111 lines
3.1 KiB
Bash
111 lines
3.1 KiB
Bash
#!/bin/bash
|
|
|
|
# This script sets up an Nginx server with RTMP module for live streaming.
|
|
# It allows you to stream to platforms like Twitch and YouTube, while also allowing local testing.
|
|
# It also configures a firewall to restrict access to the RTMP server.
|
|
|
|
# Update the package list
|
|
apt update
|
|
|
|
# Install Nginx
|
|
sudo apt install -y nginx || exit 1 # Stop if there's an installation error
|
|
|
|
# Enable Nginx on startup
|
|
sudo systemctl enable nginx
|
|
|
|
# Install the RTMP module for Nginx
|
|
sudo apt install -y libnginx-mod-rtmp || exit 1
|
|
|
|
# Install necessary tools to compile Nginx from source
|
|
sudo apt install build-essential libpcre3-dev libssl-dev zlib1g-dev git glances -y || exit 1
|
|
|
|
# Clone the RTMP module repository
|
|
sudo git clone https://github.com/arut/nginx-rtmp-module.git || exit 1
|
|
|
|
# Clone the Nginx repository
|
|
sudo git clone https://github.com/nginx/nginx.git || exit 1
|
|
|
|
# Go into the Nginx directory
|
|
cd nginx
|
|
|
|
# Configure Nginx to include the RTMP module
|
|
./auto/configure --add-module=../nginx-rtmp-module || exit 1
|
|
|
|
# Compile Nginx
|
|
make || exit 1
|
|
|
|
# Install Nginx (this will replace the previous installation)
|
|
sudo make install || exit 1
|
|
|
|
# Read streaming keys and allowed IP from environment variables (or use default values)
|
|
TWITCH_KEY=${TWITCH_KEY:-<your_twitch_key_default>}
|
|
YOUTUBE_KEY=${YOUTUBE_KEY:-<your_youtube_key_default>}
|
|
ALLOWED_IP=${ALLOWED_IP:-192.168.1.100}
|
|
|
|
# Write the RTMP configuration to the nginx.conf file
|
|
sudo tee -a /etc/nginx/nginx.conf > /dev/null << EOL
|
|
|
|
rtmp {
|
|
server {
|
|
listen 1935;
|
|
chunk_size 4096;
|
|
|
|
# Allow publishing only from the specified IP
|
|
allow publish ${ALLOWED_IP};
|
|
|
|
application live {
|
|
live on;
|
|
record off;
|
|
|
|
# Stream to Twitch
|
|
push rtmp://live-cdg.twitch.tv/app/${TWITCH_KEY};
|
|
|
|
# Stream to YouTube
|
|
push rtmp://a.rtmp.youtube.com/live2/${YOUTUBE_KEY};
|
|
|
|
# Stream locally
|
|
push rtmp://127.0.0.1/test;
|
|
}
|
|
|
|
# Application for local testing
|
|
application test {
|
|
live on;
|
|
record off;
|
|
}
|
|
}
|
|
}
|
|
EOL
|
|
|
|
echo "The RTMP configuration has been added to nginx.conf"
|
|
|
|
# Test the Nginx configuration for errors
|
|
sudo nginx -t && echo "Nginx configuration OK" || exit 1
|
|
|
|
# Reload Nginx to apply the changes
|
|
sudo nginx -s reload
|
|
|
|
# Install iptables and the persistent module
|
|
sudo apt install -y iptables iptables-persistent || exit 1
|
|
|
|
# Configure the firewall
|
|
|
|
# Allow traffic from the specified IP on port 1935
|
|
sudo iptables -A INPUT -p tcp --dport 1935 -s ${ALLOWED_IP} -j ACCEPT
|
|
|
|
# Block all other incoming traffic on port 1935
|
|
sudo iptables -A INPUT -p tcp --dport 1935 -j DROP
|
|
|
|
# Allow traffic from the specified IP on port 22 (SSH)
|
|
sudo iptables -A INPUT -p tcp --dport 22 -s ${ALLOWED_IP} -j ACCEPT
|
|
|
|
# Block all other incoming traffic on port 22
|
|
sudo iptables -A INPUT -p tcp --dport 22 -j DROP
|
|
|
|
# Allow outgoing traffic on port 1935
|
|
sudo iptables -A OUTPUT -p tcp --sport 1935 -j ACCEPT
|
|
|
|
# Allow incoming traffic on ephemeral ports (used for return traffic)
|
|
sudo iptables -A INPUT -p tcp --match multiport --dports 32768:61000 -j ACCEPT
|
|
|
|
# Save the iptables rules
|
|
sudo netfilter-persistent save |