rc/aircox
13
1
Fork 1
Code Issues 15 Pull Requests Projects Releases Wiki Activity

config streamer.radiocampus.be pour #5

New Issue
Closed
opened 2022-02-14 12:54:05 +00:00 by tierce · 0 comments
tierce commented 2022-02-14 12:54:05 +00:00
Owner
Copy Link

Pour avoir les différents stream sans erreur http / https

root@yunohost:/etc/nginx/conf.d# grep stream www.radiocampus.be.d/stream.conf 
location /stream/stream.aacplus {
    proxy_pass http://streamer.radiocampus.be/stream.aacplus;
location /stream/stream.mp3 {
    proxy_pass http://streamer.radiocampus.be/stream.mp3;
location /stream/stream_hi.ogg {
    proxy_pass http://streamer.radiocampus.be/stream_hi.ogg;
location /stream/stream_low.ogg {
    proxy_pass http://streamer.radiocampus.be/stream_low.ogg;
location /stream/onair {

root@yunohost:/etc/nginx/conf.d# cat streamer.src.brussels.d/redirect.conf 
location / {
  proxy_pass        http://streamer.radiocampus.be/;
  proxy_redirect    off;
  proxy_set_header  Host $host;
  proxy_set_header  X-Real-IP $remote_addr;
  proxy_set_header  X-Forwarded-Proto $scheme;
  proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header  X-Forwarded-Host $server_name;
  proxy_set_header  X-Forwarded-Port $server_port;
  
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";

  # Include SSOWAT user panel.
  include conf.d/yunohost_panel.conf.inc;
  more_clear_input_headers 'Accept-Encoding';
}


root@yunohost:/etc/nginx/conf.d# cat streamer.src.brussels.conf 
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

server {
    listen 80;
    listen [::]:80;
    server_name streamer.src.brussels xmpp-upload.streamer.src.brussels;

    access_by_lua_file /usr/share/ssowat/access.lua;

    include /etc/nginx/conf.d/acme-challenge.conf.inc;

    include /etc/nginx/conf.d/streamer.src.brussels.d/*.conf;

    location /yunohost/admin {
        return 301 https://$http_host$request_uri;
    }

    location ^~ '/.well-known/ynh-diagnosis/' {
        alias /tmp/.well-known/ynh-diagnosis/;
    }

    location ^~ '/.well-known/autoconfig/mail/' {
        alias /var/www/.well-known/streamer.src.brussels/autoconfig/mail/;
    }

    access_log /var/log/nginx/streamer.src.brussels-access.log;
    error_log /var/log/nginx/streamer.src.brussels-error.log;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name streamer.src.brussels;

    include /etc/nginx/conf.d/security.conf.inc;

    ssl_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem;
    ssl_certificate_key /etc/yunohost/certs/streamer.src.brussels/key.pem;

    
    more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload";
    
    
    # OCSP settings
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem;
    resolver 127.0.0.1 127.0.1.1 valid=300s;
    resolver_timeout 5s;
    

    location ^~ '/.well-known/autoconfig/mail/' {
        alias /var/www/.well-known/streamer.src.brussels/autoconfig/mail/;
    }

    access_by_lua_file /usr/share/ssowat/access.lua;

    include /etc/nginx/conf.d/streamer.src.brussels.d/*.conf;

    include /etc/nginx/conf.d/yunohost_admin.conf.inc;
    include /etc/nginx/conf.d/yunohost_api.conf.inc;

    access_log /var/log/nginx/streamer.src.brussels-access.log;
    error_log /var/log/nginx/streamer.src.brussels-error.log;
}

# vhost dedicated to XMPP http_upload
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name xmpp-upload.streamer.src.brussels;
    root /dev/null;

    location /upload/ {
        alias /var/xmpp-upload/streamer.src.brussels/upload/;
        # Pass all requests to metronome, except for GET and HEAD requests.
        limit_except GET HEAD {
          proxy_pass http://localhost:5290;
        }

        include proxy_params;
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Methods' 'HEAD, GET, PUT, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'Authorization';
        add_header 'Access-Control-Allow-Credentials' 'true';
        client_max_body_size 105M; # Choose a value a bit higher than the max upload configured in XMPP server
    }

    include /etc/nginx/conf.d/security.conf.inc;

    ssl_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem;
    ssl_certificate_key /etc/yunohost/certs/streamer.src.brussels/key.pem;

    
    more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload";
    
    
    # OCSP settings
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem;
    resolver 127.0.0.1 127.0.1.1 valid=300s;
    resolver_timeout 5s;
    

    access_log /var/log/nginx/xmpp-upload.streamer.src.brussels-access.log;
    error_log /var/log/nginx/xmpp-upload.streamer.src.brussels-error.log;
Pour avoir les différents stream sans erreur http / https ``` root@yunohost:/etc/nginx/conf.d# grep stream www.radiocampus.be.d/stream.conf location /stream/stream.aacplus { proxy_pass http://streamer.radiocampus.be/stream.aacplus; location /stream/stream.mp3 { proxy_pass http://streamer.radiocampus.be/stream.mp3; location /stream/stream_hi.ogg { proxy_pass http://streamer.radiocampus.be/stream_hi.ogg; location /stream/stream_low.ogg { proxy_pass http://streamer.radiocampus.be/stream_low.ogg; location /stream/onair { ``` ``` root@yunohost:/etc/nginx/conf.d# cat streamer.src.brussels.d/redirect.conf location / { proxy_pass http://streamer.radiocampus.be/; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Port $server_port; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; more_clear_input_headers 'Accept-Encoding'; } ``` ``` root@yunohost:/etc/nginx/conf.d# cat streamer.src.brussels.conf map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 80; listen [::]:80; server_name streamer.src.brussels xmpp-upload.streamer.src.brussels; access_by_lua_file /usr/share/ssowat/access.lua; include /etc/nginx/conf.d/acme-challenge.conf.inc; include /etc/nginx/conf.d/streamer.src.brussels.d/*.conf; location /yunohost/admin { return 301 https://$http_host$request_uri; } location ^~ '/.well-known/ynh-diagnosis/' { alias /tmp/.well-known/ynh-diagnosis/; } location ^~ '/.well-known/autoconfig/mail/' { alias /var/www/.well-known/streamer.src.brussels/autoconfig/mail/; } access_log /var/log/nginx/streamer.src.brussels-access.log; error_log /var/log/nginx/streamer.src.brussels-error.log; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name streamer.src.brussels; include /etc/nginx/conf.d/security.conf.inc; ssl_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem; ssl_certificate_key /etc/yunohost/certs/streamer.src.brussels/key.pem; more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload"; # OCSP settings ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem; resolver 127.0.0.1 127.0.1.1 valid=300s; resolver_timeout 5s; location ^~ '/.well-known/autoconfig/mail/' { alias /var/www/.well-known/streamer.src.brussels/autoconfig/mail/; } access_by_lua_file /usr/share/ssowat/access.lua; include /etc/nginx/conf.d/streamer.src.brussels.d/*.conf; include /etc/nginx/conf.d/yunohost_admin.conf.inc; include /etc/nginx/conf.d/yunohost_api.conf.inc; access_log /var/log/nginx/streamer.src.brussels-access.log; error_log /var/log/nginx/streamer.src.brussels-error.log; } # vhost dedicated to XMPP http_upload server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name xmpp-upload.streamer.src.brussels; root /dev/null; location /upload/ { alias /var/xmpp-upload/streamer.src.brussels/upload/; # Pass all requests to metronome, except for GET and HEAD requests. limit_except GET HEAD { proxy_pass http://localhost:5290; } include proxy_params; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'HEAD, GET, PUT, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'Authorization'; add_header 'Access-Control-Allow-Credentials' 'true'; client_max_body_size 105M; # Choose a value a bit higher than the max upload configured in XMPP server } include /etc/nginx/conf.d/security.conf.inc; ssl_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem; ssl_certificate_key /etc/yunohost/certs/streamer.src.brussels/key.pem; more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload"; # OCSP settings ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /etc/yunohost/certs/streamer.src.brussels/crt.pem; resolver 127.0.0.1 127.0.1.1 valid=300s; resolver_timeout 5s; access_log /var/log/nginx/xmpp-upload.streamer.src.brussels-access.log; error_log /var/log/nginx/xmpp-upload.streamer.src.brussels-error.log; ```
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels   
à discuter

   
amélioration

pas un buh mais une amélioration

  
backend

partie privée du site

  
bug

qui génère une erreur

  
doc

contient des infos à rajouter à la doc

  
frontend

partie publique du site

  
gnuragistes

Pour les sysadmin et la gestion des serveurs

  
gouvernance

   
prod info

Read PR notes before deploying

  
proposition

Proposition pour une prochaine version

  
question

question sur le fonctionnement et l'utilisation

  
stabilisation

   
test

À tester

No Label
à discuter
amélioration
backend
bug
doc
frontend
gnuragistes
gouvernance
prod info
proposition
question
stabilisation
test
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: rc/aircox#5
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?