内容简介:第一台访问第二台pc 浏览器访问https://webrtc.xxx.com/r/026038717测试成功
一、基础资源
- 操作系统:centos 7.3
- 服务器IP:内网(192.168.10.17),外网(124.160.xxx.xxx)
- 域名:webrtc.xxx.com (带https证书)
- 防火墙开放端口:tcp/udp 3478 3480-3500 8080 8089 443
- 内网域名绑定:/etc/hosts => 192.168.10.17 webrtc.xxx.com (由于本机内部访问外网IP不通)
二、域名证书
- mkdir /cert
- 将域名证书放在/cert目录下,分别命名为cert.pem,key.pem
- 如果是domain.crt,domain.key 可以根据以下命令生成pem证书
- openssl rsa -in server.key -text > key.pem
- openssl x509 -inform PEM -in server.crt > cert.pem
三、依赖包安装
- yum -y install java-1.8.0-openjdk-devel java-1.8.0-openjdk
- yum -y install openssl-devel libevent libevent-devel
- yum -y install nodejs npm python python-webtest golang php-fpm nginx
- npm -g install grunt-cli
四、环境配置
a. go 工作目录配置
- mkdir -p /root/webrtc/goWorkspace
- vim /etc/profile
- export GOPATH=/root/webrtc/goWorkspace
- 生效 source /etc/profile
b. google app engine
- cd /root/webrtc
- wget https://storage.googleapis.com/appengine-sdks/featured/google_appengine_1.9.50.zip
- unzip google_appengine_1.9.50.zip
- 添加到系统环境中去 /etc/profile
- export PATH=$PATH:/root/webrtc/google_appengine
- 生效 source /etc/profile
c. 信令服务器(Collider Server)
- mkdir -p /root/webrtc/goWorkspace/src
- cd /root/webrtc/
- 下载apprtc源码 git clone https: //github.com/webrtc/apprtc.git
- 将apprtc目录下的collider collidermain collidertest link 到 go 工作目录中的src中去
- ln -sf /root/webrtc/apprtc/src/collider/collider $GOPATH/src/
- ln -sf /root/webrtc/apprtc/src/collider/collidermain $GOPATH/src/
- ln -sf /root/webrtc/apprtc/src/collider/collidertest $GOPATH/src/
d. STUN\TURN服务器
- cd /root/webrtc
- wget http://coturn.net/turnserver/v4.5.0.7/turnserver-4.5.0.7.tar.gz
- tar xvfz turnserver-4.5.0.7.tar.gz
五、安装和启动相关软件
a.搭建房间服务器(Room Server)
- cd /root/webrtc/apprtc
- npm install
- vim /root/webrtc/apprtc/src/app_engine/constants.py
TURN_BASE_URL = 'https://webrtc.xxx.com'; TURN_URL_TEMPLATE = '%s/turn.php?username=%s&key=%s'; CEOD_KEY = 'inesadt'
ICE_SERVER_BASE_URL = 'https://webrtc.xxx.com'; ICE_SERVER_URL_TEMPLATE = '%s/iceconfig.php?key=%s';
ICE_SERVER_API_KEY = os.environ.get('ICE_SERVER_API_KEY')
WSS_INSTANCE_HOST_KEY = 'webrtc.xxx.com:8089' WSS_INSTANCE_NAME_KEY = 'vm_name' WSS_INSTANCE_ZONE_KEY = 'zone' WSS_INSTANCES = [{ WSS_INSTANCE_HOST_KEY: 'webrtc.xxx.com:8089', WSS_INSTANCE_NAME_KEY: 'wsserver-std', WSS_INSTANCE_ZONE_KEY: 'us-central1-a' }, { WSS_INSTANCE_HOST_KEY: 'webrtc.xxx.com:8089', WSS_INSTANCE_NAME_KEY: 'wsserver-std-2', WSS_INSTANCE_ZONE_KEY: 'us-central1-f' }]
- cd /root/webrtc/apprtc
- grunt build
- 运行房间服务器(room server)
- nohup dev_appserver.py –host=webrtc.xxx.com /root/webrtc/apprtc/out/app_engine &
b.搭建信令服务器(Collider Server)
- cd /root/webrtc/goWorkspace/src
- go get collidermain (有错误,自己google解决一下)
- go install collidermain
- 启动信令服务器
- nohup /root/webrtc/goWorkspace/bin/collidermain -port=8089 -tls=true -room-server=双引号https://webrtc.xxx.com双引号 &
c.搭建TURN服务器
- cd /root/webrtc/turnserver-4.5.0.7
- ./configure
- make install
- vim /etc/turnserver.conf
listening-device=bond0 listening-port=3478 relay-device=bond0 min-port=3480 max-port=3500 Verbose fingerprint lt-cred-mech use-auth-secret static-auth-secret=inesadt #此处要和房间服务器配置时constants.py文件中的CODE_KEY保持一致。 user=inesadt:0x42ef823e9766b4bd749481cb07b2359f user=inesadt:inesadt realm=webrtc.xxx.com stale-nonce cert=/cert/cert.pem pkey=/cert/key.pem no-loopback-peers no-multicast-peers mobility no-cli
- 上述文件中 0x42ef823e9766b4bd749481cb07b2359f的生成方法:
- turnadmin -k -u inesadt -r webrtc.xxx.com -p inesadt
- -k 表示生成一个long-term credential key
- -u 表示用户名
- -p 表示密码
- -r 表示Realm域
- 最终生成的命令如下:
- /root/webrtc/turnserver-4.5.0.7/bin/turnadmin -k -u inesadt -r north.gov -p inesadt
- 启动turnserver
- nohup /root/webrtc/turnserver-4.5.0.7/bin/turnserver -v /etc/turnserver.conf &
d. nginx代理服务配置
- vim /etc/nginx/conf.d/webrtc.conf
upstream roomserver { server 192.168.10.17:8080; keepalive 60; } server { listen 443 ssl; server_name webrtc.xxx.com; ssl_certificate /etc/nginx/ssl/webrtc.xxx.com.crt; ssl_certificate_key /etc/nginx/ssl/webrtc.xxx.com.key; charset utf-8; root /var/www/html; index index.php index.html index.htm; access_log /var/log/nginx/access.log main; location ~ .php$ { fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_index index.php; include fastcgi_params; } location / { proxy_pass http://roomserver$request_uri; proxy_set_header Host $host; } }
e. php-fpm服务配置
- vim /etc/php-fpm.d/www.conf
#增加一行 listen = /var/run/php-fpm/php-fpm.sock
f.在/var/www/html/目录下添加turn.php文件和iceconfig.php文件
- vim /var/www/html/turn.php
<?php
$request_username = $_GET["username"];
if(empty($request_username)) {
echo "username == null";
exit;
}
$request_key = $_GET["key"];
$time_to_live = 600;
$timestamp = time() + $time_to_live;//失效时间
$response_username = $timestamp.":".$_GET["username"];
$response_key = $request_key;
if(empty($response_key))
$response_key = "inesadt"; //constants.py中CEOD_KEY
$response_password = getSignature($response_username, $response_key);
$jsonObj = new Response();
$jsonObj->username = $response_username;
$jsonObj->password = $response_password;
$jsonObj->ttl = 86400;
//此处需配置自己的服务器
$jsonObj->uris= array("stun:webrtc.xxx.com:3478","turn:webrtc.xxx.com:3478?transport=udp","turn:webrtc.xxx.com?transport=tcp");
echo json_encode($jsonObj);
function getSignature($str, $key) {
$signature = "";
if (function_exists('hash_hmac')) {
$signature = base64_encode(hash_hmac("sha1", $str, $key, true));
} else {
$blocksize = 64;
$hashfunc = 'sha1';
if (strlen($key) > $blocksize) {
$key = pack('H', $hashfunc($key));
}
$key = str_pad($key, $blocksize, chr(0x00));
$ipad = str_repeat(chr(0x36), $blocksize);
$opad = str_repeat(chr(0x5c), $blocksize);
$hmac = pack(
'H', $hashfunc(($key ^ $opad) .pack(
'H*', $hashfunc(($key ^ $ipad) . $str)
)));
$signature = base64_encode($hmac);
}
return $signature;
}
class Response {
public $username = "";
public $password = "";
public $ttl = "";
public $uris = array("");
}
?>
- vim /var/www/html/iceconfig.php
<?php
$request_username = "inesadt"; //配置成自己的turn服务器用户名
if(empty($request_username)) {
echo "username == null";
exit;
}
$request_key = "inesadt"; //配置成自己的turn服务器密码
$time_to_live = 600;
$timestamp = time() + $time_to_live;//失效时间
$response_username = $timestamp.":".$_GET["username"];
$response_key = $request_key;
if(empty($response_key))
$response_key = "inesadt";//constants.py中CEOD_KEY
$response_password = getSignature($response_username, $response_key);
$arrayObj = array();
$arrayObj[0]['username'] = $response_username;
$arrayObj[0]['credential'] = $response_password;
//配置成自己的stun/turn服务器
$arrayObj[0]['urls'][0] = "stun:webrtc.xxx.com:3478";
$arrayObj[0]['urls'][1] = "turn:webrtc.xxx.com:3478?transport=tcp";
$arrayObj[0]['uris'][0] = "stun:webrtc.xxx.com:3478";
$arrayObj[0]['uris'][1] = "turn:webrtc.xxx.com:3478?transport=tcp";
$jsonObj = new Response();
$jsonObj->lifetimeDuration = "300.000s";
$jsonObj->iceServers = $arrayObj;
echo json_encode($jsonObj);
function getSignature($str, $key) {
$signature = "";
if (function_exists('hash_hmac')) {
$signature = base64_encode(hash_hmac("sha1", $str, $key, true));
} else {
$blocksize = 64;
hashfunc = 'sha1';
if (strlen($key) > $blocksize) {
$key = pack('H', $hashfunc($key));
}
$key = str_pad($key, $blocksize, chr(0x00));
$ipad = str_repeat(chr(0x36), $blocksize);
$opad = str_repeat(chr(0x5c), $blocksize);
$hmac = pack(
'H', $hashfunc(($key ^ $opad) . pack(
'H*', $hashfunc(($key ^ $ipad) . $str)
)));
$signature = base64_encode($hmac);
}
return $signature;
}
class Response {
public $lifetimeDuration = "";
public $iceServers = array("");
}
?>
- 重启生效
- systemctl restart php-fpm
- systemctl restart nginx
六、两个pc之间测试
第一台访问 https://webrtc.xxx.com 并加入一个房间,然后将房间号(026038717)发给另外一台pc进行访问
第二台pc 浏览器访问https://webrtc.xxx.com/r/026038717
测试成功
本文参考: https://blog.csdn.net/gladsnow/article/details/77900578 https://juejin.im/post/5bec4a3051882551236e7b35
以上所述就是小编给大家介绍的《Webrtc服务器搭建一对一(公网/HTTPS)》,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对 码农网 的支持!
猜你喜欢:- 相对的一对多和多对一,一对一的分表概念
- SpringDataJDBC一对一/一对多关系实现
- Hibernate关联关系配置(一对多、一对一和多对多)
- Hibernate关联关系配置(一对多、一对一和多对多)
- Sequelize 系列教程之一对一模型关系
- PingPangChat 2.1.0 添加一对一的视频聊天功能
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
python学习手册(原书第5版)
马克·卢茨 / 机械工业出版社 / 2018-10 / 219
如果你想动手编写高效、高质量并且很容易与其他语言和工具集成的代码,本书将快速地帮助你利用Python提高效率。本书基于Python专家的流程培训课程编写,内容通俗易懂。本书包含很多注释的例子和插图,以帮助你开始使用Python2.7和3.3。每章都包含关于Python语言的重要组成部分的一节课。本书主要内容:了解Python的主要内置对象类型,如数字、列表和字典;创建和处理对象的Python语句,......一起来看看 《python学习手册(原书第5版)》 这本书的介绍吧!