rc/aircox
13
1
Fork 1
Code Issues 15 Pull Requests Projects Releases Wiki Activity

config streamer.radiocampus.be pour #5

New Issue
Closed
opened 2022-02-14 12:54:05 +00:00 by tierce · 0 comments
tierce commented 2022-02-14 12:54:05 +00:00
Owner
Copy Link

Pour avoir les différents stream sans erreur http / https

root@yunohost:/etc/nginx/conf.d# grep stream www.radiocampus.be.d/stream.conf 
location /stream/stream.aacplus {
    proxy_pass http://streamer.radiocampus.be/stream.aacplus;
location /stream/stream.mp3 {
    proxy_pass http://streamer.radiocampus.be/stream.mp3;
location /stream/stream_hi.ogg {
    proxy_pass http://streamer.radiocampus.be/stream_hi.ogg;
location /stream/stream_low.ogg {
    proxy_pass http://streamer.radiocampus.be/stream_low.ogg;
location /stream/onair {

root@yunohost:/etc/nginx/conf.d# cat streamer.src.brussels.d/redirect.conf 
location / {
  proxy_pass        http://streamer.radiocampus.be/;
  proxy_redirect    off;
  proxy_set_header  Host $host;
  proxy_set_header  X-Real-IP $remote_addr;
  proxy_set_header  X-Forwarded-Proto $scheme;
  proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header  X-Forwarded-Host $server_name;
  proxy_set_header  X-Forwarded-Port $server_port;
  
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";

  # Include SSOWAT user panel.
  include conf.d/yunohost_panel.conf.inc;
  more_clear_input_headers 'Accept-Encoding';
}


root@yunohost:/etc/nginx/conf.d# cat streamer.src.brussels.conf 
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

server {
    listen 80;
    listen [::]:80;
    server_name streamer.src.brussels xmpp-upload.streamer.src.brussels;

    access_by_lua_file /usr/share/ssowat/access.lua;

    include /etc/nginx/conf.d/acme-challenge.conf.inc;

    include /etc/nginx/conf.d/streamer.src.brussels.d/*.conf;

    location /yunohost/admin {
        return 301 https://$http_host$request_uri;
    }

    location ^~ '/.well-known/ynh-diagnosis/' {
        alias /tmp/.well-known/ynh-diagnosis/;
    }

    location ^~ '/.well-known/autoconfig/mail/' {
        alias /var/www/.well-known/streamer.src.brussels/autoconfig/mail/;
    }

    access_log /var/log/nginx/streamer.src.brussels-access.log;
    error_log /var/log/nginx/streamer.src.brussels-error.log;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name streamer.src.brussels;

    include /etc/nginx/conf.d/security.conf.inc;

    ssl_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem;
    ssl_certificate_key /etc/yunohost/certs/streamer.src.brussels/key.pem;

    
    more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload";
    
    
    # OCSP settings
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem;
    resolver 127.0.0.1 127.0.1.1 valid=300s;
    resolver_timeout 5s;
    

    location ^~ '/.well-known/autoconfig/mail/' {
        alias /var/www/.well-known/streamer.src.brussels/autoconfig/mail/;
    }

    access_by_lua_file /usr/share/ssowat/access.lua;

    include /etc/nginx/conf.d/streamer.src.brussels.d/*.conf;

    include /etc/nginx/conf.d/yunohost_admin.conf.inc;
    include /etc/nginx/conf.d/yunohost_api.conf.inc;

    access_log /var/log/nginx/streamer.src.brussels-access.log;
    error_log /var/log/nginx/streamer.src.brussels-error.log;
}

# vhost dedicated to XMPP http_upload
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name xmpp-upload.streamer.src.brussels;
    root /dev/null;

    location /upload/ {
        alias /var/xmpp-upload/streamer.src.brussels/upload/;
        # Pass all requests to metronome, except for GET and HEAD requests.
        limit_except GET HEAD {
          proxy_pass http://localhost:5290;
        }

        include proxy_params;
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Methods' 'HEAD, GET, PUT, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'Authorization';
        add_header 'Access-Control-Allow-Credentials' 'true';
        client_max_body_size 105M; # Choose a value a bit higher than the max upload configured in XMPP server
    }

    include /etc/nginx/conf.d/security.conf.inc;

    ssl_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem;
    ssl_certificate_key /etc/yunohost/certs/streamer.src.brussels/key.pem;

    
    more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload";
    
    
    # OCSP settings
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem;
    resolver 127.0.0.1 127.0.1.1 valid=300s;
    resolver_timeout 5s;
    

    access_log /var/log/nginx/xmpp-upload.streamer.src.brussels-access.log;
    error_log /var/log/nginx/xmpp-upload.streamer.src.brussels-error.log;
Pour avoir les différents stream sans erreur http / https ``` root@yunohost:/etc/nginx/conf.d# grep stream www.radiocampus.be.d/stream.conf location /stream/stream.aacplus { proxy_pass http://streamer.radiocampus.be/stream.aacplus; location /stream/stream.mp3 { proxy_pass http://streamer.radiocampus.be/stream.mp3; location /stream/stream_hi.ogg { proxy_pass http://streamer.radiocampus.be/stream_hi.ogg; location /stream/stream_low.ogg { proxy_pass http://streamer.radiocampus.be/stream_low.ogg; location /stream/onair { ``` ``` root@yunohost:/etc/nginx/conf.d# cat streamer.src.brussels.d/redirect.conf location / { proxy_pass http://streamer.radiocampus.be/; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Port $server_port; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; more_clear_input_headers 'Accept-Encoding'; } ``` ``` root@yunohost:/etc/nginx/conf.d# cat streamer.src.brussels.conf map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 80; listen [::]:80; server_name streamer.src.brussels xmpp-upload.streamer.src.brussels; access_by_lua_file /usr/share/ssowat/access.lua; include /etc/nginx/conf.d/acme-challenge.conf.inc; include /etc/nginx/conf.d/streamer.src.brussels.d/*.conf; location /yunohost/admin { return 301 https://$http_host$request_uri; } location ^~ '/.well-known/ynh-diagnosis/' { alias /tmp/.well-known/ynh-diagnosis/; } location ^~ '/.well-known/autoconfig/mail/' { alias /var/www/.well-known/streamer.src.brussels/autoconfig/mail/; } access_log /var/log/nginx/streamer.src.brussels-access.log; error_log /var/log/nginx/streamer.src.brussels-error.log; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name streamer.src.brussels; include /etc/nginx/conf.d/security.conf.inc; ssl_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem; ssl_certificate_key /etc/yunohost/certs/streamer.src.brussels/key.pem; more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload"; # OCSP settings ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem; resolver 127.0.0.1 127.0.1.1 valid=300s; resolver_timeout 5s; location ^~ '/.well-known/autoconfig/mail/' { alias /var/www/.well-known/streamer.src.brussels/autoconfig/mail/; } access_by_lua_file /usr/share/ssowat/access.lua; include /etc/nginx/conf.d/streamer.src.brussels.d/*.conf; include /etc/nginx/conf.d/yunohost_admin.conf.inc; include /etc/nginx/conf.d/yunohost_api.conf.inc; access_log /var/log/nginx/streamer.src.brussels-access.log; error_log /var/log/nginx/streamer.src.brussels-error.log; } # vhost dedicated to XMPP http_upload server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name xmpp-upload.streamer.src.brussels; root /dev/null; location /upload/ { alias /var/xmpp-upload/streamer.src.brussels/upload/; # Pass all requests to metronome, except for GET and HEAD requests. limit_except GET HEAD { proxy_pass http://localhost:5290; } include proxy_params; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'HEAD, GET, PUT, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'Authorization'; add_header 'Access-Control-Allow-Credentials' 'true'; client_max_body_size 105M; # Choose a value a bit higher than the max upload configured in XMPP server } include /etc/nginx/conf.d/security.conf.inc; ssl_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem; ssl_certificate_key /etc/yunohost/certs/streamer.src.brussels/key.pem; more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload"; # OCSP settings ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem; resolver 127.0.0.1 127.0.1.1 valid=300s; resolver_timeout 5s; access_log /var/log/nginx/xmpp-upload.streamer.src.brussels-access.log; error_log /var/log/nginx/xmpp-upload.streamer.src.brussels-error.log; ```
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
à discuter
amélioration
pas un buh mais une amélioration
backend
partie privée du site
bug
qui génère une erreur
doc
contient des infos à rajouter à la doc
frontend
partie publique du site
gnuragistes
Pour les sysadmin et la gestion des serveurs
gouvernance
prod info
Read PR notes before deploying
proposition
Proposition pour une prochaine version
question
question sur le fonctionnement et l'utilisation
stabilisation
test
À tester
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
ctactic dtactic fredux jfhenrion lvanwambeke mdelobelle Oscar pdelchambre pheremans rdagry tharyrok thomas tierce wintz zebras
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: rc/aircox#5
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?