ninya9k
/
anonstream
1
1
フォーク 0
コード イシュー プルリクエスト プロジェクト リリース アクティビティ

STREAMING.md: way more comprehensive instructions

このコミットが含まれているのは:
n9k 2022-06-12 04:12:29 +00:00
d621f8ceda
コミット 92dfb9cfec
1個のファイルの変更172行の追加31行の削除
統計情報を表示 Patchファイルをダウンロード Diffファイルをダウンロード すべてのファイルを展開 すべてのファイルを折り畳む

203
STREAMING.md
ファイルの表示

@ -1,23 +1,140 @@
### Tor
Install tor and include these lines in your [torrc][torrc]:
Install tor. On Linux you can probably install a package called `tor` and
be done, otherwise [compile it][tor]. On Windows download this binary:
<https://www.torproject.org/download/tor/>.
Find your [torrc][torrc]. On Linux it is probably at `/etc/tor/torrc`.
On Windows it might be somewhere in `%appdata%\tor` or something.
#### Background
A Tor hidden service is a regular TCP service that you talk to via a
6-hop circuit created inside the Tor network. You initiate the creation
of this circuit by providing tor with the service's hostname, which is a
long base32-encoded string ending in ".onion". This hostname is derived
from a pair of cryptographic keys generated by the hidden service
operator.
A TCP service is a computer program you interact with over the Internet
using TCP. TCP is a low-level networking protocol that sits above IP
and creates a reliable so-called "connection" between two computers. It
handles the reordering and resending of packets that are shuffled or
lost in transit on the Internet, such that the bytes sent from one
computer will match exactly the bytes that arrive at the other computer
(barring active interference (MITM), TCP is not secure). Getting
reliability for free greatly simplifies the creation of network
applications, and for this reason and other historical reasons TCP is
ubiquitous on the Internet to this day. Many applications use TCP, for
example IRC, SSH, RTMP, Minecraft, and HTTP (like us here).
#### Configuration
We are now going to create a hidden service. We need to give tor a
directory to store the keys it generates, the location of our existing
TCP service, and a virtual TCP port to listen on. There are two
directives we have to add to our torrc: `HiddenServiceDir` and
`HiddenServicePort`. (There is a commented-out section in the default
torrc for hidden services, you may wish to make these changes there.)
##### `HiddenServiceDir`
`HiddenServiceDir` sets the directory for the hidden service's keys and
other data. You could choose any directory, but you should make sure
it's owned by the user the tor daemon runs as, and the directory's
permissions are `0700/drwx------` (`rwx` for user, `---` for group and
everyone else).
If you configure this in a way tor doesn't like, tor will kill itself
and complain in one of these two ways:
```
Jun 11 23:21:17.000 [warn] Directory /home/n9k/projects/anonstream/hidden_service cannot be read: Permission denied
```
```
Jun 12 02:37:51.036 [warn] Permissions on directory /var/lib/tor/anonstream are too permissive.
```
The simplest option is to copy the examples provided in the torrc, on
Linux that would probably be a directory inside `/var/lib/tor`, e.g.
`HiddenServiceDir /var/lib/tor/anonstream`. tor will create this
directory itself with the uid, gid, and permissions that it likes, which
for me are these:
```
Access: (0700/drwx------) Uid: ( 42/ tor) Gid: ( 42/ tor)
```
###### `HiddenServiceDir` troubleshooting
If you created the directory yourself and gave it the wrong permissions
or uid or gid, delete the directory and let tor create it itself, or do
this:
```
# chown -R tor:tor /var/lib/tor/anonstream
# chmod 0700 /var/lib/tor/anonstream
# chmod 0600 /var/lib/tor/anonstream/*
# chmod 0700 /var/lib/tor/anonstream/*/
```
If the user and group `tor` do not exist, your tor daemon runs as some
other user. There may be a `User` directive in your torrc or in a file
included by your torrc, for example on Debian it's `User debian-tor`.
This means that a tor process running as root will immediately drop
privileges by switching to the user `debian-tor`. The user's primary
group should have the same name, but you can check as root like this:
`# id debian-tor`.
On Linux, if tor is already running you can see what user and group it is
running as like this:
```
$ ps -C tor -o uid,gid,cmd
UID GID CMD
42 42 tor --quiet --runasdaemon 0
$ cat /etc/passwd | grep :42: | cut -f 1 -d : # 42 is the UID here
tor
$ cat /etc/group | grep :42: | cut -f 1 -d : # 42 is the GID here
tor
```
Alternatively you could specify a directory inside the cloned
repository, e.g. `/home/delphine/Documents/anonstream/hidden_service`
or something like that. This will only work if the tor daemon has `rwx`
permissions on the directory and at least `r-x` permissions on all the
directories above it. This is probably not the case for you since your
home folder might have `0700/drwx------` permissions. If you
installed tor as a package, the daemon probably runs as its own user
(e.g. `debian-tor` on Debian, `tor` on Arch/Gentoo). If you want to
figure this out yourself go ahead. I would advise just using
`/var/lib/tor/anonstream` though.
##### `HiddenServicePort`
Include this line verbatim directly below the `HiddenServiceDir` line:
```
HiddenServiceDir $PROJECT_ROOT/hidden_service
HiddenServicePort 80 127.0.0.1:5051
```
but replace `$PROJECT_ROOT` with the folder you cloned the git repo
into.
Then reload tor. If everything went well, the directory will have been
created and your onion address will be in
`$PROJECT_ROOT/hidden_service/hostname`.
tor will listen for connections to our onion address at virtual port
80 (this is the conventional HTTP port), and it will forward that
traffic to our TCP service at 127.0.0.1:5051, which is our webserver.
##### Finish
Example configuration:
```
HiddenServiceDir /var/lib/tor/anonstream
HiddenServicePort 80 127.0.0.1:5051
```
Reload tor to make it reread its torrc: `# pkill -HUP tor`. With
systemd you can alternatively do `# systemctl reload tor`. If
everything went well, the directory will have been created and your
onion address will be in `$HIDDEN_SERVICE_DIR/hostname`.
### OBS Studio
Install OBS Studio. If the autoconfiguration wizard prompts you to
choose a third-party service, ignore it since we're not gonna be doing
that.
Install OBS Studio. If the autoconfiguration wizard prompts you to
choose a third-party service, ignore it since we're not going to be
using a third-party service.
Click `Settings` and set these:
@ -26,33 +143,57 @@ Click `Settings` and set these:
* Filename Formatting: `stream`
* Overwrite if file exists: yes
* Video
* Output (Scaled) Resolution: `960x540` or lower
* Output (Scaled) Resolution: `960x540` or lower, or whatever you want
* Common FPS Values: any integer framerate (e.g. 30 or 60)
* Output
* Output Mode: `Advanced`
* Recording:
| | |
|----------------------------|------------------------------------------------------------------------------------------------|
| Type | `Custom Output (FFmpeg)` |
| FFmpeg Output Type | `Output to File` |
| File path or URL | same as config.toml: `segments/directory` (but should be an absolute path) |
| Container Format | `hls` |
| Muxer Settings (if any) | `hls_init_time=0 hls_time=2 hls_list_size=120 hls_flags=delete_segments hls_segment_type=fmp4` |
| Video bitrate | `420 Kbps` or lower |
| Keyframe interval (frames) | `framerate*hls_time`, e.g. for 60fps and an `hls_time` of 2 seconds, use 120 |
| Video Encoder | libx264, or an H.264 hardware encoder (e.g. `h264_nvenc` for Nvidia, [see here][ffmpeg]) |
| Audio Bitrate | `96 Kbps` |
| Audio Encoder | `aac` |
```
+----------------------------+-------------------------------------+
| Field | Value |
+============================+=====================================+
| Type | `Custom Output (FFmpeg)` |
+----------------------------+-------------------------------------+
| FFmpeg Output Type | `Output to File` |
+----------------------------+-------------------------------------+
| File path or URL | same as the `segments/directory` |
| | option in config.toml, but make it |
| | an absolute path |
+----------------------------+-------------------------------------+
| Container Format | `hls` |
+----------------------------+-------------------------------------+
| Muxer Settings (if any) | `hls_init_time=0 hls_time=2 ` |
| | `hls_list_size=120 ` |
| | `hls_flags=delete_segments ` |
| | `hls_segment_type=fmp4` |
+----------------------------+-------------------------------------+
| Video bitrate | `420 Kbps` or lower, or whatever |
| | you want |
+----------------------------+-------------------------------------+
| Keyframe interval (frames) | `framerate` * `hls_time`, e.g. for |
| | 60fps and an `hls_time` of 2 |
| | seconds, set this to 120 |
+----------------------------+-------------------------------------+
| Video Encoder | libx264, or an H.264 hardware |
| | encoder (e.g. `h264_nvenc` for |
| | Nvidia, [see here][ffmpeg]) |
+----------------------------+-------------------------------------+
| Audio Bitrate | `96 Kbps`, or whatever you want |
+----------------------------+-------------------------------------+
| Audio Encoder | `aac` |
+----------------------------+-------------------------------------+
```
Then click `OK`.
To start streaming click `Start Recording`.
That's it. To start streaming click `Start Recording`.
Because of the muxer settings we used, segments older than four
minutes will be constantly deleted. When you stop streaming, the last
four minutes worth of segments will remain the segments directory.
You can delete them if you want. When you're not streaming you can
delete everything in the segments directory and it'll be fine.
When it is recording, segments older than four minutes will be regularly
deleted, and when it stops recording the last four minutes worth of
segments will remain the segments directory. (You can change the number
of kept segments by modifying the `hls_list_size` option in the muxer
settings.) When it is not recording, you can delete the files in the
segments directory without consequence. Old segments will never be sent
over the network even if they are not deleted.
[tor]: https://gitlab.torproject.org/tpo/core/tor
[torrc]: https://support.torproject.org/#tbb-editing-torrc
[ffmpeg]: https://trac.ffmpeg.org/wiki/HWAccelIntro