注:
libwebsockets(WebSocketをサポート)
libsrtpおよびlibusrsctp(オーディオおよびビデオストリーミング制御およびデータプロトコルのサポート)
libmicrohttpd(http / httpsをサポート)
Janus
nginx(Webサービスを提供)
1.基本環境はインストールによって異なります
yum install -y epel-release
yum update -y
yum install -y deltarpm
yum install doxygen graphviz
yum install -y openssh-server sudo which file curl zip unzip wget
yum install -y libmicrohttpd-devel jansson-devel libnice-devel glib2-devel opus-devel libogg-devel pkgconfig gengetopt libtool autoconf automake libsrtp-devel sofia-sip-devel libcurl-devel make gcc gcc-c ++ git cmake libconfig-devel openssl-devel libevent libevent-devel sqlite sqlite-devel postgresql-devel postgresql -develmysql-サーバーhiredishiredis-devel
エクスポートPKG_CONFIG_PATH = $ PKG_CONFIG_PATH:/ usr / lib / pkgconfig
2.libsrtpをインストールします
mkdir -p stcc / janus
cd / stcc / janus /
wget https://github.com/cisco/libsrtp/archive/v1.5.4.tar.gz
tar xfv v1.5.4.tar.gz
cdlibsrtp-1.5.4
。 / configure --prefix = / usr --enable-openssl --libdir = / usr / lib64
make shared_library && make installcd
… wgethttps
://github.com/cisco/libsrtp/archive/v2.2.0.tar.gz
tar xfv v2.2.0.tar.gz
cd libsrtp-2.2.0
./configure --prefix = / usr --enable-openssl --libdir = / usr / lib64
make shared_library && make installcd
…
3.libusrsctpをインストールします
git clone https://github.com/Kurento/libusrsctp.git
cd libusrsctp
./bootstrap
./configure --prefix = / usr --libdir = / usr / lib64
make && make installcd
…
4. libmicrohttpd(V0.9.72)をインストールします
wget https://ftp.gnu.org/gnu/libmicrohttpd/libmicrohttpd-0.9.72.tar.gz
tar zxf libmicrohttpd-0.9.72.tar.gz
cd libmicrohttpd-0.9.72 /
./configure
make && make install
cd …
5. usrsctp(V0.9.5)をインストールします
git clone https://github.com/sctplab/usrsctp
cd usrsctp
./bootstrap
./configure --prefix = / usr
make && make installcd
…
6. libwebsocket(V4.1.6)をインストールします
git clone https://github.com/warmcat/libwebsockets
cd libwebsockets
git branch -a #最新の安定バージョンを表示して選択します。現在のバージョンはremotes / origin / v3.2-stable
git checkout v3.2-stable #Switch最新の安定バージョンに
MKDIRビルド
CD構築
cmakeの-DMAKE_INSTALL_PREFIX:PATH =は/ usr -DCMAKE_C_FLAGS = " - FPIC" ...
メイク&& make installを
CDに... / ...
7. Janus(V0.10.5)をインストールします
git clone https://github.com/meetecho/janus-gateway.git &&
cd janus-gateway
sh autogen.sh
./configure --prefix = / opt / janus --enable-websockets --enable-data-channels- -enable-docs
make && make install && make configscd
…
8.nginxをインストールして構成します
#Download nginx 1.15.8 version
wget http://nginx.org/download/nginx-1.15.8.tar.gz
tar xvzf nginx-1.15.8.tar.gz
cd nginx-1.15.8 /#Configuration
、must Support https
./configure --with-http_ssl_module
コンパイル
make && make installcd
…
証明書の生成
mkdir-p cert
cd cert
#CA秘密鍵
opensslgenrsa -out key.pem 2048
#自己署名証明書
openssl req -new -x509 -key key.pem -out cert.pem -days 1095
cd…
nginx構成ファイルを変更しますvi
/ usr / local / nginx / conf / nginx.confjanusが配置されているディレクトリを指すように場所/ opt / janus / share / janus / demos
以下に示すように、証明書
ssl_certificate / stcc /
janus / cert / cert.pem; ssl_certificate_key / stcc / janus / cert / key.pem;
を構成します。
nginx
/ usr / local / nginx / sbin / nginxを
起動してhttpsサーバーのIPにアクセスします
上記のhttpアクセスの場合、nginx構成に
https://121.4.124.xxx/と入力すると、アクセスは成功します
9. coturnサービスの展開(V4.5.1.3)
wget https://coturn.net/turnserver/v4.5.2/turnserver-4.5.1.3.tar.gz
tar -zxvf turnserver-4.5.1.3.tar.gz
cd turnserver-4.5.1.3 /
./configure
make && make install
cd…
mkdircurncert
cd curncert
openssl req -x509 -newkey rsa:2048 -keyout /stcc/janus/turncert/turn_server_pkey.pem -out /stcc/janus/turncert/turn_server_cert.pem -days 99999 -nodes
which turnserver
cp /usr/local/etc/turnserver.conf.default /usr/local/etc/turnserver.conf
vi / usr / local / etc / turnserver.conf
ファイル
の最後に挿入以下にいくつかを示します内联代码片
。
#与前ifconfig查到的网卡名称一致
listening-device=eth0
listening-port=3478
#tls-listening-port=5349
#内网IP
listening-ip=172.17.0.x
relay-ip=172.17.0.x
#公网IP
external-ip=121.4.124.xxx
min-port=49152
max-port=65535
cert= /stcc/janus/turncert/turn_server_cert.pem
pkey= /stcc/janus/turncert/turn_server_pkey.pem
#用户名密码
user=stcc:123456
#不开启会报CONFIG ERROR: Empty cli-password, and so telnet cli interface is disabled! Please set a non empty cli-password!错误
cli-password=qwerty
lt-cred-mech
pidfile="/var/run/turnserver.pid"
turnserver -v -r 121.4.124.xxx:3478 -a -o -c /usr/local/etc/turnserver.conf
注:AlibabaCloudまたはTencentCloudサーバーを使用している場合は、対応するポートへのアクセスを開発し、対応するポートのファイアウォールをオフにする必要があります
10.janus構成ファイル
cd / opt / janus / etc / janus
構成を変更しますjanus.jcfg
janus.transport.http.jcfgを変更して、httpsを有効にし、証明書を追加します。
ここにいくつかあり内联代码片
ます。
general: {
#events = true # Whether to notify event handlers about transport events (default=true)
json = "indented" # Whether the JSON messages should be indented (default),
# plain (no indentation) or compact (no indentation and no spaces)
base_path = "/janus" # Base path to bind to in the web server (plain HTTP only)
threads = "unlimited" # unlimited=thread per connection, number=thread pool
http = true # Whether to enable the plain HTTP interface
port = 8088 # Web server HTTP port
#interface = "eth0" # Whether we should bind this server to a specific interface only
#ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only
https = true # Whether to enable HTTPS (default=false)
secure_port = 8089 # Web server HTTPS port, if enabled
#secure_interface = "eth0" # Whether we should bind this server to a specific interface only
#secure_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only
#acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}
certificates: {
cert_pem = "/home/ubuntu/cert/cert.pem"
cert_key = "/home/ubuntu/cert/key.pem"
#cert_pwd = "secretpassphrase"
#ciphers = "PFS:-VERS-TLS1.0:-VERS-TLS1.1:-3DES-CBC:-ARCFOUR-128"
}
図に示すように、janus.transport.websockets.jcfgを変更してwssを開き、証明書を追加します。
# WebSockets stuff: whether they should be enabled, which ports they
# should use, and so on.
general: {
#events = true # Whether to notify event handlers about transport events (default=true)
json = "indented" # Whether the JSON messages should be indented (default),
#pingpong_trigger = 30 # After how many seconds of idle, a PING should be sent
#pingpong_timeout = 10 # After how many seconds of not getting a PONG, a timeout should be detected
ws = true # Whether to enable the WebSockets API
ws_port = 8188 # WebSockets server port
#ws_interface = "eth0" # Whether we should bind this server to a specific interface only
#ws_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
wss = true # Whether to enable secure WebSockets
wss_port = 8989 # WebSockets server secure port, if enabled
#wss_interface = "eth0" # Whether we should bind this server to a specific interface only
#wss_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
#ws_logging = "err,warn" # libwebsockets debugging level as a comma separated list of things
# to debug, supported values: err, warn, notice, info, debug, parser,
# header, ext, client, latency, user, count (plus 'none' and 'all')
#ws_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}
# If you want to expose the Admin API via WebSockets as well, you need to
# specify a different server instance, as you cannot mix Janus API and
# Admin API messaging. Notice that by default the Admin API support via
# WebSockets is disabled.
admin: {
admin_ws = false # Whether to enable the Admin API WebSockets API
admin_ws_port = 7188 # Admin API WebSockets server port, if enabled
#admin_ws_interface = "eth0" # Whether we should bind this server to a specific interface only
#admin_ws_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
admin_wss = false # Whether to enable the Admin API secure WebSockets
#admin_wss_port = 7989 # Admin API WebSockets server secure port, if enabled
#admin_wss_interface = "eth0" # Whether we should bind this server to a specific interface only
#admin_wss_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
#admin_ws_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}
# Certificate and key to use for any secure WebSocket server, if enabled (and passphrase if needed).
# You can also disable insecure protocols and ciphers by configuring the
# 'ciphers' property accordingly (no limitation by default).
# Examples of recommended cipher strings at https://cheatsheetseries.owasp.org/cheatsheets/TLS_Cipher_String_Cheat_Sheet.html
certificates: {
cert_pem = "/stcc/janus/cert/cert.pem"
cert_key = "/stcc/janus/cert/key.pem"
#cert_pwd = "secretpassphrase"
#ciphers = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
}
図に示すように、Janusデモを変更してwssサポートを追加します。
11.janusを開始します
/ opt / janus / bin / janus --debug-level = 5 --log-file = $ HOME / janus-log