How to Stream RTSP / Webcam / IP Camera Over the Web

I had a Hikvision IPC-B120 that provides a simple RTSP stream, which I could view in VLC. I also wanted to see my Logitech BRIO’s feed in a browser—without having to start a Video Call session.

To do this, I pull the RTSP (video/audio) feed from each camera, pipe it through FFmpeg to convert it into an MPEG-TS stream, and then serve it over WebSocket using JSMpeg. On my Raspberry Pi 5, I run two systemd services (one per camera) that use websocat to listen for WebSocket connections. When a client connects, websocat launches FFmpeg to start the conversion and forwards the stream; when the client disconnects, FFmpeg automatically stops.

# /etc/systemd/system/rtsp-ws.service

[Unit]

Description=On-demand WebSocket→FFmpeg bridge for JSMpeg

After=network.target

[Service]

User=pi

Group=pi

ExecStart=/usr/local/bin/websocat \

  --binary \

  --exit-on-eof \

  -s 127.0.0.1:10000 \

  sh-c:'/usr/bin/ffmpeg -hide_banner -loglevel error -rtsp_transport tcp -i "rtsp://user:pass@Local.IP.Camera:Localport/URI/channels/101" -f mpegts -codec:v mpeg1video -bf 0 -r 25 pipe:1'

Restart=on-failure

[Install]

WantedBy=multi-user.target

# /etc/systemd/system/webcam-ws.service

[Unit]

Description=On-demand WebSocket→FFmpeg bridge for Brio webcam

After=network.target

[Service]

User=pi

ExecStart=/usr/local/bin/websocat \

  --binary \

  --exit-on-eof \

  -s 127.0.0.1:10001 \

sh-c:'WAYLAND_DISPLAY=wayland-0 XDG_RUNTIME_DIR=/run/user/1000 /usr/bin/ffmpeg -hide_banner -loglevel error \

  -f v4l2 -framerate 30 -video_size 1920x1080 -i /dev/video0 \

  -f alsa -ac 2 -ar 44100 -i default \

  -f mpegts \

  -codec:v mpeg1video -bf 0 -r 30 \

  -codec:a mp2 \

  pipe:1'

Restart=on-failure

[Install]

WantedBy=multi-user.target

You can then create the related websocket proxy in apache and create a player file in html:

<!doctype html>

<html lang="en">

<head>

<meta charset="utf-8">

<title>Live Camera (JSMpeg)</title>

<style>

/* fullscreen black background, centered content */

html, body {

margin: 0; padding: 0;

width: 100vw; height: 100vh;

background: #000;

display: flex;

align-items: center;

justify-content: center;

}

/* wrapper to constrain size, max 90% of viewport */

.player-container {

width: 90vw;

max-width: 1280px; /* or whatever max you like */

max-height: 90vh;

}

/* canvas will fill the container but keep its own aspect‐ratio */

.player-container canvas {

width: 100%;

height: auto;

display: block;

}

</style>

</head>

<body>

<div class="player-container">

<canvas id="videoCanvas"></canvas>

</div>

<script src="/jsmpeg.min.js"></script>

<script>

const url = (location.protocol==='https:'?'wss://':'ws://')

+ location.host + '/my-ws-prefix';

new JSMpeg.Player(url, {

canvas: document.getElementById('videoCanvas'),

autoplay: true,

audio: false

});

</script>

</body>

</html>

How configure reverse proxy for Kodi web interface (chorus2)

 This tutorial goes over the steps to configure chorus2 behind nginx reverse proxy so you can remotely control your Kodi setup.

First Enable Kodi Web Interface and set a username and password in the settings as explained here. 

Then you can launch kodi web interface on Chromium and in the settings enable reverseproxy setup and also configure the port for your reverse proxy which usually is 443 for your nginx SSL.

For our nginx configuration, we need to note the following point in nginx reverse proxy docs:

A request URI is passed to the server as follows:

• If the proxy_pass directive is specified with a URI, then when a request is passed to the server, the part of a normalized request URI matching the location is replaced by a URI specified in the directive:

  location /name/ {
      proxy_pass http://127.0.0.1/remote/;
  }
  

• If proxy_pass is specified without a URI, the request URI is passed to the server in the same form as sent by a client when the original request is processed, or the full normalized request URI is passed when processing the changed URI:

  location /some/path/ {
      proxy_pass http://127.0.0.1;
  }
  

  Before version 1.1.12, if proxy_pass is specified without a URI, the original request URI might be passed instead of the changed URI in some cases.

Otherwise the way that kodi web interface tries to load images will not work.

## Kodi rewrite

# 1) WS for /jsonrpc (no prefix)

location ^~ /jsonrpc {

proxy_http_version 1.1;

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection "Upgrade";

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_read_timeout 360s;

proxy_pass http://10.10.1.5:9090;

}

# 2) Redirect bare /kodi → /kodi/

location = /kodi {

return 301 /kodi/;

}

# 3) Everything else under /kodi/ → strip prefix

location /kodi/ {

if ($request_uri ~ "^/kodi(?<after>/[^?]*)") {

set $new_path $after;

}

proxy_cache off;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_read_timeout 300s;

proxy_pass http://10.10.1.5:10080$new_path$is_args$args;

}

####

 

How to Compile the Latest wf‑recorder on Raspberry Pi 5 (Debian 12 Wayland)

Debian 12 on Raspberry Pi 5 uses Wayland, so x11grab won’t work for screen capture. You can switch to wf-recorder, but the stock v0.3 in Debian’s repositories lacks newer flags like --overwrite. 

To get the latest wf-recorder with full feature support, you’ll need to build it from source. Here’s how:

# Install dependencies

sudo apt install g++ meson libavutil-dev libavcodec-dev libavformat-dev libswscale-dev libpulse-dev wayland-protocols libpipewire-0.3-dev

mkdir ~/src

cd ~/src

# https://github.com/ammen99/wf-recorder/releases

wget https://github.com/ammen99/wf-recorder/releases/download/v0.5.0/wf-recorder-0.5.0.tar.xz

tar -xf wf-recorder-0.5.0.tar.xz

cd wf-recorder-0.5.0

meson setup build --prefix=/usr --buildtype=release --reconfigure

ninja -C build

# Install

cp ~/src/wf-recorder-0.5.0/build/wf-recorder /usr/local/bin

Now you can record the screen including audio using the following command:

wf-recorder --overwrite -a default -f file.mp4

How to set up Kodi with YouTube addon on Raspberry OS Debian 12

 In this post, we review how to run Kodi with Kodi Youtube Addon on Raspberry Pi 5. 

There are two versions of Kodi available on Raspberry Pi OS for Debain 12. `kodi` package installs v20.0 and `kodi21` installs version 21. Make sure to use v21 as it has resolved some bugs that causes glitches in video playback,

# Install Kodi21 

apt-get install kodi21 kodi21-inputstream-adaptive

# Download Kodi Youtube Plugin Repository 

cd /home/pi/Downloads

wget https://ftp.fau.de/osmc/osmc/download/dev/anxdpanic/repositories/repository.yt.testing_unofficial-2.0.7.zip

# Open Kodi -> Settings -> Addon -> Install from Zip File -> Home Folder -> Downloads -> Select the above zip file that you downloaded

#  Go Back (Settings -> Addon) -> Options (at bottom left) -> Check for Updates 

# Go Back (Settings -> Addon) -> Install from Repository -> Youtube Test Repo (Unofficial) -> Video add-ons -> Youtube -> Install

# add a Youtube API v3 API has described here. Just note that Publishing status in Audience should be Production. In Data Access section you need to enable Youtube related permissions. It will ask to login two times when trying to login on Youtube Addon for Kodi, and on your google device will show a warning that the app is not verified as explained here. 

#  Go to Home page -> Youtube -> Add-on settings (left side) -> API: fill API Key, API Id and API Secret by your Youtube API

# You can set Proxy setting in Kodi -> Setting -> System -> Internet Access

# Kodi turns on TV when it is started, and turns off TV when exitted. The behaviour can be set up in Kodi -> Setting -> System -> Interface

# To avoid your raspberry pi turning on your TV when it is rebooted, add hdmi_ignore_cec_init=1 to /boot/firmware/config.txt

# PartyMode addon can be used to set youtube addon to start up automatically when running Kodi

# piflare.com service can be used to connect raspberry pi to telegram so it starts kodi by running /youtube command

/scripts/youtube.py :

#!/home/pi/python/bin/python3

import os, sys, time

os.chdir('/home/pi')

os.environ["DISPLAY"] = ":0"

os.environ["WAYLAND_DISPLAY"] = "wayland-0"

os.environ["XDG_RUNTIME_DIR"] = "/run/user/1000"

os.environ["DBUS_SESSION_BUS_ADDRESS"] = "unix:path=/run/user/1000/bus"

os.system("pkill -9 -f 'chrome|chromium|google-chrome|chrome_crashpad_handler|kodi|kodi21.bin'")

os.system('/usr/bin/kodi &')

How to export Apple Health / Google Fit training activity to TCX format

 

I own a Xiaomi Smart Band 7, and recently, my Mi Fitness app stopped syncing running activities to Strava.

Mi Fitness supports syncing data with Apple Health, Strava, and Suunto. After exploring multiple solutions, I found a workaround to export running activities in TCX format and manually upload them to Strava, which accepts GPX, TCX, and FIT formats.

To do this, first, enable syncing with Apple Health in the Mi Fitness app. This will display your activities in Apple Health. While apps like HealthFit or RunGap can export Apple Health data, they require a purchase.

For a free option, install Google Fit and grant it access to Apple Health data. Once your activities are visible in Google Fit, use Google Takeout (https://takeout.google.com/) to export your Google Fit data. You’ll receive a zip file, which you can extract to find your daily activities in the "activities" folder in TCX format. Simply select the relevant TCX files and upload them manually to Strava.

How to disable Debian 12 sleep on production servers

 Debian 12 has power saver enabled by default which causes your server to go to sleep if there is no mouse / keyboard interaction. To resolve this issue as discussed here, edit /etc/gdm3/greeter.dconf-defaults and update the following vars and reboot your server:

sleep-inactive-ac-type='blank'

sleep-inactive-battery-type='blank'

Setup tunneled hotspot on Bookworm Raspberrypi using Wireguard, Network Manager and DNSmasq plugin

This blog post is an update to the original post from 2019 for Debian buster and bullseye.

 In this tutorial we use eth0 as our main internet, wireguard uses eth0 to connect to the server and created a tunneled connection which is used for hotspot by wlan0.

NetworkManager GUI Interface makes our work easy. No need to setup a dhcp server like isc-dhcp-server since NetworkManager has built-in dnsmasq-basic package installed and uses it for DHCP.

To setup hotspot, use Network icon in Raspberrypi to setup a wireless hotspot. For wireguard, you need to edit the hotspot connection and set MTU to 1420. Also, enable auto connect in General tab. Disable IPv6 in IPv6 tab if you are not using it. Set the range for your DHCP clients in IPv4 tab to 10.0.1.1 with mask 255.255.255.0 and gateway 10.0.1.1

To disable WPA Personal and force at least WPA2 Personal authentication use the following command:

nmcli device wifi list

nmcli con modify "Wi-Fi Hot" 802-11-wireless-security.proto rsn

then set a separate routing table for the hotspot ip range which is 10.0.1.0/24:

echo 200 INET2 >> /etc/iproute2/rt_tables

and setup wireguard to route the ip range from your hotspot through itself.

[Interface]

PrivateKey = YOUR.PRIVATE.KEY

Address = 10.10.0.6/24

PostUp = iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE; ip rule add from 10.0.1.0/24 table INET2; ip route add default via 10.10.0.1 dev wg0 table INET2; ip route add 8.8.8.8/32 dev wg0; ip route add 8.8.4.4/32 dev wg0; ip route flush cache

PreDown = iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE; ip rule del from 10.0.1.0/24 table INET2; ip route del default via 10.10.0.1 dev wg0 table INET2; ip route del 8.8.8.8/32 dev wg0; ip route del 8.8.4.4/32 dev wg0; ip route flush cache

Table = off

MTU = 1420

[Peer]

PublicKey = SERVER.PUBKEY

AllowedIPs = 0.0.0.0/0

Endpoint = IP:Port

PersistentKeepalive = 25

set net.ipv4.ip_forward=1 in /etc/sysctl.conf

Edit your upstream Network connections and set their DNS to 8.8.8.8,1.1.1.1 

This way, after a reboot your /etc/resolv.conf is correctly set to the above name servers by NetworkManager.

NetworkManager has a built-in dnsmasq-base package installed and we need to set it to use google name servers for our dhcp clients:

echo -e "dhcp-option=option:dns-server,8.8.8.8,8.8.4.4" > /etc/NetworkManager/dnsmasq-shared.d/dns.conf

Restart your raspberrypi to apply changes.

You can see a list of connected clients in /var/lib/NetworkManager/dnsmasq-wlan0.leases

ps aux | grep dnsmasq 

shows the dnsmasq and its parameters which is running by NetworkManager.