glenn
/
asteroid
mirror of https://github.com/glenneth1/asteroid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
165 Commits 45 Branches 0 Tags 3.5 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
glenneth dbe9a06247 security: Liquidsoap now uses environment variable for Icecast password 
SECURITY IMPROVEMENTS:
- Liquidsoap telnet now binds to 127.0.0.1 (was 0.0.0.0)
  - Only accessible from within the container itself
  - Defense in depth: even if another container is compromised

- Liquidsoap now uses ICECAST_SOURCE_PASSWORD environment variable
  - Reads from environment.get("ICECAST_SOURCE_PASSWORD")
  - Falls back to default for development
  - All three streams (MP3, AAC, Low-quality) use same variable

DOCUMENTATION:
- Added comment to icecast.xml explaining environment variable override
- Clarifies that docker-compose.yml environment variables take precedence

This completes the password externalization for all Docker services:
- Icecast: Uses env vars (already done)
- Liquidsoap: Now uses env vars 
- PostgreSQL: Uses env vars (already done)

Ref: TODO.org security improvements
 2025-11-03 20:06:50 +03:00
Glenn Thompson 4c41777823 fix: Clean up main icecast.xml configuration for production use 
- Add <changeowner> section to fix 'run as root' error
- Remove complex mount configurations, let Docker handle automatically
- Fix log directory path from /var/log/icecast2/ to /var/log/icecast/
- Update docker-compose.yml to use main icecast.xml instead of minimal version
- Remove temporary minimal-icecast.xml workaround file

All three streams now working with clean main configuration:
- asteroid.aac (96kbps AAC - recommended)
- asteroid.mp3 (128kbps MP3 - compatible)
- asteroid-low.mp3 (64kbps MP3 - low bandwidth)

AAC streaming feature is now production-ready with proper Docker integration.
 2025-10-02 16:51:59 +03:00
Glenn Thompson c908d3eb4c fix: Add Icecast mount configurations for all streams 
- Increase sources limit from 2 to 5 in icecast.xml
- Add explicit mount configurations for asteroid.aac and asteroid-low.mp3
- Configure proper stream metadata and settings for each mount point

This should resolve the 403 Forbidden errors for AAC and low quality streams.
 2025-10-02 16:51:59 +03:00
Glenn Thompson 2689ae690f feat: Add Docker streaming infrastructure for Liquidsoap and Icecast2 
- Add complete Docker Compose setup with official Liquidsoap image (savonet/liquidsoap:v2.2.5)
- Add Icecast2 streaming server configuration
- Create dual quality streams (128kbps and 64kbps MP3)
- Add comprehensive documentation in Org format
- Add simple start/stop scripts for easy management
- Update .gitignore to exclude music files and Docker artifacts
- Remove old shell scripts (moved to ~/asteroid-scripts/)
- System-agnostic solution works on any Docker-capable system

This provides a complete streaming solution that works consistently across
all platforms, including Arch Linux where Liquidsoap packages may not be available.
 2025-10-02 16:50:06 +03:00