Add nginx ssl support with self-signed cert examples. Updated readme with ssl note.
This commit is contained in:
parent
95e0b06d46
commit
e6e9e6cc7d
|
@ -4,7 +4,7 @@ language: bash
|
||||||
services: docker
|
services: docker
|
||||||
|
|
||||||
env:
|
env:
|
||||||
- DOCKER_IMAGE=nginx-rtmp
|
- DOCKER_IMAGE=nginx-rtmp
|
||||||
|
|
||||||
script:
|
script:
|
||||||
- docker build -t ${DOCKER_IMAGE} .
|
- docker build -t ${DOCKER_IMAGE} .
|
||||||
|
|
|
@ -47,6 +47,7 @@ RUN cd /tmp/nginx-${NGINX_VERSION} && \
|
||||||
--conf-path=/opt/nginx/nginx.conf \
|
--conf-path=/opt/nginx/nginx.conf \
|
||||||
--with-threads \
|
--with-threads \
|
||||||
--with-file-aio \
|
--with-file-aio \
|
||||||
|
--with-http_ssl_module \
|
||||||
--error-log-path=/opt/nginx/logs/error.log \
|
--error-log-path=/opt/nginx/logs/error.log \
|
||||||
--http-log-path=/opt/nginx/logs/access.log \
|
--http-log-path=/opt/nginx/logs/access.log \
|
||||||
--with-debug && \
|
--with-debug && \
|
||||||
|
|
|
@ -33,6 +33,11 @@ docker run -it -p 1935:1935 -p 8080:80 --rm nginx-rtmp
|
||||||
rtmp://<server ip>:1935/stream/$STREAM_NAME
|
rtmp://<server ip>:1935/stream/$STREAM_NAME
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### SSL
|
||||||
|
The `nginx.conf` is configured for both HTTP and HTTPS using a self-signed certificate supplied in [/certs](/certs). If you wish to use HTTPS, it is **highly recommended** to obtain your own certificates and update the `ssl_certificate` and `ssl_certificate_key` paths in [nginx.conf](nginx.conf).
|
||||||
|
|
||||||
|
I recommend using [Certbot](https://certbot.eff.org/docs/install.html) from [Let's Encrypt](https://letsencrypt.org).
|
||||||
|
|
||||||
### OBS Configuration
|
### OBS Configuration
|
||||||
* Stream Type: `Custom Streaming Server`
|
* Stream Type: `Custom Streaming Server`
|
||||||
* URL: `rtmp://localhost:1935/stream`
|
* URL: `rtmp://localhost:1935/stream`
|
||||||
|
|
|
@ -0,0 +1,31 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFXTCCA0WgAwIBAgIJAMCQYDhYg4RNMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
|
||||||
|
BAYTAlVTMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
|
||||||
|
aWRnaXRzIFB0eSBMdGQwHhcNMTgxMTIwMjA1ODM1WhcNMTkxMTIwMjA1ODM1WjBF
|
||||||
|
MQswCQYDVQQGEwJVUzETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
|
||||||
|
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
|
||||||
|
CgKCAgEAv2Wzdiw3kgw8USDpXxUSVbv4fMoGmf2PtcjZn6nSdGndZBpt2ODxYRvz
|
||||||
|
TFrAuL944DCQY5MuDRC7z5siFHUe14ravRTavjs5+Kr5XelVN0wofgMp2Npg+6xX
|
||||||
|
lT4t/cb4T88hqm3UMn0AcoAD9L8oZCs+4aHIwNZT8tts5cbcenJxNrdFri28L+Q5
|
||||||
|
sx5CrOeoQP8R1C01z3aXYzQXZ97w9hr35BBkzRVt4mvi9L5CLAzlVxn/4vGy/tV1
|
||||||
|
PAbQaMFBWR2gjzNKx0+DKcsz1hKo7UXi3LVfJAn9xmcwfQcpWEH74EIkLpAyQ/oF
|
||||||
|
rhZS/I+OCCuh13bKEIfCY0ICN2u7agTBhzbnWXkF9CKb2ElKJd1C96myWmHmJT8G
|
||||||
|
d34l7/vKYXQUGnds+2yN2heZj3/0eCcq3Pv6DcgjoBkYEJ35Z2jVq/w38cJeAw2d
|
||||||
|
7CrGJlfBrmi3v2WSXHjRnvU9vVTgN/mFNdTQLKeMHHiZPiK91nj1UEEcXhAYL731
|
||||||
|
HxJ+Xb/Wx5OO+Ki0vL3GdQJQr8BtW5tpSUYJgiLvp+dIUST8IBo1s6w5DtcqmpY1
|
||||||
|
254AgGjNLXruq6juGbgVBRLhmoU0r8xsROproAvtd+bnej90hcHfqvgsg9+8Nttr
|
||||||
|
pigRPHHbY7iE5b9p24XbbHVhTJ7htQ4t9uJ/I979A1StLBnqfD8CAwEAAaNQME4w
|
||||||
|
HQYDVR0OBBYEFJNRWzeHz7m+VAfnu7Q9eU6L5EdWMB8GA1UdIwQYMBaAFJNRWzeH
|
||||||
|
z7m+VAfnu7Q9eU6L5EdWMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIB
|
||||||
|
ADk8i3rp0LthFeR1FCjg5Q7wZfEk2uWyGEZYpWet4+ECB3ATWnVMUl8pqqb1zGVL
|
||||||
|
kG5/WYKIDP81VpxL5dK+EqnQCIV80b0lswxl9Qr6AKgg9FvbInKVfoRN3uRw1iHw
|
||||||
|
+URYi0nxzFncxdCvNWLL07Nxt7OmkxxBiDfMOBmmmz+CWqm3MeH+5fEak1AkIJFE
|
||||||
|
Kq54qD1F9UWBMG3OVxhSUML4b/QdcIQ6+gDa2LT97GFIK2RBHWtQARYSBTcMbxfm
|
||||||
|
XSWDuyibYhKh3L3G/NcG2LEWzBO7+VW06tP+B3Ki8dgyLZk1fq5k1stsv8m2z8mx
|
||||||
|
iOM4gIxZ5DgKBad/LthFGvxIKBn9znQ/SmkZjl8G6//lbCzlmLm4e4+75c5YTT3/
|
||||||
|
ZrVDev30Ln8RveE+wBX6ZUHaSnGTWp08hry3JIE8YFCN4E+LXkyayq96ujVugCJC
|
||||||
|
wCE/aLT3sPgRxZcRNbB8lmur8BcEuoZphm4jLoctBhnM7NVcJHaTYWazNvpDKCaT
|
||||||
|
sAi5xNu+/NzrwNhYCWVNrWJjfwyLpOEaI60GDmR1iy/MWeikYw+C/YMKmFXmjuIw
|
||||||
|
1IX5a7+Yu5etGN+qvYdZOS3RpVxuT1OJk1haatXficL7FYU16XUm19ggN1W0uYb+
|
||||||
|
CGbQoh//o8p01K+AmiO4P0NsTSoK/Ap2MjrNhAAq4HV0
|
||||||
|
-----END CERTIFICATE-----
|
|
@ -0,0 +1,52 @@
|
||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIJRQIBADANBgkqhkiG9w0BAQEFAASCCS8wggkrAgEAAoICAQC/ZbN2LDeSDDxR
|
||||||
|
IOlfFRJVu/h8ygaZ/Y+1yNmfqdJ0ad1kGm3Y4PFhG/NMWsC4v3jgMJBjky4NELvP
|
||||||
|
myIUdR7Xitq9FNq+Ozn4qvld6VU3TCh+AynY2mD7rFeVPi39xvhPzyGqbdQyfQBy
|
||||||
|
gAP0vyhkKz7hocjA1lPy22zlxtx6cnE2t0WuLbwv5DmzHkKs56hA/xHULTXPdpdj
|
||||||
|
NBdn3vD2GvfkEGTNFW3ia+L0vkIsDOVXGf/i8bL+1XU8BtBowUFZHaCPM0rHT4Mp
|
||||||
|
yzPWEqjtReLctV8kCf3GZzB9BylYQfvgQiQukDJD+gWuFlL8j44IK6HXdsoQh8Jj
|
||||||
|
QgI3a7tqBMGHNudZeQX0IpvYSUol3UL3qbJaYeYlPwZ3fiXv+8phdBQad2z7bI3a
|
||||||
|
F5mPf/R4Jyrc+/oNyCOgGRgQnflnaNWr/Dfxwl4DDZ3sKsYmV8GuaLe/ZZJceNGe
|
||||||
|
9T29VOA3+YU11NAsp4wceJk+Ir3WePVQQRxeEBgvvfUfEn5dv9bHk474qLS8vcZ1
|
||||||
|
AlCvwG1bm2lJRgmCIu+n50hRJPwgGjWzrDkO1yqaljXbngCAaM0teu6rqO4ZuBUF
|
||||||
|
EuGahTSvzGxE6mugC+135ud6P3SFwd+q+CyD37w222umKBE8cdtjuITlv2nbhdts
|
||||||
|
dWFMnuG1Di324n8j3v0DVK0sGep8PwIDAQABAoICAQCNPFYeyOhE7KSB1YCAuoLq
|
||||||
|
IyhtpYMTlUm8AjedG2sCnrBRUzNmDC/y0fZKjNmUOy7OeOfDovMjjwqYW0jdwcN9
|
||||||
|
mKhrSP1VzUytFDWpuCo7AQcMXfc+X3+bmASVS+oSUAYilp2oLx2cGCQBWjgRHhKH
|
||||||
|
QGZJh+IlcsNF/eew83r1HIgwsTNJIdSxnn95jsXy44uEUvTsFmST8FYsTV9MNfao
|
||||||
|
FSSB9hr8P2jz4Vr78X3RFb8S9EugQ20roYa+QeT+uEUpprQ5l8cBpsoKSDm7Kc/g
|
||||||
|
L2cGKQzJAlpzUug0CtnWl/Ju/T/H4H5HLTON0Elyt9g+bTwjTDQ12Ih4SFhsXyJP
|
||||||
|
Bbhvv9lMB7Q2vvQz4VG3xwqB2IguT/tZeNYRyN3dFHq/Ib2Rt6jtyJ3qUNBXFdr/
|
||||||
|
Q1KNsgWBvpMiB0OKpakDWQMUIsuRHL1EcWnBIOURl0Xj90wYgkIr0czH6KoxLzaO
|
||||||
|
qkSmIDN/tsoHfJ5LXsrVmAMS2OaGRK5rt0pfF6a2Tl0zaWSlwT0v/ymVjavmFxyl
|
||||||
|
oCDhaoQ9fh7OBjf6vX2AYtwr1Dbo/578t+/0eUZOlYMNnomi0FudEoVi7IMQv82f
|
||||||
|
OFnVTXjdHJHyvfBjhWqbjw1oQTBtrgMJSUMqaqvTgA0k/rppfMUuXS1B7Dl0c0LU
|
||||||
|
w1FHDk78I+IZBxIXSyVmQQKCAQEA5oVlwJxXLb9bNqbcKipKrQQAcPAgXt7ZOQOL
|
||||||
|
l28K74N+3IylQFH9HBIE6QLrjOZFTKh0kLcrYfGhz7RoATkBJkf3w6F9Ef3F6Epp
|
||||||
|
X7ygPFFggGdx5csQzOCrK4VQGMEM9T4Zn5FEbCKhrica6g/u2WaLbq7XzwYXCVjH
|
||||||
|
GKqSpTZXfecfcSQHkjoGGcQqnXMkOE+w/HF21Wn6BHxfBUYsrPsB54ZkITPkNdjX
|
||||||
|
xZq+t331pFH1P2X//ogBKXp/5ZYRd8pR0dysGo9e1U91OLgjcQXU9y2MzNajp6j/
|
||||||
|
o9czZi3xc1P2j0/mJdoCebr9C7erZa2mmTnXITNIgEhpFwlYHwKCAQEA1I1LNehc
|
||||||
|
ClgZw9/sPP4cB7ONAyVRHgAzhM8/hfjN/NDAbMkYWYwGDPYOIuxf9Vo34XX1GhQo
|
||||||
|
4ctb/DZHGsVcBFIVD7fPj60D3yC2HvcGlZ2sgHBG0RwftYentQWvutxRGWcN9A1+
|
||||||
|
Gcn379MWp3SsqjMN1JM1RzEPvr9SO3fQOPIAaMjpOwWxeopsVvVzEzhQ6IqsFUkA
|
||||||
|
UR1q0noKExb3Re1eSDzuuBo1ftWm9sXbH6eilvNvOD3MYApOJ2aJRPdRDPVCyHID
|
||||||
|
8rpJyngpKTIuUGax53pB2mJ4Af5aPNuwIC0JLxgFmYYNLvJ5o4FWWiFcjHYS7728
|
||||||
|
UEjzETBm0A7X4QKCAQEAw29RBu0FFCnpoPnyKmVUjj6YSSerqgLw0t9ol2hzMwCe
|
||||||
|
q0kqSM+58PRt6UaqgPgwxH8E5DQGubDr6HYgvvifOt9E9TySFpC6GugLUjlO+BRd
|
||||||
|
5j7NV27DvY60T99kOrhgzgJqItg71BnATS+mJ85+Rx4jFCFzoXaeTTRRB16FmT/r
|
||||||
|
CTjLdVaAfL5osauYHYiiqoMVn9BqWSDR8L+op4YJFlZwFOPhPC0MS4Kd3FAHZPWL
|
||||||
|
Lla1v5wwXpDbu1i52eFSyeZjW7LkzlfCpMIKtZ2Xnpi9JxodBwTqFpi2sycd0oEc
|
||||||
|
9RO4M2Qf0PN1qdKX+jkrPLbuSXW6J9Gco/W/8uHfLQKCAQEAvRB9oRLxpAXfzTrG
|
||||||
|
US6bUkJlITI1aGE3cmBDGfFJkSNCtsFdlnGWBDtuMaReasj4QeWBwtPB1a7lQIAr
|
||||||
|
WWXKRtGYiGWxDBUTB4t6VCrZQYaCJbE5XNIOZpOnGr9XI/jLbrQbVkYWL+xWTY5P
|
||||||
|
bV68I5zMJZVX496BKePWyqz1m2Gv+YUU6PpUdzLf0a380VDbry2CimBoFr77AQOr
|
||||||
|
KHXaN+o/XjRNB5fQk+SJ4qH2Gr8rQeiBut5Fh/xCrotneOAgyUz0PYYleug3sRCX
|
||||||
|
VFydk8j1YHiAUTgblXJhZBbqIITO0YQlnvz9hxAKIOVwITXhs9NnXrc/5Y4uH9EU
|
||||||
|
8ubxIQKCAQEA5fWcnr3UM6hDH0ixPD+CMrCggvcK+/uOYLwsN8Lm6P9zNu2MxhYe
|
||||||
|
bwACFyfG+ArdFD9G72X0tf7DDiyGdlWR6AB5tzbP3d9UB14DW9s47YD1w5yqtAHI
|
||||||
|
pbFevd0O9PFYf0+290Gh0fKGW5GkfRj+1ZiOfqfGtscWufjpdYeCjs0WzZDy7jGm
|
||||||
|
SG6sgk8Mar65fYWOoo0o9jD+hLzAtf8O0KE+Ilevb4UgqBc1WzdTy21KW65r+Guv
|
||||||
|
7rJFrGuHERHFFR7mxgNyWFVRw2eysxhOQHe/2nnJSyDIjaKEiiaKJJ2FUqnRVr6Q
|
||||||
|
IW8oyQg/bNSFBykcUbWZVZhQGVT4RLB/mA==
|
||||||
|
-----END PRIVATE KEY-----
|
|
@ -5,4 +5,7 @@ services:
|
||||||
build: .
|
build: .
|
||||||
ports:
|
ports:
|
||||||
- 1935:1935
|
- 1935:1935
|
||||||
- 8080:80
|
- 8080:80
|
||||||
|
- 8443:443
|
||||||
|
volumes:
|
||||||
|
- ./certs:/opt/certs
|
12
nginx.conf
12
nginx.conf
|
@ -40,8 +40,18 @@ rtmp {
|
||||||
}
|
}
|
||||||
|
|
||||||
http {
|
http {
|
||||||
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
||||||
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||||
|
ssl_session_cache shared:SSL:10m;
|
||||||
|
ssl_session_timeout 10m;
|
||||||
|
|
||||||
server {
|
server {
|
||||||
listen 80;
|
listen 80; # Remove this line if you want HTTPS only.
|
||||||
|
listen 443 ssl;
|
||||||
|
|
||||||
|
# Update these paths with your own certificate and private key.
|
||||||
|
ssl_certificate /opt/certs/example.com.crt;
|
||||||
|
ssl_certificate_key /opt/certs/example.com.key;
|
||||||
|
|
||||||
location /hls {
|
location /hls {
|
||||||
types {
|
types {
|
||||||
|
|
Loading…
Reference in New Issue