[Icecast] add user failed check log
Coolvibes Reloaded
jayaubs89 at gmail.com
Tue Feb 28 16:21:29 UTC 2023
rite now i have this code in which i got from xiph guide
<icecast>
<hostname>LAPTOP-U97RKMM3</hostname>
<location>United Kingdom</location>
<admin>jayaubs89 at gmail.com</admin>
<fileserve>1</fileserve>
<server-id>icecast 2.4.4</server-id>
<limits>
<clients>100</clients>
<sources>2</sources>
<queue-size>102400</queue-size>
<client-timeout>30</client-timeout>
<header-timeout>15</header-timeout>
<source-timeout>10</source-timeout>
<burst-on-connect>1</burst-on-connect>
<burst-size>65536</burst-size>
</limits>
<authentication>
<source-password>examplepass</source-password>
<relay-password>examplepass</relay-password>
<admin-user>admin</admin-user>
<admin-password>examplepass</admin-password>
</authentication>
<shoutcast-mount>/stream</shoutcast-mount>
<mount>
<mount-name>/example.ogg</mount-name>
<authentication type="htpasswd">
<option name="filename" value="myauth"/>
<option name="allow_duplicate_users" value="0"/>
</authentication>
</mount>
<listen-socket>
<port>8000</port>
<bind-address>127.0.0.1</bind-address>
</listen-socket>
<listen-socket>
<port>8443</port>
<tls>1</tls>
</listen-socket>
<listen-socket>
<port>8004</port>
<shoutcast-mount>/live.mp3</shoutcast-mount>
</listen-socket>
<http-headers>
<header name="Access-Control-Allow-Origin" value="*" />
<header name="X-Robots-Tag" value="index, noarchive" status="200" />
</http-headers>
<paths>
<basedir>./</basedir>
<logdir>./logs</logdir>
<pidfile>./icecast.pid</pidfile>
<webroot>./web</webroot>
<adminroot>./admin</adminroot>
<allow-ip>/path/to/ip_allowlist</allow-ip>
<deny-ip>/path_to_ip_denylist</deny-ip>
<tls-certificate>/path/to/certificate.pem</tls-certificate>
<ssl-allowed-ciphers>ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS</ssl-allowed-ciphers>
<alias source="/foo" dest="/bar"/>
</paths>
<logging>
<accesslog>access.log</accesslog>
<errorlog>error.log</errorlog>
<playlistlog>playlist.log</playlistlog>
<loglevel>4</loglevel> <!-- 4 Debug, 3 Info, 2 Warn, 1 Error -->
</logging>
<directory>
<yp-url-timeout>15</yp-url-timeout>
<yp-url>http://dir.xiph.org/cgi-bin/yp-cgi</yp-url>
</directory>
</icecast>
but i'm running the gui on windows10
i can't for the life of me find logs folder and any of the other folders?
On Tue, Feb 28, 2023 at 11:28 AM Philipp Schafft <
phschafft at de.loewenfelsen.net> wrote:
> Good morning,
>
> On Tue, 2023-02-28 at 01:07 +0000, Coolvibes Reloaded wrote:
> > i'm trying to config the usr authentication
> > but when i goto add myself into the admin part
> > i get add user failed check log?
> >
> > so i did and i'm getting this
> > [...]
> > [2023-02-28 00:46:16] EROR auth_htpasswd/auth_htpasswd.c No filename
> > given in options for authenticator.
> > [...]
>
> There is no filename given for the htpasswd auth, will comment below.
>
>
>
> > [2023-02-28 00:44:26] WARN auth/auth.c unknown auth setting (auth)
> > [2023-02-28 00:44:26] WARN auth/auth.c unknown auth setting
> > (comment)
> > [2023-02-28 00:44:26] EROR auth_htpasswd/auth_htpasswd.c No filename
> > given in options for authenticator.
> > [2023-02-28 00:44:26] EROR connection/connection.c Could not create
> > listener socket on port 8080 bind my ip
> > [2023-02-28 00:44:26] EROR connection/connection.c Could not create
> > listener socket on port 8081 bind my ip
>
> Another set of warnings. Looking at the config below you seem to have
> fallen into the over configuration trap. Plus I'm not sure where some
> of that came from. Maybe you want to comment on that so we can improve
> docs/default configs.
>
>
> What is also missing is which exact version of Icecast you are running.
> The below seems to be a mix of 2.4.x and 2.5.x. I try to answer in a
> generic was for both.
>
> I would also suggest you to run xmllint every time you change the
> config as it checks the syntax. Helps to spot problems early. It also
> provides a way to autoformat (with the --format option) the file. Which
> is very nice.
>
> Another general note here: Everyone using 2.5.x is recommended to have
> a look at the dashboard. Icecast reports many common problems there. It
> is much easier to spot things very early there.
>
>
> > now my config file is
> >
> > <icecast>
> > <!-- location and admin are two arbitrary strings that are e.g.
> > visible
> > on the server info page of the icecast web interface
> > (server_version.xsl). -->
> > <location>United Kingdom</location>
> > <admin>someemail at example.com</admin>
> >
> > <!-- This is the hostname other people will use to connect to your
> > server.
> > It affects mainly the urls generated by Icecast for
> > playlists and yp
> > listings. You MUST configure it properly for YP listings to
> > work!
> > -->
> > <hostname>yourip/url</hostname>
>
> This is not for an IP address nor an URL. It is for the hostname of the
> server. ;)
>
>
> > <!-- IMPORTANT!
> > Especially for inexperienced users:
> > Start out by ONLY changing all passwords and restarting
> > Icecast.
> > For detailed setup instructions please refer to the
> > documentation.
> > It's also available here: http://icecast.org/docs/
> > -->
> >
> > <limits>
> > <clients>9000</clients>
> > <sources>2</sources>
> > <queue-size>524288</queue-size>
> > <client-timeout>30</client-timeout>
> > <header-timeout>15</header-timeout>
> > <source-timeout>10</source-timeout>
> > <!-- If enabled, this will provide a burst of data when a client
> > first connects, thereby significantly reducing the
> > startup
> > time for listeners that do substantial buffering.
> > However,
> > it also significantly increases latency between the
> > source
> > client and listening client. For low-latency setups,
> > you
> > might want to disable this. -->
> > <burst-on-connect>1</burst-on-connect>
> > <!-- same as burst-on-connect, but this allows for being more
> > specific on how much to burst. Most people won't need to
> > change from the default 64k. Applies to all mountpoints
> > -->
> > <burst-size>65535</burst-size>
> > </limits>
> >
> > <authentication>
> > <!-- Sources log in with username 'source' -->
> > <source-password>somepass</source-password>
> > <!-- Relays log in with username 'relay' -->
> > <relay-password>somepass</relay-password>
> >
> > <!-- Admin logs in with the username given below -->
> > <admin-user>admin</admin-user>
> > <admin-password>somepass</admin-password>
> > </authentication>
> >
> >
> > <!-- set the mountpoint for a shoutcast source to use, the default
> > if not -->
> > <!-- specified is /stream but you can change it here if an
> > alternative is -->
> > <!-- wanted or an extension is required -->
> > <shoutcast-mount>/stream</shoutcast-mount>
>
>
> > <directory>
> > <yp-url-timeout>15</yp-url-timeout>
> > <yp-url>http://dir.xiph.org/cgi-bin/yp-cgi</yp-url>
> > </directory>
> >
> > <!-- You may have multiple <listener> elements -->
> > <listen-socket>
> > <port>someport</port>
> > <bind-address>someip</bind-address>
> > <shoutcast-mount>/stream</shoutcast-mount>
> > <tls>1</tls>
> > <ssl>1</ssl>
> > </listen-socket>
> >
> > <listen-socket>
> > <port>8080</port>
> > <tls>1</tls>
> > </listen-socket>
> >
> > <listen-socket>
> > <port>8080</port>
> > <tls>1</tls>
> > </listen-socket>
> >
> > <listen-socket>
> > <port>8080</port>
> > <shoutcast-mount>/stream</shoutcast-mount>
> > </listen-socket>
> >
> > <listen-socket>
> > <port>8080</port>
> > </listen-socket>
> >
> > <listen-socket>
> > <port>8080</port>
> > </listen-socket>
> >
> > <listen-socket>
> > <port>8080</port>
> > <ssl>1</ssl>
> > </listen-socket>
>
> You repeat yourself a lot here. Clearly you can only bind once to each
> port and address pair. (If no bind address is given, the wildcard
> address is assumed.)
>
> As for the TLS settings: in 2.4.x it is <ssl>1</ssl> and in 2.5.x it is
> <tls>true</tls> (which is the same as setting it to "rfc2818"). However
> for 2.5.x I would recommend to set this to <tls>auto</tls> (which
> allows any mode, including non-TLS) or <tls>auto_no_plain</tls> which
> allows any mode but non-TLS.
>
> More details can be found e.g. here:
>
> https://wiki.xiph.org/Icecast_Server/known_https_restrictions#Icecast2_2.5.x_.28branch_.22master.22.29
>
> If there is general interest in this I can talk a little bit about this
> on Friday as well.
>
>
> > <!-- Global header settings
> > Headers defined here will be returned for every HTTP request
> > to Icecast.
> >
> > The ACAO header makes Icecast public content/API by default
> > This will make streams easier embeddable (some HTML5
> > functionality needs it).
> > Also it allows direct access to e.g. /status-json.xsl from
> > other sites.
> > If you don't want this, comment out the following line or
> > read up on CORS.
> > -->
> > <http-headers>
> > <header name="Access-Control-Allow-Origin" value="*" />
> > <header name="X-Robots-Tag" value="index, noarchive" status="200"
> > />
> > </http-headers>
> >
> > <!-- Relaying
> > You don't need this if you only have one server.
> > Please refer to the config for a detailed explanation.
> > -->
> > <!--<master-server>127.0.0.1</master-server>-->
> > <!--<master-server-port>8001</master-server-port>-->
> > <!--<master-update-interval>120</master-update-interval>-->
> > <!--<master-password>hackme</master-password>-->
> >
> > <!-- setting this makes all relays on-demand unless overridden,
> > this is
> > useful for master relays which do not have <relay>
> > definitions here.
> > The default is 0 -->
> > <!--<relays-on-demand>1</relays-on-demand>-->
> >
> > <relay>
> > <server>someip</server>
> > <port>someport</port>
> > <mount>/coolvibes.ogg</mount>
> > <local-mount>/strawbs.ogg</local-mount>
> > <on-demand>0</on-demand>
> >
> > <relay-shoutcast-metadata>0</relay-shoutcast-metadata>
> > </relay>
>
> If you're using recent 2.5.x you can also use
> <url>http://example.org/blubb</url> here for the upstream address.
>
>
> > <!-- Mountpoints
> > Only define <mount> sections if you want to use advanced
> > options,
> > like alternative usernames or passwords
> > -->
> >
> > <!-- Default settings for all mounts that don't have a specific -->
> >
> > <mount type="normal">
> > <mount-name>/live.mp3</mount-name>
>
> In this block you set a real huge amount of options. I guess most of
> them can go. Some are set to the default value (e.g. you set <burst-
> size> to the same value as the global default). Some should be avoided
> unless there is a real requiement (e.g. <*type*>, <*metadata*>,
> <*header*>, <bitrate>, ...). And for some I'm not sure if you actually
> use them (<on-*>, <fallback*>, <intro>).
>
> Generally speaking use as little options as possible.
>
>
> > <username>someusername</username>
> > <password>someexamplepass</password>
> > <max-listeners>900</max-listeners>
> > <max-listener-duration>3600</max-listener-duration>
> > <dump-file>/tmp/dump-example1.ogg</dump-file>
> > <intro>/intro.ogg</intro>
> > <fallback-mount>/stream.ogg</fallback-mount>
> > <fallback-override>1</fallback-override>
> > <fallback-when-full>1</fallback-when-full>
> > <charset>ISO8859-1</charset>
> > <public>1</public>
> > <stream-name>somestream</stream-name>
> > <stream-description>'hello'</stream-description>
> > <stream-url>someurl</stream-url>
> > <genre>World</genre>
> > <bitrate>160</bitrate>
> > <type>application/mp3</type>
> > <subtype>mp3</subtype>
> > <hidden>1</hidden>
> > <burst-size>65536</burst-size>
> > <mp3-metadata-interval>4096</mp3-metadata-interval>
>
> > <authentication type="htpasswd">
> > <auth name="stream_auth" value="#" />
> > <option name="allow_duplicate_users" value="1"/>
> > <!-- See authentication documentation -->
> > </authentication>
>
> Not sure where you got this block from.
> Generally the htpasswd type takes an option with the filename. From the
> 2.4.4 example:
> <authentication type="htpasswd">
> <option name="filename" value="myauth"/>
> </authentication>
>
> The filename is relativ to Icecast's cwd (after chroot if any). So
> depending on your setup you might want to set it absolute.
>
>
>
> > <http-headers>
> > <header name="Access-Control-Allow-Origin" value="*" />
> > <header name="X-Robots-Tag" value="index, noarchive" />
> > <header name="foo" value="bar" status="200" />
> > <header name="Nelson" value="Ha-Ha!" status="404" />
> > </http-headers>
> > <on-connect>/home/icecast/bin/source-start</on-connect>
> > <on-disconnect>/home/icecast/bin/source-end</on-disconnect>
> > </mount>
>
>
> The rest below is 2.4.x style config. Nothing wroth with it even for
> 2.5.x. But it might be a bit nicer to read/work with in 2.5.x style.
>
> > <fileserve>1</fileserve>
> >
> > <paths>
> > <logdir>./log</logdir>
> > <webroot>./web</webroot>
> > <adminroot>./admin</adminroot>
>
> Relative paths here look a bit like you try to run it not as a service.
> I would avoid this outside of testing.
>
>
> >
> > <!-- Aliases: treat requests for 'source' path as being for
> > 'dest' path
> > May be made specific to a port or bound address using
> > the "port"
> > and "bind-address" attributes.
> > -->
> > <!--
> > <alias source="/foo" destination="/bar"/>
> > -->
> > <!-- Aliases: can also be used for simple redirections as
> > well,
> > this example will redirect all requests for
> > http://server:port/ to
> > the status page
> > -->
> > <alias source="/" destination="/status.xsl"/>
> > <!-- The certificate file needs to contain both public and
> > private part.
> > Both should be PEM encoded.
> > <ssl-certificate>./icecast.pem</ssl-certificate>
> > -->
> > </paths>
> >
> > <security>
> > <chroot>0</chroot>
> >
> > <changeowner>
>
> Having changeowner active is not the nicest thing. Unless you need the
> extra permissions for e.g. binding to a privileged port I would suggest
> to not use this. If running as a service it is best to let the
> operating system change to the correct user before starting Icecast. if
> running ín a more test setup sudo/doas -u works very nice to switch to
> the target user.
>
>
> > <user>user</user>
> > <group>users</group>
> > </changeowner>
> >
> > </security>
> >
> > <logging>
> > <accesslog>access.log</accesslog>
> > <errorlog>error.log</errorlog>
> > <!-- <playlistlog>playlist.log</playlistlog> -->
> > <loglevel>4</loglevel> <!-- 4 Debug, 3 Info, 2 Warn, 1 Error
> > -->
> > <logsize>10000</logsize> <!-- Max size of a logfile -->
> > <!-- If logarchive is enabled (1), then when logsize is
> > reached
> > the logfile will be moved to
> > [error|access|playlist].log.DATESTAMP,
> > otherwise it will be moved to
> > [error|access|playlist].log.old.
> > Default is non-archive mode (i.e. overwrite)
> > -->
> > <!-- <logarchive>1</logarchive> -->
> > </logging>
> > </icecast>
>
>
> With best regards,
>
> --
> Philipp Schafft (CEO/Geschäftsführer)
> Telephone: +49.3535 490 17 92
> Website: https://www.loewenfelsen.net/
> Follow us: https://www.linkedin.com/company/loewenfelsen/
> Geschäftsführer/CEO: Philipp Schafft
>
> Löwenfelsen UG (haftungsbeschränkt) Registration number:
> Bickinger Straße 21 HRB 12308 CB
> 04916 Herzberg (Elster) VATIN/USt-ID:
> Germany DE305133015
> _______________________________________________
> Icecast mailing list
> Icecast at xiph.org
> http://lists.xiph.org/mailman/listinfo/icecast
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20230228/ccd8c558/attachment.htm>
More information about the Icecast
mailing list