subdirs

e2e15cf6 · root · 949c1fbd · e2e15cf6 · e2e15cf6 · e2e15cf6
Commit e2e15cf6 authored Mar 13, 2020 by root
--- a/leftover/docker-compose.yml
+++ b/leftover/docker-compose.yml
+version: '3'
+services:
+    nginx-rtmp:
+        image: alfg/nginx-rtmp:latest
+        restart: unless-stopped
+        ports:
+            - 1935:1935
+            - 8080:80
+        volumes:
+            - ./nginx.conf:/etc/nginx/nginx.conf
+            - /mnt/radio:/mnt/radio
+
+
+    liquidsoap:
+        build:
+            context: .
+            dockerfile: liquidsoap.dockerfile
+        restart: unless-stopped
+        ports:
+            - 8051:8051
+            - 9051:9051
+        volumes:
+            - /mnt/radio:/mnt/radio
--- a/leftover/leftover.service
+++ b/leftover/leftover.service
+[Unit]
+Description=leftover service with docker
+Requires=docker.service
+After=docker.service
+
+[Service]
+Restart=always
+
+## Modify these lines ##
+WorkingDirectory=<fill-in-the-path-to-the-repo-here>
+Environment=LEFTOVER_STREAMER='<fill-in-the-path-to-the-repo-here>'
+Environment=IFM_SERVER='<fill-in-the-ifm-streaming-key-and-server-here>'
+## Modify these lines ##
+
+ExecStartPre=/bin/bash -c "sed 's/IFM_SERVER/${IFM_SERVER}/g' ${LEFTOVER_STREAMER}/nginx.conf.template > ${LEFTOVER_STREAMER}/nginx.conf"
+
+# Compose up
+ExecStart=/usr/bin/docker-compose up --build
+
+# Compose down, remove containers
+ExecStop=/usr/bin/docker-compose down
+
+[Install]
+WantedBy=multi-user.target
--- a/leftover/liquidsoap.dockerfile
+++ b/leftover/liquidsoap.dockerfile
+# LS build container
+FROM alpine:3.11 as ls-build
+
+RUN apk --no-cache add \
+    opam \
+    make \
+    m4 \
+    ocaml-compiler-libs \
+    musl-dev \
+    automake \
+    autoconf \
+    pkgconf \
+    pcre-dev \
+    libvorbis-dev \
+    lame-dev \
+    opus-dev
+
+RUN addgroup -S appgroup && adduser -S appuser -G appgroup
+USER appuser
+
+RUN opam init --disable-sandboxing
+RUN test -r /appuser/.opam/opam-init/init.sh && . /appuser/.opam/opam-init/init.sh > /dev/null 2> /dev/null || true
+
+RUN opam update && \
+    opam install -y \
+        liquidsoap \
+        vorbis \
+        lame \
+        opus \
+        cry
+
+
+# LS container
+FROM alpine:3.11 as liquidsoap
+
+RUN apk --no-cache add \
+    pcre \
+    lame \
+    opus \
+    libvorbis
+
+RUN addgroup -S appgroup && adduser -S appuser -G appgroup
+USER appuser
+
+COPY --from=ls-build /home/appuser/.opam /home/appuser/.opam
+
+WORKDIR /app
+COPY notlive.ogg /app/notlive.ogg
+COPY playlist.liq .
+
+CMD ["/home/appuser/.opam/default/bin/liquidsoap", "playlist.liq"]
--- a/leftover/nginx.conf
+++ b/leftover/nginx.conf
+daemon off;
+
+error_log /dev/stdout info;
+
+events {
+    worker_connections 1024;
+}
+
+rtmp {
+    server {
+        listen 1935;
+        chunk_size 4000;
+
+        application stream {
+            live on;
+
+			#relays the incoming video to low quality streams on this server, audio-only version and to a different server
+            exec ffmpeg -i rtmp://localhost:1935/stream/$name
+				-c:a copy 	-c:v copy                                                       -f flv rtmp://localhost/hls/$name_hi
+				-c:a copy 	-c:v libx264 -b:v 128K -tune zerolatency -preset ultrafast      -f flv rtmp://localhost/hls/$name_low;
+				#-c:a copy 	-vn                                                             -f flv rtmp://localhost/hls/$name_audio
+				#-c:v copy 	-c:a copy                                                       -f flv "rtmp://Zombie:Apocalyps3N0w.@intergalactic.tv/show/$name";
+
+			recorder video {
+				record all;
+				record_path /mnt/radio/recordings/rtmprec/streams;
+				record_suffix _video.flv;
+
+				record_unique on;
+			}
+			recorder audio {
+				record audio;
+				record_path /mnt/radio/recordings/rtmprec/streams;
+				record_suffix _audio.flv;
+				record_unique on;
+				exec_record_done ffmpeg -i $path -metadata title="$basename" year="2020" -c:a libmp3lame /mnt/radio/recordings/rtmprec/streams/$basename.mp3;
+
+			}
+
+        }
+
+		# to send video to be recorded on server (not played live)
+		application input {
+			live on;
+		#records audio + video
+			recorder video {
+				record all;
+				record_path /mnt/radio/recordings/rtmprec/inputrec;
+				record_suffix _video.flv;
+
+				record_unique on;
+			}
+        #records audio
+			recorder audio {
+				record audio;
+				record_path /mnt/radio/recordings/rtmprec/inputrec;
+				record_suffix _audio.flv;
+				record_unique on;
+        	# convert to mp3
+				exec_record_done ffmpeg -i $path -metadata title="$basename" year="2020" -c:a libmp3lame /mnt/radio/recordings/rtmprec/inputrec/$basename.mp3;
+
+			}
+		}
+
+        application hls {
+            live on;
+            hls on;
+            hls_fragment_naming system;
+            hls_fragment 5;
+            hls_playlist_length 10;
+            hls_path /opt/data/hls;
+            hls_nested on;
+
+			hls_variant _hi 	BANDWIDTH=640000;
+			hls_variant _low 	BANDWIDTH=160000;
+			hls_variant _audio 	BANDWIDTH=500;
+        }
+    }
+}
+
+
+
+
+http {
+    access_log /dev/stdout combined;
+
+    server {
+        listen      80;
+
+        location /live {
+          alias /opt/data/hls;
+          types {
+              application/vnd.apple.mpegurl m3u8;
+              video/mp2t ts;
+          }
+          add_header Cache-Control no-cache;
+          add_header Access-Control-Allow-Origin *;
+        }
+
+        location /stat {
+            rtmp_stat all;
+            rtmp_stat_stylesheet static/stat.xsl;
+        }
+
+        location /static {
+            alias /www/static;
+        }
+
+        location = /crossdomain.xml {
+            root /www/static;
+            default_type text/xml;
+            expires 24h;
+        }
+    }
+}
--- a/leftover/nginx.conf.template
+++ b/leftover/nginx.conf.template
+daemon off;
+
+error_log /dev/stdout info;
+
+events {
+    worker_connections 1024;
+}
+
+rtmp {
+    server {
+        listen 1935;
+        chunk_size 4000;
+
+        application stream {
+            live on;
+
+			#relays the incoming video to low quality streams on this server, audio-only version and to a different server
+            exec ffmpeg -i rtmp://localhost:1935/stream/$name
+				-c:a copy 	-c:v copy                                                       -f flv rtmp://localhost/hls/$name_hi
+				-c:a copy 	-c:v libx264 -b:v 128K -tune zerolatency -preset ultrafast      -f flv rtmp://localhost/hls/$name_low;
+				#-c:a copy 	-vn                                                             -f flv rtmp://localhost/hls/$name_audio
+				#-c:v copy 	-c:a copy                                                       -f flv "rtmp://IFM_SERVER/show/$name";
+
+			recorder video {
+				record all;
+				record_path /mnt/radio/recordings/rtmprec/streams;
+				record_suffix _video.flv;
+
+				record_unique on;
+			}
+			recorder audio {
+				record audio;
+				record_path /mnt/radio/recordings/rtmprec/streams;
+				record_suffix _audio.flv;
+				record_unique on;
+				exec_record_done ffmpeg -i $path -metadata title="$basename" year="2020" -c:a libmp3lame /mnt/radio/recordings/rtmprec/streams/$basename.mp3;
+
+			}
+
+        }
+
+		# to send video to be recorded on server (not played live)
+		application input {
+			live on;
+		#records audio + video
+			recorder video {
+				record all;
+				record_path /mnt/radio/recordings/rtmprec/inputrec;
+				record_suffix _video.flv;
+
+				record_unique on;
+			}
+        #records audio
+			recorder audio {
+				record audio;
+				record_path /mnt/radio/recordings/rtmprec/inputrec;
+				record_suffix _audio.flv;
+				record_unique on;
+        	# convert to mp3
+				exec_record_done ffmpeg -i $path -metadata title="$basename" year="2020" -c:a libmp3lame /mnt/radio/recordings/rtmprec/inputrec/$basename.mp3;
+
+			}
+		}
+
+        application hls {
+            live on;
+            hls on;
+            hls_fragment_naming system;
+            hls_fragment 5;
+            hls_playlist_length 10;
+            hls_path /opt/data/hls;
+            hls_nested on;
+
+			hls_variant _hi 	BANDWIDTH=640000;
+			hls_variant _low 	BANDWIDTH=160000;
+			hls_variant _audio 	BANDWIDTH=500;
+        }
+    }
+}
+
+
+
+
+http {
+    access_log /dev/stdout combined;
+
+    server {
+        listen      80;
+
+        location /live {
+          alias /opt/data/hls;
+          types {
+              application/vnd.apple.mpegurl m3u8;
+              video/mp2t ts;
+          }
+          add_header Cache-Control no-cache;
+          add_header Access-Control-Allow-Origin *;
+        }
+
+        location /stat {
+            rtmp_stat all;
+            rtmp_stat_stylesheet static/stat.xsl;
+        }
+
+        location /static {
+            alias /www/static;
+        }
+
+        location = /crossdomain.xml {
+            root /www/static;
+            default_type text/xml;
+            expires 24h;
+        }
+    }
+}
--- a/leftover/notlive.ogg
+++ b/leftover/notlive.ogg
--- a/leftover/playlist.liq
+++ b/leftover/playlist.liq
+#!/usr/bin/liquidsoap
+
+set("init.allow_root",true)
+
+# We're 48k!
+set("frame.audio.samplerate",48000)
+set("harbor.bind","0.0.0.0")
+set("harbor.password","source")
+set("harbor.password","hackme")
+# Put the log file in some directory where
+# you have permission to write.
+# set("log.file.path","/mnt/radio/logs/playlist.log")
+# Print log messages to the console,
+# can also be done by passing the -v option to liquidsoap.
+set("log.stdout", true)
+# Use the telnet server for requests
+set("server.telnet.port", 9051)
+set("server.telnet", true)
+
+
+# Add a skip function to a source
+# when it does not have one
+# by default
+def add_skip_command(s) =
+ # A command to skip
+ def skip(_) =
+   source.skip(s)
+   "Done!"
+ end
+ # Register the command:
+ server.register(namespace="#{source.id(s)}",
+                 usage="skip",
+                 description="Skip the current song.",
+                 "skip",skip)
+end
+
+# Lines starting with # are comments, they are ignored.
+
+# local sources
+default             = noise()
+notlive             = single("/app/notlive.ogg")
+
+jingles             = playlist(timeout=20.0,mode="random",reload=300,reload_mode="seconds","/mnt/radio/jingles")
+papillon_archive    = playlist(reload=600, "/mnt/radio/papillon_archive/")
+admfest             = playlist(reload=600, "/mnt/radio/Live Recordings/")
+archive_mix         = random(weights=[1,1,2,2],[ jingles, notlive, papillon_archive, admfest ])
+
+# Attach a skip command to the source s:
+add_skip_command(archive_mix)
+
+
+# bunch of inputs
+papa = strip_blank(max_blank=10.,audio_to_stereo(buffer.adaptative(mksafe(input.harbor(id="pap-a", buffer=6.0, max=60.0, port=8051,  "pap-a")))))
+output.dummy(fallible=true, papa)
+
+papb = strip_blank(max_blank=60.,audio_to_stereo(buffer.adaptative(mksafe(input.harbor(id="pap-b", buffer=30.0, max=60.0, port=8051, "pap-b")))))
+output.dummy(fallible=true, papb)
+
+papc = audio_to_stereo(input.harbor(id="pap-c", port=8051, "pap-c"))
+output.dummy(fallible=true, papc)
+
+papd = audio_to_stereo(strip_blank(max_blank=115.,input.harbor(id="pap-d", port=8051, "pap-d")))
+output.dummy(fallible=true, papd)
+
+pape = audio_to_stereo(strip_blank(max_blank=115.,input.harbor(id="pap-e", port=8051, "pap-e")))
+output.dummy(fallible=true, pape)
+
+
+full = fallback(track_sensitive = false, [papa, papb, papc, papd, pape, normalize(crossfade(smart=true, archive_mix)), default ])
+
+
+
+### stream outputs
+vorbis_encoding = %vorbis( quality=0.5, samplerate=48000, channels=2)
+mp3_encoding    = %mp3()
+
+icecast_ogg = output.icecast(
+  vorbis_encoding,
+  connection_timeout=1.0,
+  fallible=true,
+  url="https://adm.amsterdam/radio",
+  genre="papillon archive / not live",
+  name="papillon",
+  description="lalalal"
+)
+
+icecast_mp3 = output.icecast(
+  mp3_encoding,
+  connection_timeout=1.0,
+  fallible=true,
+  url="https://adm.amsterdam/radio",
+  genre="papillon archive / not live mp3 stream",
+  name="papillon",
+  description="lalalal"
+)
+
+
+icecast_opus = output.icecast(
+  %ogg(%opus),
+  connection_timeout=1.0,
+  fallible=true,
+  url="https://adm.amsterdam/radio",
+  genre="papillon archive / not live opus stream",
+  name="papillon",
+  description="lalalal"
+)
+
+
+
+icecast_ogg(full, mount="pap-ls1.ogg", host="deathstar.puscii.nl", port=8000, password="icecold")
+icecast_mp3(full, mount="pap-ls1.mp3", host="deathstar.puscii.nl", port=8000, password="icecold")
+icecast_opus(full,mount="pap-ls1.opus", host="deathstar.puscii.nl", port=8000, password="icecold")
--- a/nginx-ssl/docker-compose.yml
+++ b/nginx-ssl/docker-compose.yml
+version: '3'
+services:
+    nginx-ssl:
+        image: alfg/nginx-rtmp:latest
+        restart: unless-stopped
+        ports:
+            - 80:80
+            - 443:443
+        volumes:
+            - ./nginx-ssl.conf:/etc/nginx/nginx.conf
+            - ./data/certbot/conf:/etc/letsencrypt
+            - ./data/certbot/www:/var/www/certbot
+        tmpfs:
+            - /tmp
+        command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx'"
+
+    certbot:
+        image: certbot/certbot:v0.36.0
+        restart: unless-stopped
+        volumes:
+            - ./data/certbot/conf:/etc/letsencrypt
+            - ./data/certbot/www:/var/www/certbot
+        entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
--- a/nginx-ssl/init-letsencrypt.sh
+++ b/nginx-ssl/init-letsencrypt.sh
+#!/bin/bash
+
+if ! [ -x "$(command -v docker-compose)" ]; then
+  echo 'Error: docker-compose is not installed.' >&2
+  exit 1
+fi
+
+domains=(hls.laglab.org)
+rsa_key_size=4096
+data_path="./data/certbot"
+email="" # Adding a valid address is strongly recommended
+staging=0 # Set to 1 if you're testing your setup to avoid hitting request limits
+
+if [ -d "$data_path" ]; then
+  read -p "Existing data found for $domains. Continue and replace existing certificate? (y/N) " decision
+  if [ "$decision" != "Y" ] && [ "$decision" != "y" ]; then
+    exit
+  fi
+fi
+
+
+if [ ! -e "$data_path/conf/options-ssl-nginx.conf" ] || [ ! -e "$data_path/conf/ssl-dhparams.pem" ]; then
+  echo "### Downloading recommended TLS parameters ..."
+  mkdir -p "$data_path/conf"
+  curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf > "$data_path/conf/options-ssl-nginx.conf"
+  curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem > "$data_path/conf/ssl-dhparams.pem"
+  echo
+fi
+
+echo "### Creating dummy certificate for $domains ..."
+path="/etc/letsencrypt/live/$domains"
+mkdir -p "$data_path/conf/live/$domains"
+docker-compose run --rm --entrypoint "\
+  openssl req -x509 -nodes -newkey rsa:1024 -days 1\
+    -keyout '$path/privkey.pem' \
+    -out '$path/fullchain.pem' \
+    -subj '/CN=localhost'" certbot
+echo
+
+
+echo "### Starting nginx ..."
+docker-compose up --force-recreate -d nginx-ssl
+echo
+
+echo "### Deleting dummy certificate for $domains ..."
+docker-compose run --rm --entrypoint "\
+  rm -Rf /etc/letsencrypt/live/$domains && \
+  rm -Rf /etc/letsencrypt/archive/$domains && \
+  rm -Rf /etc/letsencrypt/renewal/$domains.conf" certbot
+echo
+
+
+echo "### Requesting Let's Encrypt certificate for $domains ..."
+#Join $domains to -d args
+domain_args=""
+for domain in "${domains[@]}"; do
+  domain_args="$domain_args -d $domain"
+done
+
+# Select appropriate email arg
+case "$email" in
+  "") email_arg="--register-unsafely-without-email" ;;
+  *) email_arg="--email $email" ;;
+esac
+
+# Enable staging mode if needed
+if [ $staging != "0" ]; then staging_arg="--staging"; fi
+
+docker-compose run --rm --entrypoint "\
+  certbot certonly --webroot -w /var/www/certbot \
+    $staging_arg \
+    $email_arg \
+    $domain_args \
+    --rsa-key-size $rsa_key_size \
+    --agree-tos \
+    --force-renewal" certbot
+echo
+
+echo "### Reloading nginx ..."
+docker-compose exec nginx-ssl nginx -s reload
+
--- a/nginx-ssl/nginx-ssl.conf
+++ b/nginx-ssl/nginx-ssl.conf
+daemon off;
+
+error_log /dev/stdout info;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    access_log /dev/stdout combined;
+
+    server {
+        listen      80;
+        server_name hls.laglab.org;
+        server_tokens off;
+
+        location /.well-known/acme-challenge/ {
+            root /var/www/certbot;
+        }
+
+        location / {
+            return 301 https://$host$request_uri;
+        }
+    }
+
+    server {
+        listen       443 ssl;
+        server_name  hls.laglab.org;
+        server_tokens off;
+
+        ssl_certificate /etc/letsencrypt/live/hls.laglab.org/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/hls.laglab.org/privkey.pem;
+
+        include /etc/letsencrypt/options-ssl-nginx.conf;
+        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+        location / {
+            proxy_pass http://localhost:8080;
+        }
+
+    }
+}
--- a/nginx-ssl/nginx-ssl.service
+++ b/nginx-ssl/nginx-ssl.service
+[Unit]
+Description=nginx ssl service with docker
+Requires=docker.service
+After=docker.service
+
+[Service]
+Restart=always
+
+## Modify these lines ##
+WorkingDirectory=<fill-in-the-path-to-the-repo-here>
+## Modify these lines ##
+
+# Compose up
+ExecStart=/usr/bin/docker-compose -f docker-compose-ssl.yml up --build
+
+# Compose down, remove containers
+ExecStop=/usr/bin/docker-compose -f docker-compose-ssl.yml down
+
+[Install]
+WantedBy=multi-user.target