Streaming Service with Icecast: Difference between revisions

From Run Your Own
Jump to navigation Jump to search
Line 29: Line 29:
  chown nobody:nogroup /usr/local/share/icecast/log
  chown nobody:nogroup /usr/local/share/icecast/log
* <code>/usr/local/etc/icecast.xml</code>:
* <code>/usr/local/etc/icecast.xml</code>:
 
<pre>
   <icecast>
   <icecast>
       <location>𓅣</location>
       <location>𓅣</location>
Line 85: Line 85:
       </security>
       </security>
   </icecast>
   </icecast>
</pre>


=== Service file and autostart (systemd) ===
=== Service file and autostart (systemd) ===

Revision as of 23:10, 16 December 2019

Note: we will be using the icecast-kh fork that contains some extra stuff (FIXME: unpack stuff).

Installation

Software

Note: At time of writing, icecast-kh suffers from a small compilation problem with OpenSSL.

  • Install dependencies (Debian)
apt install libxslt1-dev libogg-dev libvorbis-dev libtheora-dev libcurl4-openssl-dev
  • Get the sources
cd /usr/src
git clone https://github.com/karlheyes/icecast-kh
  • Compile and install
cd icecast-kh
./configure --with-openssl
make
make install

Firewall

  • Make sure you listen on 8000, adjust your iptables:
-A INPUT -p tcp -m tcp --dport 8000 -j ACCEPT

You can adjust to your liking, 8000 is the default for Icecast.

Basic Configuration

Simple setup with icecast changing process ownership to nobody:nogroup and running in a chroot.

  • log files in chroot:
mkdir /usr/local/share/icecast/log
chown nobody:nogroup /usr/local/share/icecast/log
  • /usr/local/etc/icecast.xml:
  <icecast>
      <location>𓅣</location>
      <admin>top.cool@c_est.super.deluxe</admin>
  
      <limits>
          <clients>64</clients>
          <sources>2</sources>
          <queue-size>524288</queue-size>
          <client-timeout>30</client-timeout>
          <header-timeout>15</header-timeout>
          <source-timeout>10</source-timeout>
          <burst-size>65535</burst-size>
      </limits>
  
      <authentication>
          <source-password>hackme2</source-password>
          <relay-password>hackme2</relay-password>
          <admin-user>admin</admin-user>
          <admin-password>hackme3</admin-password>
      </authentication>
  
      <hostname>echo.lurk.org</hostname>
  
      <listen-socket>
          <port>8000</port>
      </listen-socket>
  
      <fileserve>1</fileserve>
  
      <paths>
          <basedir>/usr/local/share/icecast</basedir>
          <logdir>/log</logdir>
          <webroot>/web</webroot>
          <adminroot>/admin</adminroot>
          <!-- <ssl-certificate>/usr/local/share/icecast/icecast.pem</ssl-certificate> -->
          <alias source="/" dest="/index.html"/>
      </paths>
  
      <logging>
          <accesslog>access.log</accesslog>
          <errorlog>error.log</errorlog>
          <!-- <accesslog_ip>0<accesslog_ip> -->
          <!-- <playlistlog>playlist.log</playlistlog> -->
          <loglevel>3</loglevel> <!-- 4 Debug, 3 Info, 2 Warn, 1 Error -->
          <logsize>10000</logsize> <!-- Max size of a logfile -->
       </logging>
  
      <security>
          <chroot>1</chroot>
          <changeowner>
              <user>nobody</user>
              <group>nogroup</group>
          </changeowner>
      </security>
  </icecast>

Service file and autostart (systemd)

  • Create a systemd service file:
[Unit]
Description=Icecast
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/icecast -c /usr/local/etc/icecast.xml
ExecReload=/usr/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
  • Enable the service on boot:
systemctl enable icecast
  • Manage the service with
service icecast start
service icecast status
service icecast stop

Configuration