Webrtc服务器搭建一对一(公网/HTTPS)

栏目: 后端 · 前端 · 发布时间: 5年前

内容简介:第一台访问第二台pc 浏览器访问https://webrtc.xxx.com/r/026038717测试成功

一、基础资源

  • 操作系统:centos 7.3
  • 服务器IP:内网(192.168.10.17),外网(124.160.xxx.xxx)
  • 域名:webrtc.xxx.com (带https证书)
  • 防火墙开放端口:tcp/udp 3478 3480-3500 8080 8089 443
  • 内网域名绑定:/etc/hosts  => 192.168.10.17  webrtc.xxx.com (由于本机内部访问外网IP不通)

二、域名证书

  • mkdir /cert
  • 将域名证书放在/cert目录下,分别命名为cert.pem,key.pem
  • 如果是domain.crt,domain.key 可以根据以下命令生成pem证书
  • openssl rsa -in server.key -text > key.pem
  • openssl x509 -inform PEM -in server.crt > cert.pem

三、依赖包安装

  • yum -y install  java-1.8.0-openjdk-devel java-1.8.0-openjdk
  • yum -y install openssl-devel libevent libevent-devel
  • yum -y install nodejs npm python python-webtest golang php-fpm nginx
  • npm -g install grunt-cli

四、环境配置

a. go 工作目录配置
  • mkdir -p /root/webrtc/goWorkspace
  • vim /etc/profile
  • export GOPATH=/root/webrtc/goWorkspace
  • 生效  source /etc/profile
b. google app engine
c. 信令服务器(Collider Server)
  • mkdir -p /root/webrtc/goWorkspace/src
  • cd /root/webrtc/
  • 下载apprtc源码  git clone https: //github.com/webrtc/apprtc.git
  • 将apprtc目录下的collider  collidermain collidertest link 到 go 工作目录中的src中去
  • ln -sf /root/webrtc/apprtc/src/collider/collider $GOPATH/src/
  • ln -sf /root/webrtc/apprtc/src/collider/collidermain $GOPATH/src/
  • ln -sf /root/webrtc/apprtc/src/collider/collidertest $GOPATH/src/
d. STUN\TURN服务器

五、安装和启动相关软件

a.搭建房间服务器(Room Server)
  • cd /root/webrtc/apprtc
  • npm install
  • vim /root/webrtc/apprtc/src/app_engine/constants.py
TURN_BASE_URL = 'https://webrtc.xxx.com';
 TURN_URL_TEMPLATE = '%s/turn.php?username=%s&key=%s';
 CEOD_KEY = 'inesadt'
ICE_SERVER_BASE_URL = 'https://webrtc.xxx.com';
ICE_SERVER_URL_TEMPLATE = '%s/iceconfig.php?key=%s';
ICE_SERVER_API_KEY = os.environ.get('ICE_SERVER_API_KEY')
WSS_INSTANCE_HOST_KEY = 'webrtc.xxx.com:8089'
WSS_INSTANCE_NAME_KEY = 'vm_name'
WSS_INSTANCE_ZONE_KEY = 'zone'
WSS_INSTANCES = [{
  WSS_INSTANCE_HOST_KEY: 'webrtc.xxx.com:8089',
  WSS_INSTANCE_NAME_KEY: 'wsserver-std',
  WSS_INSTANCE_ZONE_KEY: 'us-central1-a'
  }, {
  WSS_INSTANCE_HOST_KEY: 'webrtc.xxx.com:8089',
  WSS_INSTANCE_NAME_KEY: 'wsserver-std-2',
  WSS_INSTANCE_ZONE_KEY: 'us-central1-f'
}]
  • cd /root/webrtc/apprtc
  • grunt build
  • 运行房间服务器(room server)
  • nohup dev_appserver.py –host=webrtc.xxx.com /root/webrtc/apprtc/out/app_engine &
b.搭建信令服务器(Collider Server)
  • cd /root/webrtc/goWorkspace/src
  • go get collidermain (有错误,自己google解决一下)
  • go install collidermain
  • 启动信令服务器
  • nohup /root/webrtc/goWorkspace/bin/collidermain -port=8089 -tls=true -room-server=双引号https://webrtc.xxx.com双引号 &
c.搭建TURN服务器
  • cd /root/webrtc/turnserver-4.5.0.7
  • ./configure
  • make install
  • vim /etc/turnserver.conf
listening-device=bond0
 listening-port=3478
 relay-device=bond0
 min-port=3480
 max-port=3500
 Verbose
 fingerprint
 lt-cred-mech
 use-auth-secret
 static-auth-secret=inesadt  #此处要和房间服务器配置时constants.py文件中的CODE_KEY保持一致。
 user=inesadt:0x42ef823e9766b4bd749481cb07b2359f
 user=inesadt:inesadt
 realm=webrtc.xxx.com
 stale-nonce
 cert=/cert/cert.pem
 pkey=/cert/key.pem
 no-loopback-peers
 no-multicast-peers
 mobility
 no-cli
  • 上述文件中 0x42ef823e9766b4bd749481cb07b2359f的生成方法:
  • turnadmin -k -u inesadt -r webrtc.xxx.com -p inesadt
  • -k 表示生成一个long-term credential key
  • -u 表示用户名
  • -p 表示密码
  • -r 表示Realm域
  • 最终生成的命令如下:
  • /root/webrtc/turnserver-4.5.0.7/bin/turnadmin -k -u inesadt -r north.gov -p inesadt
  • 启动turnserver
  • nohup /root/webrtc/turnserver-4.5.0.7/bin/turnserver -v /etc/turnserver.conf &
d. nginx代理服务配置
  • vim /etc/nginx/conf.d/webrtc.conf
upstream roomserver {
     server 192.168.10.17:8080;
     keepalive 60;
 }

server {
 listen 443 ssl;
 server_name webrtc.xxx.com; 
 ssl_certificate /etc/nginx/ssl/webrtc.xxx.com.crt;
 ssl_certificate_key /etc/nginx/ssl/webrtc.xxx.com.key;
 charset     utf-8;
 root /var/www/html;
 index index.php index.html index.htm;
 access_log  /var/log/nginx/access.log  main;
 location ~ .php$ {
     fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
     fastcgi_index index.php;
     include fastcgi_params;
 }
 location / {
     proxy_pass http://roomserver$request_uri;
     proxy_set_header Host $host;
 }
}
e. php-fpm服务配置
  • vim /etc/php-fpm.d/www.conf
#增加一行
listen = /var/run/php-fpm/php-fpm.sock
f.在/var/www/html/目录下添加turn.php文件和iceconfig.php文件
  • vim /var/www/html/turn.php
<?php
$request_username = $_GET["username"];
if(empty($request_username)) {
echo "username == null";
exit;
}
$request_key = $_GET["key"];
$time_to_live = 600;
$timestamp = time() + $time_to_live;//失效时间
$response_username = $timestamp.":".$_GET["username"];
$response_key = $request_key;
if(empty($response_key))
$response_key = "inesadt"; //constants.py中CEOD_KEY
$response_password = getSignature($response_username, $response_key);
$jsonObj = new Response();
$jsonObj->username = $response_username;
$jsonObj->password = $response_password;
$jsonObj->ttl = 86400;
//此处需配置自己的服务器
$jsonObj->uris= array("stun:webrtc.xxx.com:3478","turn:webrtc.xxx.com:3478?transport=udp","turn:webrtc.xxx.com?transport=tcp");
echo json_encode($jsonObj);

function getSignature($str, $key) {
$signature = "";
if (function_exists('hash_hmac')) {
$signature = base64_encode(hash_hmac("sha1", $str, $key, true));
} else {
$blocksize = 64;
$hashfunc = 'sha1';
if (strlen($key) > $blocksize) {
$key = pack('H', $hashfunc($key));
}
$key = str_pad($key, $blocksize, chr(0x00));
$ipad = str_repeat(chr(0x36), $blocksize);
$opad = str_repeat(chr(0x5c), $blocksize);
$hmac = pack(
'H', $hashfunc(($key ^ $opad) .pack(
'H*', $hashfunc(($key ^ $ipad) . $str)
)));
$signature = base64_encode($hmac);
}
return $signature;
}
class Response {
public $username = "";
public $password = "";
public $ttl = "";
public $uris = array("");
}
?>
  • vim /var/www/html/iceconfig.php
<?php
$request_username = "inesadt"; //配置成自己的turn服务器用户名
if(empty($request_username)) {
echo "username == null";
exit;
}
$request_key = "inesadt"; //配置成自己的turn服务器密码
$time_to_live = 600;
$timestamp = time() + $time_to_live;//失效时间
$response_username = $timestamp.":".$_GET["username"];
$response_key = $request_key;
if(empty($response_key))
$response_key = "inesadt";//constants.py中CEOD_KEY
$response_password = getSignature($response_username, $response_key);
$arrayObj = array();
$arrayObj[0]['username'] = $response_username;
$arrayObj[0]['credential'] = $response_password;
//配置成自己的stun/turn服务器
$arrayObj[0]['urls'][0] = "stun:webrtc.xxx.com:3478";
$arrayObj[0]['urls'][1] = "turn:webrtc.xxx.com:3478?transport=tcp";
$arrayObj[0]['uris'][0] = "stun:webrtc.xxx.com:3478";
$arrayObj[0]['uris'][1] = "turn:webrtc.xxx.com:3478?transport=tcp";
$jsonObj = new Response();
$jsonObj->lifetimeDuration = "300.000s";
$jsonObj->iceServers = $arrayObj;
echo json_encode($jsonObj);

function getSignature($str, $key) {
$signature = "";
if (function_exists('hash_hmac')) {
$signature = base64_encode(hash_hmac("sha1", $str, $key, true));
} else {
$blocksize = 64;
hashfunc = 'sha1';
if (strlen($key) > $blocksize) {
$key = pack('H', $hashfunc($key));
}
$key = str_pad($key, $blocksize, chr(0x00));
$ipad = str_repeat(chr(0x36), $blocksize);
$opad = str_repeat(chr(0x5c), $blocksize);
$hmac = pack(
'H', $hashfunc(($key ^ $opad) . pack(
'H*', $hashfunc(($key ^ $ipad) . $str)
)));
$signature = base64_encode($hmac);
}
return $signature;
}
class Response {
public $lifetimeDuration = "";
public $iceServers = array("");
}
?>
  • 重启生效
  • systemctl restart php-fpm
  • systemctl restart nginx

六、两个pc之间测试

第一台访问 https://webrtc.xxx.com 并加入一个房间,然后将房间号(026038717)发给另外一台pc进行访问

第二台pc 浏览器访问https://webrtc.xxx.com/r/026038717

测试成功

Webrtc服务器搭建一对一(公网/HTTPS)
本文参考:
  https://blog.csdn.net/gladsnow/article/details/77900578

  https://juejin.im/post/5bec4a3051882551236e7b35

以上所述就是小编给大家介绍的《Webrtc服务器搭建一对一(公网/HTTPS)》,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对 码农网 的支持!

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

Deep Learning

Deep Learning

Ian Goodfellow、Yoshua Bengio、Aaron Courville / The MIT Press / 2016-11-11 / USD 72.00

"Written by three experts in the field, Deep Learning is the only comprehensive book on the subject." -- Elon Musk, co-chair of OpenAI; co-founder and CEO of Tesla and SpaceX Deep learning is a for......一起来看看 《Deep Learning》 这本书的介绍吧!

JS 压缩/解压工具
JS 压缩/解压工具

在线压缩/解压 JS 代码

XML 在线格式化
XML 在线格式化

在线 XML 格式化压缩工具

RGB HSV 转换
RGB HSV 转换

RGB HSV 互转工具