icecast.xml.in 11.6 KB
Newer Older
Jack Moffitt's avatar
Jack Moffitt committed
1
<icecast>
2
    <!-- IMPORTANT!
3 4
         Especially for inexperienced users:
         Start out by ONLY changing all passwords and restarting Icecast.
5 6 7 8
         For detailed setup instructions please refer to the documentation.
         It's also available here: http://icecast.org/docs/
    -->

9
    <!-- location and admin are two strings that are e.g. visible
10
         on the server info page of the icecast web interface -->
11 12 13
    <location>Earth</location>
    <!-- If you are listing streams on a YP, this MUST be a working email! -->
    <admin>icemaster@localhost</admin>
14 15 16 17 18 19
    <!-- This is the hostname other people will use to connect to your server.
         It affects mainly the urls generated by Icecast for playlists and YP
         listings. You MUST configure it properly for YP listings to work!
         This is NOT your homepage address, it's the hostname for THIS server.
    -->
    <hostname>localhost</hostname>
20

21
    <limits>
22 23 24
        <!-- Global maximum number of clients.
             This includes all kinds of clients, not only listeners.
        -->
25 26
        <clients>100</clients>
        <sources>2</sources>
27
        <queue-size>524288</queue-size>
28 29 30
        <client-timeout>30</client-timeout>
        <header-timeout>15</header-timeout>
        <source-timeout>10</source-timeout>
31 32 33 34 35 36
        <!-- This sets the burst size in [bytes]. This is the amount the
             the server sends to a listener that connects to a stream.
             This allows for a significantly reducing in startup time.
             Most people won't need to change from the default 64k.
             Applies to all mountpoints.
        -->
37
        <burst-size>65535</burst-size>
38
    </limits>
Jack Moffitt's avatar
Jack Moffitt committed
39

40 41
    <authentication>
        <!-- Sources log in with username 'source' -->
42
        <source-password>hackme</source-password>
43
        <!-- Relays log in with username 'relay' -->
44
        <relay-password>hackme</relay-password>
45 46 47 48 49 50

        <!-- Admin logs in with the username given below -->
        <admin-user>admin</admin-user>
        <admin-password>hackme</admin-password>
    </authentication>

51
    <!-- set the mountpoint for a shoutcast source to use, the default if not
52
         specified is to have none.
53 54 55
    <shoutcast-mount>/live.nsv</shoutcast-mount>
    -->

56
    <!-- Uncommenting this enables publishing to the streaming directory at:
57
         http://dir.xiph.org/
58 59 60
         Please read the Icecast documentation about publishing to directories
         very carefully, as it is not enough to just uncomment this.
    -->
61
    <!--
62 63 64
    <directory>
        <yp-url-timeout>15</yp-url-timeout>
        <yp-url>http://dir.xiph.org/cgi-bin/yp-cgi</yp-url>
65
    </directory>
66
    -->
Jack Moffitt's avatar
Jack Moffitt committed
67

68
    <!-- You may have multiple <listen-socket> elements -->
69 70 71
    <listen-socket>
        <port>8000</port>
        <!-- <bind-address>127.0.0.1</bind-address> -->
72
        <!-- <shoutcast-mount>/stream</shoutcast-mount> -->
73 74 75
    </listen-socket>
    <!--
    <listen-socket>
76
        <port>8080</port>
77 78
    </listen-socket>
    -->
79 80 81
    <!--
    <listen-socket>
        <port>8443</port>
82
        <tls>auto_no_plain</tls>
83 84 85
    </listen-socket>
    -->

86

87
    <!-- Global header settings
88
         Headers defined here will be returned for every HTTP request to Icecast.
89 90 91 92

         The ACAO header makes Icecast public content/API by default
         This will make streams easier embeddable (some HTML5 functionality needs it).
         Also it allows direct access to e.g. /status-json.xsl from other sites.
93
         If you don't want this, comment out the following line or read up on CORS.
94 95 96 97 98 99 100 101
    -->
    <http-headers>
        <header name="Access-Control-Allow-Origin" value="*" />
    </http-headers>


    <!-- Relaying
         You don't need this if you only have one server.
102
         Please refer to the documentation for a detailed explanation.
103
    -->
104 105 106 107 108 109
    <!--
    <master-server>127.0.0.1</master-server>
    <master-server-port>8001</master-server-port>
    <master-update-interval>120</master-update-interval>
    <master-password>hackme</master-password>
    -->
110

111
    <!-- Setting this makes all relays on-demand unless overridden, this is
112
         useful for master relays which do not have <relay> definitions here.
113 114
         The default is false -->
    <!--<relays-on-demand>true</relays-on-demand>-->
115

116
    <!-- Basic relay with one upstream server -->
Michael Smith's avatar
Michael Smith committed
117 118
    <!--
    <relay>
119
        <local-mount>/different.ogg</local-mount>
120
        <on-demand>false</on-demand>
121

122 123 124 125 126 127
        <upstream type="normal">
            <server>127.0.0.1</server>
            <port>8080</port>
            <mount>/example.ogg</mount>
            <relay-shoutcast-metadata>false</relay-shoutcast-metadata>
        </upstream>
Michael Smith's avatar
Michael Smith committed
128 129
    </relay>
    -->
130

131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152
    <!-- Relay with multiple upstream servers and default settings -->
    <!--
    <relay>
        <local-mount>/different.ogg</local-mount>
        <on-demand>false</on-demand>

        <upstream type="normal">
            <server>master0.example.org</server>
        </upstream>
        <upstream type="normal">
            <server>master1.example.org</server>
        </upstream>
        <upstream type="normal">
            <server>master2.example.org</server>
            <port>8080</port>
        </upstream>
        <upstream type="default">
            <port>8000</port>
            <mount>/example.ogg</mount>
        </upstream>
    </relay>
    -->
153 154 155

    <!-- Mountpoints
         Only define <mount> sections if you want to use advanced options,
156
         like alternative usernames or passwords
157
         All <mount> sections below are disabled by default,
158
         to activate them remove the comment markers around them and reload.
159 160
    -->

161 162
    <!-- Default settings for all mounts that don't have a specific <mount type="normal">.
    -->
163
    <!--
164
    <mount type="default">
165
        <public>false</public>
166
        <intro>/server-wide-intro.ogg</intro>
167
        <max-listener-duration>3600</max-listener-duration>
168
        <authentication>
169
            <role type="url" match-method="source,put" allow-web="*" allow-admin="*">
170 171
                <option name="client_add" value="http://auth.example.org/stream_start.php"/>
            </role>
172
            <role type="anonymous" match-method="source,put" deny-all="*" />
173
        </authentication>
174 175
        <http-headers>
                <header name="foo" value="bar" />
176
        </http-headers>
177 178 179 180
    </mount>
    -->

    <!-- Normal mounts -->
181
    <!--
182
    <mount type="normal">
183
        <mount-name>/example-complex.ogg</mount-name>
184

185
        <max-listeners>1</max-listeners>
186
        <dump-file>/tmp/dump-example1.ogg</dump-file>
187
        <burst-size>65536</burst-size>
188
        <fallback-mount>/example2.ogg</fallback-mount>
189 190
        <fallback-override>true</fallback-override>
        <fallback-when-full>true</fallback-when-full>
191
        <intro>/example_intro.ogg</intro>
192 193
        <hidden>true</hidden>
        <public>true</public>
194 195 196 197 198 199 200 201 202
        <authentication>
            <role type="htpasswd" connections-per-user="1">
                <option name="filename" value="myauth" />
            </role>
            <role type="static" allow-method="source,put,get,post,options" deny-web="*" allow-admin="*">
                <option name="username" value="othersource" />
                <option name="passwod" value="hackmemore" />
            </role>
            <role type="anonymous" deny-all="*" />
203
        </authentication>
204
        <http-headers>
205
                <header name="Access-Control-Allow-Origin" value="http://webplayer.example.org" />
206
                <header name="baz" value="quux" />
207
        </http-headers>
208 209 210 211 212 213 214 215 216

        <event-bindings>
            <event type="exec" trigger="source-connect">
                <option name="executable" value="/home/icecast/bin/stream-start" />
            </event>
            <event type="exec" trigger="source-disconnect">
                <option name="executable" value="/home/icecast/bin/stream-stop" />
            </event>
        </event-bindings>
217
    </mount>
218
    -->
219

220
    <!--
221
    <mount type="normal">
222
        <mount-name>/auth_example.ogg</mount-name>
223
        <authentication>
224
            <role type="url" match-method="get,post,head,options" allow-web="*" deny-admin="*" may-alter="send_error,redirect">
225 226 227 228 229 230 231
                <option name="client_add"       value="http://myauthserver.net/notify_listener.php"/>
                <option name="client_remove"    value="http://myauthserver.net/notify_listener.php"/>
                <option name="action_add"       value="listener_add"/>
                <option name="action_remove"    value="listener_remove"/>
                <option name="headers"          value="x-pragma,x-token"/>
                <option name="header_prefix"    value="ClientHeader."/>
            </role>
232
            <role type="anonymous" match-method="get,post,head,options" deny-all="*" />
233
        </authentication>
234 235 236 237 238 239 240 241 242 243
        <event-bindings>
            <event type="url" trigger="source-connect">
                <option name="url" value="http://myauthserver.net/notify_mount.php" />
                <option name="action" value="mount_add" />
            </event>
            <event type="url" trigger="source-disconnect">
                <option name="url" value="http://myauthserver.net/notify_mount.php" />
                <option name="action" value="mount_remove" />
            </event>
        </event-bindings>
244
    </mount>
245
    -->
246

247 248 249 250 251 252 253 254 255 256 257 258 259 260
    <!-- Relays can also go into a <mount type="normal"> section -->
    <!--
    <mount type="normal">
        <mount-name>/auth_example.ogg</mount-name>
        <relay>
            <upstream type="normal">
                <server>master0.example.org</server>
                <port>8000</port>
                <mount>/example.ogg</mount>
            </upstream>
        </relay>
    </mount>
    -->

261
    <paths>
262
        <!-- basedir is only used if chroot is enabled -->
263
        <basedir>@pkgdatadir@</basedir>
264

265
        <!-- Note that if <chroot> is turned on below, these paths must all
266
             be relative to the new root, not the original root -->
267
        <logdir>@localstatedir@/log/@PACKAGE@</logdir>
268 269
        <webroot>@pkgdatadir@/web</webroot>
        <adminroot>@pkgdatadir@/admin</adminroot>
270
        <!-- <pidfile>@pkgdatadir@/icecast.pid</pidfile> -->
271 272 273 274 275 276

        <!-- Aliases: treat requests for 'source' path as being for 'dest' path
             May be made specific to a port or bound address using the "port"
             and "bind-address" attributes.
          -->
        <!--
277
        <alias source="/foo" destination="/bar"/>
278
        -->
279 280 281
        <!-- Aliases: can also be used for simple redirections as well,
             this example will redirect all requests for http://server:port/ to
             the status page
282
        -->
283 284
        <alias source="/" destination="/status.xsl"/>
        <!-- The certificate file needs to contain both public and private part.
285
             Both should be PEM encoded.
286
        <tls-certificate>@pkgdatadir@/icecast.pem</tls-certificate>
287
        -->
288
    </paths>
Jack Moffitt's avatar
Jack Moffitt committed
289

290 291 292
    <logging>
        <accesslog>access.log</accesslog>
        <errorlog>error.log</errorlog>
293
        <!-- <playlistlog>playlist.log</playlistlog> -->
294
        <loglevel>information</loglevel> <!-- "debug", "information", "warning", or "error" -->
295
        <logsize>10000</logsize> <!-- Max size of a logfile -->
296 297 298 299 300
        <!-- If logarchive is enabled (1), then when logsize is reached
             the logfile will be moved to [error|access|playlist].log.DATESTAMP,
             otherwise it will be moved to [error|access|playlist].log.old.
             Default is non-archive mode (i.e. overwrite)
        -->
301
        <!-- <logarchive>true</logarchive> -->
302 303 304
    </logging>

    <security>
305
        <chroot>false</chroot>
306 307 308 309
        <!--
        <changeowner>
            <user>nobody</user>
            <group>nogroup</group>
310
        </changeowner>
311 312
        -->
    </security>
Jack Moffitt's avatar
Jack Moffitt committed
313
</icecast>