srs icon indicating copy to clipboard operation
srs copied to clipboard

Published 20 hours ago verified publisher icon ossrs

HTTP/HTTPS: Reuse or merge port for API and Stream to avoid HTTP Proxy,复用端口避免代理

Open winlinvip opened this issue 3 years ago • 4 comments

The SRS HTTP API and Stream listen at different ports, so we must use a HTTP proxy if listen at a single HTTP or HTTPS port.

Translation: 目前SRS的HTTP API和Stream设计是分离的,为了支持API侦听在单独的端口,但是在简单的场景下使用比较麻烦,必须依赖外部的HTTP代理才能吧API和Stream在一个端口上使用。

You could also use the default self-signed SSL certs, please search thisisunsafe from Wiki.

Ports

SRS HTTP API ports:

  • 1985 HTTP API
  • 1990 HTTPS API

SRS HTTP Stream prots:

  • 8080 HTTP Stream
  • 8088 HTTPS Stream

Paths

HTTP/HTTPS API:

  • /api/ SRS HTTP API
  • /rtc/ SRS WebRTC API

HTTP/HTTPS Stream:

  • /{app}/{stream} HTTP Stream mounted by publisher.

The bellow is some reverse proxy to work with SRS.

Translation: 一般可以使用代理,把API和Stream根据路径代理到一起。

Wiki about Proxy

  • HTTP API Proxy: CN or EN
  • HTTP Stream Proxy: CN or EN

Nginx Proxy

The config for NGINX as file nginx.conf:

worker_processes  1;
events {
    worker_connections  1024;
}

http {
    include             /etc/nginx/mime.types;

    server {
        listen       80;
        listen       443 ssl http2;
        server_name  _;
        ssl_certificate      /usr/local/srs/conf/server.crt;
        ssl_certificate_key  /usr/local/srs/conf/server.key;

        # For SRS homepage, console and players
        #   http://r.ossrs.net/console/
        #   http://r.ossrs.net/players/
        location ~ ^/(console|players)/ {
           proxy_pass http://127.0.0.1:8080/$request_uri;
        }
        # For SRS streaming, for example:
        #   http://r.ossrs.net/live/livestream.flv
        #   http://r.ossrs.net/live/livestream.m3u8
        location ~ ^/.+/.*\.(flv|m3u8|ts|aac|mp3)$ {
           proxy_pass http://127.0.0.1:8080$request_uri;
        }
        # For SRS backend API for console.
        # For SRS WebRTC publish/play API.
        location ~ ^/(api|rtc)/ {
           proxy_pass http://127.0.0.1:1985$request_uri;
        }
    }
}

Caddy Proxy

The config for CaddyServer with automatic HTTPS, use the config file Caddyfile.

For HTTP server, note that to set the default port:

:80
reverse_proxy /* 127.0.0.1:8080
reverse_proxy /api/* 127.0.0.1:1985
reverse_proxy /rtc/* 127.0.0.1:1985

For HTTPS server, please enable a domain name:

example.com {
  reverse_proxy /* 127.0.0.1:8080
  reverse_proxy /api/* 127.0.0.1:1985
  reverse_proxy /rtc/* 127.0.0.1:1985
}

Start the CaddyServer:

caddy start -config Caddyfile

Nodejs KOA Proxy

The nodejs koa proxy also works well for SRS, please use koa-proxies based by node-http-proxy, here is an example:

const Koa = require('koa');
const proxy = require('koa-proxies');
const BodyParser = require('koa-bodyparser');
const Router = require('koa-router');

const app = new Koa();
app.use(proxy('/api/', {target: 'http://127.0.0.1:1985/'}));
app.use(proxy('/rtc/', {target: 'http://127.0.0.1:1985/'}));
app.use(proxy('/*/*.(flv|m3u8|ts|aac|mp3)', {target: 'http://127.0.0.1:8080/'}));
app.use(proxy('/console/', {target: 'http://127.0.0.1:8080/'}));
app.use(proxy('/players/', {target: 'http://127.0.0.1:8080/'}));

// Start body-parser after proxies, see https://github.com/vagusX/koa-proxies/issues/55
app.use(BodyParser());

// APIs that depends on body-parser
const router = new Router();
router.all('/', async (ctx) => {
  ctx.body = 'Hello World';
});
app.use(router.routes());

app.listen(3000, () => {
  console.log(`Server start on http://localhost:3000`);
});

Save it as index.js, then run:

npm init -y 
npm install koa koa-proxies koa-proxies koa-bodyparser koa-router
node .

HTTPX Proxy

Well httpx-static is a simple HTTP/HTTPS proxy written by Go:

go get github.com/ossrs/go-oryx/httpx-static
cd $GOPATH/bin
./httpx-static -http=80 -https=443 \
  -skey /usr/local/srs/etc/server.key -scert /usr/local/srs/etc/server.crt \
  -proxy=http://127.0.0.1:1985/api/v1/ \
  -proxy=http://127.0.0.1:1985/rtc/v1/ \
  -proxy=http://127.0.0.1:8080/

Please make sure the path / is the last one.

winlinvip avatar Jan 14 '22 04:01 winlinvip

Caddy config

:80 {
  gzip
  reverse_proxy / localhost:8080 {
    header_up -Origin
  }
  reverse_proxy /api 127.0.0.1:1985/api/ {
    header_up -Origin
  }
  reverse_proxy /rtc 127.0.0.1:1985/rtc/ {
    header_up -Origin
  }
}

jonahzheng avatar Jan 15 '22 13:01 jonahzheng

@jonahzheng What about HTTPS config like Nginx? Apart from HTTP proxy, I want to config the HTTPS with SSL key and cert file.

winlinvip avatar Jan 16 '22 01:01 winlinvip

So i guess this config works if with an ingress and the https being done by the ingress router ?

finaldzn avatar Apr 13 '22 16:04 finaldzn

On the console page, there is a connection that directly accesses port 1985, but the above nginx configuration file does not have a proxy listening on port 1985.

TRANS_BY_GPT3

dwj1979 avatar Jun 15 '22 13:06 dwj1979