blob: e1fad291e61933c91501954f81345bed49d0a025 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
# RTMP ingest pipeline with TLS termination via the stream module.
# - External publishers connect over RTMPS on tcp/1935.
# - The stream module terminates TLS and forwards plain RTMP to nginx-rtmp on 127.0.0.1:1936.
# - nginx-rtmp still triggers publish callbacks consumed by obsproxy.
rtmp {
server {
listen 1936; # internal plain RTMP listener
chunk_size 4096;
application live {
live on;
record off;
# Allow publish/play; obsproxy enforces the ingest PSK.
allow publish all;
allow play all;
on_publish http://127.0.0.1:5000/rtmp_callbacks/on_publish;
on_publish_done http://127.0.0.1:5000/rtmp_callbacks/on_publish_done;
}
}
}
stream {
log_format stream_basic '$remote_addr:$remote_port -> $server_addr:$server_port '
'sent=$bytes_sent received=$bytes_received '
'time=$session_time';
upstream rtmp_backend {
server 127.0.0.1:1936;
}
server {
listen 1935 ssl;
proxy_pass rtmp_backend;
access_log /var/log/nginx/rtmp_stream_access.log stream_basic;
error_log /var/log/nginx/rtmp_stream_error.log error;
ssl_certificate /etc/letsencrypt/live/yummers.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yummers.dev/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:rtmp_stream_cache:10m;
ssl_session_timeout 10m;
proxy_timeout 5m;
}
}
|
