first commit

2024-09-05 06:49:27 +02:00
commit ca752a3fe1
2 changed files with 153 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,42 @@
+# Project Overview
+
+This project provides a Bash script `install_nginx_rtmp.sh` to set up an Nginx server with the RTMP module, enabling live streaming on Twitch and YouTube. It also includes firewall configuration for server security.
+
+## Installation & Usage
+
+### Prerequisites
+
+* An Debian server with root access
+* Twitch and YouTube stream keys
+* IP address of the machine authorized to publish and read the stream
+
+### Installation
+
+1. Run the script as root:
+
+   ```bash
+   sudo bash install_nginx_rtmp.sh
+   ```
+
+   Follow the on-screen instructions.
+
+### Usage
+
+1. Configure your streaming software (e.g., OBS) to send the RTMP stream to:
+
+   ```
+   rtmp://<server_ip_address>/live
+   ```
+
+   The stream will be automatically broadcast on Twitch and YouTube.
+
+2. Play the stream locally on VLC:
+
+   * Go to `Media > Open Network Stream...`
+   * Enter `rtmp://<server_ip_address>/live`
+
+## Important Notes
+
+* Ensure ports 1935 and 22 are open in your external firewall.
+* This script is an example; adapt it to your specific needs.
+* Live streaming consumes significant bandwidth.
--- a/install_multistream_rtmp.sh
+++ b/install_multistream_rtmp.sh
@@ -0,0 +1,111 @@
+#!/bin/bash
+
+# This script sets up an Nginx server with RTMP module for live streaming. 
+# It allows you to stream to platforms like Twitch and YouTube, while also allowing local testing.
+# It also configures a firewall to restrict access to the RTMP server.
+
+# Update the package list
+apt update
+
+# Install Nginx
+sudo apt install -y nginx || exit 1 # Stop if there's an installation error
+
+# Enable Nginx on startup
+sudo systemctl enable nginx
+
+# Install the RTMP module for Nginx
+sudo apt install -y libnginx-mod-rtmp || exit 1
+
+# Install necessary tools to compile Nginx from source
+sudo apt install build-essential libpcre3-dev libssl-dev zlib1g-dev git glances -y || exit 1
+
+# Clone the RTMP module repository
+sudo git clone https://github.com/arut/nginx-rtmp-module.git || exit 1
+
+# Clone the Nginx repository
+sudo git clone https://github.com/nginx/nginx.git || exit 1
+
+# Go into the Nginx directory
+cd nginx
+
+# Configure Nginx to include the RTMP module
+./auto/configure --add-module=../nginx-rtmp-module || exit 1
+
+# Compile Nginx
+make || exit 1
+
+# Install Nginx (this will replace the previous installation)
+sudo make install || exit 1
+
+# Read streaming keys and allowed IP from environment variables (or use default values)
+TWITCH_KEY=${TWITCH_KEY:-<your_twitch_key_default>}
+YOUTUBE_KEY=${YOUTUBE_KEY:-<your_youtube_key_default>}
+ALLOWED_IP=${ALLOWED_IP:-192.168.1.100}
+
+# Write the RTMP configuration to the nginx.conf file
+sudo tee -a /etc/nginx/nginx.conf > /dev/null << EOL
+
+rtmp {
+    server {
+        listen 1935;
+        chunk_size 4096;
+
+        # Allow publishing only from the specified IP
+        allow publish ${ALLOWED_IP}; 
+
+        application live {
+            live on;
+            record off;
+
+            # Stream to Twitch 
+            push rtmp://live-cdg.twitch.tv/app/${TWITCH_KEY};
+
+            # Stream to YouTube
+            push rtmp://a.rtmp.youtube.com/live2/${YOUTUBE_KEY};
+
+            # Stream locally
+            push rtmp://127.0.0.1/test;
+        }
+
+        # Application for local testing 
+        application test {
+            live on;
+            record off;
+        }
+    }
+}
+EOL
+
+echo "The RTMP configuration has been added to nginx.conf"
+
+# Test the Nginx configuration for errors
+sudo nginx -t && echo "Nginx configuration OK" || exit 1
+
+# Reload Nginx to apply the changes
+sudo nginx -s reload
+
+# Install iptables and the persistent module
+sudo apt install -y iptables iptables-persistent || exit 1
+
+# Configure the firewall
+
+# Allow traffic from the specified IP on port 1935
+sudo iptables -A INPUT -p tcp --dport 1935 -s ${ALLOWED_IP} -j ACCEPT
+
+# Block all other incoming traffic on port 1935
+sudo iptables -A INPUT -p tcp --dport 1935 -j DROP
+
+# Allow traffic from the specified IP on port 22 (SSH)
+sudo iptables -A INPUT -p tcp --dport 22 -s ${ALLOWED_IP} -j ACCEPT
+
+# Block all other incoming traffic on port 22
+sudo iptables -A INPUT -p tcp --dport 22 -j DROP
+
+# Allow outgoing traffic on port 1935
+sudo iptables -A OUTPUT -p tcp --sport 1935 -j ACCEPT
+
+# Allow incoming traffic on ephemeral ports (used for return traffic)
+sudo iptables -A INPUT -p tcp --match multiport --dports 32768:61000 -j ACCEPT
+
+# Save the iptables rules
+sudo netfilter-persistent save