Foreword
Many people in the group report that they have encountered problems in setting up the server. I will reorganize the building process here. I hope it helps
Paste the project address here
Android side: https://github.com/ddssingsong/webrtc_android
Server and browser: https://github.com/ddssingsong/webrtc_server
Article Directory
Preface
1. Prerequisites
2. Install node and npm
3. coturn penetration and forwarding server
4. Install webrtc server and browser
5. Install nginx
6. Test browser
7. Test client
8. Okay, Basically complete
1. Prerequisites
First of all, you need to have a linux server, windows can also be, please get some simple tools yourself should be installed first
Such as: git, make, gcc and the like
2. Install node and npm to
download the latest nodejs from the official website: https://nodejs.org/en/download/
# wget https://nodejs.org/dist/v10.16.0/node-v10.16.0-linux-x64.tar.xzinstallation
# 解压
# tar -xvf node-v10.16.0-linux-x64.tar.xz
# 改名
# mv node-v10.16.0-linux-x64 nodejs
# 进入目录
# cd nodejs/
# 确认一下nodejs下bin目录是否有node 和npm文件,如果有就可以执行软连接
# sudo ln -s /home/dds/webrtc/nodejs/bin/npm /usr/local/bin/
# sudo ln -s /home/dds/webrtc/nodejs/bin/node /usr/local/bin/
# 看清楚,这个路径是你自己创建的路径,我的路径是/home/dds/webrtc/nodejs
#查看是否安装
# node -v
# npm -v
# 注意,ubuntu 有的是需要sudo,如果不想sudo,可以
# sudo ln -s /home/dds/webrtc/nodejs/bin/node /usr/bin/3. Coturn penetration and forwarding server Let
me talk about it here. If you want to install ubuntu, just use apt to install it.
# sudo apt install coturn CentOS or other systems are installed according to the following methods
1. Installation dependencies
Ubuntu, Debian, Mint:
$ sudo apt-get install libssl-dev(必须)
$ sudo apt-get install libsqlite3 (or sqlite3)
$ sudo apt-get install libsqlite3-dev (or sqlite3-dev)
$ sudo apt-get install libevent-dev(必须)
$ sudo apt-get install libpq-dev
$ sudo apt-get install mysql-client
$ sudo apt-get install libmysqlclient-dev
$ sudo apt-get install libhiredis-dev
Fedora:
$ sudo yum install openssl-devel
$ sudo yum install sqlite
$ sudo yum install sqlite-devel
$ sudo yum install libevent
$ sudo yum install libevent-devel
$ sudo yum install postgresql-devel
$ sudo yum install postgresql-server
$ sudo yum install mysql-devel
$ sudo yum install mysql-server
$ sudo yum install hiredis
$ sudo yum install hiredis-devel 2. Compile and install coturn
# git clone https://github.com/coturn/coturn
# cd coturn
# ./configure
# make
# sudo make install3. Check if it is installed
# which turnserver
4. Configuration file /usr/local/etc/turnserver.conf or /etc/turnserver.conf
# 生成安全访问密码
# turnadmin -k -u ddssingsong -r north.gov -p 123456
# 生成了这个
0xfb76c57e823de97df580e573437ef54a/usr/local/etc/turnserver.conf is configured as follows
verbose
fingerprint
lt-cred-mech
realm=test
user=ddssingsong:0xfb76c57e823de97df580e573437ef54a
user=ddssingsong:123456
stale-nonce
no-loopback-peers
no-multicast-peers
mobility
no-cli
For more detailed configuration, please see
https://github.com/ddssingsong/webrtc_server/blob/master/coturn/turnserver.conf
Or the following configuration, only configure stun (stun-only)
listening-ip=本地ip
listening-port=3478
#relay-ip=0.0.0.0
external-ip=外网ip
min-port=59000
max-port=65000
Verbose
fingerprint
no-stdout-log
syslog
cert=pem/turn_server_cert.pem #这两个玩意请自行生成
pkey=pem/turn_server_pkey.pem #
user=demo:demo
no-tcp
no-tls
no-tcp-relay
stun-only
#secure-stun
5. Start
# 如果按照上面的配置直接运行
turnserver
# 如果没有配置上述配置文件,可采用其他运行方法
/usr/local/bin/turnserver --syslog -a -f --min-port=32355 --max-port=65535 --user=dds:123456 -r dds --cert=turn_server_cert.pem --pkey=turn_server_pkey.pem --log-file=stdout -v
--syslog 使用系统日志
-a 长期验证机制
-f 使用指纹
--min-port 起始用的最小端口
--max-port 最大端口号
--user=dds:123456 turn用户名和密码
-r realm组别
--cert PEM格式的证书
--pkey PEM格式的私钥文件
-l, --log-file,<filename> 指定日志文件
-v verbose
#请根据需要选择
6. Test the address, please test stun and turn separately
https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
4. Install webrtc server and browser
1. Download code
# 代码检出来
# git clone https://github.com/ddssingsong/webrtc_server.git
# cd webrtc_server
var iceServer = {
"iceServers": [
{
"url": "stun:stun.l.google.com:19302"
},
{
"url": "stun:118.25.25.147:3478"
},
{
"url": "turn:118.25.25.147:3478",
"username":"ddssingsong",
"credential":"123456"
}
]
};
3. Modify /public/dist/js/conn.js
## 最后一行
## 如果没有配wss代理
rtc.connect("ws:" + window.location.href.substring(window.location.protocol.length).split('#')[0], window.location.hash.slice(1));
如果配了nginx wss代理
rtc.connect("wss:" + window.location.href.substring(window.location.protocol.length).split('#')[0]+"/wss", window.location.hash.slice(1));
# 后面的那个“/wss”是根据自己配的代理路径
4. Run
# cd到项目路径
# 安装依赖
npm install
# 运行
node server.js
In fact, you can test the client at this step, look down for online deployment details
Client test can configure proxy without nginx, just use ws
5. Install nginx
if it is ubuntu, you can still use apt to install
# sudo apt-get install nginx
centos proceeds in the following way
1. Installation dependencies
# yum install -y gcc gcc-c++ autoconf automake make zlib zlib-devel openssl openssl-devel pcre pcre-devel
2. Compile and install nginx
# wget -C http://nginx.org/download/nginx-1.12.0.tar.gz
# tar xvf nginx-1.12.0.tar.gz
# cd nginx-1.12.0
# ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
# make
# sudo make install
3. Generate a certificate, this is just a simple generation, please be careful
# 移动到目录,下面会用到
cd /
sudo mkdir cert
ce cert
# 生成服务器证书key
sudo openssl genrsa -out cert.pem 1024
# 生成证书请求,需要你输入信息,一路回车就行,不要输入内容
sudo openssl req -new -key cert.pem -out cert.csr
# 生成crt证书
sudo openssl x509 -req -days 3650 -in cert.csr -signkey cert.pem -out cert.crt
4. Modify the configuration file /usr/local/nginx/conf/nginx.conf or /etc/nginx/nginx.conf, if not, find it yourself
Just post the content below
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
#代理https
upstream web {
server 0.0.0.0:3000;
}
#代理websocket
upstream websocket {
server 0.0.0.0:3000;
}
server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate /cert/cert.crt;#配置证书
ssl_certificate_key /cert/cert.key;#配置密钥
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 50m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv2 SSLv3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#wss 反向代理
location /wss {
proxy_pass http://websocket/; # 代理到上面的地址去
proxy_read_timeout 300s;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'Upgrade';
}
#https 反向代理
location / {
proxy_pass http://web/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}
5. Start nginx
#查看是否开启
ps -ef|grep nginx
#改变配置文件重启nginx
sudo nginx -s reload
6. Test the browser
#访问
https://serverIp#roomName
如:
外网:https://192.168.1.123/#123
内网:http:192.168.1.123:3000#123
# 查看效果,其中roomName为进入的房间名,不同房间的用户无法互相通话
7. Test the client
# 将这个项目下下来使用 android studio 编译并安装
https://github.com/ddssingsong/webrtc_android
Modify WebrtcUtil.java, remove the address on the interface
// turn and stun
// 外网测试才需要
private static MyIceServer[] iceServers = {
new MyIceServer("stun:stun.l.google.com:19302"),
new MyIceServer("118.25.25.147:3478?transport=udp"),
new MyIceServer("118.25.25.147:3478?transport=udp",
"ddssingsong",
"123456"),
new MyIceServer("118.25.25.147:3478?transport=tcp",
"ddssingsong",
"123456"),
};
// 外网测试
private static String WSS = "wss://47.254.34.146/wss";
//本地内网信令地址
private static String WSS = "ws://192.168.1.122:3000";
8. Well, basically completed
