好记性不如个烂笔头,记录一下搭建的过程。
前提准备
基础环境的准备,包括服务器环境、地址、证书、防火墙配置等。
环境准备
操作系统:centos 7.6 x64
一个带有SSL证书的域名
需要开放对应的端口:8088 8188 3478 3480-3500 7000-9000 443
证书转换
mkdir /etc/ssl/cert/domain.com cd /etc/ssl/cert/domain.com
上传证书至此目录,一般用Nginx适用的证书即可。如果有pem的最好,直接上传到此处,如果没有的话,需要转换。
openssl rsa -in domain.com.key -text > key.pem openssl x509 -inform PEM -in domain.com.crt > cert.pem
开始安装
开始Webrtc服务的部署及安装,将分步骤详细记录。以及在按步骤执行过程中遇到的问题的处理。
安装依赖包
yum update yum -y install epel-release nginx libmicrohttpd-devel jansson-devel openssl-devel libsrtp-devel sofia-sip-devel glib2-devel opus-devel libogg-devel libcurl-devel pkgconfig gengetopt libconfig-devel libtool autoconf automake libnice libnice-devel libwebsockets libwebsockets-devel doxygen graphviz cmake gtk-doc-tools git lrzsz
安装libsrtp
cd ~ wget https://github.com/cisco/libsrtp/archive/v1.5.4.tar.gz tar zxvf v1.5.4.tar.gz && cd libsrtp-1.5.4 ./configure --prefix=/usr --enable-openssl --libdir=/usr/lib64 make shared_library && sudo make install
安装usrsctp
cd ~ git clone https://github.com/sctplab/usrsctp cd usrsctp ./bootstrap ./configure --prefix=/usr --libdir=/usr/lib64 && make && sudo make install
安装RabbitMQ
cd ~ git clone https://github.com/alanxz/rabbitmq-c cd rabbitmq-c git submodule init git submodule update mkdir build && cd build cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_LIBDIR=/usr/lib64 .. make && sudo make install
安装Janus-Gateway
cd ~ git clone https://github.com/meetecho/janus-gateway.git cd janus-gateway sh autogen.sh ./configure --prefix=/opt/janus --enable-websockets make make install make configs
输出以下信息,说明./configure --prefix=/opt/janus --enable-websockets 执行成功。
Compiler: gcc
libsrtp version: 1.5.x
SSL/crypto library: OpenSSL
DTLS set-timeout: not available
Mutex implementation: GMutex (native futex on Linux)
DataChannels support: yes
Recordings post-processor: no
TURN REST API client: yes
Doxygen documentation: no
Transports:
REST (HTTP/HTTPS): yes
WebSockets: yes
RabbitMQ: yes
MQTT: no
Unix Sockets: yes
Nanomsg: no
Plugins:
Echo Test: yes
Streaming: yes
Video Call: yes
SIP Gateway (Sofia): no
SIP Gateway (libre): no
NoSIP (RTP Bridge): yes
Audio Bridge: yes
Video Room: yes
Voice Mail: yes
Record&Play: yes
Text Room: yes
Lua Interpreter: no
Duktape Interpreter: no
Event handlers:
Sample event handler: yes
RabbitMQ event handler:yes
MQTT event handler: no
JavaScript modules: no
安装CoTurn服务
在安装CoTurn服务执行./configure时,碰到了一个报错,这里提前说明,先做解决。
Libevent2 development is not installed properly ERROR: Libevent2 development libraries are not installed properly in required location. ERROR: may be you have just too old libevent tool - then you have to upgrade it. See the INSTALL file. Abort.
解决办法如下:
sudo yum install libevent libevent-devel openssl openssl-libs -y
然后:
cd ~ wget https://sourceforge.net/projects/levent/files/release-2.0.22-stable/libevent-2.0.22-stable.tar.gz/download mv download libevent-2.0.22-stable.tar.gz tar zxvf libevent-2.0.22-stable.tar.gz cd libevent-2.0.22-stable ./configure make sudo make install
然后开始正常安装CoTurn服务。
cd ~ mkdir /root/webrtc cd /root/webrtc wget http://coturn.net/turnserver/v4.5.0.7/turnserver-4.5.0.7.tar.gz tar zxvf turnserver-4.5.0.7.tar.gz cd /root/webrtc/turnserver-4.5.0.7 ./configure make install
服务配置
此处主要是涉及到turn服务及Janus服务的配置项目。
CoTurn服务的配置
vi /usr/local/etc/turnserver.conf
打开后在文件中添加以下配置:
relay-device=eth0 listening-ip=192.168.1.100 #LocalIP listening-port=3478 tls-listening-port=5349 relay-ip=192.168.1.100 #LocalIP external-ip=112.112.x.x #NetIP relay-threads=50 lt-cred-mech cert=/etc/ssl/cert/domain/cert.pem pkey=/etc/ssl/cert/domain/key.pem user=user:password123 #配置一个用户名密码 min-port=3480 max-port=3500 realm=domain.com #所用的域名
Janus配置
vi /opt/janus/etc/janus/janus.jcfg
找到certificates配置项,在里面打开以下内容的配置,并设置。
certificates:
cert_pem = "/etc/ssl/cert/domain/cert.pem"
cert_key = "/etc/ssl/cert/domain/key.pem"
找到nat配置项,在里面打开以下内容的配置,并设置,其中的用户名及密码为turnserver.conf中配置的用户名及密码。
nat:
turn_server = "domain.com"
turn_port = 3478
turn_type = "udp"
turn_user = "user"
turn_pwd = "passwd123"
ice_enforce_list = "eth0"
再打开janus.transport.http.jcfg进行配置。
vi /opt/janus/etc/janus/janus.transport.http.jcfg
分别找到general、admin、certificates三项的配置处,修改以下配置(没有提到的不用动)。
general:
https = true
admin:
admin_https = true
certificates:
cert_pem = "/etc/ssl/cert/domain/cert.pem"
cert_key = "/etc/ssl/cert/domain/key.pem"
再打开janus.transport.websockets.jcfg进行配置。
vi /opt/janus/etc/janus/janus.transport.websockets.jcfg
分别找到general、admin、certificates三项的配置处,修改以下配置(没有提到的不用动)。
general:
wss = true
admin:
admin_wss = true
certificates:
cert_pem = "/etc/ssl/cert/domain/cert.pem"
cert_key = "/etc/ssl/cert/domain/key.pem"
Nginx的配置
新创建一个配置文件:
vi /etc/nginx/conf.d/janus.conf
添加以下内容
server {
licsten 80;
listen 443 ssl;
server_name domain.com;
ssl_certificate /etc/ssl/cert/domain/domain.com.crt;
ssl_certificate_key /etc/ssl/cert/domain/domain.com.key;
charset utf-8;
root /opt/janus/share/janus/demos;
index index.php index.html index.htm;
access_log /var/log/nginx/access.log main;
location / {
}
}
服务启动
此处主要为各个服务的启动方式。
启动Turn服务
/usr/local/bin/turnserver -c /usr/local/etc/turnserver.conf -o
可以查看3478端口是否被占用,若占用,则说明服务启动成功。
netstat -nap|grep 3478
启动Janus服务
nohup /opt/janus/bin/janus >> /var/log/janus.log 2>&1 &
启动Nginx服务
systemctl restart nginx
验证
此时服务都已经启动,可访问https://domain.com进行验证,可打开demo中的video room后,点击start,进行验证,可在多个PC中打开,输入同一个room id进行测试。