由于服务器都是Centos,不是Ubuntu,之前在Centos安装过一次Jitsi Meet失败了,这次详细记录手动安装过程。也学习一下Jitsi Meet环境配置。
2020-08-11,由于jitsi Meet对Ubuntu支持的比较好,建议学习Docker部署,一下因为时间原因,有些方式、原理、地址可能已经更新。
请参考,https://github.com/jitsi/docker-jitsi-meet
选择Jitsi Meet分析
Jitsi只是实现了SFU模型,不包含MCU,由于功能单一,只是一个转化路由,所以这个系统是列表中是较为稳定的一个开源系统。如果只是需要实现简单的转发功能,这个开源系统是不错的选择。
SFU 相比于 MCU,服务器的压力更小(纯转发,无转码合流),灵活性更好(可选择性开关任意一路数据的上下行等),受到更广泛的欢迎和应用,常见的开源 SFU 服务器有:Licode,Janus,Jitsi,mediasoup,Medooze 等等,各有特点,大家可以去项目主页了解更详细的情况。
MCU (MultiPoint Control Unit) MCU是传统视频会议系统中的核心控制单元,在WebRTC的系统实现中, 适合于多人音视频通话场景,MCU可以对接收到的多路流进行转码和混合,并向每个终端输出单路流。
SFU(Selective Forwarding Unit) SFU从发布客户端复制音视频流的信息,然后分发到多个订阅客户端。典型的应用场景是1对多的直播服务。
Centos7环境准备工作
[root@59.000.00.008 github]$ lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch:cxx-4.1-amd64:cxx-4.1-noarch:desktop-4.1-amd64:desktop-4.1-noarch:languages-4.1-amd64:languages-4.1-noarch:printing-4.1-amd64:printing-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 7.7.1908 (Core)
Release: 7.7.1908
Codename: Core
基本软件环境
# 直接安装
yum install pcre pcre-devel make gcc gcc-c++ zlib zlib-devel openssl-devel unzip ca-certificates git maven
# 手动安装nginx
yum install nginx
# 手动安装nodejs (npm),自行搜索“centos7 install npm”
Install latest version of Java
yum install java-1.8.0-openjdk
yum install java-1.8.0-devel
Install Prosody (make sure you have installed npm)
yum install prosody
# 下面ip都是公网IP或者域名 meet.cebumaker.com
vim /etc/prosody/conf.d/meet.cebumaker.com.cfg.lua
VirtualHost "meet.cebumaker.com"
authentication = "anonymous"
ssl = {
key = "/var/lib/prosody/meet.cebumaker.com.key"; -- prosody生成的秘钥
certificate = "/var/lib/prosody/meet.cebumaker.com.crt";
}
modules_enabled = {
"bosh";
"pubsub";
}
c2s_require_encryption = false
VirtualHost "auth.meet.cebumaker.com"
ssl = {
key = "/var/lib/prosody/auth.meet.cebumaker.com.key";
certificate = "/var/lib/prosody/auth.meet.cebumaker.com.crt";
}
authentication = "internal_plain"
admins = {"focus@auth.meet.cebumaker.com"}
Component "conference.meet.cebumaker.com" "muc"
Component "jitsi-videobridge.meet.cebumaker.com"
component_secret = "mysecret1"
Component "focus.meet.cebumaker.com"
component_secret = "mysecret2"
需要生成密码进行加密通信
# 生成秘钥
prosodyctl cert generate meet.cebumaker.com
prosodyctl cert generate auth.meet.cebumaker.com
# 生成用户密码
prosodyctl register focus auth.meet.cebumaker.com mysecret3
# 生成秘钥提示
Choose key size (2048):
Country Name (2 letter code) [AU]:CN【国家代号,中国输入CN】
State or Province Name (full name) [Some-State]:BeiJing【省的全名,拼音】
Locality Name (eg, city) []:BeiJing【市的全名,拼音】
Organization Name (eg, company) [Internet Widgits Pty Ltd]:MyCompany Corp.【公司英文名】Organizational Unit Name (eg, section) []: 【可以不输入】
Common Name (eg, YOUR name) []:【对于server.csr需要输入网站的域名以作校验,其余的csr可随意填写】
Email Address []:admin@mycompany.com【电子邮箱,可随意填】
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:【可以不输入】
An optional company name []:【可以不输入】
版本不同具体内容有所差异
修改prosody.cfg.lua配置,在prosody根目录下
cd /etc/prosody/
vim prosody.cfg.lua
# vim中搜索 example.com
--VirtualHost "example.com"
-- certificate = "/path/to/example.crt"
VirtualHost "localhost"
VirtualHost "meet.cebumaker.com" --自己配置的域名
ssl={
key="/var/lib/prosody/meet.cebumaker.com.key"; --你自己的秘钥地址
certificate="/var/lib/prosody/meet.cebumaker.com.crt";
}
# 重启prosody
prosodyctl restart
配置nginx
server {
listen 443 ssl;
server_name meet.cebumaker.com; # 自己在prosody 中配置的域名
ssl_certificate /var/lib/prosody/meet.cebumaker.com.crt; ## prosody生成的秘钥位置
ssl_certificate_key /var/lib/prosody/meet.cebumaker.com.key; ## prosody生成的秘钥位置
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
root /data/www/meet.cebumaker.com; ## jitsi-meet的根目录
index index.html index.htm;
error_page 404 /404.html;
location /config.js {
alias /data/www/meet.cebumaker.com/config.js; ## jitsi-meet的配置文件位置
}
location ~ ^/([a-zA-Z0-9=\?]+)$ {
rewrite ^/(.*)$ / break;
}
location / {
ssi on;
}
## Backward compatibility
location ~ /external_api.* {
root /data/www/meet.cebumaker.com/libs; ## jitsi-meet的配置文件位置
}
# BOSH
location /http-bind{
proxy_pass http://localhost:5280/http-bind;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
}
}
Install Jitsi Videobridge
选择你要下载的版本:https://download.jitsi.org/stable/
下面地址由于官方删除了2020-08-11更新上面的参考地址
mkdir /etc/jitsi
cd /etc/jitsi
wget https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-x64-1130.zip
unzip jitsi-videobridge-linux-x64-1130.zip
Download Apache Ant and Apache Maven and extract it to /tmp
Maven和Ant通过yum install安装的版本过低(Maven 3.0.5-17.el7),需要手动安装
https://ant.apache.org/bindownload.cgi
https://maven.apache.org/download.cgi
cd /tmp
wget http://mirror.rise.ph/apache//ant/binaries/apache-ant-1.10.7-bin.zip
unzip apache-ant-1.10.7-bin.zip # /tmp/apache-ant-1.10.7/bin/ant
wget http://mirror.rise.ph/apache/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.zip
unzip apache-maven-3.6.3-bin.zip # /tmp/apache-maven-3.6.3/bin/mvn
Install Jitsi Conference Focus (jicofo)
cd /etc/jitsi
git clone https://github.com/jitsi/jicofo.git
cd jicofo
/tmp/apache-maven-3.6.3/bin/mvn package -DskipTests -Dassembly.skipAssembly=false
Compile Jicofo and Videobridge (git clone to root for example)
cd /jicofo
/tmp/apache-maven-3.6.3/bin/mvn -U clean package -DskipTests
/tmp/apache-maven-3.6.3/bin/mvn dependency:get -DartifactId=maven-ant-tasks -DgroupId=org.apache.maven -Dversion=2.1.3
/tmp/apache-maven-3.6.3/bin/mvn package -DskipTests -Dassembly.skipAssembly=false
/tmp/apache-ant-1.10.7/bin/ant -lib ~/.m2/repository/org/apache/maven/maven-ant-tasks/2.1.3/maven-ant-tasks-2.1.3.jar dist.lin64
unzip target/jicofo-{os-name}-1.0-SNAPSHOT.zip
cd jicofo-{os-name}-1.0-SNAPSHOT'
./jicofo.sh --host=localhost --domain=jitsi.example.com --secret=YOURSECRET2 --user_domain=auth.jitsi.example.com --user_name=focus --user_password=YOURSECRET3
启动服务端配置
# 启动jvb
nohup /etc/jitsi/videobridge/jvb.sh --host=localhost --domain=meet.cebumaker.com --port=5347 --secret=mysecret1 &
# 启动jicofo.sh
nohup /etc/jitsi/jicofo/jicofo/jicofo.sh --host=localhost --domain=meet.cebumaker.com --secret=mysecret2 --user_domain=auth.meet.cebumaker.com --user_name=focus --user_password=mysecret3 &
jitsi-meet config.js配置
hosts: {
// XMPP domain.
domain: 'meet.cebumaker.com',
// When using authentication, domain for guest users.
// anonymousdomain: 'guest.example.com',
// Domain for authenticated users. Defaults to <domain>.
// authdomain: 'jitsi-meet.example.com',
// Jirecon recording component domain.
// jirecon: 'jirecon.jitsi-meet.example.com',
// Call control component (Jigasi).
// call_control: 'callcontrol.jitsi-meet.example.com',
bridge: 'jitsi-videobridge.meet.cebumaker.com', //添加的配置
// Focus component domain. Defaults to focus.<domain>.
focus: 'focus.meet.cebumaker.com',
// XMPP MUC domain. FIXME: use XEP-0030 to discover it.
muc: 'conference.meet.cebumaker.com'
},
Install Jitsi meet
git clone git://github.com/jitsi/jitsi-meet.git
cd jitsi-meet
npm install
make
Nginx配置参考
server_names_hash_bucket_size 64;
server {
listen 443;
# tls configuration that is not covered in this guide
# we recommend the use of https://certbot.eff.org/
server_name meet.cebumaker.com;
# set the root
root /data/www/meet.cebumaker.com;
index index.html;
location ~ ^/([a-zA-Z0-9=\?]+)$ {
rewrite ^/(.*)$ / break;
}
location / {
ssi on;
}
# BOSH, Bidirectional-streams Over Synchronous HTTP
# https://en.wikipedia.org/wiki/BOSH_(protocol)
location /http-bind {
proxy_pass http://localhost:5280/http-bind;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
}
}
环境要求
openssl version # 检查openssl1.0.1或openssl1.0.2(openssl version查看版本信息)
npm -v
gcc -v
java -version
mvn -v
配置文件路径
/etc/jitsi # 建议手动创建,把所有相关服务端软件放在此目录
jicofo:/etc/jitsi/jicofo
jitsi-videobridge: /etc/jitsi/videobridge
jitsi-meet: /etc/jitsi/meet
xmpp: /etc/prosody/
/etc/jitsi/videobridge/sip-communicator.properties
日志文件路径
Jitsi-videobridge:/var/log/jitsi/jvb.log
Jicofo: /var/log/jitsi/jicofo.log
xmpp服务: /var/log/prosody/prosody.err、/var/log/prosody/prosody.log
采坑登记
- 国内阿里云访问github限流,不想多说;
- 因为国内对github限流,造成下载或者clone花费时间是配置检查文件十多倍;
- 总觉得人肉翻墙了,如果用国内服务器,还要翻墙,服了;
- yum install Maven #(默认版本3.0.5-17.el7,偏低,需要手动安装,参考上面)
- npm install 做个前端,一堆要了老命的配置文件。node与npm版本要高于手册要求,如果莫名其妙的报错,删掉根目录node_model,对了提前换到淘宝npm源;
参考
https://github.com/jitsi/jitsi-meet/blob/master/doc/manual-install.md
http://www.github.com.ipaddress.com/ 阿里云不能访问github,通过访问这个网址获得ip,修改hosts文件
https://blog.springfavor.cn/tags/Jitsi/
https://blog.csdn.net/Kimipoker/article/details/90050394
https://github.com/jitsi/jitsi-meet
https://github.com/jitsi/jicofo
https://github.com/jitsi/jitsi-videobridge
你好,下载Videobridge时出错,https://download.jitsi.org/jitsi-videobridge/linux/页面已被官网撤销。
请问能够给我一个压缩包吗?
感谢反馈,最新地址,https://download.jitsi.org/stable/
内容已经更新。
非常非常感谢!!!
你好,在Compile Jicofo and Videobridge (git clone to root for example)这部分,执行/tmp/apache-ant-1.10.7/bin/ant -lib ~/.m2/repository/org/apache/maven/maven-ant-tasks/2.1.3/maven-ant-tasks-2.1.3.jar dist.lin64, 报错
Buildfile: build.xml does not exist!
Build failed
请问你有遇到这个问题吗?
maven的构建文件找不到或不存在,尝试安装检查apache的maven环境