Phriction Welcome in gitpull.it, a Phabricator instance! Border Radio Reference History Version 3 vs 31
Version 3 vs 31
Version 3 vs 31
Edits
Edits
- Edit by valerio.bozzolan, Version 31
- Jan 25 2022 00:47
- Edit by valerio.bozzolan, Version 3
- May 20 2020 21:40
Edit Older Version 3... | Edit Current Version 31... |
Content Changes
Content Changes
This is a reference of the current implementation of #border_radio infrastructure.
== Overview ==
{F32030, size=full}
== Icecast Stream ==
The stream is broadcasted to the people via Icecast. The current installed version can be seen there:
https://packages.debian.org/buster/icecast2
It's served by the main #reyboz webserver.
It's exposed by HTTP (directly via Icecast) and HTTPs (under a frontend Apache webserver).
* http://stream.border-radio.it:8000/radio.mp3
* https://stream.border-radio.it/radio.mp3
== Podcast Drive ==
This is the Border Radio Podcast drive:
* http://static.border-radio.it/podcast/
* https://static.border-radio.it/podcast/
Because storage is expensive, the Border Radio Podcast Drive it's a single board computer with a 1TB hard drive hidden in a LAN. It has a webserver but it's not reachable from itself because actually we have not the ability to configure its router.
In order to be available to the world, that node keep online an SSH reverse tunnel to #reyboz similar to this one:
```
autossh -R 8081:localhost:80 border-tunnel@reyboz
```
And in #reyboz we have a small Apache proxy that exposes the incoming HTTP traffic to that opened `8081` loopback port with something like this:
```
name=/etc/apache2/sites-enabled/border-radio.static.conf
<VirtualHost *:80>
ServerName static.border-radio.it
# serve some local files (just temporary certificates actually)
DocumentRoot /home/www-data/reyboz.it/static/border-radio
# allow to renew let's encrypt certificates when it creates temporary stuff in this directory
ProxyPass "/.well-known" "!"
# proxy enabled by a reverse SSH tunnel from an hidden LAN from a secret single board computer. asd
ProxyPass / http://localhost:8081/border-radio/
ProxyPassReverse / http://localhost:8081/border-radio/
</VirtualHost>
```
== Stream Director ==
We have a computer in the Border Radio LAN.
TODO
== Website ==
* https://border-radio.it/
The website is a WordPress instance installed via the `wordpress` package in Debian GNU/Linux stable (currently codename `buster`). This choice was done in order to keep the website secure via the package manager and do not break the website on unintended WordPress upgrades.
The current WordPress version can be seen there:
* https://packages.debian.org/buster/wordpress
It's served by the main #reyboz webserver.
This is a reference of the current implementation of #border_radio infrastructure currently hosted in #reyboz.
== Network overview ==
{F1540966, size=full}
== Icecast Stream ==
The stream is broadcasted to the people via Icecast. The current installed version can be seen there:
https://packages.debian.org/buster/icecast2
It's served by the main #reyboz webserver.
It's exposed by HTTP (directly via Icecast) and HTTPs (under a frontend Apache webserver).
* http://stream.border-radio.it:8000/radio.mp3
* https://stream.border-radio.it/radio.mp3
There is also a low-priority hidden mountpoint used by LibreTime:
https://stream.border-radio.it/music
== Podcast Drive ==
This is the Border Radio Podcast drive:
* http://static.border-radio.it/podcast/
* https://static.border-radio.it/podcast/
Because storage is expensive, the Border Radio Podcast Drive it's a single board computer with a 1TB hard drive hidden in a LAN. It's exposed via dirty hacks like pirates (using a reverse SSH tunnel). In the future we may want to get rid of this reverse SSH tunnel and expose this host directly from Comala's LAN hacking with the port forwarding settings in the Comala's router (but actually nobody in Comala knows the router's password).
See {T490}
=== Podcast Drive FTP ===
Border Radio podcast drive FTP server's configuration:
FTP server:
`border-radio.it`
FTP port:
2121
FTP modality:
passive
Credentials:
* {K21}
* {K22}
=== Podcast drive SFTP ===
The Podcast drive can be accessed via SFTP via the `ftp-border-radio` user.
This is used in background to mirror stuff locally and to use podcasts in LibreTime.
== Website ==
* https://border-radio.it/
The website is a WordPress instance installed via the `wordpress` package in Debian GNU/Linux stable (currently codename `buster`). This choice was done in order to keep the website secure via the package manager and do not break the website on unintended WordPress upgrades.
The current WordPress version can be seen there:
* https://packages.debian.org/buster/wordpress
It's served by the main #reyboz webserver.
=== Website theme ===
Border Radio adopted the [[ https://themeforest.net/item/onair2-radio-station-wordpress-theme/19340714 | OnAir2 WordPress theme ]]. To be honest under its hood is shitty (ask we why please) but, hey, it was the best we found. Moreover it's free as in freedom so we hope to patch it and improve it.
Tips:
* change homepage splash image (T581)
FTP access for the theme directory:
{K26}
== Border Regia remote desktop (VNC) ==
Change password (8 characters):
```
sudo x11vnc -storepasswd asdasdas /etc/x11vnc.pass
```
See {T489}.
{K25}
== Border Regia SSH reverse tunnel ==
On the Border Radio regia there is a reverse SSH tunnel opened to the #reyboz server:
```
systemctl status autossh-reyboz
```
In short it connects via:
```
ssh [various parameters] border-radio-regia@reyboz.it
```
See [[ reyboz/ports/ ]].
== Border Radio LibreTime ==
LibreTime is exposed here:
https://director.border-radio.it/
Before visiting it you must insert these HTTP Auth credentials:
{K23}
To restart the service:
```
sudo systemctl restart libretime
```
More details at:
{T594}
The source code is here:
* https://github.com/BorderRadio/docker-multicontainer-libretime
== Border Radio LibreTime live Icecast ==
LibreTime exposes an Icecast server to enter in live:
{K27}
== Logo ==
The logos should be show in the Visual Identity page:
https://border-radio.it/visual-identity/
Rounded:
{F643879}
Long with phrase:
{F643879}
This is a reference of the current implementation of #border_radio infrastructure currently hosted in #reyboz.
== O== Network overview ==
{F32030{F1540966, size=full}
== Icecast Stream ==
The stream is broadcasted to the people via Icecast. The current installed version can be seen there:
https://packages.debian.org/buster/icecast2
It's served by the main #reyboz webserver.
It's exposed by HTTP (directly via Icecast) and HTTPs (under a frontend Apache webserver).
* http://stream.border-radio.it:8000/radio.mp3
* https://stream.border-radio.it/radio.mp3
There is also a low-priority hidden mountpoint used by LibreTime:
https://stream.border-radio.it/music
== Podcast Drive ==
This is the Border Radio Podcast drive:
* http://static.border-radio.it/podcast/
* https://static.border-radio.it/podcast/
Because storage is expensive, the Border Radio Podcast Drive it's a single board computer with a 1TB hard drive hidden in a LAN. It has a webserver but it's not reachable from itself because actually we have not the ability to configure its router's exposed via dirty hacks like pirates (using a reverse SSH tunnel). In the future we may want to get rid of this reverse SSH tunnel and expose this host directly from Comala's LAN hacking with the port forwarding settings in the Comala's router (but actually nobody in Comala knows the router's password).
In order to be available to the world, that node keep online an SSH reverse tunnel to #reyboz similar to this one:See {T490}
```=== Podcast Drive FTP ===
Border Radio podcast drive FTP server's configuration:
FTP server:
autossh -R 8081:localhost:80 border-tunnel@reyboz`border-radio.it`
FTP port:
```2121
And in #reyboz we have a small Apache proxy that exposes the incoming HTTP traffic to that opened `8081` loopback port with something like this:FTP modality:
passive
```Credentials:
* {K21}
name=/etc/apache2/sites-enabled/border-radio.static.conf* {K22}
=== Podcast drive SFTP ===
The Podcast drive can be accessed via SFTP via the `ftp-border-radio` user.
This is used in background to mirror stuff locally and to use podcasts in LibreTime.
== Website ==
* https://border-radio.it/
The website is a WordPress instance installed via the `wordpress` package in Debian GNU/Linux stable (currently codename `buster`). This choice was done in order to keep the website secure via the package manager and do not break the website on unintended WordPress upgrades.
The current WordPress version can be seen there:
* https://packages.debian.org/buster/wordpress
It's served by the main #reyboz webserver.
=== Website theme ===
Border Radio adopted the [[ https://themeforest.net/item/onair2-radio-station-wordpress-theme/19340714 | OnAir2 WordPress theme ]]. To be honest under its hood is shitty (ask we why please) but, hey, it was the best we found. Moreover it's free as in freedom so we hope to patch it and improve it.
Tips:
* change homepage splash image (T581)
FTP access for the theme directory:
{K26}
== Border Regia remote desktop (VNC) ==
Change password (8 characters):
```
<VirtualHost *:80>sudo x11vnc -storepasswd asdasdas /etc/x11vnc.pass
ServerName static.border-radio.it```
# serve some local files (just temporary certificates actually)
DocumentRoot /home/www-data/reyboz.it/static/border-radioSee {T489}.
{K25}
# allow to renew let's encrypt certificates when it creates temporary stuff in this directory== Border Regia SSH reverse tunnel ==
On the Border Radio regia there is a reverse SSH tunnel opened to the #reyboz server:
```
systemctl status autossh-reyboz
ProxyPass "/.well-known" "!"```
In short it connects via:
# proxy enabled by a reverse SSH tunnel from an hidden LAN from a secret single board computer. asd```
ProxyPass / http://localhost:8081/border-radio/ssh [various parameters] border-radio-regia@reyboz.it
ProxyPassReverse / http://localhost:8081/border-radio/```
See [[ reyboz/ports/ ]].
== Border Radio LibreTime ==
LibreTime is exposed here:
https://director.border-radio.it/
Before visiting it you must insert these HTTP Auth credentials:
{K23}
To restart the service:
```
</VirtualHost>sudo systemctl restart libretime
```
== Stream Director ==More details at:
We have a computer in the Border Radio LAN.{T594}
TODOThe source code is here:
== Website ==* https://github.com/BorderRadio/docker-multicontainer-libretime
* https://border-radio.it/== Border Radio LibreTime live Icecast ==
The website is a WordPress instance installed via the `wordpress` package in Debian GNU/Linux stable (currently codename `buster`). This choice was done in order to keep the website secure via the package manager and do not break the website on unintended WordPress upgrades.LibreTime exposes an Icecast server to enter in live:
The current WordPress version can be seen there:{K27}
* https://packages.debian.org/buster/wordpress== Logo ==
It's served by the main #reyboz webserver.The logos should be show in the Visual Identity page:
https://border-radio.it/visual-identity/
Rounded:
{F643879}
Long with phrase:
{F643879}
Public contents are in Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) or GNU Free Documentation License (at your option) unless otherwise noted. · Contact / Register