CentOS7 搭建Janus服务
参考这位大佬的文章https://blog.csdn.net/jia2719/article/details/87345724
同时结合部署过程中遇到的一些问题,总结出下面的部署流程,用到的CentOS7的版本是
CentOS-7-x86_64-DVD-2009
#安装必要插件
yum install -y epel-release && \
yum update -y && \
yum install -y deltarpm && \
yum install -y openssh-server sudo which file curl zip unzip wget && \
yum install -y libmicrohttpd-devel jansson-devel libnice-devel glib22-devel opus-devel libogg-devel pkgconfig gengetopt libtool autoconf automake make gcc gcc-c++ git cmake libconfig-devel openssl-devel
#安装 libsrtp 1.5.4
wget https://github.com/cisco/libsrtp/archive/v1.5.4.tar.gz
tar xfv v1.5.4.tar.gz
cd libsrtp-1.5.4
./configure --prefix=/usr --enable-openssl
make shared_library && sudo make install
#安装 libsrtp 2.0.0
wget https://github.com/cisco/libsrtp/archive/v2.0.0.tar.gz
tar xfv v2.0.0.tar.gz
cd libsrtp-2.0.0
./configure --prefix=/usr --enable-openssl
make shared_library && sudo make install
#安装 sofia-sip
wget https://sourceforge.net/projects/sofia-sip/files/sofia-sip/1.12.11/sofia-sip-1.12.11.tar.gz
tar zxf sofia-sip-1.12.11.tar.gz && cd sofia-sip-1.12.11 && ./configure --prefix=/usr CFLAGS=-fno-aggressive-loop-optimizations && make && make install
#安装 usrsctp
git clone https://github.com/sctplab/usrsctp && cd usrsctp && \
./bootstrap && \
./configure --prefix=/usr && make && make install#如果git clone报超时或者其他错误,试试看clone的地址前面加上 https://ghproxy.com/
#即执行git clone https://ghproxy.com/https://github.com/sctplab/usrsctp
#安装 libwebsocket
git clone https://github.com/warmcat/libwebsockets && \
mkdir libwebsockets/build && cd libwebsockets/build && \
cmake -DMAKE_INSTALL_PREFIX:PATH=/usr -DCMAKE_C_FLAGS="-fpic" .. && \
make && make install
#升级gcc版本到7,不然后面可能会报错
sudo yum install -y centos-release-scl
sudo yum install -y scl-utils-build
sudo yum install -y devtoolset-7-gcc*
sudo yum install -y devtoolset-7-gdb*scl enable devtoolset-7 bash
gcc --version
#安装ice库
yum install meson
git clone https://gitee.com/mirrors/libnice
cd libnice
meson --prefix=/usr build && ninja -C build && sudo ninja -C build install
#下面安装libmicrohttpd用于janus提供http服务,不装的话,janus配置文件里面会没有janus.transport.http.jcfg这个配置
wget https://ftp.gnu.org/gnu/nettle/nettle-3.4.tar.gz
tar zxvf nettle-3.4.tar.gz
cd nettle-3.4
./configure --prefix=/usr/
make
make check #测试一下
make installwget ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/gnutls-3.5.9.tar.xz
tar xvf gnutls-3.5.9.tar.xz
cd gnutls-3.5.9
PKG_CONFIG_PATH=/usr/local/lib64/pkgconfig
./configure --with-included-libtasn1 --with-included-unistring --without-p11-kit
sudo make && sudo make installwget https://ftp.gnu.org/gnu/libmicrohttpd/libmicrohttpd-0.9.71.tar.gz
tar zxf libmicrohttpd-0.9.71.tar.gz
cd libmicrohttpd-0.9.71/
./configure --with-ssl --enable-https=yes
make && sudo make install
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
#安装nginx
yum install nginx
#启动nginx
systemctl start nginx.service#生成https证书,安装认证要填写一些信息,直接都回车就行了
mkdir /etc/nginx/ssl
openssl req -x509 -nodes -days 36500 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt
#配置nginx
vi /etc/nginx/conf.d/default.conf
#然后重启nginx#default.conf的内容为
server {listen 80;listen *:443 ssl;server_name localhost;location / {root /opt/janus/share/janus/demos;index index.html index.htm index.php;}error_page 500 502 503 504 /50x.html;location = /50x.html {root /usr/share/nginx/html;}ssl_certificate /etc/nginx/ssl/nginx.crt; #就是上面https证书的位置ssl_certificate_key /etc/nginx/ssl/nginx.key;#就是上面https证书的位置
}
#最后安装janus
#Janus
#if cannot configure plugin sofia,Perhaps you should add the directory containing `sofia-sip-ua.pc' to the PKG_CONFIG_PATH environment variable,
#for example centos7 :export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/lib/pkgconfigexport PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/lib/pkgconfig
#if cannot load libsofia-sip-ua.so.0 , try ldconfig -v
git clone https://github.com/meetecho/janus-gateway.git && \
cd janus-gateway &&\
sh autogen.sh && \
./configure --prefix=/opt/janus --disable-rabbitmq --disable-docs --disable-libsrtp2 &&\
make && make install && make configs#然后执行下面两条指令 (这步应该是必须的)
ldconfig
export LD_LIBRARY_PATH=/usr/local/lib
#修改janus里的配置
cd /opt/janus/etc/janus
#主要修改这几个配置文件
#janus.jcfg
#janus.transport.http.jcfg
#janus.transport.websockets.jcfg#修改的内容为#janus.jcfg
certificates: {cert_pem = "/etc/nginx/ssl/nginx.crt"cert_key = "/etc/nginx/ssl/nginx.key"#cert_pwd = "secretpassphrase"#ciphers = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
}#janus.transport.http.jcfg
general: {#events = true # Whether to notify event handlers about transport events (default=true)json = "indented" # Whether the JSON messages should be indented (default),base_path = "/janus" # Base path to bind to in the web server (plain HTTP only)http = true # Whether to enable the plain HTTP interfaceport = 8088 # Web server HTTP port#interface = "eth0" # Whether we should bind this server to a specific interface only#ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) onlyhttps = true # Whether to enable HTTPS (default=false)secure_port = 8089 # Web server HTTPS port, if enabled#secure_interface = "eth0" # Whether we should bind this server to a specific interface only#secure_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only#acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses#mhd_connection_limit = 1020 # Open connections limit in libmicrohttpd (default=1020)#mhd_debug = false # Ask libmicrohttpd to write warning and error messages to stderr (default=false)
}admin: {admin_base_path = "/admin" # Base path to bind to in the admin/monitor web server (plain HTTP only)admin_http = true # Whether to enable the plain HTTP interfaceadmin_port = 7088 # Admin/monitor web server HTTP port#admin_interface = "eth0" # Whether we should bind this server to a specific interface only#admin_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) onlyadmin_https = true # Whether to enable HTTPS (default=false)admin_secure_port = 7889 # Admin/monitor web server HTTPS port, if enabled#admin_secure_interface = "eth0" # Whether we should bind this server to a specific interface only#admin_secure_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only#admin_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}certificates: {cert_pem = "/etc/nginx/ssl/nginx.crt"cert_key = "/etc/nginx/ssl/nginx.key"#cert_pwd = "secretpassphrase"#ciphers = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
}#janus.transport.websockets.jcfg
general: {#events = true # Whether to notify event handlers about transport events (default=true)json = "indented" # Whether the JSON messages should be indented (default),#pingpong_trigger = 30 # After how many seconds of idle, a PING should be sent#pingpong_timeout = 10 # After how many seconds of not getting a PONG, a timeout should be detectedws = true ws_port = 8188 # WebSockets server port#ws_interface = "eth0" # Whether we should bind this server to a specific interface only#ws_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only#ws_unix = "/run/ws.sock" # Use WebSocket server over UNIX socket instead of TCPwss = true # Whether to enable secure WebSocketswss_port = 8989 # WebSockets server secure port, if enabled#wss_interface = "eth0" # Whether we should bind this server to a specific interface only#wss_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only#wss_unix = "/run/wss.sock" # Use WebSocket server over UNIX socket instead of TCP#ws_logging = "err,warn" # libwebsockets debugging level as a comma separated list of things#ws_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}admin: {admin_ws = false # Whether to enable the Admin API WebSockets APIadmin_ws_port = 7188 # Admin API WebSockets server port, if enabled#admin_ws_interface = "eth0" # Whether we should bind this server to a specific interface only#admin_ws_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only#admin_ws_unix = "/run/aws.sock" # Use WebSocket server over UNIX socket instead of TCPadmin_wss = true # Whether to enable the Admin API secure WebSocketsadmin_wss_port = 7989 # Admin API WebSockets server secure port, if enabled#admin_wss_interface = "eth0" # Whether we should bind this server to a specific interface only#admin_wss_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only#admin_wss_unix = "/run/awss.sock" # Use WebSocket server over UNIX socket instead of TCP#admin_ws_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}certificates: {cert_pem = "/etc/nginx/ssl/nginx.crt"cert_key = "/etc/nginx/ssl/nginx.key"#cert_pwd = "secretpassphrase"#ciphers = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
}#修改前端页面的配置,把请求方式改成websocket的,如果是用原来https请求的话,要重新调整过nginx的配置,不然会阻塞超时,页面中会报net::ERR_INCOMPLETE_CHUNKED_ENCODING 200 (OK)这个错
cd /opt/janus/share/janus/demos
vi setting.js
var server = "wss://" + window.location.hostname + ":8989/janus";
#针对上面https交互的问题,nginx配置需要做如下调整 增加 location /janus location /admin 和 location ~ \.() 三个配置
#然后重启nginxserver {listen 80;listen *:443 ssl;server_name localhost;location / {root /opt/janus/share/janus/demos;index index.html index.htm index.php;}location /janus {proxy_set_header Host $host:$server_port;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_pass http://your_ip:8088/janus; #要正确填写你服务器的ip地址}location /admin {proxy_set_header Host $host:$server_port;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_pass http://your_ip:7088/admin; #要正确填写你服务器的ip地址}location ~ \.(bmp|gif|jpg|png|css|js|cur|flv|ico|swf|doc|pdf|html)$ {root /opt/janus/share/janus/demos;expires 1d;}error_page 500 502 503 504 /50x.html;location = /50x.html {root /usr/share/nginx/html;}ssl_certificate /etc/nginx/ssl/nginx.crt;ssl_certificate_key /etc/nginx/ssl/nginx.key;
}#然后修改setting.js中server的值。
#var server = "/janus";#这样就可以正常通过https交互访问了,如果页面还报一个502Bad Way的问题,同时nginx里面报了一个connect() to ip:8088 failed (13: Permission denied) while connecting to upstream的错,原因是SELinux限制了nginx对外访问的权限,执行下面操作#查网络访问的配置
getsebool -a | grep httpd_can_network_connect
#如果出现如下结果
#httpd_can_network_connect --> off
#则执行如下命令取消限制:
#SELinux命令,临时配置,重启后失效
setsebool httpd_can_network_connect=1
#写入配置文件的命令,重启后保留,推荐这种方式
setsebool -P httpd_can_network_connect 1
#最后到/opt/janus/bin 下启动janus,如果看到刚刚配置的几个端口成功启动了那就说明可以了,以上的配置可能并不是都要改,主要就是websocket配置那个wss = false改为true, 启用8989那个端口和http配置的https = false 改为true,启用8089端口 。同时涉及到certificates这个配置应该是一定要改的。
#页面访问 https://your_ip/index.html./janus
CentOS7 搭建Janus服务相关推荐
- centos7搭建DNS服务(use)
参考:centos7搭建DNS服务完整版 CentOS 7 配置DNS服务 Centos7 DNS 服务器配置步骤 --use DNS服务类型 主机记录 记录类型 记录值 ns1 A 192.168. ...
- 一文学会快速搭建Janus服务端
1.概述 想要了解Janus,首先需要知道WebRTC以及Janus和WebRTC之间的关系,本文将会对这些内容做简单的介绍,同时也会介绍一下Janus的架构,Janus可以实现的功能,并展示如何快速 ...
- centos7搭建pptp服务
下面是在 CentOS 7 系统中搭建 PPTP 服务的教程: 安装 PPTP 服务器软件包: sudo yum install pptpd 编辑配置文件 /etc/pptpd.conf,设置服务器地 ...
- centos7搭建DNS服务,CA字签证书
1.描述TSL链路的通信图 第一阶段:client hello1:向服务端发送支持的协议版本,比如 tls1.22:客户端生成一个随机数,稍后用户生成"会话秘钥"3:发送支持的加密 ...
- Centos7搭建 sftp服务
目录 文章目录 目录 一.概述 二.机器准备 三.查看openssh的版本 四.创建sftp管理账户 五.修改/etc/ssh/sshd_config配置文件中关于sftp的配置 六.关闭Selinux ...
- centos7 搭建vsftpd服务并锁定用户的家目录
1.安装vsftpd服务 yum install vsftpd -y 2.创建用户 useradd vsftp -s /sbin/nologin ####添加用户,并且这个用户没有登陆系统的权限pas ...
- Centos7搭建SVN服务步骤说明
安装必要的rpm包 yum -y install subversion httpd mod_dav_svn 创建svn仓库 mkdir -p /data/svn svnadmin create /da ...
- centos7搭建easy-mock服务
前提步骤 安装Node.js(v8.x, 不支持 v10.x)& MongoDB(>= v3.4)& Redis(>= v4.0) 安装node # install n c ...
- CentOS7 搭建samba服务
1.安装samba服务 yum install samba -y 2.设置samba服务开机启动 systemctl enable smb 3.启动samba服务 systemctl start sm ...
最新文章
- 15篇最新AI论文推荐新鲜出炉!真的很skr了~(附链接)
- WPF命中测试示例(一)——坐标点命中测试
- 浅谈配置文件:spring-servlet.xml(spring-mvc.xml) 与 applicationContext.xml
- ASP.NET MVC:Cookie 的过期时间在服务器端是获取不到的
- python的yield和yield from
- idea设置中文界面_英雄联盟手游中文翻译--游戏主页设置界面翻译
- 【Python】- scrapy 爬取图片保存到本地、且返回保存路径
- python 保存为tiff文件, 图像转tiff, tif文件添加投影
- 关于Linux消息队列的简单说明、使用、编码
- 什么是云计算中的SaaS(软件即服务)?
- 不知细叶谁裁出,二月春风似剪刀
- vmware虚拟机中ubuntu如何连接校园网netkeeper
- c语言清除文件缓存区,C语言之清空缓存区
- python throw_python 之 异常处理
- 浅谈数据的查找(二分查找)
- PDF文件的身份证号码
- Kali普通账户如何获取root管理员权限并切换中文?
- 怎样用matlab产生泊松分布随机数
- 统计专用计算机使用年限,『应用』电脑使用时间统计软件--ManicTime
- sm2 java 开源_SM2 国密算法被 Linux 内核社区接受
热门文章
- 打开一个浏览器跳转到2345浏览器主页 这里以Google为例 亲测已解决。
- Github标签管理
- Java中级开发笔试题及答案,最全指南
- js 超简单 判断是否字符串是否为纯数字
- codeforces 332B B. Maximum Absurdity(rmq)
- android组合键截图原理,三星安卓手机怎么截图组合键 三星安卓手机截图组合键步骤...
- Windows环境下Nexus的下载与安装
- linux系统fflush函数
- python逻辑回归的主要参数_python机器学习(六)回归算法-逻辑回归
- 校验验证码 实现登录验证