-
-
Save highgain86j/b7c281f685ad474841446c3b06d598b6 to your computer and use it in GitHub Desktop.
| server { | |
| listen 80; | |
| listen [::]:80; | |
| server_name radio.example.com; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Host $host; | |
| proxy_set_header X-Forwarded-Server $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| location / { | |
| proxy_pass http://127.0.0.1:8000/; | |
| subs_filter_types application/xspf+xml audio/x-mpegurl audio/x-vclt text/css text/html text/xml; | |
| subs_filter ':8000/' '/' gi; | |
| subs_filter '@localhost' '@example.com' gi; | |
| subs_filter 'localhost' $host gi; | |
| subs_filter 'Mount Point ' $host gi; | |
| subs_filter '<h1 id="header">Icecast2 Status</h1><div id="menu"><ul><li><a href="admin/">Administration</a></li><li><a href="status.xsl">Server Status</a></li><li><a href="server_version.xsl">Version</a></li></ul></div>' '<!--<div id="menu"><ul><li><a href="admin/">Administration</a></li><li><a href="status.xsl">Server Status</a></li><li><a href="server_version.xsl">Version</a></li></ul></div>-->' gi; | |
| location /admin/ { | |
| deny all; | |
| } | |
| location /server_version.xsl { | |
| deny all; | |
| } | |
| } | |
| } | |
| server { | |
| listen 80; | |
| listen [::]:80; | |
| server_name radio.internal.example.com; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Host $host; | |
| proxy_set_header X-Forwarded-Server $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| location / { | |
| proxy_pass http://127.0.0.1:8000/; | |
| subs_filter_types application/xspf+xml audio/x-mpegurl audio/x-vclt text/css text/html text/xml; | |
| subs_filter ':8000/' '/' gi; | |
| subs_filter '@localhost' '@example.com' gi; | |
| subs_filter 'localhost' $host gi; | |
| subs_filter 'Mount Point ' $host gi; | |
| } | |
| } |
Some Ideas how to get the Real visitor IP? With your Example I getting only the Proxy IP on Icecast Logs.
@scysys see https://gitlab.xiph.org/xiph/icecast-server/issues/1959
For now just use nginx logs
How would you apply this to force the connection to be SSL.
Some Ideas how to get the Real visitor IP? With your Example I getting only the Proxy IP on Icecast Logs.
you can use icecast-kh with
<paths>
<x-forwarded-for>x.x.x.x</x-forwarded-for>
(...)
</paths>
in config (x.x.x.x = ip of your proxy)
You don't need text/html in the subs_filter_types list as it's always filtered. In fact, if you do included it, nginx will complain to you about [warn] duplicate MIME type "text/html".
Otherwise, great config!
can we send audio stream from client (butt) through this nginx config?
No. And you should not do it either. See this note from the icecast maintainer: https://stackoverflow.com/questions/51786404/icecast2-running-under-nginx-not-able-to-connect/51786791#51786791
Added "listen [::]:80;" for IPv6 support.