Add nginx ssl support with self-signed cert examples. Updated readme with ssl note.
This commit is contained in:
Alf
parent
95e0b06d46
commit
e6e9e6cc7d
|
|
@ -4,7 +4,7 @@ language: bash
|
|||
services: docker
|
||||
|
||||
env:
|
||||
- DOCKER_IMAGE=nginx-rtmp
|
||||
- DOCKER_IMAGE=nginx-rtmp
|
||||
|
||||
script:
|
||||
- docker build -t ${DOCKER_IMAGE} .
|
||||
|
|
|
|||
|
|
@ -47,6 +47,7 @@ RUN cd /tmp/nginx-${NGINX_VERSION} && \
|
|||
--conf-path=/opt/nginx/nginx.conf \
|
||||
--with-threads \
|
||||
--with-file-aio \
|
||||
--with-http_ssl_module \
|
||||
--error-log-path=/opt/nginx/logs/error.log \
|
||||
--http-log-path=/opt/nginx/logs/access.log \
|
||||
--with-debug && \
|
||||
|
|
|
|||
|
|
@ -33,6 +33,11 @@ docker run -it -p 1935:1935 -p 8080:80 --rm nginx-rtmp
|
|||
rtmp://<server ip>:1935/stream/$STREAM_NAME
|
||||
```
|
||||
|
||||
### SSL
|
||||
The `nginx.conf` is configured for both HTTP and HTTPS using a self-signed certificate supplied in [/certs](/certs). If you wish to use HTTPS, it is **highly recommended** to obtain your own certificates and update the `ssl_certificate` and `ssl_certificate_key` paths in [nginx.conf](nginx.conf).
|
||||
|
||||
I recommend using [Certbot](https://certbot.eff.org/docs/install.html) from [Let's Encrypt](https://letsencrypt.org).
|
||||
|
||||
### OBS Configuration
|
||||
* Stream Type: `Custom Streaming Server`
|
||||
* URL: `rtmp://localhost:1935/stream`
|
||||
|
|
|
|||
|
|
@ -0,0 +1,31 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIFXTCCA0WgAwIBAgIJAMCQYDhYg4RNMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
|
||||
BAYTAlVTMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
|
||||
aWRnaXRzIFB0eSBMdGQwHhcNMTgxMTIwMjA1ODM1WhcNMTkxMTIwMjA1ODM1WjBF
|
||||
MQswCQYDVQQGEwJVUzETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
|
||||
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
|
||||
CgKCAgEAv2Wzdiw3kgw8USDpXxUSVbv4fMoGmf2PtcjZn6nSdGndZBpt2ODxYRvz
|
||||
TFrAuL944DCQY5MuDRC7z5siFHUe14ravRTavjs5+Kr5XelVN0wofgMp2Npg+6xX
|
||||
lT4t/cb4T88hqm3UMn0AcoAD9L8oZCs+4aHIwNZT8tts5cbcenJxNrdFri28L+Q5
|
||||
sx5CrOeoQP8R1C01z3aXYzQXZ97w9hr35BBkzRVt4mvi9L5CLAzlVxn/4vGy/tV1
|
||||
PAbQaMFBWR2gjzNKx0+DKcsz1hKo7UXi3LVfJAn9xmcwfQcpWEH74EIkLpAyQ/oF
|
||||
rhZS/I+OCCuh13bKEIfCY0ICN2u7agTBhzbnWXkF9CKb2ElKJd1C96myWmHmJT8G
|
||||
d34l7/vKYXQUGnds+2yN2heZj3/0eCcq3Pv6DcgjoBkYEJ35Z2jVq/w38cJeAw2d
|
||||
7CrGJlfBrmi3v2WSXHjRnvU9vVTgN/mFNdTQLKeMHHiZPiK91nj1UEEcXhAYL731
|
||||
HxJ+Xb/Wx5OO+Ki0vL3GdQJQr8BtW5tpSUYJgiLvp+dIUST8IBo1s6w5DtcqmpY1
|
||||
254AgGjNLXruq6juGbgVBRLhmoU0r8xsROproAvtd+bnej90hcHfqvgsg9+8Nttr
|
||||
pigRPHHbY7iE5b9p24XbbHVhTJ7htQ4t9uJ/I979A1StLBnqfD8CAwEAAaNQME4w
|
||||
HQYDVR0OBBYEFJNRWzeHz7m+VAfnu7Q9eU6L5EdWMB8GA1UdIwQYMBaAFJNRWzeH
|
||||
z7m+VAfnu7Q9eU6L5EdWMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIB
|
||||
ADk8i3rp0LthFeR1FCjg5Q7wZfEk2uWyGEZYpWet4+ECB3ATWnVMUl8pqqb1zGVL
|
||||
kG5/WYKIDP81VpxL5dK+EqnQCIV80b0lswxl9Qr6AKgg9FvbInKVfoRN3uRw1iHw
|
||||
+URYi0nxzFncxdCvNWLL07Nxt7OmkxxBiDfMOBmmmz+CWqm3MeH+5fEak1AkIJFE
|
||||
Kq54qD1F9UWBMG3OVxhSUML4b/QdcIQ6+gDa2LT97GFIK2RBHWtQARYSBTcMbxfm
|
||||
XSWDuyibYhKh3L3G/NcG2LEWzBO7+VW06tP+B3Ki8dgyLZk1fq5k1stsv8m2z8mx
|
||||
iOM4gIxZ5DgKBad/LthFGvxIKBn9znQ/SmkZjl8G6//lbCzlmLm4e4+75c5YTT3/
|
||||
ZrVDev30Ln8RveE+wBX6ZUHaSnGTWp08hry3JIE8YFCN4E+LXkyayq96ujVugCJC
|
||||
wCE/aLT3sPgRxZcRNbB8lmur8BcEuoZphm4jLoctBhnM7NVcJHaTYWazNvpDKCaT
|
||||
sAi5xNu+/NzrwNhYCWVNrWJjfwyLpOEaI60GDmR1iy/MWeikYw+C/YMKmFXmjuIw
|
||||
1IX5a7+Yu5etGN+qvYdZOS3RpVxuT1OJk1haatXficL7FYU16XUm19ggN1W0uYb+
|
||||
CGbQoh//o8p01K+AmiO4P0NsTSoK/Ap2MjrNhAAq4HV0
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -0,0 +1,52 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIJRQIBADANBgkqhkiG9w0BAQEFAASCCS8wggkrAgEAAoICAQC/ZbN2LDeSDDxR
|
||||
IOlfFRJVu/h8ygaZ/Y+1yNmfqdJ0ad1kGm3Y4PFhG/NMWsC4v3jgMJBjky4NELvP
|
||||
myIUdR7Xitq9FNq+Ozn4qvld6VU3TCh+AynY2mD7rFeVPi39xvhPzyGqbdQyfQBy
|
||||
gAP0vyhkKz7hocjA1lPy22zlxtx6cnE2t0WuLbwv5DmzHkKs56hA/xHULTXPdpdj
|
||||
NBdn3vD2GvfkEGTNFW3ia+L0vkIsDOVXGf/i8bL+1XU8BtBowUFZHaCPM0rHT4Mp
|
||||
yzPWEqjtReLctV8kCf3GZzB9BylYQfvgQiQukDJD+gWuFlL8j44IK6HXdsoQh8Jj
|
||||
QgI3a7tqBMGHNudZeQX0IpvYSUol3UL3qbJaYeYlPwZ3fiXv+8phdBQad2z7bI3a
|
||||
F5mPf/R4Jyrc+/oNyCOgGRgQnflnaNWr/Dfxwl4DDZ3sKsYmV8GuaLe/ZZJceNGe
|
||||
9T29VOA3+YU11NAsp4wceJk+Ir3WePVQQRxeEBgvvfUfEn5dv9bHk474qLS8vcZ1
|
||||
AlCvwG1bm2lJRgmCIu+n50hRJPwgGjWzrDkO1yqaljXbngCAaM0teu6rqO4ZuBUF
|
||||
EuGahTSvzGxE6mugC+135ud6P3SFwd+q+CyD37w222umKBE8cdtjuITlv2nbhdts
|
||||
dWFMnuG1Di324n8j3v0DVK0sGep8PwIDAQABAoICAQCNPFYeyOhE7KSB1YCAuoLq
|
||||
IyhtpYMTlUm8AjedG2sCnrBRUzNmDC/y0fZKjNmUOy7OeOfDovMjjwqYW0jdwcN9
|
||||
mKhrSP1VzUytFDWpuCo7AQcMXfc+X3+bmASVS+oSUAYilp2oLx2cGCQBWjgRHhKH
|
||||
QGZJh+IlcsNF/eew83r1HIgwsTNJIdSxnn95jsXy44uEUvTsFmST8FYsTV9MNfao
|
||||
FSSB9hr8P2jz4Vr78X3RFb8S9EugQ20roYa+QeT+uEUpprQ5l8cBpsoKSDm7Kc/g
|
||||
L2cGKQzJAlpzUug0CtnWl/Ju/T/H4H5HLTON0Elyt9g+bTwjTDQ12Ih4SFhsXyJP
|
||||
Bbhvv9lMB7Q2vvQz4VG3xwqB2IguT/tZeNYRyN3dFHq/Ib2Rt6jtyJ3qUNBXFdr/
|
||||
Q1KNsgWBvpMiB0OKpakDWQMUIsuRHL1EcWnBIOURl0Xj90wYgkIr0czH6KoxLzaO
|
||||
qkSmIDN/tsoHfJ5LXsrVmAMS2OaGRK5rt0pfF6a2Tl0zaWSlwT0v/ymVjavmFxyl
|
||||
oCDhaoQ9fh7OBjf6vX2AYtwr1Dbo/578t+/0eUZOlYMNnomi0FudEoVi7IMQv82f
|
||||
OFnVTXjdHJHyvfBjhWqbjw1oQTBtrgMJSUMqaqvTgA0k/rppfMUuXS1B7Dl0c0LU
|
||||
w1FHDk78I+IZBxIXSyVmQQKCAQEA5oVlwJxXLb9bNqbcKipKrQQAcPAgXt7ZOQOL
|
||||
l28K74N+3IylQFH9HBIE6QLrjOZFTKh0kLcrYfGhz7RoATkBJkf3w6F9Ef3F6Epp
|
||||
X7ygPFFggGdx5csQzOCrK4VQGMEM9T4Zn5FEbCKhrica6g/u2WaLbq7XzwYXCVjH
|
||||
GKqSpTZXfecfcSQHkjoGGcQqnXMkOE+w/HF21Wn6BHxfBUYsrPsB54ZkITPkNdjX
|
||||
xZq+t331pFH1P2X//ogBKXp/5ZYRd8pR0dysGo9e1U91OLgjcQXU9y2MzNajp6j/
|
||||
o9czZi3xc1P2j0/mJdoCebr9C7erZa2mmTnXITNIgEhpFwlYHwKCAQEA1I1LNehc
|
||||
ClgZw9/sPP4cB7ONAyVRHgAzhM8/hfjN/NDAbMkYWYwGDPYOIuxf9Vo34XX1GhQo
|
||||
4ctb/DZHGsVcBFIVD7fPj60D3yC2HvcGlZ2sgHBG0RwftYentQWvutxRGWcN9A1+
|
||||
Gcn379MWp3SsqjMN1JM1RzEPvr9SO3fQOPIAaMjpOwWxeopsVvVzEzhQ6IqsFUkA
|
||||
UR1q0noKExb3Re1eSDzuuBo1ftWm9sXbH6eilvNvOD3MYApOJ2aJRPdRDPVCyHID
|
||||
8rpJyngpKTIuUGax53pB2mJ4Af5aPNuwIC0JLxgFmYYNLvJ5o4FWWiFcjHYS7728
|
||||
UEjzETBm0A7X4QKCAQEAw29RBu0FFCnpoPnyKmVUjj6YSSerqgLw0t9ol2hzMwCe
|
||||
q0kqSM+58PRt6UaqgPgwxH8E5DQGubDr6HYgvvifOt9E9TySFpC6GugLUjlO+BRd
|
||||
5j7NV27DvY60T99kOrhgzgJqItg71BnATS+mJ85+Rx4jFCFzoXaeTTRRB16FmT/r
|
||||
CTjLdVaAfL5osauYHYiiqoMVn9BqWSDR8L+op4YJFlZwFOPhPC0MS4Kd3FAHZPWL
|
||||
Lla1v5wwXpDbu1i52eFSyeZjW7LkzlfCpMIKtZ2Xnpi9JxodBwTqFpi2sycd0oEc
|
||||
9RO4M2Qf0PN1qdKX+jkrPLbuSXW6J9Gco/W/8uHfLQKCAQEAvRB9oRLxpAXfzTrG
|
||||
US6bUkJlITI1aGE3cmBDGfFJkSNCtsFdlnGWBDtuMaReasj4QeWBwtPB1a7lQIAr
|
||||
WWXKRtGYiGWxDBUTB4t6VCrZQYaCJbE5XNIOZpOnGr9XI/jLbrQbVkYWL+xWTY5P
|
||||
bV68I5zMJZVX496BKePWyqz1m2Gv+YUU6PpUdzLf0a380VDbry2CimBoFr77AQOr
|
||||
KHXaN+o/XjRNB5fQk+SJ4qH2Gr8rQeiBut5Fh/xCrotneOAgyUz0PYYleug3sRCX
|
||||
VFydk8j1YHiAUTgblXJhZBbqIITO0YQlnvz9hxAKIOVwITXhs9NnXrc/5Y4uH9EU
|
||||
8ubxIQKCAQEA5fWcnr3UM6hDH0ixPD+CMrCggvcK+/uOYLwsN8Lm6P9zNu2MxhYe
|
||||
bwACFyfG+ArdFD9G72X0tf7DDiyGdlWR6AB5tzbP3d9UB14DW9s47YD1w5yqtAHI
|
||||
pbFevd0O9PFYf0+290Gh0fKGW5GkfRj+1ZiOfqfGtscWufjpdYeCjs0WzZDy7jGm
|
||||
SG6sgk8Mar65fYWOoo0o9jD+hLzAtf8O0KE+Ilevb4UgqBc1WzdTy21KW65r+Guv
|
||||
7rJFrGuHERHFFR7mxgNyWFVRw2eysxhOQHe/2nnJSyDIjaKEiiaKJJ2FUqnRVr6Q
|
||||
IW8oyQg/bNSFBykcUbWZVZhQGVT4RLB/mA==
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -5,4 +5,7 @@ services:
|
|||
build: .
|
||||
ports:
|
||||
- 1935:1935
|
||||
- 8080:80
|
||||
- 8080:80
|
||||
- 8443:443
|
||||
volumes:
|
||||
- ./certs:/opt/certs
|
||||
12
nginx.conf
12
nginx.conf
|
|
@ -40,8 +40,18 @@ rtmp {
|
|||
}
|
||||
|
||||
http {
|
||||
ssl_ciphers HIGH:!aNULL:!MD5;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
listen 80; # Remove this line if you want HTTPS only.
|
||||
listen 443 ssl;
|
||||
|
||||
# Update these paths with your own certificate and private key.
|
||||
ssl_certificate /opt/certs/example.com.crt;
|
||||
ssl_certificate_key /opt/certs/example.com.key;
|
||||
|
||||
location /hls {
|
||||
types {
|
||||
|
|
|
|||
Loading…
Reference in New Issue