You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
Tim Beckmann b7a184068a reverts to nginx software rendering 2 years ago
.idea Merge branch 'master' of ssh://ssh.git.n7r.de:62629/tlb/bachelorarbeit 3 years ago
ausarbeitung stand vor probevortrag mit robert 3 years ago
cpunetlogs_new holy shit da waren noch fehler in den plots 3 years ago
nginx-rtmp-module merge conflict owncloud fuckshit 3 years ago
praesentation final old presentation version, fixes hardcoded urls in streamer page 3 years ago
proposal initial commit with pretty much everything 3 years ago
timmslive reverts to nginx software rendering 2 years ago
.gitignore update secrets 3 years ago
README.md readme instructions for secret key 3 years ago
parallelrun.sh schöner git-fuckup, shell-skript hinzugefügt 3 years ago
timmslive_logo.png further readme writeup 3 years ago

README.md

logo

This project was done as my Bachelor’s thesis at the University of Tübingen. This Django application in conjunction with ffmpeg and a custom-compiled nginx setup can be used to create a standalone on-premise streaming service using RTMP and HTML5. Its features include:

  • Each stream will receive its own port and a unique identifier
  • fully compatible with tools like Open Broadcaster Studio
  • streaming over HLS with Flash as fallback
  • low-latency (~15 sec. over HLS)
  • mobile players for iOS and Android
  • Streams can be created via the admin backend
  • Streaming server is available immediately after a stream is created
  • Users can be assigned to different roles and use custom functions
  • Login via SAML2/Shibboleth
  • recording of live sesseions (requires ffmpeg)

Requirements

This application was developed as my bachelor’s thesis and was tested on a Ubuntu Linux 16.10 machine. I do not know if this setup will work on anything else. What I used is:

  • nginx running on port 80 (can be installed via apt-get)
  • openSSL with a valid server certificate (for user authentication)
  • Python 3.5 or later
  • Django v.1.10 or later
  • nginx running as a service on port 80 (see below)
  • separate nginx process compiled with nginx-rtmp
  • PostgreSQL 9.6
  • libpqdev (available via apt-get)
  • xmlsec1 (available via apt-get)

Installation

nginx service

  1. Depending on your setup, adjust the paths in the timmslive_nginx.conf file to fit your needs.
  2. create a symlink from timmslive_nginx.conf to the sites-enabled directory of your nginx installation, i.e.
sudo ln -s /home/.../timmslive_nginx.conf /etc/nginx/sites-enabled

where /etc/nginx is the installation directory of nginx.

self-compiled nginx

In order to receive streams via RTMP and to publish them via HTTP, we need a specific plugin for nginx, called nginx-rtmp. Currently, this plugin needs to be static (compiled into the executable). On top of this, nginx needs certain libraries to be present on the system in order to build correctly.

  • clone nginx-rtmp-module to a directory of your choice.

  • download the latest nginx stable version from http://nginx.org/en/download.html and unpack it to a directory of your choice.

  • install (e.g. using apt-get) or download the libraries pcre-8.x, zlib-1.2.xx and openssl-1.0.xx. Note: Due to compatibility issues, you have to use openSSL version 1.0 instead of 1.1.

  • compile the custom nginx instance as follows:

    • Change to the directory in which you unpacked nginx. Make sure the binary configure is present.
    • run:
    ./configure --prefix=<path-to-preferred-installation-location> --with-pcre=<path-to-pcre> --with-openssl=<path-to-openssl> --with-zlib=<path-to-zlib> --add-module=<path-to-nginx-rtmp-module>
    
    make
    
    make install
    

    where the “prefix” path is the directory where your custom nginx installation will be placed. You can omit the paths to the libary files if these are already present on your system.

  • Put the prefix path you chose into the settings.py file:

NGINX_ROOT = '/home/tim/bin/nginx/'  # prefix directory for self-compiled nginx

Django application

  • The requirements for the Django project are stored in the file requirements.txt. If your system has pip installed, you can simply run
sudo pip3 install -r <path-to-project>/requirements.txt

and the Django project should nearly be good to go.

  • Open up the settings.py file and adjust the paths to fit the needs of your setup. You need to adjust the credentials for the database connection, the directory for the self-compiled nginx etc, see below for detailed steps.

  • Generate a secret key for the application. Inside the ‘inner’ timmslive directory (the same directory as settings.py), create a file called secrets.py.

  • For example using django-secret-key (available via pip), generate a unique secret key and put it into the secrets.py file as follows:

SECRET_KEY = '<your super secret key here>'
  • Inside the timmslive directory, run (in order):
    • python3 manage.py createsuperuser to create one or more admin users
    • python3 manage.py collectstatic to collect the static files into the directory specified in settings.py
    • python3 manage.py migrate to apply the relational model to the database
    • python3 manage.py makegroups to create the internal group structure of the project
    • python3 manage.py portlut <lowest> <highest> --write to allocate the port range used for receiving streams via RTMP.

Database

The settings.py file is set up for PostgreSQL. If you’re using anything else (MySQL etc.), you have to manually edit the configuration to make it work with your setup.

  • If you’re using PostgreSQL, create a user (with password). In this example, the usename is timmslive. Create a database for this user.
  • Put the credentials into the settings.py file:
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
        'HOST': 'localhost',
        'PORT': '5432',
        'NAME': 'timmslive',
        'USER': 'timmslive',
        'PASSWORD': 'xxxxxxx',
    }
}

SSL setup

  • The timmslive_nginx.conf file is preset for SSL. Some settings like a separate chain file, intermediates etc. are there for a higher performance and can be omitted if necessary. Make sure to put in absolute paths to the public and private part of your certificate.
  • For SAML2/Shibboleth, you need to put in the absolute paths to your certificate files in the settings.py file as well:
# Signing
    'key_file': '<path-to-key.pem>',  # private part
    'cert_file': '<path-to-cert.pem>',  # public part

    # Encryption
    'encryption_keypairs': [{
      'key_file': '<path-to-key.pem>',  # private part
      'cert_file': '<path-to-cert.pem>',  # public part

Shibboleth attributes

The metadata, available user attributes and other configuration will differ based on your local IdP. Refer to your local IdP support for assistance. The configuration can be set inside the settings.py in the SAML_CONFIG dictionary. Your metadata XML file (needed to register at your local IdP) will be available at http://<your-domain>/saml2/metadata/.

Usage

TODOs

  • international/english version