webRTC的简介
- webRTC:Web Real-Time Communications
- 用于点对点的实时语音/视频通信的技术
- google开源了google-webRTC的sdk用于提供相关技术
webRTC的三大技术难点
- 音视频的编码与传输
- 私有ip的链接
- 语音降噪
MAC搭建webRTC服务器
webRTC服务器一般包含三部分
- 用于交换sdp/ice信息的房间服务器 roomServer(3000)
- 用于连接私有ip的穿透服务器 sturnServer(3478)
- 用于做代理的nginx服务器,一般服务的端口不会轻易暴露给客户端用.
安装node版本的房间服务webRTC
安装node
brew install node
//检测node是否安装成功
node -v 【更多音视频学习资料,点击下方链接免费领取↓↓,先码住不迷路~】
音视频开发(资料文档+视频教程+面试题)(FFmpeg+WebRTC+RTMP+RTSP+HLS+RTP)
安装房间服务webRTC
git clone https://github.com/androidtencent/WebrtcNodeJS
cd WebrtcNodeJS
npm install
//启动 Server running at http://0.0.0.0:3000/
node server.js coturn穿透服务
brew install coturn
//启动coturn服务
brew services restart coturn
//查看coturn命令
man coturn
//coturn服务器访问密码
turnadmin -k -u hch -r north.gov -p 1qazxsw2
//得到安全访问密钥
//0xa4a6576444351ec2804f4cf2a2701a1a
//0: : SQLite connection was closed.
//0: : log file opened: /var/tmp/turn_58775_2022-04-27.log 配置coturn
安装完coturn服务后,默认在/usr/local/etc下会存在turnserver.conf.default文件,我们自己新建turnserver.conf,加入如下信息,注意user和密码是自己设定的内容:
verbose
fingerprint
lt-cred-mech
realm=test
user=hch:0xa4a6576444351ec2804f4cf2a2701a1a
user=hch:1qazxsw2
stale-nonce
no-loopback-peers
no-multicast-peers
mobility
no-cli 重启coturn
brew services restart coturn 安装nginx
brew install nginx
//配置地址/usr/local/etc/nginx/nginx.conf
//启动nginx
brew services restart nginx 配置nginx
vim /usr/local/etc/nginx/nginx.conf 配置内容注意
- ssl_certificate和ssl_certificate_key的位置要与后面生成的https证书的位置一致
- mac下日志的地址为/usr/local/var/log/
user root admin;
worker_processes auto;
pid /usr/local/etc/nginx/logs/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 300;
types_hash_max_size 2048;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /usr/local/var/log/nginx/access.log;
error_log /usr/local/var/log/nginx/error.log;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
upstream web {
server localhost:3000;
}
upstream websocket {
server localhost:3000;
}
server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate /usr/local/etc/nginx/cert/server.crt;#配置证书
ssl_certificate_key /usr/local/etc/nginx/cert/server.pem;#配置密钥
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 50m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv2 SSLv3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location /wss {
proxy_pass http://websocket/; # 代理到上面的地址去
proxy_read_timeout 300s;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'Upgrade';
}
location / {
proxy_pass http://web/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
} 【更多音视频学习资料,点击下方链接免费领取↓↓,先码住不迷路~】
音视频开发(资料文档+视频教程+面试题)(FFmpeg+WebRTC+RTMP+RTSP+HLS+RTP)
生成https证书
将生成的证书放到nginx配置目录下/usr/local/etc/nginx
openssl genrsa -des3 -out server.key 2048
//输入密码 1qazxsw2
// 移除密码
openssl rsa -in server.key -out server.key
openssl req -new -x509 -key server.key -out ca.crt -days 3650
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 3650 -in server.csr -CA ca.crt -CAkey server.key -CAcreateserial -out server.crt
cat server.key server.crt > server.pem 
启动三个服务
房间服务
cd /Users/hucaihua/code/git/WebrtcNodeJS
node server.js 穿透服务coturn
brew services restart coturn nginx代理服务
brew services restart nginx
//检测nginx是否正常启动
ps -ef|grep nginx 检验一切是否配置成功
在浏览器输入https://localhost,点击信任网站,如果出现自己的头像,则表示配置成功.
如果你对音视频开发感兴趣,觉得文章对您有帮助,别忘了点赞、收藏哦!或者对本文的一些阐述有自己的看法,有任何问题,欢迎在下方评论区讨论!