Thursday, July 9, 2020

[Howto] install Icecast on Centos 8

Icecast package is not available on Centos 8 / EPEL 8 package repositories. Here is the gist I use to install this package on Centos 8:


yum groupinstall "Development Tools" -y
yum install -y curl-devel libtheora-devel libvorbis-devel libxslt-devel speex-devel  libshout libxslt-devel -y
cd /usr/src
# from https://icecast.org/download/
wget http://downloads.xiph.org/releases/icecast/icecast-2.4.4.tar.gz
tar -zxvf icecast-2.4.4.tar.gz
cd icecast-2.4.4
./configure --sysconfdir=/etc --localstatedir=/var
make
make install

useradd -s /sbin/nologin  icecast
mkdir -p /var/run/icecast
mkdir -p /var/log/icecast
chown -R icecast:icecast /var/run/icecast
chown -R icecast:icecast /var/log/icecast

sed -i /etc/icecast.xml -e "s,/usr/local/var/log/icecast,/var/log/icecast,g"

# Configure /etc/icecast.xml, update <authentication>, <changeowner>, <hostname>, <location> and <admin> sections

echo '[Unit]
Description=Icecast
After=network.target

[Service]
Type=simple
Restart=always
RestartSec=5
User=icecast
ExecStart=/usr/local/bin/icecast -c /etc/icecast.xml
ExecReload=/usr/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target' > /etc/systemd/system/icecast.service

systemctl daemon-reload
systemctl enable icecast
service icecast restart
service icecast status

Wednesday, July 8, 2020

How rebuild httpd to set suexec AP_DOC_ROOT to /home

The default suexec AP_DOC_ROOT path that is provided by rpm repositories are set to /var/www , while virtualmin uses /home/ as its docroot folder. So one needs to use the custom build httpd package provided by virtualmin which is kind of outdated, OR compile apache by themselves and correct the docroot path.

I use httpd24u package provided by IUS-repo which is up-to-date and the followings are the gist I use to recompile this package and set its suexec docroot to /home:


# Install dependencies
yum install mock brotli-devel systemd-devel xmlto rpm-build epel-rpm-macros yum-utils -y
yum group install "Development Tools" -y
useradd -s /sbin/nologin mockbuild
useradd rpm
su rpm
cd ~


# Get source
yumdownloader --source httpd24u
yum-builddep httpd24u

# Centos 8 source
# dnf download --source httpd
#wget http://vault.centos.org/8.2.2004/AppStream/Source/SPackages/httpd-2.4.37-21.module_el8.2.0+382+15b0afa8.src.rpm

rpm2cpio httpd*.src.rpm | cpio -civ '*.spec'

rpm -i httpd*.src.rpm

sed -i httpd*.spec -e "s,--with-suexec-docroot=%{docroot},--with-suexec-docroot=/home,"

rpmbuild -bb httpd*.spec

# extract suexec from our rebuilt rpm
mkdir ./usr/sbin/
rpm2cpio ./rpmbuild/RPMS/x86_64/httpd24u*.rpm | cpio -civ './usr/sbin/suexec'

# run as root:
cp ./usr/sbin/suexec /usr/sbin/suexec
chown root.apache /usr/sbin/suexec
chmod u+s /usr/sbin/suexec
ls -l /usr/sbin/suexec
chattr +ia /usr/sbin/suexec

How to disable Debian 12 sleep on production servers

 Debian 12 has power saver enabled by default which causes your server to go to sleep if there is no mouse / keyboard interaction. To resolv...