Commit e2e15cf6 authored by root's avatar root

subdirs

parent 949c1fbd
version: '3'
services:
nginx-rtmp:
image: alfg/nginx-rtmp:latest
restart: unless-stopped
ports:
- 1935:1935
- 8080:80
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- /mnt/radio:/mnt/radio
liquidsoap:
build:
context: .
dockerfile: liquidsoap.dockerfile
restart: unless-stopped
ports:
- 8051:8051
- 9051:9051
volumes:
- /mnt/radio:/mnt/radio
[Unit]
Description=leftover service with docker
Requires=docker.service
After=docker.service
[Service]
Restart=always
## Modify these lines ##
WorkingDirectory=<fill-in-the-path-to-the-repo-here>
Environment=LEFTOVER_STREAMER='<fill-in-the-path-to-the-repo-here>'
Environment=IFM_SERVER='<fill-in-the-ifm-streaming-key-and-server-here>'
## Modify these lines ##
ExecStartPre=/bin/bash -c "sed 's/IFM_SERVER/${IFM_SERVER}/g' ${LEFTOVER_STREAMER}/nginx.conf.template > ${LEFTOVER_STREAMER}/nginx.conf"
# Compose up
ExecStart=/usr/bin/docker-compose up --build
# Compose down, remove containers
ExecStop=/usr/bin/docker-compose down
[Install]
WantedBy=multi-user.target
# LS build container
FROM alpine:3.11 as ls-build
RUN apk --no-cache add \
opam \
make \
m4 \
ocaml-compiler-libs \
musl-dev \
automake \
autoconf \
pkgconf \
pcre-dev \
libvorbis-dev \
lame-dev \
opus-dev
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
USER appuser
RUN opam init --disable-sandboxing
RUN test -r /appuser/.opam/opam-init/init.sh && . /appuser/.opam/opam-init/init.sh > /dev/null 2> /dev/null || true
RUN opam update && \
opam install -y \
liquidsoap \
vorbis \
lame \
opus \
cry
# LS container
FROM alpine:3.11 as liquidsoap
RUN apk --no-cache add \
pcre \
lame \
opus \
libvorbis
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
USER appuser
COPY --from=ls-build /home/appuser/.opam /home/appuser/.opam
WORKDIR /app
COPY notlive.ogg /app/notlive.ogg
COPY playlist.liq .
CMD ["/home/appuser/.opam/default/bin/liquidsoap", "playlist.liq"]
daemon off;
error_log /dev/stdout info;
events {
worker_connections 1024;
}
rtmp {
server {
listen 1935;
chunk_size 4000;
application stream {
live on;
#relays the incoming video to low quality streams on this server, audio-only version and to a different server
exec ffmpeg -i rtmp://localhost:1935/stream/$name
-c:a copy -c:v copy -f flv rtmp://localhost/hls/$name_hi
-c:a copy -c:v libx264 -b:v 128K -tune zerolatency -preset ultrafast -f flv rtmp://localhost/hls/$name_low;
#-c:a copy -vn -f flv rtmp://localhost/hls/$name_audio
#-c:v copy -c:a copy -f flv "rtmp://Zombie:Apocalyps3N0w.@intergalactic.tv/show/$name";
recorder video {
record all;
record_path /mnt/radio/recordings/rtmprec/streams;
record_suffix _video.flv;
record_unique on;
}
recorder audio {
record audio;
record_path /mnt/radio/recordings/rtmprec/streams;
record_suffix _audio.flv;
record_unique on;
exec_record_done ffmpeg -i $path -metadata title="$basename" year="2020" -c:a libmp3lame /mnt/radio/recordings/rtmprec/streams/$basename.mp3;
}
}
# to send video to be recorded on server (not played live)
application input {
live on;
#records audio + video
recorder video {
record all;
record_path /mnt/radio/recordings/rtmprec/inputrec;
record_suffix _video.flv;
record_unique on;
}
#records audio
recorder audio {
record audio;
record_path /mnt/radio/recordings/rtmprec/inputrec;
record_suffix _audio.flv;
record_unique on;
# convert to mp3
exec_record_done ffmpeg -i $path -metadata title="$basename" year="2020" -c:a libmp3lame /mnt/radio/recordings/rtmprec/inputrec/$basename.mp3;
}
}
application hls {
live on;
hls on;
hls_fragment_naming system;
hls_fragment 5;
hls_playlist_length 10;
hls_path /opt/data/hls;
hls_nested on;
hls_variant _hi BANDWIDTH=640000;
hls_variant _low BANDWIDTH=160000;
hls_variant _audio BANDWIDTH=500;
}
}
}
http {
access_log /dev/stdout combined;
server {
listen 80;
location /live {
alias /opt/data/hls;
types {
application/vnd.apple.mpegurl m3u8;
video/mp2t ts;
}
add_header Cache-Control no-cache;
add_header Access-Control-Allow-Origin *;
}
location /stat {
rtmp_stat all;
rtmp_stat_stylesheet static/stat.xsl;
}
location /static {
alias /www/static;
}
location = /crossdomain.xml {
root /www/static;
default_type text/xml;
expires 24h;
}
}
}
daemon off;
error_log /dev/stdout info;
events {
worker_connections 1024;
}
rtmp {
server {
listen 1935;
chunk_size 4000;
application stream {
live on;
#relays the incoming video to low quality streams on this server, audio-only version and to a different server
exec ffmpeg -i rtmp://localhost:1935/stream/$name
-c:a copy -c:v copy -f flv rtmp://localhost/hls/$name_hi
-c:a copy -c:v libx264 -b:v 128K -tune zerolatency -preset ultrafast -f flv rtmp://localhost/hls/$name_low;
#-c:a copy -vn -f flv rtmp://localhost/hls/$name_audio
#-c:v copy -c:a copy -f flv "rtmp://IFM_SERVER/show/$name";
recorder video {
record all;
record_path /mnt/radio/recordings/rtmprec/streams;
record_suffix _video.flv;
record_unique on;
}
recorder audio {
record audio;
record_path /mnt/radio/recordings/rtmprec/streams;
record_suffix _audio.flv;
record_unique on;
exec_record_done ffmpeg -i $path -metadata title="$basename" year="2020" -c:a libmp3lame /mnt/radio/recordings/rtmprec/streams/$basename.mp3;
}
}
# to send video to be recorded on server (not played live)
application input {
live on;
#records audio + video
recorder video {
record all;
record_path /mnt/radio/recordings/rtmprec/inputrec;
record_suffix _video.flv;
record_unique on;
}
#records audio
recorder audio {
record audio;
record_path /mnt/radio/recordings/rtmprec/inputrec;
record_suffix _audio.flv;
record_unique on;
# convert to mp3
exec_record_done ffmpeg -i $path -metadata title="$basename" year="2020" -c:a libmp3lame /mnt/radio/recordings/rtmprec/inputrec/$basename.mp3;
}
}
application hls {
live on;
hls on;
hls_fragment_naming system;
hls_fragment 5;
hls_playlist_length 10;
hls_path /opt/data/hls;
hls_nested on;
hls_variant _hi BANDWIDTH=640000;
hls_variant _low BANDWIDTH=160000;
hls_variant _audio BANDWIDTH=500;
}
}
}
http {
access_log /dev/stdout combined;
server {
listen 80;
location /live {
alias /opt/data/hls;
types {
application/vnd.apple.mpegurl m3u8;
video/mp2t ts;
}
add_header Cache-Control no-cache;
add_header Access-Control-Allow-Origin *;
}
location /stat {
rtmp_stat all;
rtmp_stat_stylesheet static/stat.xsl;
}
location /static {
alias /www/static;
}
location = /crossdomain.xml {
root /www/static;
default_type text/xml;
expires 24h;
}
}
}
#!/usr/bin/liquidsoap
set("init.allow_root",true)
# We're 48k!
set("frame.audio.samplerate",48000)
set("harbor.bind","0.0.0.0")
set("harbor.password","source")
set("harbor.password","hackme")
# Put the log file in some directory where
# you have permission to write.
# set("log.file.path","/mnt/radio/logs/playlist.log")
# Print log messages to the console,
# can also be done by passing the -v option to liquidsoap.
set("log.stdout", true)
# Use the telnet server for requests
set("server.telnet.port", 9051)
set("server.telnet", true)
# Add a skip function to a source
# when it does not have one
# by default
def add_skip_command(s) =
# A command to skip
def skip(_) =
source.skip(s)
"Done!"
end
# Register the command:
server.register(namespace="#{source.id(s)}",
usage="skip",
description="Skip the current song.",
"skip",skip)
end
# Lines starting with # are comments, they are ignored.
# local sources
default = noise()
notlive = single("/app/notlive.ogg")
jingles = playlist(timeout=20.0,mode="random",reload=300,reload_mode="seconds","/mnt/radio/jingles")
papillon_archive = playlist(reload=600, "/mnt/radio/papillon_archive/")
admfest = playlist(reload=600, "/mnt/radio/Live Recordings/")
archive_mix = random(weights=[1,1,2,2],[ jingles, notlive, papillon_archive, admfest ])
# Attach a skip command to the source s:
add_skip_command(archive_mix)
# bunch of inputs
papa = strip_blank(max_blank=10.,audio_to_stereo(buffer.adaptative(mksafe(input.harbor(id="pap-a", buffer=6.0, max=60.0, port=8051, "pap-a")))))
output.dummy(fallible=true, papa)
papb = strip_blank(max_blank=60.,audio_to_stereo(buffer.adaptative(mksafe(input.harbor(id="pap-b", buffer=30.0, max=60.0, port=8051, "pap-b")))))
output.dummy(fallible=true, papb)
papc = audio_to_stereo(input.harbor(id="pap-c", port=8051, "pap-c"))
output.dummy(fallible=true, papc)
papd = audio_to_stereo(strip_blank(max_blank=115.,input.harbor(id="pap-d", port=8051, "pap-d")))
output.dummy(fallible=true, papd)
pape = audio_to_stereo(strip_blank(max_blank=115.,input.harbor(id="pap-e", port=8051, "pap-e")))
output.dummy(fallible=true, pape)
full = fallback(track_sensitive = false, [papa, papb, papc, papd, pape, normalize(crossfade(smart=true, archive_mix)), default ])
### stream outputs
vorbis_encoding = %vorbis( quality=0.5, samplerate=48000, channels=2)
mp3_encoding = %mp3()
icecast_ogg = output.icecast(
vorbis_encoding,
connection_timeout=1.0,
fallible=true,
url="https://adm.amsterdam/radio",
genre="papillon archive / not live",
name="papillon",
description="lalalal"
)
icecast_mp3 = output.icecast(
mp3_encoding,
connection_timeout=1.0,
fallible=true,
url="https://adm.amsterdam/radio",
genre="papillon archive / not live mp3 stream",
name="papillon",
description="lalalal"
)
icecast_opus = output.icecast(
%ogg(%opus),
connection_timeout=1.0,
fallible=true,
url="https://adm.amsterdam/radio",
genre="papillon archive / not live opus stream",
name="papillon",
description="lalalal"
)
icecast_ogg(full, mount="pap-ls1.ogg", host="deathstar.puscii.nl", port=8000, password="icecold")
icecast_mp3(full, mount="pap-ls1.mp3", host="deathstar.puscii.nl", port=8000, password="icecold")
icecast_opus(full,mount="pap-ls1.opus", host="deathstar.puscii.nl", port=8000, password="icecold")
version: '3'
services:
nginx-ssl:
image: alfg/nginx-rtmp:latest
restart: unless-stopped
ports:
- 80:80
- 443:443
volumes:
- ./nginx-ssl.conf:/etc/nginx/nginx.conf
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
tmpfs:
- /tmp
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx'"
certbot:
image: certbot/certbot:v0.36.0
restart: unless-stopped
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
#!/bin/bash
if ! [ -x "$(command -v docker-compose)" ]; then
echo 'Error: docker-compose is not installed.' >&2
exit 1
fi
domains=(hls.laglab.org)
rsa_key_size=4096
data_path="./data/certbot"
email="" # Adding a valid address is strongly recommended
staging=0 # Set to 1 if you're testing your setup to avoid hitting request limits
if [ -d "$data_path" ]; then
read -p "Existing data found for $domains. Continue and replace existing certificate? (y/N) " decision
if [ "$decision" != "Y" ] && [ "$decision" != "y" ]; then
exit
fi
fi
if [ ! -e "$data_path/conf/options-ssl-nginx.conf" ] || [ ! -e "$data_path/conf/ssl-dhparams.pem" ]; then
echo "### Downloading recommended TLS parameters ..."
mkdir -p "$data_path/conf"
curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf > "$data_path/conf/options-ssl-nginx.conf"
curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem > "$data_path/conf/ssl-dhparams.pem"
echo
fi
echo "### Creating dummy certificate for $domains ..."
path="/etc/letsencrypt/live/$domains"
mkdir -p "$data_path/conf/live/$domains"
docker-compose run --rm --entrypoint "\
openssl req -x509 -nodes -newkey rsa:1024 -days 1\
-keyout '$path/privkey.pem' \
-out '$path/fullchain.pem' \
-subj '/CN=localhost'" certbot
echo
echo "### Starting nginx ..."
docker-compose up --force-recreate -d nginx-ssl
echo
echo "### Deleting dummy certificate for $domains ..."
docker-compose run --rm --entrypoint "\
rm -Rf /etc/letsencrypt/live/$domains && \
rm -Rf /etc/letsencrypt/archive/$domains && \
rm -Rf /etc/letsencrypt/renewal/$domains.conf" certbot
echo
echo "### Requesting Let's Encrypt certificate for $domains ..."
#Join $domains to -d args
domain_args=""
for domain in "${domains[@]}"; do
domain_args="$domain_args -d $domain"
done
# Select appropriate email arg
case "$email" in
"") email_arg="--register-unsafely-without-email" ;;
*) email_arg="--email $email" ;;
esac
# Enable staging mode if needed
if [ $staging != "0" ]; then staging_arg="--staging"; fi
docker-compose run --rm --entrypoint "\
certbot certonly --webroot -w /var/www/certbot \
$staging_arg \
$email_arg \
$domain_args \
--rsa-key-size $rsa_key_size \
--agree-tos \
--force-renewal" certbot
echo
echo "### Reloading nginx ..."
docker-compose exec nginx-ssl nginx -s reload
daemon off;
error_log /dev/stdout info;
events {
worker_connections 1024;
}
http {
access_log /dev/stdout combined;
server {
listen 80;
server_name hls.laglab.org;
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name hls.laglab.org;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/hls.laglab.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/hls.laglab.org/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://localhost:8080;
}
}
}
[Unit]
Description=nginx ssl service with docker
Requires=docker.service
After=docker.service
[Service]
Restart=always
## Modify these lines ##
WorkingDirectory=<fill-in-the-path-to-the-repo-here>
## Modify these lines ##
# Compose up
ExecStart=/usr/bin/docker-compose -f docker-compose-ssl.yml up --build
# Compose down, remove containers
ExecStop=/usr/bin/docker-compose -f docker-compose-ssl.yml down
[Install]
WantedBy=multi-user.target
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment