完整的配置

zangcf

目前需要四个服务器:
第一个,房间服务器
第二个,信令服务器
第三个,穿墙服务器
第四个,Nginx反向代理https安全服务器
参考如下文档进行部署,我会做相应的改动
http://www.jianshu.com/p/5431a7066f47

zangcf

首先,第一步按照apprtc房间服务器,先不做配置基本按照官网:https://github.com/webrtc/apprtc上的指导来操作
1:安装nodejs和npmapt-get install openjdk-7-jdk

sudo apt-get install nodejs
[size=13.6000003814697px]sudo apt-get install npm
sudo npm install -g npm
2:安装nodejs-legacy:

sudo apt-get install nodejs-legacy

3:安装代码编译管理工具grunt
sudo npm -g install grunt-cli

4:下载代码和同步库，这一步我已经做好了，并且打包成webrtc.tar.gz

5：安装python-webtest
sudo apt-get install python-webtest

6：编译
grunt build


7：解包gae，运行程序

8：测试
http://192.168.1.118:8080/
出来AppRtc的界面就ok了

zangcf

1，nginx相关的配置文章，参考
http://blog.csdn.net/zyf837368104/article/details/7627033

2，ubuntu安装nginx相关文章：
http://blog.csdn.net/zht666/article/details/17137205

1)  wget http://www.openssl.org/source/openssl-1.0.1f.tar.gz
2) https://sourceforge.net/projects/pcre/files/pcre/8.32/ to download
3) compile and intall pcre
./configure --prefix=/usr/local/pcre
Make
Sudo make install
4) wget http://nginx.org/download/nginx-1.3.3.tar.gz
首先，打开文件/usr/bin/pod2man
注释掉第71行
./configure  --with-pcre=../pcre-8.32 --with-http_ssl_module --with-zlib=../zlib/1.2.3  --prefix=/usr/local/nginx --with-http_stub_status_module --with-cc-opt='-O3' --with-openssl=../openssl-1.0.1f然后vi objs/Makefile
修改：
CFLAGS =  -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Wunused-func
tion -Wunused-variable -Wunused-value -g -O3
===========
make
sudo make install
some error can be fixed by myself
5)fix /usr/local/nginx/conf/nginx.conf, add:
add include /etc/nginx/sites-enabled/*; in http{}
6) mkdir -p /etc/nginx/sites-enabled, and new file:
/etc/nginx/sites-enabled/apprtc.91xuepai.com
==================================
#/etc/nginx/sites-enabled/apprtc.91xuepai.com
upstream roomserver {
        server localhost:8080;
}


server {
        listen 80 ;
        server_name apprtc.91xuepai.com;
        return  301 https://$server_name$request_uri;
}

server {
        listen 443 ;
        ssl on;
        # 域名为apprtc.diveinedu.com的SSL证书文件
        ssl_certificate      /etc/nginx/apprtc.91xuepai.com.crt;
        ssl_certificate_key  /etc/nginx/apprtc.91xuepai.com.key;

        server_name apprtc.91xuepai.com;
        access_log  /var/log/nginx/apprtc.91xuepai.com.log;
        location / {
                proxy_pass http://roomserver$request_uri;
                proxy_set_header Host $host;
        }

}

7) generate openssl key:借用simplewebrtc的技术，我们生成key
===============================================================
root@iZ949sqo4m3Z:~/singalserver/signalmaster-master# ./scripts/generate-ssl-certs.sh
Generating self-signed certificates...
Generating RSA private key, 1024 bit long modulus
...........++++++
...............++++++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:GD
Locality Name (eg, city) []:SZ
Organization Name (eg, company) [Internet Widgits Pty Ltd]:91xuepai
Organizational Unit Name (eg, section) []:91xuepai     
Common Name (e.g. server FQDN or YOUR name) []:91xuepai
Email Address []:710833814

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []:91xuepai
Signature ok
subject=/C=CN/ST=GD/L=SZ/O=91xuepai/OU=91xuepai/CN=91xuepai/emailAddress=710833814
Getting Private key
===============================================================
下面的生成方法，暂时不使用
openssl genrsa -des3 -out apprtc.91xuepai.com.key 1024

openssl req -new -key apprtc.91xuepai.com.key -out apprtc.91xuepai.com.csr

cp apprtc.91xuepai.com.key apprtc.91xuepai.com.key.bak

openssl rsa -in apprtc.91xuepai.com.key.bak -out apprtc.91xuepai.com.key

openssl x509 -req -days 365 -in apprtc.91xuepai.com.csr -signkey apprtc.91xuepai.com.key -out apprtc.91xuepai.com.crt

8) copy
doraemon@doraemon-VirtualBox:~/nginx/key$ sudo cp apprtc.91xuepai.com.crt /etc/nginx/
[sudo] password for doraemon:
doraemon@doraemon-VirtualBox:~/nginx/key$ sudo cp apprtc.91xuepai.com.key /etc/nginx/

9) restart nginx

zangcf

这个配置比较复杂，主要牵扯到云端服务器能否翻墙的问题：
========================================================
1，首先找一个本地的ubuntu桌面系统，保证可以使用翻墙工具
2，下载go程序:进入网站下载 http://www.golangtc.com/download
go1.6.2.linux-amd64.tar.gz
3，安装go环境
解压缩tar xzvf go1.6.2.linux-amd64.tar.gz
将生成一个go的目录，使用su的权限

1. sudo mv go /usr/local/

复制代码

配置环境文件，打开用户~目录下的.profile
添加：

1. <font face="Helvetica Neue, Helvetica, Arial, sans-serif"><font color="#333333"><font style="background-color:rgb(245, 245, 245)">export GOROOT="/usr/local/go"</font></font></font>
   
2. <font face="Helvetica Neue, Helvetica, Arial, sans-serif"><font color="#333333"><font style="background-color:rgb(245, 245, 245)">export GOPATH="$HOME/collider_root"</font></font></font>
   
3. <font face="Helvetica Neue, Helvetica, Arial, sans-serif"><font color="#333333"><font style="background-color:rgb(245, 245, 245)">export PATH=$PATH:$GOROOT/bin</font></font></font>

复制代码

修改之后保存
然后引入环境变量source .profile
4, 准备collider的代码，在用户目录~下面
mkdir -p collider_root/src
然后把apprtc/src/collider目录下所有文件copy到~、collider_root/src下面
5,同步编译
go get collidermain
然后安装，go install collidermain
6，把collider_root目录全部打包，然后copy到目标服务器
7，在目标服务器上面同样配置上面的环境参数
8，在目标服务器上面修改代码
编辑$GOPATH/src/collidermain/main.go,修改房间服务器为我们前面的房间服务器:
//var roomSrv = flag.String("room-server", "https://apprtc.appspot.com", "The origin of the room server")
var roomSrv = flag.String("room-server", "https://apprtc.diveinedu.com", "The origin of the room server")
9，编辑$GOPATH/src/collider/collider.go,设置信令服务器所需要用的HTTPS的证书文件, 找到如下代码,注释后改为这样:
/e = server.ListenAndServeTLS("/cert/cert.pem", "/cert/key.pem")
e = server.ListenAndServeTLS("/etc/nginx/apprtc.91xuepai.com.crt", "/etc/nginx/apprtc.91xuepai.com.key")

10，然后重复上面：
go get collidermain go install collidermain
11，运行信令服务器：
$GOPATH/bin/collidermain -port=8089 -tls=true如何测试信令服务器是否可以工作呢？

zangcf

1，准备编译环境和安装相应库
sudo apt-get install build-essential
sudo apt-get install -y libssl-dev libevent-dev libpq-dev mysql-client libmysqlclient-dev libhiredis-dev

2，下面程序，编译安装：
准备文件，turnserver-3.2.3.95.tar.gz解压缩
./configure
make
sudo make install
turnserver -h来查看是否安装ok
3, 配置
turnadmin -k -u 用户名 -r 91xuepai.com -p 密码
记得复制保存一下生成出来的key：0xXXXXX=======20160721配置===================
root@iZ949sqo4m3Z:~/turnserver-3.2.3.95# turnadmin -k -u 91xuepai -r 91xuepai.co
m -p 91xuepai.com
0x000f115016c229b8a72c6026c2a0c0ba
root@iZ949sqo4m3Z:~/turnserver-3.2.3.95#

======================================
修改配置文件:/etc/turnserver.conf主要是如下部分信息要修改:

• listening-ip=外网ip  
• listening-port=3478  
• tls-listening-port=5349
• relay-ip=外网ip  
• external-ip=外网ip  
• relay-threads=50  
• lt-cred-mech  
• user= username: 0xaXXXXX(格式：user:pass)  
• userdb=/etc/turnuserdb.conf  
• #max-bps=102400  
• pidfile="/var/run/turnserver.pid"  
  

在修改/etc/ turnuserdb.conf文件：

如果你只有一个用户就配置下面这一句就好了，这里的跟turnuserdb.conf配置的用户名密码保持一致：

username: 0xaXXXXX(格式：user:pass)  

4，启动

• turnserver -L <public_ip_address> -c /etc/turnserver.conf -o -a -b/etc/turnuserdb.conf -f -r <system_domain_name>  
  

5，测试
在浏览器访问http://外网ip:3478,如果看到“TURN Server”，说明已经搭好了。

在WebRtc的JS客户端中这样写：

copy

• iceServer = { "iceServers":[{"url": "stun:stun.l.google.com:19302" },  
•                              {"url":"stun: 外网ip:3478"},  
•                              {"url":"turn:外网ip",   
•                              "credential":"0xa9c04dc63524413e8c16fa1bb04a1472","username":"myuserHello"}   
• ]}  
• 这个地方没有搞懂在哪个地方做的????????
  

zangcf

在真实服务器上面实现
房间服务器的基本作用是什么?
信令服务器的基本作用是什么?
打洞服务器的基本作用是什么?

三个服务器以谁作为统领者管理他们之间关系的?
apprtc的重要文件apprtc/src/app_engine/constants.py
中间一些重要参数是什么作用?
# TODO: Remove once clients support ICE_SERVER.
TURN_BASE_URL = 'http://120.76.203.222:8083'
TURN_URL_TEMPLATE = '%s/turn?username=%s&key=%s'
CEOD_KEY = '4080218913'

ICE_SERVER_BASE_URL = 'https://networktraversal.googleapis.com'
ICE_SERVER_URL_TEMPLATE = '%s/v1alpha/iceconfig?key=%s'
ICE_SERVER_API_KEY = os.environ.get('ICE_SERVER_API_KEY')

# Dictionary keys in the collider instance info constant.
WSS_INSTANCE_HOST_KEY = 'host_port_pair'
WSS_INSTANCE_NAME_KEY = 'vm_name'
WSS_INSTANCE_ZONE_KEY = 'zone'
WSS_INSTANCES = [{
    WSS_INSTANCE_HOST_KEY: '120.76.203.222:8089',
    WSS_INSTANCE_NAME_KEY: 'wsserver-std',
    WSS_INSTANCE_ZONE_KEY: 'us-central1-a'
}, {
    WSS_INSTANCE_HOST_KEY: '120.76.203.222:8089',
    WSS_INSTANCE_NAME_KEY: 'wsserver-std-2',
    WSS_INSTANCE_ZONE_KEY: 'us-central1-f'
}]

WSS_HOST_PORT_PAIRS = [ins[WSS_INSTANCE_HOST_KEY] for ins in WSS_INSTANCES]