想學更多的WebRTC知識,請關注WebRTC中文社區
前言
我最開始使用docker安裝,結果docker安裝的不是集成東西太多,致使鏡像很是大。要麼就是安裝後發現問題多的,基本上沒有維護。html
不知道是我沒有找到好的docker鏡像仍是真的就沒有好的,若是有以爲不錯的janus的docker鏡像歡迎小夥伴留言哈。nginx
注意:全篇建議在root用戶下操做,若是沒有辦法執行root,那麼在每條命令前面請加sudogit
準備工做
- 一臺Ubuntu18.04的服務器,擁有公網ip,最好是國外服務器,國內服務器下載依賴很慢。
- 一個域名,提早把域名解析到服務器的公網ip
- 使用http的話開放8088端口 使用https的話開放8089端口 ps:WebRTC須要在https環境或者本地的環境下才有效,因此建議開放8099就能夠了,可是janus默認走的http。我也不知道官方怎麼想的,否則我去提個pr?
安裝依賴
sudo apt-get install aptitude aptitude install libmicrohttpd-dev libjansson-dev \ libssl-dev libsrtp-dev libsofia-sip-ua-dev libglib2.0-dev \ libopus-dev libogg-dev libcurl4-openssl-dev liblua5.3-dev \ libconfig-dev pkg-config gengetopt libtool automake
有一個依賴庫是必須經過源碼安裝的,它就是libsrtp庫。 libsrtp庫的主要做用是對數據進行加密。之因此要經過源碼安裝,是由於在apt源上的libsrtp庫沒有將ssl庫編譯上,而janus又須要使ssl庫對數據作最終的加密,因此咱們只能使用源碼的方式安裝了。具體操做步驟以下:github
mkdir -p /opt/janus && cd janus wget https://github.com/cisco/libsrtp/archive/v2.2.0.tar.gz tar xfv v2.2.0.tar.gz cd libsrtp-2.2.0 ./configure --prefix=/usr --enable-openssl make shared_library && sudo make install
安裝Janus-Gateway
git clone https://github.com/meetecho/janus-gateway.git cd janus-gateway
生成Makefile文件web
./autogen.sh ./configure --prefix=/usr/local/janus
確認下生成Makefile成功沒docker
ll Makefile
編譯janusjson
make -j 4 sudo make install sudo make configs
在這我出現瞭如下的錯誤vim
configure: error: Package requirements ( glib-2.0 >= 2.34 gio-2.0 >= 2.34 libconfig nice jansson >= 2.5 libssl >= 1.0.1 libcrypto zlib ) were not met: No package 'nice' found
是由於沒有找到liblua5.3-dev,我找了好久也沒有找到,最後解決辦法是瀏覽器
sudo aptitude install libmicrohttpd-dev libjansson-dev libnice-dev sudo aptitude install libssl-dev libsrtp-dev libsofia-sip-ua-dev libglib2.0-dev sudo aptitude install libopus-dev libogg-dev libcurl4-openssl-dev pkg-config gengetopt libtool automakeg
若是沒有出現此錯誤能夠忽略,出現了的話能夠按照個人步奏解決 解決後從新服務器
./autogen.sh ./configure --prefix=/usr/local/janus make -j 4 sudo make install sudo make configs
安裝CoTurn服務
安裝coTrun看我以前的教程 WebRTC之搭建coturn服務遇到的問題
Janus配置
申請ssl證書,不會的看我這篇文章: WebRTC之完整搭建Jitsi Meet指南
vim /usr/local/janus/etc/janus/janus.jcfg
找到certificates配置項,在裏面打開如下內容的配置,並設置。
certificates:
cert_pem = "/etc/ssl/cert/domain/cert.pem"
cert_key = "/etc/ssl/cert/domain/key.pem"
找到nat配置項,在裏面打開如下內容的配置,並設置,其中的用戶名及密碼爲turnserver.conf中配置的用戶名及密碼。
nat: {
stun_server = "domain.com"
stun_port = 3478
nice_debug = true
#full_trickle = true
#ice_lite = true
ice_tcp = true
# By default Janus tries to resolve mDNS (.local) candidates: even
# though this is now done asynchronously and shouldn't keep the API
# busy, even in case mDNS resolution takes a long time to timeout,
# you can choose to drop all .local candidates instead, which is
# helpful in case you know clients will never be in the same private
# network as the one the Janus instance is running from. Notice that
# this will cause ICE to fail if mDNS is the only way to connect!
#ignore_mdns = true
# In case you're deploying Janus on a server which is configured with
# a 1:1 NAT (e.g., Amazon EC2), you might want to also specify the public
# address of the machine using the setting below. This will result in
# all host candidates (which normally have a private IP address) to
# be rewritten with the public address provided in the settings. As
# such, use the option with caution and only if you know what you're doing.
# Make sure you keep ICE Lite disabled, though, as it's not strictly
# speaking a publicly reachable server, and a NAT is still involved.
# If you'd rather keep the private IP address in place, rather than
# replacing it (and so have both of them as advertised candidates),
# then set the 'keep_private_host' property to true.
#nat_1_1_mapping = "1.2.3.4"
#keep_private_host = true
# You can configure a TURN server in two different ways: specifying a
# statically configured TURN server, and thus provide the address of the
# TURN server, the transport (udp/tcp/tls) to use, and a set of valid
# credentials to authenticate...
turn_server = "domain.com"
turn_port = 3478
turn_type = "udp"
turn_user = "user"
turn_pwd = "passwd"
繼續修改傳輸的配置把https打開,不打開https沒有辦法使用WebRTC的
vim /usr/local/janus/etc/janus/janus.transport.http.jcfg
修改general的配置
general: {
#events = true # Whether to notify event handlers about transport events (default=true)
json = "indented" # Whether the JSON messages should be indented (default),
# plain (no indentation) or compact (no indentation and no spaces)
base_path = "/janus" # Base path to bind to in the web server (plain HTTP only)
http = true # Whether to enable the plain HTTP interface
port = 8088 # Web server HTTP port
#interface = "eth0" # Whether we should bind this server to a specific interface only
#ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only
https = true # Whether to enable HTTPS (default=false)
secure_port = 8089 # Web server HTTPS port, if enabled
#secure_interface = "eth0" # Whether we should bind this server to a specific interface only
#secure_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only
#acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}
修改admin配置
admin: {
admin_base_path = "/admin" # Base path to bind to in the admin/monitor web server (plain HTTP only)
admin_http = false # Whether to enable the plain HTTP interface
admin_port = 7088 # Admin/monitor web server HTTP port
#admin_interface = "eth0" # Whether we should bind this server to a specific interface only
#admin_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only
admin_https = true # Whether to enable HTTPS (default=false)
admin_secure_port = 7889 # Admin/monitor web server HTTPS port, if enabled
#admin_secure_interface = "eth0" # Whether we should bind this server to a specific interface only
#admin_secure_ip = "192.168.0.1 # Whether we should bind this server to a specific IP address (v4 or v6) only
#admin_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}
修改證書
certificates: {
cert_pem = "/etc/letsencrypt/live/janus.rtctest.7moor.com/cert.pem"
cert_key = "/etc/letsencrypt/live/janus.rtctest.7moor.com/privkey.pem"
#cert_pwd = "secretpassphrase"
#ciphers = "PFS:-VERS-TLS1.0:-VERS-TLS1.1:-3DES-CBC:-ARCFOUR-128"
}
nginx配置
建立新的nginx配置文件
vim /etc/nginx/conf.d/doman.janus.conf
添加如下內容
server {
listen 0.0.0.0:443 ssl;
listen [::]:443 ssl;
# tls configuration that is not covered in this guide
# we recommend the use of https://certbot.eff.org/
server_name doman.com;
# set the root
root /opt/janus/janus-gateway/html;
index index.html;
location ~ ^/([a-zA-Z0-9=\?]+)$ {
rewrite ^/(.*)$ / break;
}
location / {
ssi on;
}
ssl_certificate /etc/letsencrypt/live/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/privkey.pem; # managed by Certbot
}
啓動nginx
nginx -t && nginx -s reload
啓動janus
nohup /opt/janus/bin/janus >> /var/log/janus.log 2>&1 &
打開瀏覽器輸入你的域名
https://youdomain.com
