配置和运行janus
1. 配置nginx
安装nginx,主要用来提供web访问。
生成证书
mkdir -p ~/cert
cd ~/cert
# CA私钥
openssl genrsa -out key.pem 2048
# 自签名证书
openssl req -new -x509 -key key.pem -out cert.pem -days 1095
安装nginx
#下载nginx 1.15.8版本
wget http://nginx.org/download/nginx-1.15.8.tar.gz
tar xvzf nginx-1.15.8.tar.gz
cd nginx-1.15.8/
# 配置,一定要支持https
./configure --with-http_ssl_module
# 编译
make
#安装
sudo make install
修改nginx配置文件
/usr/local/nginx/conf/nginx.conf
指向janus所在目录/opt/janus/share/janus/demos
# HTTPS server
server {
listen 443 ssl;
server_name localhost;
# 配置相应的key
ssl_certificate /root/cert/cert.pem;
ssl_certificate_key /root/cert/key.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# 指向janus demo所在目录
location / {
root /opt/janus/share/janus/demos;
index index.html index.htm;
}
}
启动nginx
然后通过
https://49.232.250.45
可以访问到界面,但此时还不能正常通话。
安装和启动coturn
sudo apt-get install libssl-dev
sudo apt-get install libevent-dev
#git clone https://github.com/coturn/coturn
#cd coturn
# 提供另一种安装方式turnserver是coturn的升级版本
wget http://coturn.net/turnserver/v4.5.0.7/turnserver-4.5.0.7.tar.gz
tar xfz turnserver-4.5.0.7.tar.gz
cd turnserver-4.5.0.7
./configure
make && sudo make install
启动
sudo nohup turnserver -L 0.0.0.0 --min-port 50000 --max-port 60000 -a -u lqf:123456 -v -f -r nort.gov &
需要在安全组开放端口:
TCP/UDP 3478
UDP 50000-60000
配置janus相关配置文件
包含janus.jcfg,janus.transport.http.jcfg,janus.transport.websockets.jcfg
注意:如果不需要http支持,则可以不配置janus.transport.http.jcfg
配置janus.jcfg
stun_server = "49.232.250.45"
stun_port = 3478
nice_debug = false
nat_1_1_mapping = "49.232.250.45"
# credentials to authenticate...
turn_server = "49.232.250.45"
turn_port = 3478
turn_type = "udp"
turn_user = "hnb"
turn_pwd = "123456"
配置janus.transport.http.jcfg
general: {
#events = true # Whether to notify event handlers about transport events (default=true)
json = "indented" # Whether the JSON messages should be indented (default),
# plain (no indentation) or compact (no indentation and no spaces)
base_path = "/janus" # Base path to bind to in the web server (plain HTTP only)
threads = "unlimited" # unlimited=thread per connection, number=thread pool
http = true # Whether to enable the plain HTTP interface
port = 8088 # Web server HTTP port
#interface = "eth0" # Whether we should bind this server to a specific interface only
#ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only
https = true # Whether to enable HTTPS (default=false)
secure_port = 8089 # Web server HTTPS port, if enabled
#secure_interface = "eth0" # Whether we should bind this server to a specific interface only
#secure_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only
#acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}
certificates: {
cert_pem = "/root/cert/cert.pem"
cert_key = "/root/cert/key.pem"
#cert_pwd = "secretpassphrase"
#ciphers = "PFS:-VERS-TLS1.0:-VERS-TLS1.1:-3DES-CBC:-ARCFOUR-128"
}
配置janus.transport.websockets.jcfg
general: {
#events = true # Whether to notify event handlers about transport events (default=true)
json = "indented" # Whether the JSON messages should be indented (default),
# plain (no indentation) or compact (no indentation and no spaces)
#pingpong_trigger = 30 # After how many seconds of idle, a PING should be sent
#pingpong_timeout = 10 # After how many seconds of not getting a PONG, a timeout should be detected
ws = true # Whether to enable the WebSockets API
ws_port = 8188 # WebSockets server port
#ws_interface = "eth0" # Whether we should bind this server to a specific interface only
#ws_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
wss = true # Whether to enable secure WebSockets
wss_port = 8989 # WebSockets server secure port, if enabled
#wss_interface = "eth0" # Whether we should bind this server to a specific interface only
#wss_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
#ws_logging = "err,warn" # libwebsockets debugging level as a comma separated list of things
# to debug, supported values: err, warn, notice, info, debug, parser,
# header, ext, client, latency, user, count (plus 'none' and 'all')
#ws_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}
certificates: {
cert_pem = "/root/cert/cert.pem"
cert_key = "/root/cert/key.pem"
#cert_pwd = "secretpassphrase"
}
修改网页默认支持的wss协议
修改 /opt/janus/share/janus/demos/videoroomtest.js文件
将默认的https协议改为wss
var server = "wss://" + window.location.hostname + ":8989";
端口开放
tcp:8088,8089,8188,8989,3478,80,443
udp:3478,50000-60000
错误问题解决
[ERR] [dtls.c:janus_dtls_srtp_incoming_msg:923] [7071685807055874] Oops, error creating inbound SRTP session for component
先查找libsrtp2.so
ubuntu@VM-0-17-ubuntu:~/webrtc/libsrtp$ sudo locate libsrtp2.so
/home/ubuntu/webrtc/libsrtp/libsrtp2.so
/home/ubuntu/webrtc/libsrtp/libsrtp2.so.1
/usr/lib/libsrtp2.so
/usr/lib/libsrtp2.so.1
/usr/lib/x86_64-linux-gnu/libsrtp2.so
/usr/lib/x86_64-linux-gnu/libsrtp2.so.1
把命令安装的删除
sudo rm -rf /usr/lib/x86_64-linux-gnu/libsrtp2.*
sudo ldconfig
运行 Janus
/opt/janus/bin/janus --debug-level=5 --log-file=$HOME/janus-log