一分钟教你搭建WebRTC流媒体服务器Janus-gateway

前言

我最开始使用docker安装,结果docker安装的不是集成东西太多,导致镜像非常大。要么就是安装后发现问题多的,基本上没有维护。

不知道是我没有找到好的docker镜像还是真的就没有好的,如果有觉得不错的janus的docker镜像欢迎小伙伴留言哈。

注意:全篇建议在root用户下操作,如果没有办法执行root,那么在每条命令前面请加sudo

准备工作

  • 一台Ubuntu18.04的服务器,拥有公网ip,最好是国外服务器,国内服务器下载依赖很慢。
  • 一个域名,提前把域名解析到服务器的公网ip
  • 使用http的话开放8088端口 使用https的话开放8089端口 ps:WebRTC需要在https环境或者本地的环境下才有效,所以建议开放8099就可以了,但是janus默认走的http。我也不知道官方怎么想的,不然我去提个pr?

安装依赖

sudo apt-get install aptitude
aptitude install libmicrohttpd-dev libjansson-dev \
	libssl-dev libsrtp-dev libsofia-sip-ua-dev libglib2.0-dev \
	libopus-dev libogg-dev libcurl4-openssl-dev liblua5.3-dev \
	libconfig-dev pkg-config gengetopt libtool automake

有一个依赖库是必须通过源码安装的,它就是libsrtp库。 libsrtp库的主要作用是对数据进行加密。之所以要通过源码安装,是因为在apt源上的libsrtp库没有将ssl库编译上,而janus又需要使ssl库对数据做最终的加密,所以我们只能使用源码的方式安装了。具体操作步骤如下:

mkdir -p /opt/janus && cd janus
wget https://github.com/cisco/libsrtp/archive/v2.2.0.tar.gz
tar xfv v2.2.0.tar.gz
cd libsrtp-2.2.0
./configure --prefix=/usr --enable-openssl
make shared_library && sudo make install

安装Janus-Gateway

git clone https://github.com/meetecho/janus-gateway.git
cd janus-gateway

生成Makefile文件

./autogen.sh
./configure --prefix=/usr/local/janus

确认下生成Makefile成功没

ll Makefile

编译janus

make -j 4
sudo make install
sudo make configs

在这我出现了以下的错误

configure: error: Package requirements ( glib-2.0 >= 2.34 gio-2.0 >= 2.34 libconfig nice jansson >= 2.5 libssl >= 1.0.1 libcrypto zlib ) were not met: No package 'nice' found

是因为没有找到liblua5.3-dev,我找了很久也没有找到,最后解决办法是

sudo aptitude install libmicrohttpd-dev libjansson-dev libnice-dev
sudo aptitude install libssl-dev libsrtp-dev libsofia-sip-ua-dev libglib2.0-dev
sudo aptitude install libopus-dev libogg-dev libcurl4-openssl-dev pkg-config gengetopt libtool automakeg

如果没有出现此错误可以忽略,出现了的话可以按照我的步奏解决 解决后重新

./autogen.sh
./configure --prefix=/usr/local/janus
make -j 4
sudo make install
sudo make configs

安装CoTurn服务

安装coTrun看我之前的教程 WebRTC之搭建coturn服务遇到的问题

Janus配置

申请ssl证书,不会的看我这篇文章: WebRTC之完整搭建Jitsi Meet指南

vim /usr/local/janus/etc/janus/janus.jcfg

找到certificates配置项,在里面打开以下内容的配置,并设置。

certificates:
        cert_pem = "/etc/ssl/cert/domain/cert.pem"
        cert_key = "/etc/ssl/cert/domain/key.pem"

找到nat配置项,在里面打开以下内容的配置,并设置,其中的用户名及密码为turnserver.conf中配置的用户名及密码。

nat: {
        stun_server = "domain.com"
        stun_port = 3478
        nice_debug = true
        #full_trickle = true
        #ice_lite = true
        ice_tcp = true

        # By default Janus tries to resolve mDNS (.local) candidates: even
        # though this is now done asynchronously and shouldn't keep the API
        # busy, even in case mDNS resolution takes a long time to timeout,
        # you can choose to drop all .local candidates instead, which is
        # helpful in case you know clients will never be in the same private
        # network as the one the Janus instance is running from. Notice that
        # this will cause ICE to fail if mDNS is the only way to connect!
        #ignore_mdns = true

        # In case you're deploying Janus on a server which is configured with
        # a 1:1 NAT (e.g., Amazon EC2), you might want to also specify the public
        # address of the machine using the setting below. This will result in
        # all host candidates (which normally have a private IP address) to
        # be rewritten with the public address provided in the settings. As
        # such, use the option with caution and only if you know what you're doing.
        # Make sure you keep ICE Lite disabled, though, as it's not strictly
        # speaking a publicly reachable server, and a NAT is still involved.
        # If you'd rather keep the private IP address in place, rather than
        # replacing it (and so have both of them as advertised candidates),
        # then set the 'keep_private_host' property to true.
        #nat_1_1_mapping = "1.2.3.4"
        #keep_private_host = true

        # You can configure a TURN server in two different ways: specifying a
        # statically configured TURN server, and thus provide the address of the
        # TURN server, the transport (udp/tcp/tls) to use, and a set of valid
        # credentials to authenticate...
        turn_server = "domain.com"
        turn_port = 3478
        turn_type = "udp"
        turn_user = "user"
        turn_pwd = "passwd"      

继续修改传输的配置把https打开,不打开https没有办法使用WebRTC的

vim /usr/local/janus/etc/janus/janus.transport.http.jcfg
修改general的配置
general: {
        #events = true                                  # Whether to notify event handlers about transport events (default=true)
        json = "indented"                               # Whether the JSON messages should be indented (default),
                                                                        # plain (no indentation) or compact (no indentation and no spaces)
        base_path = "/janus"                    # Base path to bind to in the web server (plain HTTP only)
        http = true                                             # Whether to enable the plain HTTP interface
        port = 8088                                             # Web server HTTP port
        #interface = "eth0"                             # Whether we should bind this server to a specific interface only
        #ip = "192.168.0.1"                             # Whether we should bind this server to a specific IP address (v4 or v6) only
        https = true                                    # Whether to enable HTTPS (default=false)
        secure_port = 8089                              # Web server HTTPS port, if enabled
        #secure_interface = "eth0"              # Whether we should bind this server to a specific interface only
        #secure_ip = "192.168.0.1"              # Whether we should bind this server to a specific IP address (v4 or v6) only
        #acl = "127.,192.168.0."                # Only allow requests coming from this comma separated list of addresses
}

修改admin配置
admin: {
        admin_base_path = "/admin"                      # Base path to bind to in the admin/monitor web server (plain HTTP only)
        admin_http = false                                      # Whether to enable the plain HTTP interface
        admin_port = 7088                                       # Admin/monitor web server HTTP port
        #admin_interface = "eth0"                       # Whether we should bind this server to a specific interface only
        #admin_ip = "192.168.0.1"                       # Whether we should bind this server to a specific IP address (v4 or v6) only
        admin_https = true                                      # Whether to enable HTTPS (default=false)
        admin_secure_port = 7889                        # Admin/monitor web server HTTPS port, if enabled
        #admin_secure_interface = "eth0"        # Whether we should bind this server to a specific interface only
        #admin_secure_ip = "192.168.0.1         # Whether we should bind this server to a specific IP address (v4 or v6) only
        #admin_acl = "127.,192.168.0."          # Only allow requests coming from this comma separated list of addresses
}

修改证书
certificates: {
        cert_pem = "/etc/letsencrypt/live/janus.rtctest.7moor.com/cert.pem"
        cert_key = "/etc/letsencrypt/live/janus.rtctest.7moor.com/privkey.pem"
        #cert_pwd = "secretpassphrase"
        #ciphers = "PFS:-VERS-TLS1.0:-VERS-TLS1.1:-3DES-CBC:-ARCFOUR-128"
}

nginx配置

创建新的nginx配置文件

vim /etc/nginx/conf.d/doman.janus.conf

添加以下内容

server {
    listen 0.0.0.0:443 ssl;
    listen [::]:443 ssl;
    # tls configuration that is not covered in this guide
    # we recommend the use of https://certbot.eff.org/
    server_name doman.com;
    # set the root
    root /opt/janus/janus-gateway/html;
    index index.html;
    location ~ ^/([a-zA-Z0-9=\?]+)$ {
        rewrite ^/(.*)$ / break;
    }
    location / {
        ssi on;
    }

    ssl_certificate /etc/letsencrypt/live/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/privkey.pem; # managed by Certbot
}

启动nginx

nginx -t && nginx -s reload

启动janus

nohup /opt/janus/bin/janus >> /var/log/janus.log 2>&1 &

打开浏览器输入你的域名

https://youdomain.com
posted @ 2021-05-19 15:53  爱你爱自己  阅读(3596)  评论(0编辑  收藏  举报