Difference between revisions of "Streaming Service with Icecast"
(→Basic Configuration) |
(→Basic Configuration) |
||
Line 25: | Line 25: | ||
Simple setup with <code>icecast</code> changing process ownership to <code>nobody:nogroup</code> and running in a <code>chroot</code>. | Simple setup with <code>icecast</code> changing process ownership to <code>nobody:nogroup</code> and running in a <code>chroot</code>. | ||
− | <code>/usr/local/etc/icecast.xml</code>: | + | * log files in chroot: |
+ | mkdir /usr/local/share/icecast/log | ||
+ | chown nobody:nogroup /usr/local/share/icecast/log | ||
+ | * <code>/usr/local/etc/icecast.xml</code>: | ||
+ | |||
+ | <icecast> | ||
+ | <location>𓅣</location> | ||
+ | <admin>top.cool@c_est.super.deluxe</admin> | ||
+ | |||
+ | <limits> | ||
+ | <clients>64</clients> | ||
+ | <sources>2</sources> | ||
+ | <queue-size>524288</queue-size> | ||
+ | <client-timeout>30</client-timeout> | ||
+ | <header-timeout>15</header-timeout> | ||
+ | <source-timeout>10</source-timeout> | ||
+ | <burst-size>65535</burst-size> | ||
+ | </limits> | ||
+ | |||
+ | <authentication> | ||
+ | <source-password>hackme2</source-password> | ||
+ | <relay-password>hackme2</relay-password> | ||
+ | <admin-user>admin</admin-user> | ||
+ | <admin-password>hackme3</admin-password> | ||
+ | </authentication> | ||
+ | |||
+ | <hostname>echo.lurk.org</hostname> | ||
+ | |||
+ | <listen-socket> | ||
+ | <port>8000</port> | ||
+ | </listen-socket> | ||
+ | |||
+ | <fileserve>1</fileserve> | ||
+ | |||
+ | <paths> | ||
+ | <basedir>/usr/local/share/icecast</basedir> | ||
+ | <logdir>/log</logdir> | ||
+ | <webroot>/web</webroot> | ||
+ | <adminroot>/admin</adminroot> | ||
+ | <!-- <ssl-certificate>/usr/local/share/icecast/icecast.pem</ssl-certificate> --> | ||
+ | <alias source="/" dest="/index.html"/> | ||
+ | </paths> | ||
+ | |||
+ | <logging> | ||
+ | <accesslog>access.log</accesslog> | ||
+ | <errorlog>error.log</errorlog> | ||
+ | <!-- <accesslog_ip>0<accesslog_ip> --> | ||
+ | <!-- <playlistlog>playlist.log</playlistlog> --> | ||
+ | <loglevel>3</loglevel> <!-- 4 Debug, 3 Info, 2 Warn, 1 Error --> | ||
+ | <logsize>10000</logsize> <!-- Max size of a logfile --> | ||
+ | </logging> | ||
+ | |||
+ | <security> | ||
+ | <chroot>1</chroot> | ||
+ | <changeowner> | ||
+ | <user>nobody</user> | ||
+ | <group>nogroup</group> | ||
+ | </changeowner> | ||
+ | </security> | ||
+ | </icecast> | ||
=== Service file and autostart (systemd) === | === Service file and autostart (systemd) === |
Revision as of 00:10, 17 December 2019
Note: we will be using the icecast-kh
fork that contains some extra stuff (FIXME: unpack stuff).
Contents
Installation
Software
Note: At time of writing, icecast-kh
suffers from a small compilation problem with OpenSSL.
- Install dependencies (Debian)
apt install libxslt1-dev libogg-dev libvorbis-dev libtheora-dev libcurl4-openssl-dev
- Get the sources
cd /usr/src git clone https://github.com/karlheyes/icecast-kh
- Compile and install
cd icecast-kh ./configure --with-openssl make make install
Firewall
- Make sure you listen on 8000, adjust your
iptables
:
-A INPUT -p tcp -m tcp --dport 8000 -j ACCEPT
You can adjust to your liking, 8000 is the default for Icecast.
Basic Configuration
Simple setup with icecast
changing process ownership to nobody:nogroup
and running in a chroot
.
- log files in chroot:
mkdir /usr/local/share/icecast/log chown nobody:nogroup /usr/local/share/icecast/log
/usr/local/etc/icecast.xml
:
<icecast> <location>𓅣</location> <admin>top.cool@c_est.super.deluxe</admin> <limits> <clients>64</clients> <sources>2</sources> <queue-size>524288</queue-size> <client-timeout>30</client-timeout> <header-timeout>15</header-timeout> <source-timeout>10</source-timeout> <burst-size>65535</burst-size> </limits> <authentication> <source-password>hackme2</source-password> <relay-password>hackme2</relay-password> <admin-user>admin</admin-user> <admin-password>hackme3</admin-password> </authentication> <hostname>echo.lurk.org</hostname> <listen-socket> <port>8000</port> </listen-socket> <fileserve>1</fileserve> <paths> <basedir>/usr/local/share/icecast</basedir> <logdir>/log</logdir> <webroot>/web</webroot> <adminroot>/admin</adminroot> <alias source="/" dest="/index.html"/> </paths> <logging> <accesslog>access.log</accesslog> <errorlog>error.log</errorlog> <loglevel>3</loglevel> <logsize>10000</logsize> </logging> <security> <chroot>1</chroot> <changeowner> <user>nobody</user> <group>nogroup</group> </changeowner> </security> </icecast>
Service file and autostart (systemd)
- Create a
systemd
service file:
[Unit] Description=Icecast After=network.target [Service] Type=simple ExecStart=/usr/local/bin/icecast -c /usr/local/etc/icecast.xml ExecReload=/usr/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target
- Enable the service on boot:
systemctl enable icecast
- Manage the service with
service icecast start service icecast status service icecast stop