Centos7下安装Jitsi Meet

Network2年前 (2022)更新 bruce
1,292 5
内容纲要

由于服务器都是Centos,不是Ubuntu,之前在Centos安装过一次Jitsi Meet失败了,这次详细记录手动安装过程。也学习一下Jitsi Meet环境配置。

2020-08-11,由于jitsi Meet对Ubuntu支持的比较好,建议学习Docker部署,一下因为时间原因,有些方式、原理、地址可能已经更新。
请参考,https://github.com/jitsi/docker-jitsi-meet

选择Jitsi Meet分析

Jitsi只是实现了SFU模型,不包含MCU,由于功能单一,只是一个转化路由,所以这个系统是列表中是较为稳定的一个开源系统。如果只是需要实现简单的转发功能,这个开源系统是不错的选择。

SFU 相比于 MCU,服务器的压力更小(纯转发,无转码合流),灵活性更好(可选择性开关任意一路数据的上下行等),受到更广泛的欢迎和应用,常见的开源 SFU 服务器有:Licode,Janus,Jitsi,mediasoup,Medooze 等等,各有特点,大家可以去项目主页了解更详细的情况。

MCU (MultiPoint Control Unit) MCU是传统视频会议系统中的核心控制单元,在WebRTC的系统实现中, 适合于多人音视频通话场景,MCU可以对接收到的多路流进行转码和混合,并向每个终端输出单路流。
SFU(Selective Forwarding Unit) SFU从发布客户端复制音视频流的信息,然后分发到多个订阅客户端。典型的应用场景是1对多的直播服务。

Centos7环境准备工作

[root@59.000.00.008 github]$ lsb_release -a
LSB Version:    :core-4.1-amd64:core-4.1-noarch:cxx-4.1-amd64:cxx-4.1-noarch:desktop-4.1-amd64:desktop-4.1-noarch:languages-4.1-amd64:languages-4.1-noarch:printing-4.1-amd64:printing-4.1-noarch
Distributor ID: CentOS
Description:    CentOS Linux release 7.7.1908 (Core)
Release:    7.7.1908
Codename:   Core

基本软件环境

# 直接安装
yum install pcre pcre-devel make gcc gcc-c++ zlib zlib-devel openssl-devel unzip ca-certificates git maven

# 手动安装nginx
yum install nginx

# 手动安装nodejs (npm),自行搜索“centos7 install npm”

Install latest version of Java

yum install java-1.8.0-openjdk
yum install java-1.8.0-devel

Install Prosody (make sure you have installed npm)

prosody install

yum install prosody

# 下面ip都是公网IP或者域名 meet.cebumaker.com
 vim /etc/prosody/conf.d/meet.cebumaker.com.cfg.lua
VirtualHost "meet.cebumaker.com"
    authentication = "anonymous"
    ssl = {
        key = "/var/lib/prosody/meet.cebumaker.com.key";  -- prosody生成的秘钥
        certificate = "/var/lib/prosody/meet.cebumaker.com.crt";
    }
    modules_enabled = {
        "bosh";
        "pubsub";
    }
    c2s_require_encryption = false

VirtualHost "auth.meet.cebumaker.com"
    ssl = {
        key = "/var/lib/prosody/auth.meet.cebumaker.com.key";
        certificate = "/var/lib/prosody/auth.meet.cebumaker.com.crt";
    }
    authentication = "internal_plain"

 admins = {"focus@auth.meet.cebumaker.com"}

Component "conference.meet.cebumaker.com" "muc"
Component "jitsi-videobridge.meet.cebumaker.com"
    component_secret = "mysecret1"
Component "focus.meet.cebumaker.com"
    component_secret = "mysecret2"

需要生成密码进行加密通信

# 生成秘钥
prosodyctl cert generate meet.cebumaker.com
prosodyctl cert generate auth.meet.cebumaker.com

# 生成用户密码
prosodyctl register focus auth.meet.cebumaker.com mysecret3

# 生成秘钥提示
Choose key size (2048):
Country Name (2 letter code) [AU]:CN【国家代号,中国输入CN】
State or Province Name (full name) [Some-State]:BeiJing【省的全名,拼音】
Locality Name (eg, city) []:BeiJing【市的全名,拼音】
Organization Name (eg, company) [Internet Widgits Pty Ltd]:MyCompany Corp.【公司英文名】Organizational Unit Name (eg, section) []: 【可以不输入】
Common Name (eg, YOUR name) []:【对于server.csr需要输入网站的域名以作校验,其余的csr可随意填写】
 Email Address []:admin@mycompany.com【电子邮箱,可随意填】
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:【可以不输入】
An optional company name []:【可以不输入】
版本不同具体内容有所差异

修改prosody.cfg.lua配置,在prosody根目录下

cd /etc/prosody/
vim prosody.cfg.lua
# vim中搜索 example.com

--VirtualHost "example.com"
--      certificate = "/path/to/example.crt"
VirtualHost "localhost"
VirtualHost "meet.cebumaker.com" --自己配置的域名
ssl={
key="/var/lib/prosody/meet.cebumaker.com.key";  --你自己的秘钥地址
certificate="/var/lib/prosody/meet.cebumaker.com.crt";
}

# 重启prosody
prosodyctl restart

配置nginx

server {
    listen       443 ssl;
    server_name meet.cebumaker.com; # 自己在prosody 中配置的域名

    ssl_certificate      /var/lib/prosody/meet.cebumaker.com.crt; ## prosody生成的秘钥位置
    ssl_certificate_key  /var/lib/prosody/meet.cebumaker.com.key; ## prosody生成的秘钥位置

    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;

    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers  on;
    root /data/www/meet.cebumaker.com; ## jitsi-meet的根目录
    index index.html index.htm;
    error_page 404 /404.html;

    location /config.js {
        alias /data/www/meet.cebumaker.com/config.js; ## jitsi-meet的配置文件位置
    }

    location ~ ^/([a-zA-Z0-9=\?]+)$ {
        rewrite ^/(.*)$ / break;
    }

    location / {
        ssi on;
    }

    ## Backward compatibility
    location ~ /external_api.* {
        root /data/www/meet.cebumaker.com/libs; ## jitsi-meet的配置文件位置
    }

    # BOSH
    location /http-bind{
        proxy_pass http://localhost:5280/http-bind;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $http_host;
    }
}

Install Jitsi Videobridge

选择你要下载的版本:https://download.jitsi.org/stable/
下面地址由于官方删除了2020-08-11更新上面的参考地址

mkdir /etc/jitsi
cd /etc/jitsi
wget https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-x64-1130.zip
unzip jitsi-videobridge-linux-x64-1130.zip

Download Apache Ant and Apache Maven and extract it to /tmp

Maven和Ant通过yum install安装的版本过低(Maven 3.0.5-17.el7),需要手动安装
https://ant.apache.org/bindownload.cgi
https://maven.apache.org/download.cgi

cd /tmp
wget http://mirror.rise.ph/apache//ant/binaries/apache-ant-1.10.7-bin.zip
unzip apache-ant-1.10.7-bin.zip # /tmp/apache-ant-1.10.7/bin/ant
wget http://mirror.rise.ph/apache/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.zip
unzip apache-maven-3.6.3-bin.zip # /tmp/apache-maven-3.6.3/bin/mvn

Install Jitsi Conference Focus (jicofo)

cd /etc/jitsi
git clone https://github.com/jitsi/jicofo.git
cd jicofo
/tmp/apache-maven-3.6.3/bin/mvn package -DskipTests -Dassembly.skipAssembly=false

Compile Jicofo and Videobridge (git clone to root for example)

cd /jicofo
/tmp/apache-maven-3.6.3/bin/mvn -U clean package -DskipTests

/tmp/apache-maven-3.6.3/bin/mvn dependency:get -DartifactId=maven-ant-tasks -DgroupId=org.apache.maven -Dversion=2.1.3

/tmp/apache-maven-3.6.3/bin/mvn package -DskipTests -Dassembly.skipAssembly=false

/tmp/apache-ant-1.10.7/bin/ant -lib ~/.m2/repository/org/apache/maven/maven-ant-tasks/2.1.3/maven-ant-tasks-2.1.3.jar dist.lin64

unzip target/jicofo-{os-name}-1.0-SNAPSHOT.zip
cd jicofo-{os-name}-1.0-SNAPSHOT'

./jicofo.sh --host=localhost --domain=jitsi.example.com --secret=YOURSECRET2 --user_domain=auth.jitsi.example.com --user_name=focus --user_password=YOURSECRET3

启动服务端配置

# 启动jvb
nohup  /etc/jitsi/videobridge/jvb.sh --host=localhost --domain=meet.cebumaker.com --port=5347 --secret=mysecret1 &

# 启动jicofo.sh
nohup  /etc/jitsi/jicofo/jicofo/jicofo.sh --host=localhost --domain=meet.cebumaker.com --secret=mysecret2 --user_domain=auth.meet.cebumaker.com --user_name=focus --user_password=mysecret3 &

jitsi-meet config.js配置


   hosts: {
        // XMPP domain.
        domain: 'meet.cebumaker.com',

        // When using authentication, domain for guest users.
        // anonymousdomain: 'guest.example.com',

        // Domain for authenticated users. Defaults to <domain>.
        // authdomain: 'jitsi-meet.example.com',

        // Jirecon recording component domain.
        // jirecon: 'jirecon.jitsi-meet.example.com',

        // Call control component (Jigasi).
        // call_control: 'callcontrol.jitsi-meet.example.com',
        bridge: 'jitsi-videobridge.meet.cebumaker.com',  //添加的配置
        // Focus component domain. Defaults to focus.<domain>.
        focus: 'focus.meet.cebumaker.com',

        // XMPP MUC domain. FIXME: use XEP-0030 to discover it.
        muc: 'conference.meet.cebumaker.com'
    },

Install Jitsi meet

git clone git://github.com/jitsi/jitsi-meet.git
cd jitsi-meet
npm install
make

Nginx配置参考

server_names_hash_bucket_size 64;
server {
    listen 443;
    # tls configuration that is not covered in this guide
    # we recommend the use of https://certbot.eff.org/
    server_name meet.cebumaker.com;
    # set the root
    root /data/www/meet.cebumaker.com;
    index index.html;
    location ~ ^/([a-zA-Z0-9=\?]+)$ {
        rewrite ^/(.*)$ / break;
    }
    location / {
        ssi on;
    }
    # BOSH, Bidirectional-streams Over Synchronous HTTP
    # https://en.wikipedia.org/wiki/BOSH_(protocol)
    location /http-bind {
        proxy_pass      http://localhost:5280/http-bind;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $http_host;
    }
}

环境要求

openssl version # 检查openssl1.0.1或openssl1.0.2(openssl version查看版本信息)
npm -v
gcc -v
java -version
mvn -v

配置文件路径

/etc/jitsi # 建议手动创建,把所有相关服务端软件放在此目录
jicofo:/etc/jitsi/jicofo
jitsi-videobridge: /etc/jitsi/videobridge
jitsi-meet: /etc/jitsi/meet
xmpp: /etc/prosody/
/etc/jitsi/videobridge/sip-communicator.properties

日志文件路径

Jitsi-videobridge:/var/log/jitsi/jvb.log
Jicofo: /var/log/jitsi/jicofo.log
xmpp服务: /var/log/prosody/prosody.err、/var/log/prosody/prosody.log

采坑登记

  • 国内阿里云访问github限流,不想多说;
  • 因为国内对github限流,造成下载或者clone花费时间是配置检查文件十多倍;
  • 总觉得人肉翻墙了,如果用国内服务器,还要翻墙,服了;
  • yum install Maven #(默认版本3.0.5-17.el7,偏低,需要手动安装,参考上面)
  • npm install 做个前端,一堆要了老命的配置文件。node与npm版本要高于手册要求,如果莫名其妙的报错,删掉根目录node_model,对了提前换到淘宝npm源;

参考

https://github.com/jitsi/jitsi-meet/blob/master/doc/manual-install.md
http://www.github.com.ipaddress.com/ 阿里云不能访问github,通过访问这个网址获得ip,修改hosts文件
https://blog.springfavor.cn/tags/Jitsi/
https://blog.csdn.net/Kimipoker/article/details/90050394
https://github.com/jitsi/jitsi-meet
https://github.com/jitsi/jicofo
https://github.com/jitsi/jitsi-videobridge

© 版权声明

相关文章

5 条评论

  • 小魏
    小魏 游客

    你好,下载Videobridge时出错,https://download.jitsi.org/jitsi-videobridge/linux/页面已被官网撤销。
    请问能够给我一个压缩包吗?

    回复
    • bruce
      bruce

      感谢反馈,最新地址,https://download.jitsi.org/stable/
      内容已经更新。

      回复
      • 小魏
        小魏 游客

        非常非常感谢!!!

        回复
  • 小张
    小张 游客

    你好,在Compile Jicofo and Videobridge (git clone to root for example)这部分,执行/tmp/apache-ant-1.10.7/bin/ant -lib ~/.m2/repository/org/apache/maven/maven-ant-tasks/2.1.3/maven-ant-tasks-2.1.3.jar dist.lin64, 报错
    Buildfile: build.xml does not exist!
    Build failed
    请问你有遇到这个问题吗?

    回复
    • bruce
      bruce

      maven的构建文件找不到或不存在,尝试安装检查apache的maven环境

      回复