stockholm/lass/2configs/tv.nix

195 lines
5.1 KiB
Nix
Raw Normal View History

2020-12-27 13:56:25 +00:00
{ config, pkgs, ... }: with import <stockholm/lib>; let
nginxCfg = pkgs.writeText "nginx.conf" ''
daemon off;
pid /var/lib/rtmp/nginx.pid;
events {
use epoll;
worker_connections 128;
}
error_log stderr info;
2021-01-23 18:06:59 +00:00
2020-12-27 13:56:25 +00:00
http {
client_body_temp_path /var/lib/rtmp/nginx_cache_client_body;
proxy_temp_path /var/lib/rtmp/nginx_cache_proxy;
fastcgi_temp_path /var/lib/rtmp/nginx_cache_fastcgi;
uwsgi_temp_path /var/lib/rtmp/nginx_cache_uwsgi;
scgi_temp_path /var/lib/rtmp/nginx_cache_scgi;
server {
listen 8080;
root /var/lib/rtmp;
access_log stderr;
error_log stderr;
# This URL provides RTMP statistics in XML
location /stat {
rtmp_stat all;
}
}
}
rtmp {
server {
access_log stderr;
listen 1935;
ping 30s;
notify_method get;
application stream {
live on;
hls on;
2020-12-30 16:58:04 +00:00
hls_path /var/lib/rtmp/tmp/hls;
hls_fragment 1;
hls_playlist_length 10;
2020-12-27 13:56:25 +00:00
dash on;
2020-12-30 16:58:04 +00:00
dash_path /var/lib/rtmp/tmp/dash;
2020-12-27 13:56:25 +00:00
}
}
}
'';
in {
2020-12-30 16:58:04 +00:00
services.nginx = {
enable = true;
virtualHosts."streaming.lassul.us" = {
enableACME = true;
addSSL = true;
locations."/hls".extraConfig = ''
# Serve HLS fragments
types {
application/vnd.apple.mpegurl m3u8;
video/mp2t ts;
}
root /var/lib/rtmp/tmp;
# Allow CORS preflight requests
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method != 'OPTIONS') {
add_header Cache-Control no-cache;
# CORS setup
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Expose-Headers' 'Content-Length';
}
'';
locations."/dash".extraConfig = ''
# Serve DASH fragments
types {
application/dash+xml mpd;
video/mp4 mp4;
}
root /var/lib/rtmp/tmp;
# Allow CORS preflight requests
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method != 'OPTIONS') {
add_header Cache-Control no-cache;
# CORS setup
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Expose-Headers' 'Content-Length';
}
'';
locations."= /dash.all.min.js".extraConfig = ''
default_type "text/javascript";
alias ${pkgs.fetchurl {
url = "http://cdn.dashjs.org/v3.2.0/dash.all.min.js";
sha256 = "16f0b40gdqsnwqi01s5sz9f1q86dwzscgc3m701jd1sczygi481c";
}};
'';
locations."= /player".extraConfig = ''
default_type "text/html";
alias ${pkgs.writeText "player.html" ''
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>lassulus livestream</title>
</head>
<body>
<div>
<video id="player" controls></video>
</video>
</div>
<script src="/dash.all.min.js"></script>
<script>
(function(){
var url = "/dash/nixos.mpd";
var player = dashjs.MediaPlayer().create();
player.initialize(document.querySelector("#player"), url, true);
})();
</script>
</body>
</html>
''};
'';
locations."/records".extraConfig = ''
autoindex on;
root /var/lib/rtmp;
'';
};
};
fileSystems."/var/lib/rtmp/tmp" = {
device = "tmpfs";
fsType = "tmpfs";
options = [ "nosuid" "nodev" "noatime" ];
};
2020-12-27 13:56:25 +00:00
users.users.rtmp = {
2020-12-30 16:58:04 +00:00
home = "/var/lib/rtmp";
2020-12-27 13:56:25 +00:00
uid = genid_uint31 "rtmp";
isNormalUser = true;
createHome = true;
2020-12-30 16:58:04 +00:00
openssh.authorizedKeys.keys = with config.krebs.users; [
mic92.pubkey
palo.pubkey
];
2020-12-27 13:56:25 +00:00
};
systemd.services.nginx-rtmp = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
restartIfChanged = true;
script = ''
${pkgs.nginx.override {
modules = [
pkgs.nginxModules.rtmp
];
}}/bin/nginx -c ${nginxCfg} -p /var/lib/rtmp
'';
serviceConfig = {
2020-12-30 16:58:04 +00:00
ExecStartPre = pkgs.writers.writeDash "setup-rtmp" ''
mkdir -p /var/lib/rtmp/tmp/hls
mkdir -p /var/lib/rtmp/tmp/dash
chown rtmp:users /var/lib/rtmp/tmp/hls
chown rtmp:users /var/lib/rtmp/tmp/dash
chmod 755 /var/lib/rtmp/tmp/hls
chmod 755 /var/lib/rtmp/tmp/dash
'';
2020-12-27 13:56:25 +00:00
User = "rtmp";
};
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 1935"; target = "ACCEPT"; }
];
}