Monitor your servers with Cockpit

4 min readApr 25, 2020

Following on my previous article Run your own Video Conference Service with Jitsi I started looking for a reliable solution to monitor my instance that runs Jitsi. I needed basic information on RAM, CPU, Disk, Networking, and I/O to assess the performance bottleneck for the serve

I was familiar with the tools I used in the past, like Cacti, Nagios, and Zabbix. All these tools need extensive configuration, “Not sure about the current state, but in the past took me a while to set them up correctly.” I was in the search for a straightforward tool that shows me hardware “VM” metrics and allows me to check the logs without ssh into the VM and ideally tool should be Open Source.

After a quick search, I think I found the tool I need Cockpit. The Cockpit provides all information I need to monitor VM parameters, logs, service, and more.

Note: I deploy a new Jitsi instance to DigitalOcean to play around with new Droplets on the latest version of the Ubuntu 20.04. I used the same steps to deploy Jitsi for 19.09.
Note: For Ubuntu 20.04 few changes needed to run install-letsencrypt-cert.sh
After 1st run of the /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh you may get an error

Reading state information... Done
Note, selecting 'python-is-python2' instead of 'python'
Note, selecting 'python-dev-is-python2' instead of 'python-dev'
Package python-virtualenv is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another sourceE: Package 'python-virtualenv' has no installation candidate

1. comment the below lines in /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

#if [ ! -f certbot-auto ] ; then
#  wget https://dl.eff.org/certbot-auto
#  chmod a+x ./certbot-auto
#fi

2. Edit /usr/local/sbin/certbot-auto to rename packages from python-virtualenv to python3-virtualenv and remove --no-site-packages from line 1056.

Run again /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh and this time I got my new certificates for the domain.

I know a more elegant solution may exist if I spent more time digging in /usr/local/sbin/certbot-auto and fixing python packages.
You can check new certificates for your domain /etc/letsencrypt/live/vc.your_domain.com

Above change needed only if you deploy Jitsi on Ubuntu 20.04

Now let’s deploy the Cockpit.

apt install cockpit -y

1st step is to allow port 9090 access from your network, and open firewall port as the follow up from the previous article in the section on firewall access Run your own Video Conference Service with Jit

sudo ufw allow from YourIP to any port 9090

Check is cockpit was started by accessing your server on port 9090.

You will notice the error with SSL/TLS certificate in the browser “I tested in both Chrome and Firefox.”

A workaround is to use “Firefox or Chrome Private/Incognito Window.

During Installation, Cockpit is generating a self-signed certificate, but as we already created a certificate for my FQDN vc.mudrii.com we can reuse letsencrypt certificate..

Check the Cockpit path for the certificate by running

jitsiadmin@vc:~$ sudo remotectl certificate
certificate: /etc/cockpit/ws-certs.d/0-self-signed.cert

The easiest way is to overwrite 0-self-signed.cert with letsencrypt certificate

letsencrypt stores certificates in /etc/letsencrypt/archive/vc.your_domain.com

We can overwrite both Public and Private certificates to /etc/cockpit/ws-certs.d/0-self-signed.cert as a root user and restart cock

sudo su -cat /etc/letsencrypt/archive/vc.mudrii.com/fullchain1.pem > /etc/cockpit/ws-certs.d/0-self-signed.certcat /etc/letsencrypt/archive/vc.mudrii.com/privkey1.pem >> /etc/cockpit/ws-certs.d/0-self-signed.certsystemctl status cockpit

Now try to reload your page and login with jitsiuser created in my previous article.