[Icecast] Proper way to start multiple icecast services through bash script?

Walter York walteryork at hotmail.com
Mon May 29 15:44:06 UTC 2017


Shasha,


Thank you!  Tested and it worked!!!  Here is my code should anyone desire...  It is in three parts.

Could have parameterized the code...  find yourdomain.tld and replace with your domain.tld.  Be aware of any line that has yourdomain.tld to replace what matches for your needs.



#Copy and paste or run manually outside of script
############## Begin Initial Certbot Install ####################
#Install certbot, epel must be installed
yum install certbot
#Enable port 443 in Firewall for Certbot
#firewall-cmd --list-all
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --reload
#Run Command for Certbot to create certificate
certbot certonly \
  --standalone \
  --agree-tos \
  --non-interactive \
  --text \
  --rsa-key-size 4096 \
  --email admin at yourdomain.tld \
  --domains "stream.yourdomain.tld"
#Disable port 443 in Firewall for Certbot
firewall-cmd --permanent --remove-port=443/tcp
firewall-cmd --reload
#Letsencrypt certificates will now be located in /etc/letsencrypt/live/yourdomain.tld/
############## End Initial Certbot Install ####################






#!/bin/bash
############## Begin Certbot Renewal ####################
#Enable port 443 in Firewall for Certbot
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --reload
#Run Certbot Renew all certs
certbot renew --force-renewal
#Disable port 443 in Firewall for Certbot
firewall-cmd --permanent --remove-port=443/tcp
firewall-cmd --reload
#Backup expiring Icecast certificate
mv -f /usr/share/icecast/ssl/stream_yourdomain.tld_combined.pem /usr/share/icecast/ssl/stream_yourdomain.tld_combined_$(date +%Y%m%d_%T).bak && touch /usr/share/icecast/ssl/stream_yourdomain.tld_combined.pem
#Append FullChain to icecast certificate
cat /etc/letsencrypt/live/stream.yourdomain.tld/fullchain.pem > /usr/share/icecast/ssl/stream_yourdomain.tld_combined.pem
#Append privkey to icecast certificate
cat /etc/letsencrypt/live/stream.yourdomain.tld/privkey.pem >> /usr/share/icecast/ssl/stream_yourdomain.tld_combined.pem
#The following is for my implementation.  If you have a single service consider removing the following to just service icecast restart
#Kill all processes with the name icecast
ps -ef | grep icecast | grep -v grep | awk '{print $2}' | xargs -r kill -9
#Start my icecast instances
/usr/bin/icecast -c /etc/icecast.xml -b > /dev/null 2>&1 &
/usr/bin/icecast -c /etc/icecast1.xml -b > /dev/null 2>&1 &
/usr/bin/icecast -c /etc/icecast2.xml -b > /dev/null 2>&1 &
/usr/bin/icecast -c /etc/icecast3.xml -b > /dev/null 2>&1 &
############## End Certbot Renewal ####################




#Run at command line
# Command to create CRON job to run once a week on Sunday at midnight
crontab -e
#Insert the following line
0 0 * * 0 /usr/share/icecast/ssl/certrenew.sh
#Check that CRON job was added

crontab -l


________________________________
From: Icecast <icecast-bounces at xiph.org> on behalf of Yahav Shasha <yahav.shasha at gmail.com>
Sent: Monday, May 29, 2017 10:35 AM
To: Icecast streaming server user discussions
Subject: Re: [Icecast] Proper way to start multiple icecast services through bash script?

try this:
/usr/bin/icecast -c /etc/icecast.xml -b > /dev/null 2>&1 &
as for killing them, don't overcomplicate things, killall icecast -KILL
also, perhaps you don't even need to kill and start them again, try to HUP them and see if the certificate updates.



On Mon, May 29, 2017 at 5:27 PM, Walter York <walteryork at hotmail.com<mailto:walteryork at hotmail.com>> wrote:
Yes, the web players I've tested have a hard time parsing meta properly using only one instance with separate streams.  Tested at least 6 of them looking for reliable meta and cross browser/OS compatibility.
On May 29, 2017, at 10:23 AM, Marvin Scholz <epirat07 at gmail.com<mailto:epirat07 at gmail.com>> wrote:

Any specific reason to run 4 Icecasts?

On 29 May 2017, at 16:21, Walter York wrote:

 I have 4 instances of icecast running on my server.


 #Command to start icecast
 /usr/bin/icecast -c /etc/icecast.xml -b &
 /usr/bin/icecast -c /etc/icecast1.xml -b &
 /usr/bin/icecast -c /etc/icecast2.xml -b &
 /usr/bin/icecast -c /etc/icecast3.xml -b &


 I am trying to integrate an automated Let's Encrypt Certificate
 renewal.  My testing found that I need to restart the icecast
 processes for the certificate to update.  I created a bash script that
 would open the firewall port, renew the cert, combine the
 certificates, overwrite the old cert, close the firewall port, kill
 the icecast services and then start them.


 Everything works except for the restarting of the services.  Killing
 them works fine but starting them hangs.  Please help me create the
 steps to start the 4 icecast instances via bash.  I have tried no &
 and && as well.  Feeling really stupid right now.  Thank you in
 advance for your time and please spell out the answer without assuming
 my knowledge or lacktherof!  😉


 #Kill all processes with the name icecast
 ps -ef | grep icecast | grep -v grep | awk '{print $2}' | xargs -r
 kill -9
 #Start my icecast instances

 /usr/bin/icecast -c /etc/icecast.xml -b &
 /usr/bin/icecast -c /etc/icecast1.xml -b &
 /usr/bin/icecast -c /etc/icecast2.xml -b &
 /usr/bin/icecast -c /etc/icecast3.xml -b &


 PS: If I can get this working I can post it to github for everyone who
 would like to secure their icecast traffic and renew it automatically.

________________________________

 Icecast mailing list
 Icecast at xiph.org<mailto:Icecast at xiph.org>
 http://lists.xiph.org/mailman/listinfo/icecast
________________________________

Icecast mailing list
Icecast at xiph.org<mailto:Icecast at xiph.org>
http://lists.xiph.org/mailman/listinfo/icecast

_______________________________________________
Icecast mailing list
Icecast at xiph.org<mailto:Icecast at xiph.org>
http://lists.xiph.org/mailman/listinfo/icecast




--
Yahav Shasha,
Web Developer
+972-(0)549214421
http://www.linkedin.com/in/yahavs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20170529/c2464855/attachment.htm>


More information about the Icecast mailing list