一分钟教你搭建WebRTC流媒体服务器Janus-gateway

前言

我最开始使用docker安装，结果docker安装的不是集成东西太多，导致镜像非常大。要么就是安装后发现问题多的，基本上没有维护。

不知道是我没有找到好的docker镜像还是真的就没有好的，如果有觉得不错的janus的docker镜像欢迎小伙伴留言哈。

注意：全篇建议在root用户下操作，如果没有办法执行root，那么在每条命令前面请加sudo

准备工作

• 一台Ubuntu18.04的服务器，拥有公网ip，最好是国外服务器，国内服务器下载依赖很慢。
• 一个域名，提前把域名解析到服务器的公网ip
• 使用http的话开放8088端口 使用https的话开放8089端口 ps:WebRTC需要在https环境或者本地的环境下才有效，所以建议开放8099就可以了，但是janus默认走的http。我也不知道官方怎么想的，不然我去提个pr？

安装依赖

sudo apt-get install aptitude aptitude install libmicrohttpd-dev libjansson-dev \ libssl-dev libsrtp-dev libsofia-sip-ua-dev libglib2.0-dev \ libopus-dev libogg-dev libcurl4-openssl-dev liblua5.3-dev \ libconfig-dev pkg-config gengetopt libtool automake 

有一个依赖库是必须通过源码安装的，它就是libsrtp库。 libsrtp库的主要作用是对数据进行加密。之所以要通过源码安装，是因为在apt源上的libsrtp库没有将ssl库编译上，而janus又需要使ssl库对数据做最终的加密，所以我们只能使用源码的方式安装了。具体操作步骤如下：

mkdir -p /opt/janus && cd janus wget https://github.com/cisco/libsrtp/archive/v2.2.0.tar.gz tar xfv v2.2.0.tar.gz cd libsrtp-2.2.0 ./configure --prefix=/usr --enable-openssl make shared_library && sudo make install 

安装Janus-Gateway

git clone https://github.com/meetecho/janus-gateway.git cd janus-gateway 

生成Makefile文件

./autogen.sh ./configure --prefix=/usr/local/janus 

确认下生成Makefile成功没

ll Makefile 

编译janus

make -j 4 sudo make install sudo make configs 

在这我出现了以下的错误

configure: error: Package requirements ( glib-2.0 >= 2.34 gio-2.0 >= 2.34 libconfig nice jansson >= 2.5 libssl >= 1.0.1 libcrypto zlib ) were not met: No package 'nice' found 

是因为没有找到liblua5.3-dev，我找了很久也没有找到，最后解决办法是

sudo aptitude install libmicrohttpd-dev libjansson-dev libnice-dev sudo aptitude install libssl-dev libsrtp-dev libsofia-sip-ua-dev libglib2.0-dev sudo aptitude install libopus-dev libogg-dev libcurl4-openssl-dev pkg-config gengetopt libtool automakeg 

如果没有出现此错误可以忽略，出现了的话可以按照我的步奏解决 解决后重新

./autogen.sh ./configure --prefix=/usr/local/janus make -j 4 sudo make install sudo make configs 

安装CoTurn服务

安装coTrun看我之前的教程 WebRTC之搭建coturn服务遇到的问题

Janus配置

申请ssl证书，不会的看我这篇文章: WebRTC之完整搭建Jitsi Meet指南

vim /usr/local/janus/etc/janus/janus.jcfg 

找到certificates配置项，在里面打开以下内容的配置，并设置。

certificates: cert_pem = "/etc/ssl/cert/domain/cert.pem" cert_key = "/etc/ssl/cert/domain/key.pem" 

找到nat配置项，在里面打开以下内容的配置，并设置,其中的用户名及密码为turnserver.conf中配置的用户名及密码。

nat: { stun_server = "domain.com" stun_port = 3478 nice_debug = true #full_trickle = true #ice_lite = true ice_tcp = true # By default Janus tries to resolve mDNS (.local) candidates: even # though this is now done asynchronously and shouldn't keep the API # busy, even in case mDNS resolution takes a long time to timeout, # you can choose to drop all .local candidates instead, which is # helpful in case you know clients will never be in the same private # network as the one the Janus instance is running from. Notice that # this will cause ICE to fail if mDNS is the only way to connect! #ignore_mdns = true # In case you're deploying Janus on a server which is configured with # a 1:1 NAT (e.g., Amazon EC2), you might want to also specify the public # address of the machine using the setting below. This will result in # all host candidates (which normally have a private IP address) to # be rewritten with the public address provided in the settings. As # such, use the option with caution and only if you know what you're doing. # Make sure you keep ICE Lite disabled, though, as it's not strictly # speaking a publicly reachable server, and a NAT is still involved. # If you'd rather keep the private IP address in place, rather than # replacing it (and so have both of them as advertised candidates), # then set the 'keep_private_host' property to true. #nat_1_1_mapping = "1.2.3.4" #keep_private_host = true # You can configure a TURN server in two different ways: specifying a # statically configured TURN server, and thus provide the address of the # TURN server, the transport (udp/tcp/tls) to use, and a set of valid # credentials to authenticate... turn_server = "domain.com" turn_port = 3478 turn_type = "udp" turn_user = "user" turn_pwd = "passwd" 

继续修改传输的配置把https打开，不打开https没有办法使用WebRTC的

vim /usr/local/janus/etc/janus/janus.transport.http.jcfg 修改general的配置 general: { #events = true # Whether to notify event handlers about transport events (default=true) json = "indented" # Whether the JSON messages should be indented (default), # plain (no indentation) or compact (no indentation and no spaces) base_path = "/janus" # Base path to bind to in the web server (plain HTTP only) http = true # Whether to enable the plain HTTP interface port = 8088 # Web server HTTP port #interface = "eth0" # Whether we should bind this server to a specific interface only #ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only https = true # Whether to enable HTTPS (default=false) secure_port = 8089 # Web server HTTPS port, if enabled #secure_interface = "eth0" # Whether we should bind this server to a specific interface only #secure_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only #acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses } 修改admin配置 admin: { admin_base_path = "/admin" # Base path to bind to in the admin/monitor web server (plain HTTP only) admin_http = false # Whether to enable the plain HTTP interface admin_port = 7088 # Admin/monitor web server HTTP port #admin_interface = "eth0" # Whether we should bind this server to a specific interface only #admin_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only admin_https = true # Whether to enable HTTPS (default=false) admin_secure_port = 7889 # Admin/monitor web server HTTPS port, if enabled #admin_secure_interface = "eth0" # Whether we should bind this server to a specific interface only #admin_secure_ip = "192.168.0.1 # Whether we should bind this server to a specific IP address (v4 or v6) only #admin_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses } 修改证书 certificates: { cert_pem = "/etc/letsencrypt/live/janus.rtctest.7moor.com/cert.pem" cert_key = "/etc/letsencrypt/live/janus.rtctest.7moor.com/privkey.pem" #cert_pwd = "secretpassphrase" #ciphers = "PFS:-VERS-TLS1.0:-VERS-TLS1.1:-3DES-CBC:-ARCFOUR-128" } 

nginx配置

创建新的nginx配置文件

vim /etc/nginx/conf.d/doman.janus.conf 

添加以下内容

server { listen 0.0.0.0:443 ssl; listen [::]:443 ssl; # tls configuration that is not covered in this guide # we recommend the use of https://certbot.eff.org/ server_name doman.com; # set the root root /opt/janus/janus-gateway/html; index index.html; location ~ ^/([a-zA-Z0-9=\?]+)$ { rewrite ^/(.*)$ / break; } location / { ssi on; } ssl_certificate /etc/letsencrypt/live/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/privkey.pem; # managed by Certbot } 

启动nginx

nginx -t && nginx -s reload 

启动janus

nohup /opt/janus/bin/janus >> /var/log/janus.log 2>&1 & 

打开浏览器输入你的域名

https://youdomain.com