Webrtc官方Demo公网服务器搭建

原创已于 2022-08-30 17:30:07 修改 · 2.5k 阅读

8 ·

CC 4.0 BY-SA版权

文章标签：

#服务器 #webrtc #运维 #server #nginx

于 2022-06-30 19:46:55 首次发布

本文详细指导在Ubuntu 16.04上部署Webrtc demo，涉及环境配置、服务安装（包括Google App Engine、libevent、coturn、apprtc和信令服务器）、HTTPS证书获取、端口开放及Nginx配置，助你快速搭建外网Webrtc环境。

前言：

Webrtc官方文档其实不算特别友好，有特别多的坑，特别是部署在外网运行时，本文介绍基于腾讯云服务器搭建webrtc demo所需环境全部流程，文章较长，一般出现问题都是端口或者IP配置不正确，多看几遍文章查下哪里出错即可。

环境介绍：

操作系统：Ubuntu 16.04 LTS 64位
Webrtc服务器有3个部分，分别是业务服务器apprtc，穿透服务器（coturn），以及信令服务器（包含在apprtc中）
其中穿透服务器使用的是coturn https://github.com/coturn/coturn
apprtc 以及信令都在这个仓库中 https://github.com/webrtc/apprtc

安装环境准备

sudo apt-get update 
sudo apt install -y nodejs-legacy npm python python-webtest golang-go unzip git-core tar wget

安装运行apprtc所需的依赖服务

1.安装google_appengine：

mkdir -p /home/ubuntu/webrtc
cd /home/ubuntu/webrtc
wget https://storage.googleapis.com/appengine-sdks/featured/google_appengine_1.9.40.zip
unzip google_appengine_1.9.40.zip
#添加环境变量（略）
#export PATH=$PATH:/root/webrtc/google_appengine >> ~/.bashrc
#source ~/.bashrc

2.安装libevent：

wget https://github.com/downloads/libevent/libevent/libevent-2.0.21-stable.tar.gz
tar xvf libevent-2.0.21-stable.tar.gz
cd libevent-2.0.21-stable
./configure
make && make install

安装信令服务器

mkdir -p /home/ubuntu/webrtc/goWorkspace/src
#设置GOPATH环境变量（略）
#export GOPATH=/home/ubuntu/webrtc/goWorkspace >> ~/.bashrc
#source ~/.bashrc
cd /home/ubuntu/webrtc
git clone https://github.com/webrtc/apprtc.git
 ln -s `pwd`/apprtc/src/collider/collider $GOPATH/src
 ln -s `pwd`/apprtc/src/collider/collidermain $GOPATH/src
 ln -s `pwd`/apprtc/src/collider/collidertest $GOPATH/src
go get collidermain
go install collidermain

安装Coturn服务器

cd /home/ubuntu/webrtc
sudo apt install libssl-dev
wget http://coturn.net/turnserver/v4.5.0.7/turnserver-4.5.0.7.tar.gz
tar xvfz turnserver-4.5.0.7.tar.gz
cd turnserver-4.5.0.7
./configure
make
make install

修改apprtc ICE Server相关配置

代码在 /home/ubuntu/webrtc/apprtc/src/app_engine/constants.py
变更部分，注意修改ip:port 以及yourusername,yourpasswd,以及yourdomain
其中ip地址为云服务器的公网地址，域名没有就填写IP地址，端口号为coturn服务器的端口，默认为3478

ICE_SERVER_OVERRIDE  = [
   {
     "urls": [
       "turn:ip:port?transport=udp",
       "turn:ip:port?transport=tcp"
     ],
     "username": "yourusername",
     "credential": "yourpasswd"
   },
   {
     "urls": [
       "stun:ip:port"
     ]
   }
]

ICE_SERVER_BASE_URL = 'https://yourdomain.com'
ICE_SERVER_URL_TEMPLATE = '%s/v1alpha/iceconfig?key=%s'
ICE_SERVER_API_KEY = os.environ.get('ICE_SERVER_API_KEY')
HEADER_MESSAGE = os.environ.get('HEADER_MESSAGE')
ICE_SERVER_URLS = [url for url in os.environ.get('ICE_SERVER_URLS', '').split(',') if url]

# Dictionary keys in the collider instance info constant.
WSS_INSTANCE_HOST_KEY = 'yourdomian.com:8089'
WSS_INSTANCE_NAME_KEY = 'vm_name'
WSS_INSTANCE_ZONE_KEY = 'zone'
WSS_INSTANCES = [{
    WSS_INSTANCE_HOST_KEY: 'yourdomian.com:8089',
    WSS_INSTANCE_NAME_KEY: 'vm_name',
    WSS_INSTANCE_ZONE_KEY: 'zone'
}]

完整constants.py

# Copyright 2015 Google Inc. All Rights Reserved.

"""AppRTC Constants.
This module contains the constants used in AppRTC Python modules.
"""
import os

# Deprecated domains which we should to redirect to REDIRECT_URL.
REDIRECT_DOMAINS =  [
  'apprtc.appspot.com', 'apprtc.webrtc.org', 'www.appr.tc'
]
# URL which we should redirect to if matching in REDIRECT_DOMAINS.
REDIRECT_URL = 'https://appr.tc'

ROOM_MEMCACHE_EXPIRATION_SEC = 60 * 60 * 24
MEMCACHE_RETRY_LIMIT = 100

LOOPBACK_CLIENT_ID = 'LOOPBACK_CLIENT_ID'

# Turn/Stun server override. This allows AppRTC to connect to turn servers
# directly rather than retrieving them from an ICE server provider.
#ICE_SERVER_OVERRIDE = None
# Enable by uncomment below and comment out above, then specify turn and stun
ICE_SERVER_OVERRIDE  = [
   {
     "urls": [
       "turn:ip:port?transport=udp",
       "turn:ip:port?transport=tcp"
     ],
     "username": "yourusername",
     "credential": "yourpasswd"
   },
   {
     "urls": [
       "stun:ip:port"
     ]
   }
]

ICE_SERVER_BASE_URL = 'https://yourdomain.com'
ICE_SERVER_URL_TEMPLATE = '%s/v1alpha/iceconfig?key=%s'
ICE_SERVER_API_KEY = os.environ.get('ICE_SERVER_API_KEY')
HEADER_MESSAGE = os.environ.get('HEADER_MESSAGE')
ICE_SERVER_URLS = [url for url in os.environ.get('ICE_SERVER_URLS', '').split(',') if url]

# Dictionary keys in the collider instance info constant.
WSS_INSTANCE_HOST_KEY = 'yourdomian.com:8089'
WSS_INSTANCE_NAME_KEY = 'vm_name'
WSS_INSTANCE_ZONE_KEY = 'zone'
WSS_INSTANCES = [{
    WSS_INSTANCE_HOST_KEY: 'yourdomian.com:8089',
    WSS_INSTANCE_NAME_KEY: 'vm_name',
    WSS_INSTANCE_ZONE_KEY: 'zone'
}]

WSS_HOST_PORT_PAIRS = [ins[WSS_INSTANCE_HOST_KEY] for ins in WSS_INSTANCES]

# memcache key for the active collider host.
WSS_HOST_ACTIVE_HOST_KEY = 'wss_host_active_host'

# Dictionary keys in the collider probing result.
WSS_HOST_IS_UP_KEY = 'is_up'
WSS_HOST_STATUS_CODE_KEY = 'status_code'
WSS_HOST_ERROR_MESSAGE_KEY = 'error_message'

RESPONSE_ERROR = 'ERROR'
RESPONSE_ROOM_FULL = 'FULL'
RESPONSE_UNKNOWN_ROOM = 'UNKNOWN_ROOM'
RESPONSE_UNKNOWN_CLIENT = 'UNKNOWN_CLIENT'
RESPONSE_DUPLICATE_CLIENT = 'DUPLICATE_CLIENT'
RESPONSE_SUCCESS = 'SUCCESS'
RESPONSE_INVALID_REQUEST = 'INVALID_REQUEST'

IS_DEV_SERVER = os.environ.get('APPLICATION_ID', '').startswith('dev')

BIGQUERY_URL = 'https://www.googleapis.com/auth/bigquery'

# Dataset used in production.
BIGQUERY_DATASET_PROD = 'prod'

# Dataset used when running locally.
BIGQUERY_DATASET_LOCAL = 'dev'

# BigQuery table within the dataset.
BIGQUERY_TABLE = 'analytics'

编译apprtc

1.升级npm

# 1. 升级npm
sudo npm install -g n
sudo n stable
hash -r
# 2. 安装node构建工具：grunt
sudo npm -g install grunt-cli@1.3.2
# 3. 安装 coffeescript
sudo npm install --dev coffeescript

2.编译安装apprtc

cd /home/ubuntu/webrtc/apprtc
npm install --no-fund
grunt build

申请https证书

chrome浏览器必须要求https协议访问才可以打开摄像头，所以需要准备一个https证书，我这里直接使用腾讯云申请的https证书
详见控制台–我的证书 https://console.cloud.tencent.com/ssl/dsc/apply
申请成功后，在腾讯云控制面板下载nginx相关证书，这里我们要使用到的是xxx.com.key文件以及xxx.com_bundle.crt文件

拷贝重命名并上传到服务器根目录下/cert中，crt文件重命名为cert.pem .key文件重命名为key.pem
切记不要写错位置导致后面启动服务器失败
当然也可以修改路径，但是需要修改代码以及配置，这里不详细展开说了。
其它云平台都有对应的免费证书可以申请，或者其它方式生成，这里不详细介绍了

启动服务

启动服务之前，先配置云服务器开放的端口，测试建议全部放开

1.设置环境变量

sudo vim ~/.bashrc
export LOCAL_IP=xx.xx.xx.xx #内网IP地址 这里一定要注意是控制台中看到的内网IP，不要填127.0.0.1
export SERVER_IP=xx.xx.xx.xx # 外网IP地址
source ~/.bashrc

2.启动coturn服务器

nohup turnserver -L $LOCAL_IP -a -u yourusername:yourpasswd -v -f -r nort.gov &

yourusername:yourpasswd 与constants.py中的配置保持一致
启动后可以通过lsof -i:3478确认是否成功，出现一下内容即可

COMMAND     PID   USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
turnserve 24952 ubuntu   16u  IPv4 117841      0t0  UDP 172.22.0.2:3478
turnserve 24952 ubuntu   17u  IPv4 117842      0t0  UDP 172.22.0.2:3478
turnserve 24952 ubuntu   32u  IPv4 116935      0t0  TCP 172.22.0.2:3478 (LISTEN)
turnserve 24952 ubuntu   33u  IPv4 116936      0t0  TCP 172.22.0.2:3478 (LISTEN)

3.启动信令服务器

nohup $GOPATH/bin/collidermain -port=8089 -tls=true  -room-server="https://$SERVER_IP:8080" &

同样，通过lsof -i:8089确认是否开启成功

4.启动apprtc room server

nohup dev_appserver.py --host=$LOCAL_IP /home/ubuntu/webrtc/apprtc/out/app_engine --skip_sdk_update_check &

这个时候可以用过http://yourip:8080 如果能正常打开页面就成功了一大半了！

5.配置Nginx https
直接默认安装nginxsudo apt-get install nginx
修改配置sudo vim /etc/nginx/sites-available/default（建议先备份）
证书为前面申请的https证书，放在/cert目录下

upstream roomserver {
    server 129.226.146.108:8080;
}
server {
        listen      443 ssl;
        ssl_certificate /cert/cert.pem;
        ssl_certificate_key /cert/key.pem;
        index index.html index.htm index.nginx-debian.html;
        server_name ffcmd.com;
        location / {
            proxy_pass http://roomserver$request_uri;
            proxy_set_header Host $host;
        }
}

重载nginx配置sudo nginx -s reload

现在可以通过 https://yourdomain.com 愉快的运行官方demo了（完）

可以配合Android Demo运行 Webrtc Android源码编译以及libwebrtc源码抽取