sum7
/
ansible-role-openstreamingplatform-edge
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

init version

This commit is contained in:
Geno 2020-12-08 22:10:59 +01:00
parent 676d6bcd04
commit 11d7e0162b
7 changed files with 266 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
defaults/main.yml Normal file
View File

@ -0,0 +1,8 @@
osp_edge_http_user: "http"
osp_edge_http_group: "http"
osp_edge_http_path: "/var/www"
osp_edge_allow:
- "::1"
- "127.0.0.1"

4
handlers/main.yml Normal file
View File

@ -0,0 +1,4 @@
- name: reload nginx
systemd:
name: nginx
state: reloaded

2
meta/main.yml Normal file
View File

@ -0,0 +1,2 @@
dependencies:
- kewlfft.aur

56
tasks/main.yml Normal file
View File

@ -0,0 +1,56 @@
- name: Workaround ansible switch between users
file:
path: "/tmp/ansible/"
mode: 0777
state: directory
- name: Install dependencies
package:
name:
- ffmpeg
- base-devel
- yay
- name: Create AUR User for build
user:
name: aur_builder
- name: Add sudo permission to aur user
lineinfile:
path: /etc/sudoers.d/11-install-aur_builder
line: 'aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman'
create: yes
validate: 'visudo -cf %s'
- name: Install nginx with rtmp
become: yes
become_user: aur_builder
aur:
name: nginx-rtmp-sergey-git
- name: Configure NGINX
notify: reload nginx
template:
src: "{{ item }}"
dest: "/etc/nginx/{{ item }}"
loop:
- nginx.conf
- osp-rtmp.conf
- osp-redirects.conf
- name: Create www directory
file:
path: "{{osp_edge_http_path }}/{{item}}"
owner: "{{ osp_edge_http_user }}"
group: "{{ osp_edge_http_group }}"
state: directory
loop:
- .
- live
- live-adapt
- name: Nginx
systemd:
name: nginx
state: started
enabled: yes

100
templates/nginx.conf Normal file
View File

@ -0,0 +1,100 @@
user {{ osp_edge_http_user }};
worker_processes auto;
# pid in nginx.service
# pid /run/nginx.pid;
events {
worker_connections 1024;
multi_accept on;
use epoll;
}
http {
types_hash_max_size 2048;
types_hash_bucket_size 128;
include mime.types;
default_type application/octet-stream;
proxy_cache_path /tmp/osp levels=1:2 keys_zone=auth_cache:5m max_size=1g inactive=24h;
sendfile on;
tcp_nopush on;
gzip on;
gzip_comp_level 5;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
image/gif
image/png
video/mp4
video/mpeg
video/x-flv
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
keepalive_timeout 65;
server {
listen 9000;
allow 127.0.0.1; # keep save there is one allowed
{% for h in osp_edge_allow %}
allow {{ h }};
{% endfor %}
deny all;
location /stat {
rtmp_stat all;
rtmp_stat_stylesheet stat.xsl;
}
location /stat.xsl {
root /opt/osp/static;
}
}
server {
listen 80;
listen [::]:80;
# set client body size to 16M #
client_max_body_size 16M;
include osp-redirects.conf;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
include osp-rtmp.conf;

17
templates/osp-redirects.conf Normal file
View File

@ -0,0 +1,17 @@
location /live-adapt {
add_header 'Access-Control-Allow-Origin' "*" always;
valid_referers server_names ~.;
if ($invalid_referer) {
return 403;
}
alias {{ osp_edge_http_path }}/live-adapt;
}
location /live {
add_header 'Access-Control-Allow-Origin' "*" always;
valid_referers server_names ~.;
if ($invalid_referer) {
return 403;
}
alias {{osp_edge_http_path}}/live;
}

79
templates/osp-rtmp.conf Normal file
View File

@ -0,0 +1,79 @@
rtmp_auto_push on;
rtmp_auto_push_reconnect 1s;
rtmp {
server {
#listen 1935;
listen [::]:1935;
chunk_size 4096;
application stream-data {
live on;
{% for h in osp_edge_allow %}
allow publish {{ h }};
{% endfor %}
#deny publish all;
allow play 127.0.0.1;
push rtmp://127.0.0.1:1935/live/;
hls on;
hls_path {{ osp_edge_http_path }}/live;
hls_fragment 1;
hls_playlist_length 30s;
hls_nested on;
hls_fragment_naming system;
}
application stream-data-adapt {
live on;
{% for h in osp_edge_allow %}
allow publish {{ h }};
{% endfor %}
#deny publish all;
allow play 127.0.0.1;
push rtmp://127.0.0.1:1935/live/;
exec ffmpeg -i rtmp://127.0.0.1:1935/live/$name
-c:v libx264 -c:a aac -b:a 192k -vf "scale=-2:1080" -vsync 1 -copyts -start_at_zero -sws_flags lanczos -r 30 -g 30 -keyint_min 30 -force_key_frames "expr:gte(t,n_forced*1)" -tune zerolatency -preset ultrafast -crf 28 -maxrate 4192k -bufsize 8384k -threads 4 -f flv rtmp://localhost:1935/show/$name_1080
-c:v libx264 -c:a aac -b:a 128k -vf "scale=-2:720" -vsync 1 -copyts -start_at_zero -sws_flags lanczos -r 30 -g 30 -keyint_min 30 -force_key_frames "expr:gte(t,n_forced*1)" -tune zerolatency -preset ultrafast -crf 28 -maxrate 2096k -bufsize 4192k -threads 4 -f flv rtmp://localhost:1935/show/$name_720
-c:v libx264 -c:a aac -b:a 96k -vf "scale=-2:480" -vsync 1 -copyts -start_at_zero -sws_flags lanczos -r 30 -g 30 -keyint_min 30 -force_key_frames "expr:gte(t,n_forced*1)" -tune zerolatency -preset ultrafast -crf 28 -maxrate 1200k -bufsize 2400k -threads 4 -f flv rtmp://localhost:1935/show/$name_480;
# -c copy -f flv rtmp://localhost:1935/show/$name_src;
}
application show {
live on;
allow publish 127.0.0.1;
allow play 127.0.0.1;
hls on;
hls_path {{ osp_edge_http_path }}/live-adapt;
hls_nested on;
hls_fragment 1;
hls_playlist_length 30s;
hls_fragment_naming system;
record off;
# Instruct clients to adjust resolution according to bandwidth
hls_variant _480 BANDWIDTH=1200000; # Medium bitrate, SD resolution
hls_variant _720 BANDWIDTH=2048000; # High bitrate, HD 720p resolution
hls_variant _1080 BANDWIDTH=4096000; # FHB 1080p
#hls_variant _src BANDWIDTH=4096000; # Source bitrate, source resolution
}
application live {
live on;
drop_idle_publisher 30s;
allow publish 127.0.0.1;
allow play all;
}
}
}