diff options
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/nginx/sites-available/yummers.dev | 95 | ||||
| -rw-r--r-- | etc/systemd/system/obsproxy.service | 32 |
2 files changed, 127 insertions, 0 deletions
diff --git a/etc/nginx/sites-available/yummers.dev b/etc/nginx/sites-available/yummers.dev new file mode 100644 index 0000000..4f34ff7 --- /dev/null +++ b/etc/nginx/sites-available/yummers.dev @@ -0,0 +1,95 @@ +server { + root /var/www/html; + + # Add index.php to the list if you are using PHP + index index.html index.htm index.nginx-debian.html; + + server_name yummers.dev www.yummers.dev; + + location / { + # First attempt to serve request as file, then + # as directory, then fall back to displaying a 404. + try_files $uri $uri/ =404; + } + + # Add WebSocket proxy for HR proxy server + location /hrproxy { + proxy_pass https://127.0.0.1:2096; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 300s; + proxy_send_timeout 300s; + proxy_buffering off; + } + + # OBS Proxy API endpoints + location /api/ { + proxy_pass http://127.0.0.1:5000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + # OBS Proxy DASH manifest + segments + location /dash/ { + proxy_pass http://127.0.0.1:5000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + # Disable buffering/caching so DASH clients see fresh segments immediately + proxy_buffering off; + add_header Cache-Control "no-cache" always; + add_header Access-Control-Allow-Origin "*" always; + + proxy_connect_timeout 1h; + proxy_send_timeout 1h; + proxy_read_timeout 1h; + } + + # OBS Proxy health check + location /health { + proxy_pass http://127.0.0.1:5000/health; + proxy_set_header Host $host; + } + + # Add RTMP callbacks route + location /rtmp_callbacks/ { + proxy_pass http://127.0.0.1:5000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + listen [::]:443 ssl ipv6only=on; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/yummers.dev/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/yummers.dev/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot +} + +server { + if ($host = www.yummers.dev) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + if ($host = yummers.dev) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + listen [::]:80; + + server_name yummers.dev www.yummers.dev; + return 404; # managed by Certbot +} diff --git a/etc/systemd/system/obsproxy.service b/etc/systemd/system/obsproxy.service new file mode 100644 index 0000000..f2a957b --- /dev/null +++ b/etc/systemd/system/obsproxy.service @@ -0,0 +1,32 @@ +[Unit] +Description=OBS to low-latency DASH streaming proxy +After=network.target + +[Service] +User=www-data +Group=www-data +WorkingDirectory=/opt/obsproxy +ExecStart=/opt/obsproxy/venv/bin/python /opt/obsproxy/server.py +Restart=on-failure +RestartSec=5s + +# Logging +StandardOutput=journal +StandardError=journal +SyslogIdentifier=obsproxy + +# Environment variables +Environment=PYTHONUNBUFFERED=1 +Environment=STREAM_DIR=/var/www/streams +Environment=PORT=5000 +Environment=STREAM_PSK=your_pre_shared_key +Environment=LOG_LEVEL=INFO + +# Security settings +NoNewPrivileges=true +PrivateTmp=true +ProtectSystem=full +ProtectHome=true + +[Install] +WantedBy=multi-user.target |