ffmpeg sox

FFmpeg and SoX will enable recording of the meeting. They will also help in importing media files such as .avi, .flv, .mov and .mp4 into the whiteboard. Verify the installation by checking the versions of both FFmpeg and SoX.

[user@vultr ~]$ sox --version
sox:      SoX v14.4.1

[user@vultr ~]$ ffmpeg -version
ffmpeg version 2.8.13 Copyright (c) 2000-2017 the FFmpeg developers
built with gcc 4.8.5 (GCC) 20150623 (Red Hat 4.8.5-11)

Install PostgreSQL

OpenMeetings supports multiple types of database servers, such as MySQL, PostgreSQL, Apache, Derby, and Oracle. In this tutorial, we will use PostgreSQL server to host the OpenMeeting database.

PostgreSQL is an object-relational database system and known for its stability and speed. The default yum repository contains an old version of PostgreSQL, so add the PostgreSQL repository for the latest version of the application into the system.

sudo yum -y install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-centos10-10-1.noarch.rpm

Install the PostgreSQL database server.

sudo yum -y install postgresql10-server postgresql10-contrib postgresql10 

Initialize the database.

sudo /usr/pgsql-10/bin/postgresql-10-setup initdb

Start the PostgreSQL server and enable it to start automatically at boot time.

sudo systemctl start postgresql-10
sudo systemctl enable postgresql-10

Change the password for the default PostgreSQL user.

sudo passwd postgres

Log in as the PostgreSQL user.

sudo su - postgres

Create a new PostgreSQL user for the OpenMeetings user.

createuser openmeetings

You can use any username instead of openmeetings. Switch to the PostgreSQL shell.

psql

Set a password for the newly created user for the OpenMeetings database.

ALTER USER openmeetings WITH ENCRYPTED password 'DBPassword';

Replace DBPassword with a secure password. Create a new database for the OpenMeetings installation.

CREATE DATABASE openmeetings OWNER openmeetings;

Exit from the psql shell.

\q

Switch to the sudo user.

exit

Edit the pg_hba.conf file to enable MD5 based authentication.

sudo nano /var/lib/pgsql/10/data/pg_hba.conf

Find the following lines and change the values in the METHOD column from ident to md5.

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     peer
# IPv4 local connections:
host    all             all             127.0.0.1/32            ident
# IPv6 local connections:
host    all             all             ::1/128                 ident

Once updated, the configuration will look like this.

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     peer
# IPv4 local connections:
host    all             all             127.0.0.1/32            md5
# IPv6 local connections:
host    all             all             ::1/128                 md5

Save the file and exit from the editor. Restart PostgreSQL so that the changes can take effect.

sudo systemctl restart postgresql-10

Installing OpenMeetings

Since all the required dependencies are installed. Create a new user for OpenMeetings. Using a non-root user for running OpenMeetings is recommended for the security of the server.

 sudo adduser -b /var -s /sbin/nologin openmeetings
 

The above command will also create the home directory of the openmeetings user in /var/openmeetings.

Check the Apache OpenMeetings download page to obtain the link to the latest available release. Download the OpenMeetings archive.

cd /tmp
wget http://www-us.apache.org/dist/openmeetings/4.0.1/bin/apache-openmeetings-4.0.1.tar.gz

Extract the archive into the /var/openmeetings directory.

sudo tar xf apache-openmeetings-4.0.1.tar.gz -C /var/openmeetings

Provide ownership of the files to the OpenMeetings user we have created earlier.

sudo chown -R openmeetings:openmeetings /var/openmeetings

Before we start the application, we will need to modify the firewall to allow ports 5080 and 1935.

sudo firewall-cmd --zone=public --permanent --add-port=5080/tcp
sudo firewall-cmd --zone=public --permanent --add-port=1935/tcp
sudo firewall-cmd --reload

You can now start the application.

sudo su -s /bin/bash -c 'cd /var/openmeetings/ && sh red5.sh' openmeetings

You can now access http://192.168.1.1:5080/openmeetings in your favorite browser. You will see the welcome screen with instructions to install GhostScript.

Since we have already installed GhostScript, proceed further. On next interface, you will be prompted to provide database server details. Select database type "PostgreSql" and provide your database server details that you configured during PostgreSQL installation.

Click on the "Check" button and you should get the message: "Database check was successful". Provide your administrator account details and a group name in the next interface.

Configure the basic settings of your installation; such as to allow self-registration, email verification, and default language. Also, provide your SMTP server details. If you do not have an SMTP server ready than you can also provide the SMTP details later in the administrator dashboard.

It will ask you for the path to the binaries of different applications. Provide /usr/bin as the path for ImageMagick, FFmpeg, and SoX. If the application is providing errors for the path entered, then you can use which <binary_name> to find the absolute path to the binary. For example, which ffmpeg should give you /usr/bin/ffmpeg as output. Use /opt/openoffice4 as the path to the OpenOffice binaries.

You can skip the configuration on the next interface since we are going to use the default values. Finally, click the "Finish" button to install the application and write the database.

OpenMeetings is now installed on your server. To make it more production friendly, we will setup Systemd to manage the OpenMeetings server. We will also configure Nginx with Let's Encrypt SSL as the secured reverse proxy to serve the application.

Setting up Systemd

Though we can easily start and stop the application using the command above, it is recommended to set up a Systemd service unit to manage the application. This will also ensure that the service is automatically started on boot time and failures.

Stop the OpenMeetings server either by pressing "Ctrl+C" or by killing the shell of the openmeetings user.

sudo pkill -KILL -u openmeetings

Create a new Systemd unit file for OpenMeetings Server.

sudo nano /etc/systemd/system/openmeetings.service

Populate the file.

[Unit]
Description=OpenMeeting Service 
After=network.target

[Service]
Type=simple
User=openmeetings
WorkingDirectory=/var/openmeetings 
ExecStart=/var/openmeetings/red5.sh
Restart=always

[Install]
WantedBy=multi-user.target

Start the OpenMeetings server and enable it to automatically start at boot time.

sudo systemctl start openmeetings
sudo systemctl enable openmeetings

To check the status of the service, you can run the following.

sudo systemctl status openmeetings

You will see a similar output.

[root@vultr openmeetings]# sudo systemctl status openmeetings
● openmeetings.service - OpenMeeting Service
   Loaded: loaded (/etc/systemd/system/openmeetings.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2018-01-31 15:40:56 UTC; 38s ago
 Main PID: 10522 (java)
   CGroup: /system.slice/openmeetings.service
           └─10522 /bin/java -Dred5.root=/var/openmeetings -Djava.security.debug=failure -Xms256m...

Jan 31 15:41:29 vultr.guest red5.sh[10522]: [INFO] [Loader:/openmeetings] org.red5.server.Serv...ngs
Jan 31 15:41:29 vultr.guest red5.sh[10522]: [INFO] [Loader:/openmeetings] org.red5.server.Serv...ngs
Jan 31 15:41:29 vultr.guest red5.sh[10522]: DEBUG 01-31 15:41:29.431 16603 343 o.a.o.c.r.Scope...se]
Jan 31 15:41:29 vultr.guest red5.sh[10522]: DEBUG 01-31 15:41:29.531 16703 124 o.a.o.c.r.Scope...ngs
Jan 31 15:41:34 vultr.guest red5.sh[10522]: DEBUG 01-31 15:41:34.421 21593 82 o.a.o.u.Version ...] -
Jan 31 15:41:34 vultr.guest red5.sh[10522]: ##################################################...###
Jan 31 15:41:34 vultr.guest red5.sh[10522]: #                              Openmeetings is up ...  #
Jan 31 15:41:34 vultr.guest red5.sh[10522]: #                      4.0.1 3795f14 2017-12-05T16...  #
Jan 31 15:41:34 vultr.guest red5.sh[10522]: #                               and ready to use  ...  #
Jan 31 15:41:34 vultr.guest red5.sh[10522]: ##################################################...###
Hint: Some lines were ellipsized, use -l to show in full.

Setup Nginx as Reverse Proxy

By default, OpenMeetings listens to port 5080. If the connection between the browser and server are not encrypted with SSL, then logins and other information will be sent using plain text. This might be a potential threat as someone eavesdropping on the network might obtain the information. To mitigate this issue, we will setup Nginx as the reverse proxy which will listen to the default HTTPS port and will proxy all the requests to the OpenMeetings server.

Install Nginx.

sudo yum -y install nginx

Start Nginx and enable it to automatically start at boot time.

sudo systemctl start nginx
sudo systemctl enable nginx

Install Certbot, which is the client application for Let's Encrypt CA.

sudo yum -y install certbot

Before you can request the certificates, you will need to allow ports 80 and 443 or standard HTTP and HTTPS services through the firewall.

sudo firewall-cmd --zone=public --add-service=http --permanent
sudo firewall-cmd --zone=public --add-service=https --permanent
sudo firewall-cmd --reload

Note: To obtain certificates from Let's Encrypt CA, the domain for which the certificates are to be generated must be pointed towards the server. If not, make the necessary changes to the DNS records of the domain and wait for the DNS to propagate before making the certificate request again. Certbot checks the domain authority before providing the certificates.

Generate the SSL certificates.

sudo certbot certonly --webroot -w /usr/share/nginx/html -d meetings.example.com

The generated certificates are likely to be stored in /etc/letsencrypt/live/meetings.example.com/. The SSL certificate will be stored as fullchain.pem and private key will be stored as privkey.pem.

Let's Encrypt certificates expire in 90 days, hence it is recommended to set up auto-renewal of the certificates using Cron jobs.

Open the cron job file.

sudo crontab -e

Add the following line at the end of the file.

30 5 * * * /usr/bin/certbot renew --quiet

The above cron job will run every day at 5:30 AM. If the certificate is due for expiry, it will automatically be renewed.

Now, change the Nginx default configuration file to take out the default_server line.

sudo sed -i 's/default_server//g' /etc/nginx/nginx.conf

Create a new configuration file for OpenMeetings Server.

sudo nano /etc/nginx/conf.d/meetings.example.com.conf

Populate the file.

server {
    listen 80;
    server_name meetings.example.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443;
    server_name meetings.example.com;

    ssl_certificate           /etc/letsencrypt/live/meetings.example.com/fullchain.pem;
    ssl_certificate_key       /etc/letsencrypt/live/meetings.example.com/privkey.pem;

    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    access_log  /var/log/nginx/openmeetings.access.log;

location / {
    proxy_pass            http://localhost:5080;        
    proxy_set_header    host $host;
    proxy_http_version  1.1;
    proxy_set_header upgrade $http_upgrade;         
    proxy_set_header connection "upgrade";     
    } 
}

Check for errors in the new configuration file.

sudo nginx -t

If you see the following output, the configuration is error free.

[user@vultr ~]$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

If you have received some kind of error, make sure to double check the path to the SSL certificates. Restart the Nginx web server to implement the change in configuration.

sudo systemctl restart nginx

Before you can start using the application on the SSL secured site, you will need to make a configuration change in OpenMeetings. Login to your OpenMeetings administrative dashboard and navigate to "Administration >> Configuration". In the table of ID, key and value; find application.base.url. Change its value to https://meetings.example.com according to your domain name. Save the configuration by clicking the save icon above.

Restart the OpenMeetings service.

sudo systemctl restart openmeetings

Now, you can browse to https://meetings.example.com using your favorite web browser and log in to use the application.

Congratulations, Apache OpenMeetings is now installed on your server. You can invite your friends and start using OpenMeetings for online conferences.