WebRTC with Asterisk and Amazon AWS
TweetIf WebRTC2SIP is not working for you, use embedded WebRTC support in the Asterisk PBX
In a "Compiling and Installing WebRTC2SIP" I described how to install Webrtc2sip to include SIP signalling in your webrtc applications. Unluckily there were some issues with webrtc2sip reported by Rosario Santoro (@RosSantoro1) and further discussed in the Doubango Google Group. Without having a solution yet, I decided to give Asterisk another shot. So in this article I'll describe how to use Asterisk only (without webrtc2sip) to setup a webrtc scenario without any other third party applications. This article is loosely based on this one.
Creating the EC2 instance and installing the Asterisk PBX for WebRTC
I selected Amazon Linux for this, but the instructions should work on any CentOS like operating system, and should be easily adaptable to other linux distros like Ubuntu.
Security Group to allow WebRTC traffic into the Asterisk PBX
The security group should allow:
- Inbound connections to the TCP port 22 (to login via SSH, of course)
- Inbound and Outbound traffic to the UDP port 5060 (if you're going to use any peers with standard SIP over UDP).
- Inbound connections to the TCP port 8089 (we're going to use this one to serve a TLS-enabled websocket with asterisk)
- Inbound and outbound to the UDP port range setup in your rtp.conf file
- Inbound connections to the TCP port 443 (if you're going to serve your webrtc application from this instance, we're going to do this by using the SIPML5 example)
- Check "Disable Video"
- Check "Enable RTCWeb Breaker"
- Set the "Websocket Server URL": wss://your-web-domain.net:8089/ws
- Set the "ICE servers": [{ url: 'stun:stun.l.google.com:19302'}]
- Check "Cache the media stream"
- Set "Display Name": 100
- Set "Private Identity": 100
- Set "Public Identity": sip:100@your-web-domain.net
- Set "Password": 100
- Set "Realm": your-web-domain.net
Installing Base Packages needed in Amazon Linux or CentOS to install Asterisk PBX
We first need to install some basic packages, to compile everything:
Nginx is installed so we can serve our own HTML5 application in the same server, but you can skip it if that will not be your case.
NOTE: In CentOS you will need to install epel-release to install nginx.
In a similar way, GNU Screen is installed becase I still like to use it, so feel free to also skip it or replace it with another thing.
Install DaemonTools to start the Asterisk PBX as a service
It is highly recommended that you manage your asterisk installations with daemontools. You can find out how to install them in this article titled: Installing DaemonTools in Amazon Linux (or CentOS like OS).
Install libgsm 1.0.13
You have to download and apply the following patch so you can build libgsm as a shared library:
Then you can proceed to build and install:
Install OpenSSL 1.0.2d
Install libsrtp 1.5.2 as a shared library
libsrtp is used to provide audio by using SRTP and its mandatory for webrtc communications. We need to install libsrtp as a shared library:
Install libjansson 2.7
Install PjProject 2.4
PJSip is a new full SIP stack, used to replace chan_sip. And although we're still going to use chan_sip here, pjsip is needed to correctly handle ICE and STUN.
Install Asterisk 13.6.0
Configure Asterisk. Make sure that all the pj* resources are enabled, as well as the res_srtp and res_http_websocket ones.
Add library paths to /etc/profile
You might want to add this to your /etc/profile so the correct libraries will be used in your shell:
Setup /usr/asterisk/etc/asterisk/sip.conf
In the general section of your sip.conf file set:
Sample SIP Peer for WebRTC in Asterisk
Setup the HTTP webserver in Asterisk PBX to support the WebRTC websocket in /usr/asterisk/etc/asterisk/http.conf
In your http.conf file:
Setup the RTP ports in Asterisk in /usr/asterisk/etc/asterisk/rtp.conf
In your rtp.conf file:
Create a user for Asterisk
NOTE: You can skip this step if you're not using daemontools.
Setup daemontools to start asterisk
NOTE: You can skip this step if you're not using daemontools.
Create the ./log/run file with the following contents:
Create the ./run file with the following contents:
Make daemontools start Asterisk automatically:
Install SIPML5
NOTE: You can skip this step if you already have your own webrtc application or other means to test the installation.
Setup the nginx host to serve your WebRTC VoIP Application
NOTE: You can skip this step if you already have your own webrtc application or other means to test the installation.
Generate a stronger DHE for SSL key exchange
Setup the nginx host:
After starting nginx, you should be able to point your browser to: https://your-web-domain.net/call.htm?svn=230# and see the SIPML5 demo.
SIPML5 configuration for the Asterisk PBX
In the Expert section:
In the Login section:
Using self signed certificates
If you're using self signed certificates and notice an error in your javascript console like this one
...failed: WebSocket opening handshake was canceled
You have to manually add the certificate to the browser's trusted vault. To do this manually point your browser to https://your-web-domain.net:8089/ws and confirm the security exception. That should solve the issue and you should be able to connect to the websocket port from SIPML5.
Conclusion: Use WebRTC without the hassle of WebRTC2SIP in Asterisk
This will hopefully save you some hours of despair and debugging :) And also get rid of a "moving part" in your webrtc ecosystem, so you can connect directly all your softphones, voip providers, and webrtc applications to your asterisk installation.
Thanks To
Rosario Santoro for his helpful tips and comments for the article.
