WebRTC Server Deployment Guide
π Quick Deployment Commands
Prerequisites
- Ubuntu 20.04+ or Debian 11+ VM
- At least 2 CPU cores, 4GB RAM
- Python 3.10+
- Open ports: 80, 443, 8080, 3478 (UDP/TCP), 49152-65535 (UDP)
Step-by-Step Deployment
1. Initial VM Setup (Run as regular user, not root)
# Update system
sudo apt-get update && sudo apt-get upgrade -y
# Install essential packages
sudo apt-get install -y python3.10 python3.10-venv python3-pip git curl wget
2. Quick Install (One-liner)
# Download and run setup script
wget https://raw.githubusercontent.com/your-repo/scripts/setup_webrtc.sh && \
chmod +x setup_webrtc.sh && \
./setup_webrtc.sh
3. Manual Installation
# Create application directory
sudo mkdir -p /opt/goodspace-voice-webrtc
sudo chown $USER:$USER /opt/goodspace-voice-webrtc
cd /opt/goodspace-voice-webrtc
# Clone repository (replace with your actual repo)
git clone https://github.com/your-repo/goodspace-voice.git .
# OR copy files manually
# scp -r local/webrtc/* user@vm-ip:/opt/goodspace-voice-webrtc/webrtc/
# Create Python virtual environment
python3.10 -m venv venv
source venv/bin/activate
# Install dependencies
pip install --upgrade pip
pip install -r requirements_webrtc.txt
4. Configure Environment
# Create environment file
cat > /opt/goodspace-voice-webrtc/.env << EOF
JWT_SECRET=$(openssl rand -hex 32)
REDIS_URL=redis://localhost:6379
LOG_LEVEL=INFO
EOF
# Set permissions
chmod 600 /opt/goodspace-voice-webrtc/.env
5. Install and Start Redis
# Install Redis
sudo apt-get install -y redis-server
# Start Redis
sudo systemctl enable redis-server
sudo systemctl start redis-server
# Verify Redis is running
redis-cli ping # Should return PONG
6. Start WebRTC Server
Option A: Direct Python Execution (Development)
cd /opt/goodspace-voice-webrtc
source venv/bin/activate
# Start signaling server (basic)
python webrtc/run_server.py --host 0.0.0.0 --port 8080
# Start with custom configuration
python webrtc/run_server.py \
--host 0.0.0.0 \
--port 8080 \
--pool-min 20 \
--pool-max 500 \
--debug
# Run in background with nohup
nohup python webrtc/run_server.py > logs/server.log 2>&1 &
Option B: Using Screen/Tmux (Development)
# Using screen
screen -S webrtc
cd /opt/goodspace-voice-webrtc
source venv/bin/activate
python webrtc/run_server.py --host 0.0.0.0 --port 8080
# Detach: Ctrl+A, then D
# Reattach: screen -r webrtc
# Using tmux
tmux new -s webrtc
cd /opt/goodspace-voice-webrtc
source venv/bin/activate
python webrtc/run_server.py --host 0.0.0.0 --port 8080
# Detach: Ctrl+B, then D
# Reattach: tmux attach -t webrtc
Option C: Systemd Service (Production)
# Create service file
sudo tee /etc/systemd/system/webrtc-signaling.service > /dev/null << 'EOF'
[Unit]
Description=WebRTC Signaling Server
After=network.target redis-server.service
[Service]
Type=simple
User=$USER
WorkingDirectory=/opt/goodspace-voice-webrtc
Environment="PATH=/opt/goodspace-voice-webrtc/venv/bin"
EnvironmentFile=/opt/goodspace-voice-webrtc/.env
ExecStart=/opt/goodspace-voice-webrtc/venv/bin/python webrtc/run_server.py --host 0.0.0.0 --port 8080
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
EOF
# Reload systemd and start service
sudo systemctl daemon-reload
sudo systemctl enable webrtc-signaling
sudo systemctl start webrtc-signaling
# Check status
sudo systemctl status webrtc-signaling
# View logs
sudo journalctl -u webrtc-signaling -f
7. Setup Nginx Reverse Proxy (Optional but Recommended)
# Install Nginx
sudo apt-get install -y nginx
# Create Nginx configuration
sudo tee /etc/nginx/sites-available/webrtc > /dev/null << 'EOF'
server {
listen 80;
server_name your-domain.com; # Replace with your domain or IP
location /ws {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 86400;
}
location /health {
proxy_pass http://localhost:8080;
}
}
EOF
# Enable site
sudo ln -sf /etc/nginx/sites-available/webrtc /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl restart nginx
8. Configure Firewall
# Configure UFW firewall
sudo ufw allow 22/tcp # SSH
sudo ufw allow 80/tcp # HTTP
sudo ufw allow 443/tcp # HTTPS
sudo ufw allow 8080/tcp # WebSocket
sudo ufw allow 3478/udp # STUN
sudo ufw allow 49152:65535/udp # RTP/RTCP media
# Enable firewall
sudo ufw --force enable
# Check status
sudo ufw status numbered
π Verification Commands
# Check if services are running
sudo systemctl status webrtc-signaling redis-server nginx
# Check if ports are listening
sudo netstat -tlnp | grep -E ":(8080|6379|80)"
# Test WebSocket endpoint
curl http://localhost:8080/health
# Check server logs
tail -f /opt/goodspace-voice-webrtc/logs/signaling.log
# Monitor resources
htop # or top
# Test WebSocket connection from command line
python3 -c "
import asyncio
import websockets
async def test():
uri = 'ws://localhost:8080/ws'
async with websockets.connect(uri) as ws:
print('Connected!')
await ws.send('{\"type\":\"ping\"}')
response = await ws.recv()
print(f'Response: {response}')
asyncio.run(test())
"
π οΈ Troubleshooting
# If service won't start
sudo journalctl -xe | grep webrtc
# Check Python errors
cd /opt/goodspace-voice-webrtc
source venv/bin/activate
python -c "from webrtc.signaling import SignalingServer; print('Import OK')"
# Check Redis connection
redis-cli ping
# Check disk space
df -h
# Check memory
free -h
# Kill stuck processes
ps aux | grep python
kill -9 <PID>
# Restart everything
sudo systemctl restart webrtc-signaling redis-server nginx
π¨ Production Deployment
# 1. Setup SSL/TLS with Let's Encrypt
sudo apt-get install -y certbot python3-certbot-nginx
sudo certbot --nginx -d your-domain.com
# 2. Configure production environment
cat > /opt/goodspace-voice-webrtc/.env.production << EOF
JWT_SECRET=$(openssl rand -hex 32)
REDIS_URL=redis://localhost:6379
LOG_LEVEL=WARNING
TURN_SERVER_URL=turn:turnserver.com:3478
TURN_USERNAME=username
TURN_PASSWORD=password
EOF
# 3. Setup monitoring with Prometheus
# Add to run_server.py startup:
# prometheus_client.start_http_server(9090)
# 4. Setup log rotation
sudo tee /etc/logrotate.d/webrtc > /dev/null << EOF
/opt/goodspace-voice-webrtc/logs/*.log {
daily
rotate 7
compress
delaycompress
notifempty
create 0644 $USER $USER
sharedscripts
postrotate
systemctl reload webrtc-signaling
endscript
}
EOF
# 5. Setup automatic backups
crontab -e
# Add: 0 2 * * * tar -czf /backup/webrtc-$(date +\%Y\%m\%d).tar.gz /opt/goodspace-voice-webrtc
π Monitoring Commands
# Real-time monitoring
watch -n 1 'echo "=== Connections ===" && \
netstat -an | grep :8080 | grep ESTABLISHED | wc -l && \
echo "=== CPU ===" && \
top -bn1 | head -5 && \
echo "=== Memory ===" && \
free -h'
# Check WebRTC statistics
curl http://localhost:8080/stats | python -m json.tool
# Monitor WebSocket connections
sudo tcpdump -i any -A 'port 8080'
π³ Docker Deployment (Alternative)
# Create Dockerfile
cat > Dockerfile << 'EOF'
FROM python:3.10-slim
WORKDIR /app
COPY requirements_webrtc.txt .
RUN pip install --no-cache-dir -r requirements_webrtc.txt
COPY webrtc/ ./webrtc/
EXPOSE 8080
CMD ["python", "webrtc/run_server.py", "--host", "0.0.0.0", "--port", "8080"]
EOF
# Build and run
docker build -t webrtc-server .
docker run -d -p 8080:8080 --name webrtc webrtc-server
# Using docker-compose
cat > docker-compose.yml << 'EOF'
version: '3.8'
services:
redis:
image: redis:alpine
ports:
- "6379:6379"
webrtc:
build: .
ports:
- "8080:8080"
environment:
- REDIS_URL=redis://redis:6379
depends_on:
- redis
EOF
docker-compose up -d
π Summary
The simplest way to start the WebRTC server on a VM:
# Quick start (after setup)
cd /opt/goodspace-voice-webrtc
source venv/bin/activate
python webrtc/run_server.py --host 0.0.0.0 --port 8080
# Production start
sudo systemctl start webrtc-signaling
# Check it's working
curl http://localhost:8080/health
The server will be accessible at:
- WebSocket:
ws://your-vm-ip:8080/ws - Health check:
http://your-vm-ip:8080/health - Statistics:
http://your-vm-ip:8080/stats