you want to participate in the streaming relay network? great. here's a quick overview on how it works: StreamingNetwork
please see BuildingFromXiphSvn to find out what to download and compile.
i would recommend to create a build directory somewhere, for example:
root@relay:~ # cd /usr/src root@relay:/usr/src # mkdir xiph-build
make sure you have all required packages and run the build script in this directory. let's say you named it xiph-build.sh. i recommend running it as follows:
root@relay:/usr/src/xiph-build # ./xiph-build.sh > xiph-build.log
that way, you will only see errors and warnings on the screen, and all the informational output goes into the logfile.
check that all packages compiled and installed, and proceed.
for security reasons, icecast will be run as a dedicated user. this will reduce the security impact in case it gets hacked.
root@relay:~ # useradd -r icecast root@relay:~ # groupadd -r icecast
we're going to install icecast in /srv/icecast. it installs into /usr/local/share/icecast by default, so let's move it over:
root@relay:~ # cd srv root@relay:/srv # mv /usr/local/share/icecast . root@relay:/srv # cd icecast root@relay:/srv/icecast # mkdir etc lib log tmp root@relay:/srv/icecast # chmod 1777 tmp root@relay:/srv/icecast # touch log/access.log log/error.log log/playlist.log root@relay:/srv/icecast # chown icecast:icecast log/*
only the logfiles and the tmp/ directory should be writable by the icecast user!
Due to unresolved issues please disable chroot for now.
for security reasons, our icecast will run in a chrooted environment. that means it will call chroot() and the kernel will trap it in /srv/icecast (it will look like the root directory to the process, hence the name). again, if you are hacked, the attacker can only access files under /srv/icecast, which will buy you more time for countermeasures and lessen the security breach.
the problem is that many system libraries are now unaccessible.
your icecast will need to resolve hostnames during run-time. under linux, this is done via the name service switch. all files belonging to this mechanism must be copied into the corresponding directory in the chroot environment. these are
unfortunately, libnss_dns.so.2 has other dependencies. find them by running
root@relay:/srv/icecast/lib # ldd libnss_dns.so.2copy all dependencies over as well, and run ldd on them as well. on my system, i end up with
root@relay:/srv/icecast/lib # ls * ld-linux.so.2 libnss_dns.so.2 libresolv.so.2 tls: libc.so.6
copy the following file to /srv/icecast/etc/icecast.xml and edit the sections in OBNOXIOUSCAPITALS.
!!! copy the file from edit mode. some closing tags are missing in the rendered wiki display.
<icecast>
<limits>
<clients>200</clients>
<sources>10</sources>
<threadpool>5</threadpool>
<queue-size>102400</queue-size>
<client-timeout>30</client-timeout>
<header-timeout>15</header-timeout>
<source-timeout>10</source-timeout>
<!-- same as burst-on-connect, but this allows for being more
specific on how much to burst. Most people won't need to
change from the default 64k. Applies to all mountpoints.
use this with -kh branch -->
<burst-size>65535</burst-size>
</limits>
<authentication>
<!-- Sources log in with username 'source' -->
<source-password>SOMEGOODPASS</source-password>
<!-- Relays log in username 'relay' -->
<relay-password>SOMEGOODPASS</relay-password>
<!-- Admin logs in with the username given below -->
<admin-user>admin</admin-user>
<admin-password>SOMEGOODPASS</admin-password>
</authentication>
<!-- Update stream relay directory -->
<directory>
<yp-url-timeout>15</yp-url-timeout>
<yp-url>http://lac2005.zkm.de/cgi-bin/yp_cgi
</directory>
<!-- This is the hostname other people will use to connect to your server.
It affects mainly the urls generated by Icecast for playlists and yp
listings. -->
<hostname>YOURHOSTNAME.YOURDOMAIN.ORG</hostname>
<!-- You may have multiple <listener> elements -->
<listen-socket>
<port>8000</port>
</listen-socket>
<!-- this will be used later, if we can get it to work.
<relays-on-demand>0</relays-on-demand>
<master-server>lac2005.zkm.de</master-server>
<master-server-port>8000</master-server-port>
<master-update-interval>20</master-update-interval>
<master-password>ASKNETTINGS</master-password>
<master-relay-auth>1</master-relay-auth>
-->
<!-- Report <hostname> and this port to master server for redirecting
clients to this slave -->
<!--
<master-redirect-port>8000</master-redirect-port>
-->
<!-- Relays. State connection information, and by default
request inline metadata for mp3 streams if available.
An on-demand relay will only retrieve the stream if
there are listeners connected -->
<relay>
<server>lac2005.zkm.de</server>
<port>8000</port>
<mount>/lecture_hall-theora-hiq.ogg</mount>
<on-demand>1</on-demand>
</relay>
<relay>
<server>lac2005.zkm.de</server>
<port>8000</port>
<mount>/lecture_hall-theora-loq.ogg</mount>
<on-demand>1</on-demand>
</relay>
<relay>
<server>lac2005.zkm.de</server>
<port>8000</port>
<mount>/lecture_hall-vorbis-hiq.ogg</mount>
<on-demand>1</on-demand>
</relay>
<relay>
<server>lac2005.zkm.de</server>
<port>8000</port>
<mount>/lecture_hall-vorbis-loq.ogg</mount>
<on-demand>1</on-demand>
</relay>
<relay>
<server>lac2005.zkm.de</server>
<port>8000</port>
<mount>/media_theatre-vorbis-hiq.ogg</mount>
<on-demand>1</on-demand>
</relay>
<relay>
<server>lac2005.zkm.de</server>
<port>8000</port>
<mount>/media_theatre-vorbis-loq.ogg</mount>
<on-demand>1</on-demand>
</relay>
<mount>
<mount-name>/lecture_hall-theora-hiq.ogg</mount-name>
<stream-url>http://yourhostname.yourdomain.org
<max-listeners>5</max-listeners>
<stream-name>YOUR RELAY HOSTNAME HERE - LAC2005 A/V Lecture Hall</stream-name>
<stream-description>500 kbit/s Ogg Theora stream</stream-description>
<genre>Talk</genre>
<type>application/ogg</type>
<public>1</public>
<bitrate>500</bitrate>
<burst-size>65536</burst-size>
<hidden>0</hidden>
<no-yp>0</no-yp>
</mount>
<mount>
<mount-name>/lecture_hall-theora-loq.ogg</mount-name>
<stream-url>http://yourhostname.yourdomain.org
<max-listeners>10</max-listeners>
<stream-name>YOUR RELAY HOSTNAME HERE - LAC2005 A/V Lecture Hall</stream-name>
<stream-description>120 kbit/s Ogg Theora stream</stream-description>
<genre>Talk</genre>
<type>application/ogg</type>
<public>1</public>
<bitrate>120</bitrate>
<burst-size>65536</burst-size>
<hidden>0</hidden>
<no-yp>0</no-yp>
</mount>
<mount>
<mount-name>/lecture_hall-vorbis-hiq.ogg</mount-name>
<stream-url>http://yourhostname.yourdomain.org
<max-listeners>20</max-listeners>
<stream-name>YOUR RELAY HOSTNAME HERE - LAC2005 Audio Lecture Hall</stream-name>
<stream-description>96 kbit/s Ogg Vorbis stream</stream-description>
<genre>Talk</genre>
<type>application/ogg</type>
<bitrate>96</bitrate>
<public>1</public>
<burst-size>32768</burst-size>
<hidden>0</hidden>
<no-yp>0</no-yp>
</mount>
<mount>
<mount-name>/media_theatre-vorbis-loq.ogg</mount-name>
<stream-url>http://yourhostname.yourdomain.org
<max-listeners>50</max-listeners>
<stream-name>YOUR RELAY HOSTNAME HERE - LAC2005 Audio Media Theatre</stream-name>
<stream-description>36 kbit/s Ogg Vorbis stream</stream-description>
<genre>Talk</genre>
<type>application/ogg</type>
<bitrate>36</bitrate>
<public>1</public>
<burst-size>16384</burst-size>
<hidden>0</hidden>
<no-yp>0</no-yp>
</mount>
<mount>
<mount-name>/media_theatre-vorbis-hiq.ogg</mount-name>
<stream-url>http://yourhostname.yourdomain.org
<max-listeners>20</max-listeners>
<stream-name>YOUR RELAY HOSTNAME HERE - LAC2005 Audio Media Theatre</stream-name>
<stream-description>96 kbit/s Ogg Vorbis stream</stream-description>
<genre>Talk</genre>
<type>application/ogg</type>
<bitrate>96</bitrate>
<public>1</public>
<burst-size>32768</burst-size>
<hidden>0</hidden>
<no-yp>0</no-yp>
</mount>
<mount>
<mount-name>/lecture_hall-vorbis-loq.ogg</mount-name>
<stream-url>http://yourhostname.yourdomain.org
<max-listeners>50</max-listeners>
<stream-name>YOUR RELAY HOSTNAME HERE - LAC2005 Audio Lecture Hall</stream-name>
<stream-description>36 kbit/s Ogg Vorbis stream</stream-description>
<genre>Talk</genre>
<type>application/ogg</type>
<bitrate>36</bitrate>
<public>1</public>
<burst-size>16384</burst-size>
<hidden>0</hidden>
<no-yp>0</no-yp>
</mount>
<fileserve>1</fileserve>
<paths>
<!-- basedir is only used if chroot is enabled -->
<basedir>/srv/icecast</basedir>
<!-- Note that if <chroot> is turned on below, these paths must both
be relative to the new root, not the original root -->
<logdir>/srv/icecast/log</logdir>
<webroot>/srv/icecast/web</webroot>
<adminroot>/srv/icecast/admin</adminroot>
<pidfile>/srv/icecast/tmp/icecast.pid</pidfile>
<!-- Aliases: treat requests for 'source' path as being for 'dest' path
May be made specific to a port or bound address using the "port"
and "bind-address" attributes.
Aliases: can also be used for simple redirections as well,
this example will redirect all requests for http://server:port/ to
the status page
-->
<alias source="/" dest="/status.xsl"/>
</paths>
<logging>
<accesslog>access.log</accesslog>
<errorlog>error.log</errorlog>
<playlistlog>playlist.log</playlistlog>
<loglevel>4</loglevel> <!-- 4 Debug, 3 Info, 2 Warn, 1 Error -->
</logging>
<security>
<chroot>0</chroot>
<changeowner>
<user>icecast</user>
<group>icecast</group>
</changeowner>
</security>
</icecast>
now let's start icecast and monitor the log files:
root@relay:/srv/icecast/ # tail -f log/* & root@relay:/srv/icecast/ # /usr/local/lib/icecast -b -c etc/icecast.xml
now it's time to try to connect with some client like mplayer or "curl <your_url> | theora123".
SettingUpRelays
FindPage - Search.
Recent Changes here.
Older versions:
23 | 24 | 25 | 26 | 27 | all
Last modified: Sun 17 Apr 2005 19:12 CEST