mirror of
https://gitlab.xiph.org/xiph/icecast-server.git
synced 2025-01-03 14:56:34 -05:00
784 lines
50 KiB
HTML
784 lines
50 KiB
HTML
<!DOCTYPE html>
|
||
<html lang="en">
|
||
<head>
|
||
<title>Icecast Docs Docs — Config File</title>
|
||
<meta charset="utf-8" />
|
||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||
|
||
<link rel="stylesheet" type="text/css" href="assets/css/style.css" media="screen, print" />
|
||
</head>
|
||
|
||
<body>
|
||
|
||
<div class="header">
|
||
<h1><a href="#" title="Home page">Icecast</a> <span>documentation</span></h1>
|
||
</div>
|
||
|
||
|
||
<div class="section">
|
||
|
||
<h2>Icecast 2.4.99.1 Docs — Config File</h2>
|
||
|
||
|
||
<div class="article">
|
||
<h3 id="overview">Overview</h3>
|
||
<p>This section will describe each section of the config file and is grouped into the following sections:</p>
|
||
|
||
<ul>
|
||
<li><a href="#limits">Limits</a></li>
|
||
<li><a href="#authentication">Authentication</a></li>
|
||
<li><a href="#yp">Stream Directory Settings</a></li>
|
||
<li><a href="#misc">Misc Server settings</a></li>
|
||
<li><a href="#ports">TCP-Port settings</a></li>
|
||
<li><a href="#global-headers">Global HTTP Headers</a></li>
|
||
<li><a href="#relay">Relay settings</a></li>
|
||
<li><a href="#mountsettings">Mount Specific settings</a></li>
|
||
<li><a href="#path">File path settings</a></li>
|
||
<li><a href="#log">Logging</a></li>
|
||
<li><a href="#security">Security</a></li>
|
||
</ul>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="a-word-of-warning">A word of warning</h3>
|
||
<p>Please note that, especially for new Icecast users, editing the config file can be quite tricky.
|
||
<strong>It is thus recommended to make a backup of the original config file and then start by just changing all
|
||
passwords, nothing else.</strong> You can then use the source-password to bring up an initial stream and get more
|
||
comfortable with how Icecast works. </p>
|
||
|
||
<p>Should you need to customize the configuration, then make a backup of your working config file, before you
|
||
make any changes. If Icecast refuses to start it is in most cases due to a malformed config file. In such a
|
||
case running the following command should point out most XML syntax problems.</p>
|
||
|
||
<pre><code>xmllint icecast.xml
|
||
</code></pre>
|
||
|
||
<p>Also check the Icecast error.log for additional hints in case of all problems!</p>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="limits">Limits</h3>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><limits></span>
|
||
<span class="nt"><clients></span>100<span class="nt"></clients></span>
|
||
<span class="nt"><sources></span>2<span class="nt"></sources></span>
|
||
<span class="nt"><queue-size></span>102400<span class="nt"></queue-size></span>
|
||
<span class="nt"><client-timeout></span>30<span class="nt"></client-timeout></span>
|
||
<span class="nt"><header-timeout></span>15<span class="nt"></header-timeout></span>
|
||
<span class="nt"><source-timeout></span>10<span class="nt"></source-timeout></span>
|
||
<span class="nt"><burst-on-connect></span>1<span class="nt"></burst-on-connect></span>
|
||
<span class="nt"><burst-size></span>65536<span class="nt"></burst-size></span>
|
||
<span class="nt"></limits></span></code></pre></div>
|
||
|
||
<p>This section contains server level settings that, in general, do not need to be changed.
|
||
Only modify this section if you know what you are doing.</p>
|
||
|
||
<dl>
|
||
<dt>clients</dt>
|
||
<dd>Total number of concurrent clients supported by the server. Listeners are considered clients,
|
||
but so are accesses to any static content (i.e. fileserved content) and also any requests to
|
||
gather stats. These are max concurrent connections for the entire server (not per mountpoint).</dd>
|
||
<dt>sources</dt>
|
||
<dd>Maximum number of connected sources supported by the server. This includes active relays and source clients</dd>
|
||
<dt>queue-size</dt>
|
||
<dd>This is the maximum size (in bytes) of the stream queue. A listener may temporarily
|
||
lag behind due to network congestion and in this case an internal queue is maintained for the
|
||
listeners. If the queue grows larger than this config value, then it is truncated and any listeners
|
||
found will be removed from the stream. This will be the default setting for the streams which is
|
||
512k unless overridden here. You can override this in the individual mount settings which can be
|
||
useful if you have a mixture of high bandwidth video and low bitrate audio streams.</dd>
|
||
<dt>client-timeout</dt>
|
||
<dd>This does not seem to be used.</dd>
|
||
<dt>header-timeout</dt>
|
||
<dd>The maximum time (in seconds) to wait for a request to come in once the client has made a connection
|
||
to the server. In general this value should not need to be tweaked.</dd>
|
||
<dt>source-timeout</dt>
|
||
<dd>If a connected source does not send any data within this timeout period (in seconds),
|
||
then the source connection will be removed from the server.</dd>
|
||
<dt>burst-on-connect</dt>
|
||
<dd>This setting is really just an alias for burst-size. When enabled the burst-size is 64 kbytes and
|
||
disabled the burst-size is 0 kbytes. This option is deprecated, use <code>burst-size</code> instead.</dd>
|
||
<dt>burst-size</dt>
|
||
<dd>The burst size is the amount of data (in bytes) to burst to a client at connection time. Like burst-on-connect,
|
||
this is to quickly fill the pre-buffer used by media players. The default is 64 kbytes which is a typical size used by
|
||
most clients so changing it is not usually required. This setting applies to all mountpoints unless overridden in
|
||
the mount settings. Ensure that this value is smaller than queue-size, if necessary increase queue-size to be larger
|
||
than your desired burst-size. Failure to do so might result in aborted listener client connection attempts, due to
|
||
initial burst leading to the connection already exceeding the queue-size limit.</dd>
|
||
</dl>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="authentication">Authentication</h3>
|
||
<!-- FIXME -->
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><authentication></span>
|
||
<span class="nt"><source-password></span>hackme<span class="nt"></source-password></span>
|
||
<span class="nt"><relay-user></span>relay<span class="nt"></relay-user></span>
|
||
<span class="nt"><relay-password></span>hackme<span class="nt"></relay-password></span>
|
||
<span class="nt"><admin-user></span>admin<span class="nt"></admin-user></span>
|
||
<span class="nt"><admin-password></span>hackme<span class="nt"></admin-password></span>
|
||
<span class="nt"></authentication></span></code></pre></div>
|
||
|
||
<!-- FIXME -->
|
||
<p>This section contains all the usernames and passwords used for administration purposes or to connect sources and relays.</p>
|
||
|
||
<!-- FIXME -->
|
||
<dl>
|
||
<dt>role</dt>
|
||
<dd>contains role definitions</dd>
|
||
</dl>
|
||
|
||
<!-- FIXME -->
|
||
<dl>
|
||
<dt>source-password</dt>
|
||
<dd>The unencrypted password used by sources to connect to Icecast. The default username for all
|
||
source connections is ‘source’ but this option allows to specify a default password. This and the
|
||
username can be changed in the individual mount sections.</dd>
|
||
</dl>
|
||
|
||
<!-- FIXME -->
|
||
<dl>
|
||
<dt>relay-user</dt>
|
||
<dd>Used in the master server as part of the authentication when a slave requests the list of streams
|
||
to relay. The default username is <code>relay</code></dd>
|
||
</dl>
|
||
|
||
<!-- FIXME -->
|
||
<dl>
|
||
<dt>relay-password</dt>
|
||
<dd>Used in the master server as part of the authentication when a slave requests the list of streams to relay.</dd>
|
||
</dl>
|
||
|
||
<!-- FIXME -->
|
||
<dl>
|
||
<dt>admin-user/admin-password</dt>
|
||
<dd>The username/password used for all administration functions. This includes retrieving statistics, accessing the web-based
|
||
administration screens, etc. A list of these functions can be found in the “Administration” section of the manual.</dd>
|
||
</dl>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="yp">Stream Directory Settings</h3>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><directory></span>
|
||
<span class="nt"><yp-url-timeout></span>15<span class="nt"></yp-url-timeout></span>
|
||
<span class="nt"><yp-url></span>http://dir.xiph.org/cgi-bin/yp-cgi<span class="nt"></yp-url></span>
|
||
<span class="nt"></directory></span></code></pre></div>
|
||
|
||
<p>This section contains all the settings for listing a stream on any of the Icecast YP Directory servers.
|
||
Multiple occurances of this section can be specified in order to be listed on multiple directory servers.</p>
|
||
|
||
<dl>
|
||
<dt>yp-url-timeout</dt>
|
||
<dd>This value is the maximum time Icecast will wait for a response from a particular directory server.
|
||
The recommended value should be sufficient for most directory servers.</dd>
|
||
<dt>yp-url</dt>
|
||
<dd>The URL which Icecast uses to communicate with the Directory server.
|
||
The value for this setting is provided by the owner of the Directory server.</dd>
|
||
</dl>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="misc">Misc Server Settings</h3>
|
||
|
||
<h4 id="server-wide-settings">Server wide settings</h4>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><hostname></span>localhost<span class="nt"></hostname></span>
|
||
<span class="nt"><location></span>earth<span class="nt"></location></span>
|
||
<span class="nt"><admin></span>icemaster@localhost<span class="nt"></admin></span>
|
||
<span class="nt"><fileserve></span>1<span class="nt"></fileserve></span>
|
||
<span class="nt"><server-id></span>icecast 2.5<span class="nt"></server-id></span></code></pre></div>
|
||
|
||
<dl>
|
||
<dt>hostname</dt>
|
||
<dd>This is the DNS name or IP address that will be used for the stream directory lookups or
|
||
possibily the playlist generation if a Host header is not provided. While localhost is shown as
|
||
an example, in fact you will want something that your listeners can use.</dd>
|
||
<dt>location</dt>
|
||
<dd>This sets the location string for this Icecast instance. It will be shown e.g in the web interface.</dd>
|
||
<dt>admin</dt>
|
||
<dd>This should contain contact details for getting in touch with the server administrator.
|
||
Usually this will be an email address, but as this can be an arbitrary string it could also
|
||
be a phone number. This will be shown e.g. in the web interface.</dd>
|
||
<dt>fileserve</dt>
|
||
<dd>This flag turns on the icecast2 fileserver from which static files can be served. All files
|
||
are served relative to the path specified in the <code><paths><webroot></code> configuration setting.
|
||
By default the setting is enabled so that requests for the static files needed by the status
|
||
and admin pages, such as images and CSS are retrievable.</dd>
|
||
<dt>server-id</dt>
|
||
<dd>This optional setting allows for the administrator of the server to override the default
|
||
server identification. The default is <code>icecast</code> followed by a version number and most will
|
||
not care to change it however this setting will allow this. It is not recommended to use this
|
||
setting, unless you have very good reasons and know what you are doing.</dd>
|
||
</dl>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="ports">TCP Port settings</h3>
|
||
|
||
<p>The following shows how you can specify the listening settings for the server.</p>
|
||
|
||
<h4 id="generic-port-setup">Generic port setup</h4>
|
||
|
||
<p>The first shows an example of a common and simple way to define a listening socket:</p>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><listen-socket></span>
|
||
<span class="nt"><port></span>8000<span class="nt"></port></span>
|
||
<span class="nt"></listen-socket></span></code></pre></div>
|
||
|
||
<p>Using this as a basis we can extend this with an <code><bind-address></code> setting to limit which address Icecast
|
||
will listen on. Most will not need to use bind-address and often get confused by using it when there is
|
||
no need. Another possibility is to use an <code><ssl></code> boolean setting which informs Icecast that a secured
|
||
connection is to be used. A common use for using a secure connection would be for admin page access. </p>
|
||
|
||
<h4 id="backward-compatibility-with-shoutcast-source-clients">Backward compatibility with Shoutcast source clients</h4>
|
||
|
||
<p>The following shows how we can extend a single listen-socket to work with Shoutcast style source clients.
|
||
There are two issues shoutcast source clients have over icecast source clients, one is the lack of mountpoint
|
||
and the second is the requirement of two ports. Both of these issues are handled by a simple addition in
|
||
the listen-socket.</p>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><listen-socket></span>
|
||
<span class="nt"><port></span>8000<span class="nt"></port></span>
|
||
<span class="nt"><shoutcast-mount></span>/live.mp3<span class="nt"></shoutcast-mount></span>
|
||
<span class="nt"></listen-socket></span></code></pre></div>
|
||
|
||
<p>As before the port specified is allocated but this time the shoutcast-mount implicity defines a second
|
||
listening socket whose port number is always one higher than the port defined, this also informs icecast
|
||
of which mountpoint the shoutcast source client on this socket will be using. Using this approach you can
|
||
allow multiple shoutcast source clients to connect at the same time. </p>
|
||
|
||
<h4 id="old-style-shoutcast-source-client-compatible-setup-deprecated">Old style Shoutcast source client compatible setup (deprecated)</h4>
|
||
|
||
<p>The following is just to show the longer approach to defining shoutcast compatability.</p>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><shoutcast-mount></span>/live.nsv<span class="nt"></shoutcast-mount></span>
|
||
<span class="c"><!-- You may have multiple <listen-socket> elements --></span>
|
||
<span class="nt"><listen-socket></span>
|
||
<span class="nt"><port></span>8000<span class="nt"></port></span>
|
||
<span class="nt"></listen-socket></span>
|
||
|
||
<span class="nt"><listen-socket></span>
|
||
<span class="nt"><port></span>8001<span class="nt"></port></span>
|
||
<span class="nt"><shoutcast-compat></span>1<span class="nt"></shoutcast-compat></span>
|
||
<span class="nt"></listen-socket></span></code></pre></div>
|
||
|
||
<p>Note that multiple listen-socket sections may be configured in order to have Icecast listen on multiple network
|
||
interfaces or multiple ports. If a bind-address is not specified for a particular listen-socket, then the socket
|
||
will be bound to all interfaces (including IPv6 if available). For most people, the bind-address option will not
|
||
be required and often confuses people.</p>
|
||
|
||
<dl>
|
||
<dt>port</dt>
|
||
<dd>The TCP port that will be used to accept client connections.</dd>
|
||
<dt>bind-address</dt>
|
||
<dd>An optional IP address that can be used to bind to a specific network
|
||
card. If not supplied, then it will bind to all interfaces.</dd>
|
||
<dt>ssl</dt>
|
||
<dd>If set to 1 will enable HTTPS on this listen-socket. Icecast must have been compiled against openSSL to be able to do so.</dd>
|
||
<dt>shoutcast-mount</dt>
|
||
<dd>An optional mountpoint setting to be used when shoutcast DSP compatible clients connect. The default global setting
|
||
is <code>/stream</code> but can be overridden here to use an alternative name which may include an extension that some clients
|
||
require for certain formats.<br />
|
||
Defining this within a listen-socket group tells Icecast that this port and the subsequent port are to be used for
|
||
Shoutcast compatible source clients. This is an alternative to the <code>shoutcast-compat</code> approach as this implicitly
|
||
defines the second listening socket and allows for specifying multiple sockets using different mountpoints for
|
||
shoutcast source clients. The <code>shoutcast-mount</code> outside of a <code>listen-socket</code> group is the global setting of the
|
||
mountpoint to use.</dd>
|
||
<dt>shoutcast-compat</dt>
|
||
<dd>This optional flag will indicate that this port will operate in Shoutcast compatibility mode. Due to major differences
|
||
in the source client connection protocol, if you wish to use any of the shoutcast DJ tools, you will need to configure
|
||
at least one socket as shoutcast-compatible. Note that when in this mode, only source clients (and specifically shoutcast
|
||
source clients) will be able to attach to this port. All listeners may connect to any of the ports defined without this flag.
|
||
Also, for proper Shoutcast DSP compatibility, you must define a listen socket with a port one less than the one defined as
|
||
<code>shoutcast-compat</code>. This means if you define <code>8001</code> as <code>shoutcast-compat</code>, then you will need to define a listen port
|
||
of <code>8000</code> and it must not also be defined as <code>shoutcast-compat</code>. See the example config file in the distribution for more info.</dd>
|
||
</dl>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="global-headers">Global HTTP headers</h3>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><http-headers></span>
|
||
<span class="nt"><header</span> <span class="na">name=</span><span class="s">"Access-Control-Allow-Origin"</span> <span class="na">value=</span><span class="s">"*"</span> <span class="nt">/></span>
|
||
<span class="nt"><header</span> <span class="na">name=</span><span class="s">"X-Robots-Tag"</span> <span class="na">value=</span><span class="s">"index, noarchive"</span> <span class="nt">/></span>
|
||
<span class="nt"><header</span> <span class="na">name=</span><span class="s">"foo"</span> <span class="na">value=</span><span class="s">"bar"</span> <span class="na">status=</span><span class="s">"200"</span> <span class="nt">/></span>
|
||
<span class="nt"><header</span> <span class="na">name=</span><span class="s">"Nelson"</span> <span class="na">value=</span><span class="s">"Ha-Ha!"</span> <span class="na">status=</span><span class="s">"404"</span> <span class="nt">/></span>
|
||
<span class="nt"></http-headers></span></code></pre></div>
|
||
|
||
<p>Icecast can be configured to send custom HTTP headers. This is available as a global setting and inside mountpoints. This section explains the global settings.</p>
|
||
|
||
<p>This functionality was introduced mainly to enable the use of simplified cross-origin resource sharing. The Icecast default configuration contains the first header, as seen in the above exmple, for this reason.</p>
|
||
|
||
<dl>
|
||
<dt>http-headers</dt>
|
||
<dd>This element is placed anywhere inside the main section of the Icecast config. It will contain <code><header></code> child elements, that specify the actual headers one by one.</dd>
|
||
<dt>header</dt>
|
||
<dd>This tag specifies the actual header to be sent to a HTTP client in response to every request.
|
||
This tag can contain the following attributes:
|
||
|
||
<ul>
|
||
<li><code>name</code> is required and its value specifies the HTTP header field name.</li>
|
||
<li><code>value</code> is required and its value specifies the HTTP header field value.</li>
|
||
<li><code>status</code> is optional and limits sending the header to certain HTTP status codes. If not specified, the default is to return the header for every HTTP status code. This attribute is only available for global headers, at the moment.</li>
|
||
</ul>
|
||
</dd>
|
||
</dl>
|
||
|
||
<p>At the moment only global headers will be sent in case the HTTP status is not “200”. This is subject to change in the future.
|
||
Avoid placing comments inside <code><http-headers></code> as, in this release, it will prevent Icecast from parsing further <code><header></code> tags.</p>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="relay">Relaying Streams</h3>
|
||
|
||
<p>This section contains the servers relay settings. The relays are implemented using a pull system where the receiving
|
||
server connects as if it’s a listener to the sending server.<br />
|
||
There are two types of relay setups:<br />
|
||
a “Master server relay” or a “Specific Mountpoint relay.”</p>
|
||
|
||
<h4 id="master-relay">Master Relay</h4>
|
||
|
||
<p>A Master server relay is only supported between Icecast servers and is used to relay a number of
|
||
mountpoints from a remote Icecast server.</p>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><master-server></span>127.0.0.1<span class="nt"></master-server></span>
|
||
<span class="nt"><master-server-port></span>8001<span class="nt"></master-server-port></span>
|
||
<span class="nt"><master-update-interval></span>120<span class="nt"></master-update-interval></span>
|
||
<span class="nt"><master-username></span>relay<span class="nt"></master-username></span>
|
||
<span class="nt"><master-password></span>hackme<span class="nt"></master-password></span>
|
||
<span class="nt"><relays-on-demand></span>0<span class="nt"></relays-on-demand></span></code></pre></div>
|
||
|
||
<p>The following diagram shows the basics of using a Master relay.<br />
|
||
Please note that the slave is configured with the <code><master-server></code>, <code><master-server-port></code>, etc… settings
|
||
and the master is the Icecast server from which the slave will pull mountpoints and relay them. Using a
|
||
Master server relay, all non-hidden mountpoints on the master can be
|
||
relayed using this mechanism. </p>
|
||
|
||
<p><img src="img/masterslave.png" alt="Master-Slave server diagram" /></p>
|
||
|
||
<p>A server is configured as a Master Server relay by specifying the <code><master-server></code>, <code><master-server-port></code>,
|
||
<code><master-update-interval></code>, <code><master-password></code> values in the config file. The server that is being relayed
|
||
does not need any special configuration.</p>
|
||
|
||
<dl>
|
||
<dt>master-server</dt>
|
||
<dd>This is the IP for the server which contains the mountpoints to be relayed (Master Server).</dd>
|
||
<dt>master-server-port</dt>
|
||
<dd>This is the TCP Port for the server which contains the mountpoints to be relayed (Master Server).</dd>
|
||
<dt>master-update-interval</dt>
|
||
<dd>The interval (in seconds) that the Relay Server will poll the Master Server for any new mountpoints to relay.</dd>
|
||
<dt>master-username</dt>
|
||
<dd>This is the relay username on the master server. It is used to query the server for a list of mountpoints to
|
||
relay. If not specified then <code>relay</code> is used.</dd>
|
||
<dt>master-password</dt>
|
||
<dd>This is the relay password on the Master server. It is used to query the server for a list of mountpoints to
|
||
relay.</dd>
|
||
<dt>relays-on-demand</dt>
|
||
<dd>Global on-demand setting for relays. Because you do not have individual relay options when using a master server
|
||
relay, you still may want those relays to only pull the stream when there is at least one listener on the slave.
|
||
The typical case here is to avoid surplus bandwidth costs when no one is listening. </dd>
|
||
</dl>
|
||
|
||
<h4 id="specific-mountpoint-relay">Specific Mountpoint Relay</h4>
|
||
|
||
<p>If only specific mountpoints need to be relayed, then you can configure Icecast with a “Specific Mountpoint Relay”.</p>
|
||
|
||
<p>The following diagram shows the basics of using a Specific Mountpoint relay. Note that the relaying Icecast is
|
||
configured with the <code><relay></code> settings and will pull the specified mountpoint(s) and relay them to the listeners.
|
||
Using a Specific Mountpoint Relay, only those mountpoints specified will be relayed. </p>
|
||
|
||
<p><img src="img/relay.png" alt="Relay server diagram" /></p>
|
||
|
||
<p>Specific Mountpoint Relays can be configured to relay from an Icecast 2 server, as well as Icecast 1.x and Shoutcast.
|
||
A server is configured as a Specific Mountpoint Server relay by specifying a <code><relay></code> XML chunk in the config file
|
||
for each mountpoint to be relayed. The server that is being relayed does not need any special configuration.</p>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><relay></span>
|
||
<span class="nt"><server></span>127.0.0.1<span class="nt"></server></span>
|
||
<span class="nt"><port></span>8001<span class="nt"></port></span>
|
||
<span class="nt"><mount></span>/example.ogg<span class="nt"></mount></span>
|
||
<span class="nt"><local-mount></span>/different.ogg<span class="nt"></local-mount></span>
|
||
<span class="nt"><username></span>joe<span class="nt"></username></span>
|
||
<span class="nt"><password></span>soap<span class="nt"></password></span>
|
||
<span class="nt"><relay-shoutcast-metadata></span>0<span class="nt"></relay-shoutcast-metadata></span>
|
||
<span class="nt"><on-demand></span>1<span class="nt"></on-demand></span>
|
||
<span class="nt"></relay></span></code></pre></div>
|
||
|
||
<dl>
|
||
<dt>server</dt>
|
||
<dd>This is the IP for the server which contains the mountpoint to be relayed.</dd>
|
||
<dt>port</dt>
|
||
<dd>This is the TCP Port for the server which contains the mountpoint to be relayed.</dd>
|
||
<dt>mount</dt>
|
||
<dd>The mountpoint located on the remote server. If you are relaying a shoutcast stream,
|
||
this should be a <code>/</code> or <code>/name</code>.</dd>
|
||
<dt>local-mount</dt>
|
||
<dd>The name to use for the local mountpoint. This is what the mount will be named on the relaying server.
|
||
By default the remote mountpoint name is used.</dd>
|
||
<dt>username</dt>
|
||
<dd>The source of the relay may require authentication itself, if so state the username here.</dd>
|
||
<dt>password</dt>
|
||
<dd>The source of the relay may require authentication itself, if so state the password here.</dd>
|
||
<dt>relay-shoutcast-metadata</dt>
|
||
<dd>If you are relaying a Shoutcast stream, you may want to specify this indicator to also relay the metadata
|
||
(song titles) that are part of the Shoutcast data stream. By default this is enabled
|
||
but it is up to the remote server on whether it sends any.<br />
|
||
<code>1</code>: enabled, <code>0</code>: disabled</dd>
|
||
<dt>on-demand</dt>
|
||
<dd>An on-demand relay will only retrieve the stream if there are listeners requesting the stream.
|
||
<code>1</code>: enabled, <code>0</code>: disabled (default is <code><relays-on-demand></code>). This is useful in cases where you want to
|
||
limit bandwidth costs when no one is listening.</dd>
|
||
</dl>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="mountsettings">Mount Specific Settings</h3>
|
||
|
||
<!-- FIXME -->
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><mount</span> <span class="na">type=</span><span class="s">"normal"</span><span class="nt">></span>
|
||
<span class="nt"><mount-name></span>/example-complex.ogg<span class="nt"></mount-name></span>
|
||
<span class="nt"><username></span>othersource<span class="nt"></username></span>
|
||
<span class="nt"><password></span>hackmemore<span class="nt"></password></span>
|
||
<span class="nt"><max-listeners></span>1<span class="nt"></max-listeners></span>
|
||
<span class="nt"><max-listener-duration></span>3600<span class="nt"></max-listener-duration></span>
|
||
<span class="nt"><dump-file></span>/tmp/dump-example1.ogg<span class="nt"></dump-file></span>
|
||
<span class="nt"><intro></span>/intro.ogg<span class="nt"></intro></span>
|
||
<span class="nt"><fallback-mount></span>/example2.ogg<span class="nt"></fallback-mount></span>
|
||
<span class="nt"><fallback-override></span>1<span class="nt"></fallback-override></span>
|
||
<span class="nt"><fallback-when-full></span>1<span class="nt"></fallback-when-full></span>
|
||
<span class="nt"><charset></span>ISO8859-1<span class="nt"></charset></span>
|
||
<span class="nt"><public></span>1<span class="nt"></public></span>
|
||
<span class="nt"><stream-name></span>My audio stream<span class="nt"></stream-name></span>
|
||
<span class="nt"><stream-description></span>My audio description<span class="nt"></stream-description></span>
|
||
<span class="nt"><stream-url></span>http://some.place.com<span class="nt"></stream-url></span>
|
||
<span class="nt"><genre></span>classical<span class="nt"></genre></span>
|
||
<span class="nt"><bitrate></span>64<span class="nt"></bitrate></span>
|
||
<span class="nt"><type></span>application/ogg<span class="nt"></type></span>
|
||
<span class="nt"><subtype></span>vorbis<span class="nt"></subtype></span>
|
||
<span class="nt"><hidden></span>1<span class="nt"></hidden></span>
|
||
<span class="nt"><burst-size></span>65536<span class="nt"></burst-size></span>
|
||
<span class="nt"><mp3-metadata-interval></span>4096<span class="nt"></mp3-metadata-interval></span>
|
||
<span class="nt"><authentication</span> <span class="na">type=</span><span class="s">"xxxxxx"</span><span class="nt">></span>
|
||
<span class="c"><!-- See authentication documentation --></span>
|
||
<span class="nt"></authentication></span>
|
||
<span class="nt"><http-headers></span>
|
||
<span class="nt"><header</span> <span class="na">name=</span><span class="s">"Access-Control-Allow-Origin"</span> <span class="na">value=</span><span class="s">"*"</span> <span class="nt">/></span>
|
||
<span class="nt"><header</span> <span class="na">name=</span><span class="s">"X-Robots-Tag"</span> <span class="na">value=</span><span class="s">"index, noarchive"</span> <span class="nt">/></span>
|
||
<span class="nt"><header</span> <span class="na">name=</span><span class="s">"foo"</span> <span class="na">value=</span><span class="s">"bar"</span> <span class="na">status=</span><span class="s">"200"</span> <span class="nt">/></span>
|
||
<span class="nt"><header</span> <span class="na">name=</span><span class="s">"Nelson"</span> <span class="na">value=</span><span class="s">"Ha-Ha!"</span> <span class="na">status=</span><span class="s">"404"</span> <span class="nt">/></span>
|
||
<span class="nt"></http-headers></span>
|
||
<span class="nt"><on-connect></span>/home/icecast/bin/source-start<span class="nt"></on-connect></span>
|
||
<span class="nt"><on-disconnect></span>/home/icecast/bin/source-end<span class="nt"></on-disconnect></span>
|
||
<span class="nt"></mount></span></code></pre></div>
|
||
|
||
<p>This section contains the settings which apply only to a specific mountpoint and applies to an incoming
|
||
stream whether it is a relay or a source client. The purpose of the mount definition is to state certain
|
||
information that can override either global/default settings or settings provided from the incoming stream.</p>
|
||
|
||
<p>A mount does not need to be stated for each incoming source although you may want to specific certain settings
|
||
like the maximum number of listeners or a mountpoint specific username/password. As a general rule, only define
|
||
what you need to but each mount definition needs at least the mount-name. Changes to most of these will apply
|
||
across a configuration file re-read even on active streams, however some only apply when the stream starts or
|
||
ends.</p>
|
||
|
||
<dl>
|
||
<dt>type</dt>
|
||
<dd>The type of the mount point (default: “normal”). A mount of type “default”
|
||
can be used to specify common values for multiple mountpoints.<br />
|
||
Note that default mountpoints won’t merge with other mount blocks.
|
||
You only get those values if no <code>type="normal"</code> mount block exists
|
||
corresponding to your mountpoint.</dd>
|
||
<dt>mount-name</dt>
|
||
<dd>The name of the mount point for which these settings apply.
|
||
MUST NOT be used in case of mount type “default”.</dd>
|
||
</dl>
|
||
|
||
<!-- FIXME -->
|
||
<dl>
|
||
<dt>username</dt>
|
||
<dd>An optional value which will set the username that a source must use to connect using this mountpoint.
|
||
Do not set this value unless you are sure that the source clients connecting to the mount point can be
|
||
configured to send a username other than <code>source</code>.<br />
|
||
If this value is not present the default username is <code>source</code>.</dd>
|
||
</dl>
|
||
|
||
<!-- FIXME -->
|
||
<dl>
|
||
<dt>password</dt>
|
||
<dd>An optional value which will set the password that a source must use to connect using this mountpoint.
|
||
There is also a <a href="auth.html#stream-auth">URL based authentication method</a> for sources that can be used instead.</dd>
|
||
<dt>max-listeners</dt>
|
||
<dd>An optional value which will set the maximum number of listeners that can be attached to this mountpoint.</dd>
|
||
<dt>max-listener-duration</dt>
|
||
<dd>An optional value which will set the length of time a listener will stay connected to the stream.<br />
|
||
An auth component may override this.</dd>
|
||
<dt>dump-file</dt>
|
||
<dd>An optional value which will set the filename which will be a dump of the stream coming through
|
||
on this mountpoint. This filename is processed with strftime(3). This allows to use variables like <code>%F</code>.</dd>
|
||
<dt>intro</dt>
|
||
<dd>An optional value which will specify the file those contents will be sent to new listeners when they
|
||
connect but before the normal stream is sent. Make sure the format of the file specified matches the
|
||
streaming format. The specified file is appended to webroot before being opened.</dd>
|
||
<dt>fallback-mount</dt>
|
||
<dd>This optional value specifies a mountpoint that clients are automatically moved
|
||
to if the source shuts down or is not streaming at the time a listener connects. Only one can be
|
||
listed in each mount and should refer to another mountpoint on the same server that is streaming in
|
||
the same streaming format.<br />
|
||
If clients cannot fallback to another mountpoint, due to a missing
|
||
fallback-mount or it states a mountpoint that is just not available, then those clients will be
|
||
disconnected. If clients are falling back to a mountpoint and the fallback-mount is not actively
|
||
streaming but defines a fallback-mount itself then those clients may be moved there instead. This
|
||
multi-level fallback allows clients to cascade several mountpoints.<br />
|
||
A fallback mount can also state a file that is located in webroot. This is useful for playing a
|
||
pre-recorded file in the case of a stream going down. It will repeat until either the listener
|
||
disconnects or a stream comes back available and takes the listeners back. As per usual, the file
|
||
format should match the stream format, failing to do so may cause problems with playback.<br />
|
||
Note that the fallback file is not timed so be careful if you intend to relay this. They are fine
|
||
on slave streams but don’t use them on master streams, if you do then the relay will consume stream
|
||
data at a faster rate and the listeners on the relay would eventually get kicked off.</dd>
|
||
<dt>fallback-override</dt>
|
||
<dd>When enabled, this allows a connecting source client or relay on this mountpoint to move listening
|
||
clients back from the fallback mount.</dd>
|
||
<dt>fallback-when-full</dt>
|
||
<dd>When set to <code>1</code>, this will cause new listeners, when the max listener count for the mountpoint has
|
||
been reached, to move to the fallback mount if there is one specified.</dd>
|
||
<dt><del>no-yp</del> (deprecated)</dt>
|
||
<dd>Setting this option prevents this mountpoint from advertising on YP. The default is <code>0</code> so YP advertising
|
||
can occur however you may want to prevent it here if you intend listeners to connect to a local relay instead.<br />
|
||
Deprecated option, replaced by <code><public></code></dd>
|
||
<dt>charset</dt>
|
||
<dd>For non-Ogg streams like MP3, the metadata that is inserted into the stream often has no defined character set.
|
||
We have traditionally assumed UTF8 as it allows for multiple language sets on the web pages and stream directory,
|
||
however many source clients for MP3 type streams have assumed Latin1 (ISO 8859-1) or leave it to whatever character
|
||
set is in use on the source client system.<br />
|
||
This character mismatch has been known to cause a problem as the stats engine and stream directory servers want UTF8
|
||
so now we assume Latin1 for non-Ogg streams (to handle the common case) but you can specify an alternative character
|
||
set with this option.<br />
|
||
The source clients can also specify a <code>charset=</code> parameter to the metadata update URL if they so wish.</dd>
|
||
<dt>public</dt>
|
||
<dd>The default setting for this is <code>-1</code> indicating that it is up to the source client or relay to determine if this mountpoint
|
||
should advertise. A setting of <code>0</code> will prevent any advertising and a setting of <code>1</code> will force it to advertise.
|
||
If you do force advertising you may need to set other settings listed below as the YP server can refuse to advertise
|
||
if there is not enough information provided.</dd>
|
||
<dt>stream-name</dt>
|
||
<dd>Setting this will add the specified name to the stats (and therefore YP) for this mountpoint even if the source client/relay provide one.</dd>
|
||
<dt>stream-description</dt>
|
||
<dd>Setting this will add the specified description to the stats (and therefore YP) for this mountpoint even if the source client/relay provide one.</dd>
|
||
<dt>stream-url</dt>
|
||
<dd>Setting this will add the specified URL to the stats (and therefore YP) for this mountpoint even if the source client/relay provide one.<br />
|
||
The URL is generally for directing people to a website.</dd>
|
||
<dt>genre</dt>
|
||
<dd>Setting this will add the specified genre to the stats (and therefore YP) for this mountpoint even if the source client/relay provide one.<br />
|
||
This can be anything be using certain key words can help searches in the YP directories.</dd>
|
||
<dt>bitrate</dt>
|
||
<dd>Setting this will add the specified bitrate to the stats (and therefore YP) for this mountpoint even if the source client/relay provide one.<br />
|
||
This is stated in kbps.</dd>
|
||
<dt>type</dt>
|
||
<dd>Setting this will add the specified mime type to the stats (and therefore YP) for this mountpoint even if the source client/relay provide one.<br />
|
||
It is very unlikely that this will be needed.</dd>
|
||
<dt>subtype</dt>
|
||
<dd>Setting this will add the specified subtype to the stats (and therefore YP) for this mountpoint.
|
||
The subtype is really to help the YP server to identify the components of the type.
|
||
An example setting is vorbis/theora do indicate the codecs in an Ogg stream</dd>
|
||
<dt>burst-size</dt>
|
||
<dd>This optional setting allows for providing a burst size which overrides the default burst size as defined in limits.<br />
|
||
The value is in bytes.</dd>
|
||
<dt>mp3-metadata-interval</dt>
|
||
<dd>This optional setting specifies what interval, in bytes, there is between metadata updates within shoutcast compatible streams.
|
||
This only applies to new listeners connecting on this mountpoint, not existing listeners falling back to this mountpoint. The
|
||
default is either the hardcoded server default or the value passed from a relay.</dd>
|
||
<dt>hidden</dt>
|
||
<dd>Enable this to prevent this mount from being shown on the xsl pages. This is mainly for cases where a local relay is configured
|
||
and you do not want the source of the local relay to be shown.</dd>
|
||
</dl>
|
||
|
||
<!-- FIXME -->
|
||
<dl>
|
||
<dt>authentication</dt>
|
||
<dd>This specifies that the named mount point will require listener (or source) authentication. Currently, we support a file-based
|
||
authentication scheme (<code>type=htpasswd</code>) and URL based authentication request forwarding. A mountpoint configured with an authenticator
|
||
will display a red key next to the mount point name on the admin screens.<br />
|
||
You can read more about authentication and URL based source authentication <a href="auth.html">here</a>.</dd>
|
||
<dt>http-headers</dt>
|
||
<dd>This element is placed anywhere inside the mount section of the icecast config. It will contain <code><header></code> child elements, that specify the actual HTTP headers one by one.</dd>
|
||
<dt>header</dt>
|
||
<dd>This tag specifies the actual header to be sent to a HTTP client in response to every request for this mount point, but currently only if the HTTP status code is “200”.
|
||
This tag can contain the following attributes:
|
||
|
||
<ul>
|
||
<li><code>name</code> is required and its value specifies the HTTP header field name.</li>
|
||
<li><code>value</code> is required and its value specifies the HTTP header field value.</li>
|
||
</ul>
|
||
</dd>
|
||
<dt>on-connect</dt>
|
||
<dd>State a program that is run when the source is started. It is passed a parameter which is the name of the mountpoint that is starting.
|
||
The processing of the stream does not wait for the script to end.
|
||
Caution should be exercised as there is a small chance of stream file descriptors being mixed up with script file descriptors, if the FD numbers go above 1024. This will be further addressed in the next Icecast release.
|
||
<em>This option is not available on Win32</em></dd>
|
||
<dt>on-disconnect</dt>
|
||
<dd>State a program that is run when the source ends. It is passed a parameter which is the name of the mountpoint that has ended.
|
||
The processing of the stream does not wait for the script to end.<br />
|
||
Caution should be exercised as there is a small chance of stream file descriptors being mixed up with script file descriptors, if the FD numbers go above 1024. This will be further addressed in the next Icecast release.
|
||
<em>This option is not available on Win32</em></dd>
|
||
</dl>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="path">Path Settings</h3>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><paths></span>
|
||
<span class="nt"><basedir></span>./<span class="nt"></basedir></span>
|
||
<span class="nt"><logdir></span>./logs<span class="nt"></logdir></span>
|
||
<span class="nt"><pidfile></span>./icecast.pid<span class="nt"></pidfile></span>
|
||
<span class="nt"><webroot></span>./web<span class="nt"></webroot></span>
|
||
<span class="nt"><adminroot></span>./admin<span class="nt"></adminroot></span>
|
||
<span class="nt"><allow-ip></span>/path/to/ip_allowlist<span class="nt"></allow-ip></span>
|
||
<span class="nt"><deny-ip></span>/path_to_ip_denylist<span class="nt"></deny-ip></span>
|
||
<span class="nt"><ssl-certificate></span>/path/to/certificate.pem<span class="nt"></ssl-certificate></span>
|
||
<span class="nt"><ssl-allowed-ciphers></span>ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS<span class="nt"></ssl-allowed-ciphers></span>
|
||
<span class="nt"><alias</span> <span class="na">source=</span><span class="s">"/foo"</span> <span class="na">dest=</span><span class="s">"/bar"</span><span class="nt">/></span>
|
||
<span class="nt"></paths></span></code></pre></div>
|
||
|
||
<p>This section contains paths which are used for various things within icecast. All paths (other than any aliases) should not end in a <code>/</code>.</p>
|
||
|
||
<dl>
|
||
<dt>basedir</dt>
|
||
<dd>This path is used in conjunction with the chroot settings, and specifies the base directory that is chrooted to when the server is started.<br />
|
||
<em>This feature is not supported on Win32.</em></dd>
|
||
<dt>logdir</dt>
|
||
<dd>This path specifies the base directory used for logging. Both the <code>error.log</code> and <code>access.log</code> will be created relative to this directory.</dd>
|
||
<dt>pidfile</dt>
|
||
<dd>This pathname specifies the file to write at startup and to remove at normal shutdown. The file contains the process id of the icecast process.<br />
|
||
This could be read and used for sending signals to Icecast.</dd>
|
||
<dt>webroot</dt>
|
||
<dd>This path specifies the base directory used for all static file requests. This directory can contain all standard file types
|
||
(including mp3s and ogg vorbis files). For example, if webroot is set to <code>/var/share/icecast2</code>, and a request for
|
||
<code>http://server:port/mp3/stuff.mp3</code> comes in, then the file <code>/var/share/icecast2/mp3/stuff.mp3</code> will be served.</dd>
|
||
<dt>adminroot</dt>
|
||
<dd>This path specifies the base directory used for all admin requests. More specifically, this is used to hold the XSLT scripts used
|
||
for the web-based admin interface. The admin directory contained within the icecast distribution contains these files.</dd>
|
||
<dt>allow-ip</dt>
|
||
<dd>If specified, this points to the location of a file that contains a list of IP addresses that will be allowed to connect to Icecast.
|
||
This could be useful in cases where a master only feeds known slaves.<br />
|
||
The format of the file is simple, one IP per line.</dd>
|
||
<dt>deny-ip</dt>
|
||
<dd>If specified, this points to the location of a file that contains a list of IP addressess that will be dropped immediately.
|
||
This is mainly for problem clients when you have no access to any firewall configuration.<br />
|
||
The format of the file is simple, one IP per line.</dd>
|
||
</dl>
|
||
|
||
<!-- FIXME -->
|
||
<dl>
|
||
<dt>alias</dt>
|
||
<dd>Aliases are used to provide a way to create multiple mountpoints that refer to the same mountpoint.<br />
|
||
For example: <code><alias source="/foo" dest="/bar"></code></dd>
|
||
<dt>ssl-certificate</dt>
|
||
<dd>If specified, this points to the location of a file that contains <em>both</em> the X.509 private and public key.
|
||
This is required for HTTPS support to be enabled. Please note that the user Icecast is running as must be able to read the file. Failing to ensure this will cause a “Invalid cert file” WARN message, just as if the file wasn’t there.</dd>
|
||
<dt>ssl-allowed-ciphers</dt>
|
||
<dd>This optional tag specifies the list of allowed ciphers passed on to the SSL library.
|
||
Icecast contains a set of defaults conforming to current best practices and you should <em>only</em> override those, using this tag, if you know exactly what you are doing.</dd>
|
||
</dl>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="log">Logging Settings</h3>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><logging></span>
|
||
<span class="nt"><accesslog></span>access.log<span class="nt"></accesslog></span>
|
||
<span class="nt"><errorlog></span>error.log<span class="nt"></errorlog></span>
|
||
<span class="nt"><playlistlog></span>playlist.log<span class="nt"></playlistlog></span>
|
||
<span class="nt"><loglevel></span>4<span class="nt"></loglevel></span> <span class="c"><!-- 4 Debug, 3 Info, 2 Warn, 1 Error --></span>
|
||
<span class="nt"></logging></span></code></pre></div>
|
||
|
||
<p>This section contains information relating to logging within Icecast. There are three logfiles currently generated by Icecast,
|
||
an <code>error.log</code> (where all log messages are placed), an <code>access.log</code> (where all stream/admin/http requests are logged) and an
|
||
optional <code>playlist.log</code>. </p>
|
||
|
||
<p>Note that on non-win32 platforms, a HUP signal can be sent to Icecast in which the log files are re-opened for appending giving the ability move/remove the log files. </p>
|
||
|
||
<p>If you set any of the filenames to a simple dash (e.g. <code><accesslog>-</accesslog></code>) then Icecast will direct the log output to
|
||
STDERR instead of a file.</p>
|
||
|
||
<dl>
|
||
<dt>accesslog</dt>
|
||
<dd>Into this file, all requests made to the icecast2 will be logged. This file is relative to the path specified by the <code><logdir></code> config value.</dd>
|
||
<dt>errorlog</dt>
|
||
<dd>All Icecast generated log messages will be written to this file. If the loglevel is set too high (Debug for instance) then
|
||
this file can grow fairly large over time. Currently, there is no log-rotation implemented.</dd>
|
||
<dt>playlistlog</dt>
|
||
<dd>Into this file, a log of all metadata for each mountpoint will be written. The format of the logfile will most likely change over time
|
||
as we narrow in on a standard format for this. Currently, the file is pipe delimited. This is optional and can be removed entirely
|
||
from the config file.</dd>
|
||
<dt>logsize</dt>
|
||
<dd>This value specifies (in Kbytes) the maxmimum size of any of the log files. When the logfile grows beyond this value, icecast will either
|
||
rename it to <code>logfile.old</code>, or add a timestamp to the archived file (if logarchive is enabled).</dd>
|
||
<dt>logarchive</dt>
|
||
<dd>If this value is set, then Icecast will append a timestamp to the end of the logfile name when logsize has been reached. If disabled, then
|
||
the default behavior is to rename the logfile to <code>logfile.old</code> (overwriting any previously saved logfiles). We disable this by default to
|
||
prevent the filling up of filesystems for people who don’t care (or know) that their logs are growing.</dd>
|
||
<dt>loglevel</dt>
|
||
<dd>Indicates what messages are logged by icecast. Log messages are categorized into one of 4 types, Debug, Info, Warn, and Error.<br />
|
||
|
||
<p>The following mapping can be used to set the appropriate value:</p>
|
||
|
||
<ul>
|
||
<li>loglevel = <code>4</code>: Debug, Info, Warn, Error messages are printed</li>
|
||
<li>loglevel = <code>3</code>: Info, Warn, Error messages are printed</li>
|
||
<li>loglevel = <code>2</code>: Warn, Error messages are printed</li>
|
||
<li>loglevel = <code>1</code>: Error messages only are printed</li>
|
||
</ul>
|
||
</dd>
|
||
</dl>
|
||
|
||
</div>
|
||
|
||
<div class="article">
|
||
<h3 id="security">Security Settings</h3>
|
||
|
||
<div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><security></span>
|
||
<span class="nt"><chroot></span>0<span class="nt"></chroot></span>
|
||
<span class="nt"><changeowner></span>
|
||
<span class="nt"><user></span>nobody<span class="nt"></user></span>
|
||
<span class="nt"><group></span>nogroup<span class="nt"></group></span>
|
||
<span class="nt"></changeowner></span>
|
||
<span class="nt"></security></span></code></pre></div>
|
||
|
||
<p>This section contains configuration settings that can be used to secure the icecast server by performing a chroot to a secured location or changing user and group on start-up. The latter allows icecast to bind to priviledged ports like 80 and 443, by being started as root and then dropping to the configured user/group after binding listener-sockets.
|
||
<em>This is currently not supported on Win32.</em></p>
|
||
|
||
<dl>
|
||
<dt>chroot</dt>
|
||
<dd>An indicator which specifies whether a <code>chroot()</code> will be done when the server is started.
|
||
The chrooted path is specified by the <code><basedir></code> configuration value.
|
||
Setting up and using a chroot is an advanced concept and not in the scope of this document.</dd>
|
||
<dt>changeowner</dt>
|
||
<dd>This section indicates the user and group that will own the icecast process when it is started.<br />
|
||
These need to be valid users on the system. Icecast must be started as root for this to work.</dd>
|
||
</dl>
|
||
|
||
</div>
|
||
|
||
</div>
|
||
|
||
<div class="footer">
|
||
<p>Support icecast development at <a href="http://icecast.org">icecast.org</a></p>
|
||
</div>
|
||
|
||
</body>
|
||
</html>
|