Ant Media Server on Ubuntu 18.04

This short guide will show you how to install Ant Media Server (Community Edition) on a Ubuntu 18.04 VPS server. Ant Media Server is a fork of Red5.

The community Edition is free, but it does have it’s limitations that can be unlocked by purchasing a license. It runs on Java so we’re also installing that on our server.

The server that I used in this example has Nginx installed and running with the additional RTMP module on port 1935. Ant Media Server will also require this port so to avoid any conflicts we need to stop Nginx before anything else. I also choose to disable it temporary but you don’t need to do this.

systemctl stop nginx
systemctl disable nginx

Another option you have to avoid conflicts is to change the port Nginx uses for RTMP by changing it in your /etc/nginx/nginx.conf file as shown on the image.

Let’s start by installing the default java (version 8) for Ubuntu.

apt install -y openjdk-8-jdk openjdk-8-jre
java -version

You must have to set JAVA_HOME and JRE_HOME environment variables, which is used by many of the Java applications to find Java libraries during runtime. You can set these variables in /etc/environment file using the following command.

cat >> /etc/environment <<EOL JAVA_HOME= /usr/lib/jvm/java-8-openjdk-amd64 JRE_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre EOL
wget https://github.com/ant-media/Ant-Media-Server/releases/download/ams-v2.0.0/ant-media-server-2.0.0-community-2.0.0-20200504_1842.zip
unzip ant-media-server-2.0.0-community-2.0.0-20200504_1842.zip
cd /opt/ant-media-server
wget https://raw.githubusercontent.com/ant-media/Scripts/master/install_ant-media-server.sh && chmod 755 install_ant-media-server.sh
sudo ./install_ant-media-server.sh ant-media-server-2.0.0-community-2.0.0-20200504_1842.zip
service antmedia status

http://SERVER_IP_ADDRESS:5080

In order to server run properly you need to open some network ports.

  • TCP:1935 (RTMP)
  • TCP:5080 (HTTP)
  • TCP:5443 (HTTPS)
  • UDP:5000-65000 (WebRTC)
  • TCP:5000-65000 (You need to open this range in only cluster mode for internal network. It should not be open to public.)
sudo ufw allow 1935/tcp
sudo ufw allow 5080/tcp
sudo ufw allow 5443/tcp

CLUSTER MODE ONLY
sudo ufw allow 5000:65000/udp

We’re done for now. Everything should be working now. A logical next step would be to install certificates and enable secure live-streaming. More about that on this page: https://github.com/ant-media/Ant-Media-Server/wiki/SSL-Setup

There’s a well written Wiki on the project’s github pages. You can use this if you run in to any issues. No need to click the link below at this moment because then you will see that I basically copy / pasted this whole page. In other words: I stole content. Sue me.. At least I’m honest about it.

https://github.com/ant-media/Ant-Media-Server/wiki/Installation

Fix the Nginx module in Webmin (Ubuntu 18.04)

For a long time now, the Nginx plugin that exists for Webmin did not work after installing it on Ubuntu/Debian. I never got around to figure out how to fix this but today I did. Here’s how to fix the Nginx plugin in Webmin on a Ubuntu server.

Now in all honesty I have no idea what step of all the steps below did the trick of actually getting it to work, but I’m guessing it had something to do with the brackets in the config file. I still need to try this out on a different server without installing the Perl modules first. You’re free to experiment yourself if you dare. If so, let me know what the specific fix was.

First of course you need to install the Nginx module for Webmin. It’s a third party module so add it using the correct option on the screen you see here.

Search for Nginx, select it and install it. Once it is installed you will find the tab on the left under Servers. If not, refresh your modules first. Chances are very likely that you will see a page with some errors that are Perl related. If this is the case continue to follow these steps.

In webmin open the Others tab, and then Perl Modules. Choose “From CPAN, named” and search for DBD::mysql and installit. Do the same thing for all of the following:

HTML::Entities
DBI
GD
DBD::mysql

If you run into any problems you can alternatively install the plugin through the command line. To start first use this command:

perl -MCPAN -e shell

Now you can install any plugin by entering:

i HTML::Entities

When it’s installed optionally do a “reload cpan” or install more plugins. Use te “quit” command to exit the perl inputline. If you’re running the earlier mentioned command for the first time you might also want to start of with “install CPAN” and “reload CPAN

Next step may seem difficult but it really isn’t. We need to add some \ to a config file. So edit the following file and make the changes I placed below.

nano /usr/share/webmin/nginx/nginx-lib.pl

Go to line 199 and add a backslash before the opening bracket.

if ($if ($line =~ /server \{$/) {

Do not forget to add a backslash before the closing bracket on line 202.

if ($line =~ /\}$/) {

Save the file and now it should work after refreshing the Webmin Nginx page.

Build a live-stream server

This guide will show you step by step how to install Nginx webserver & Certbot SSL certificates, the RTMP module, Ffmpeg on a Ubuntu 18.04 VPS server. It will then will also explain how to setup HLS live-streaming and create a webpage with Video.JS to show the live-stream.
I decided to write this guide after receiving a lot of questions and responses on a video or two that I made a while ago. HLS and SSL related mostly. So hopefully this guide will clear up all of those questions for you all. If not, please leave any questions at the bottom of this page or as comment on the Youtube page.

This guide contains 7 steps. I strongly advice to read through them all beforehand so you’ll know what you’re doing in stead of just blindly start copy/pasting everything, because that rarely works out like it should, in my experience. This looks like a long-ass guide, and it is in a way, but you could do this all in under 25 minutes. Anyways, it’s too long for this blog’s layout so click on the continue reading link below to read the full article and to see the video.

Continue reading

Block all traffic from a Geo-located country with UFW firewall on Ubuntu

I was noticing some really strange requests in my web server’s log files on a VPS that I manage. Requests that seem to be focused on finding vulnerabilities or exploits. Turns out most of the originating IP addresses are from China. Since the VPS is not behind a router or otherwise managed firewall device, I decided to investigate if I could just block all traffic from China to my VPS. Turns out the software “Uncomplicated Firewall” or better know as UFW, that I already had running can do this easily. If you’re new to UFW have a look at this very comprehensive page showing how to set it up.

Here are two examples showing how to setup your UFW firewall to block IP addresses or ports based on Geo location. This should work on any system running UFW but in this case I did it on a headless Ubuntu 18.04 system. Click on Read more to view the rest of this article.

Continue reading

Configuring DNS-Over-HTTPS on RaspberryPi running Pi-Hole

In this article I will show you all the steps you will need to set up DNS-over-HTTPS to Cloudflared on a Raspberry Pi that’s running Pi-Hole on RaspBian Stretch OS. This is called an Argo Tunnel. Now you might think to yourself; What does all this even mean? Let me explain…

A Raspberry Pi is a really cheap tiny computer that has very low power consumption. These tiny computers costs between 30 to 50 euro’s/dollars and are ideal for people who often mess around with computers and everything related to it, like me for example. But they’re also interesting for people who want to keep their power consumption at home as low as possible, but still want certain services to run 24/7. I’m also one of those people. Especially when I saw my most recent electricity bill from the energy provider. It showed that I use more power than a family of five people averagely does. I live alone…

One of the reasons I want certain devices to run 24/7 is because they are hosting some services that I want to be available at all times. Like a DNS server for example. Pi-Hole is basically a DNS server that also blocks adds, for all the devices in your home network. Technically it’s actually not a DNS server but a local DNS resolver but that’s not important right now. I started using Pi-Hole about two years ago and nowadays my network feels incomplete without a Pi-Hole running in it. It also keep statistics that you can view in a simple web interface as shown below. Read more about it here.

pretty-stats
pretty-stats

Pi-Hole will resolve all DNS queries for every device in your home network. And to resolve queries and send the answer back to the clients Pi-Hole uses several upstream DNS server like 1.1.1.1 or 8.8.8.8. DNS queries from my Pi-Hole to the upstream DNS servers are not encrypted in any way. This means that my internet provider can monitor all these queries that I send out to the internet. In other words, they know what websites I visit and they monitor this and save the logs files for a certain amount of time. I’ve never really cared much about this, and I use VPN when I don’t want them to see what I’m doing. But with all the things that are going on right now in the realm of the world wide web, and with all the changes that have happened that I disagree with, I have become more aware of the benefits of securing as much as you can against preying eyes. Having said this just now, I started to nostalgically think back to the early days when the internet still felt like a playground for people like me, in anarchy, and it was completely free and it opened so many possibilities that we couldn’t even predict back then. Good days, good days. I miss those.

Recently I stumbled upon an article that explained the benefits of using HTTPS to secure DNS queries. This caught my interest so I did all the things the article suggested and within a couple of minutes a functional Pi-Hole with DNS-over-HTTPS was up and running. I figured that I might want to build this setup again at some point in the future, so I documented what I did, and since I was doing that, it was little effort to also post it here.

The upstream DNS servers we will be using are hosted by Cloudfare. They revolutionized the way we think of DNS when they went public on April fool’s day 2018, and their DNS servers are several times faster as the public Google DNS servers. I wrote something about this earlier that you might want to read also.

I’m assuming that you have already set up RaspBian on your Raspberry Pi yourself and that you are connected to the internet. I used RaspBian Lite but this works exactly the same on the full desktop version of RaspBian. Since I use the root account there’s no need for me to enter ‘sudo’ before the commands. So forgive me if I have forgotten to include sudo in some of the command-line instructions below. You should never use the root account but a regular account that has sudo rights. So if you see that a command is not working correctly for you, try it again but add sudo to the command.

We’re going to begin with the installation of Pi-Hole on a freshly new installed system. When this is running we install a tiny client-daemon from Cloudflare for the communication with the upstream DNS queries. I choose to use Cloudflare’s really fast servers 1.1.1.1 and 1.0.0.1, but you can use any of these servers that supports DNS over HTTPS. Eventually we will configure Pi-Hole and Cloudflared to work together hand in hand.

To continue reading the full article and the instructions, click on read more. Enough chatter, that barely anybody will read anyways, so let’s get started!

Continue reading

How to setup Nginx+RTMP live stream server

IMPORTANT UPDATE! These guides may be outdated. Please see the new guide here:
https://www.ustoopia.nl/featured/nginx-rtmp-hls-ssl-videojs-on-ubuntu-18-04/

I made a couple of Youtube video’s with some instructions on how to setup your own private live-stream server using Nginx running on Ubuntu 18.04. . Click on the CONTINUE READING link below to see a copy of the variables that I used in the video’s. You can also find it on my Pastebin if you prefer.

Continue reading

Elon Musk speaks with Joe Rogan podcast

Joe Rogan’s podcast from last Thursday where he speaks with Elon Musk has gotten a lot of attention the last couple of days. Mostly because Elon smokes a joint with Joe. I personally don’t think that’s a big deal and I know that this happens regularly on Joe’s podcasts so I don’t see what all the fuss is about.

What I find far more interesting is the talk itself, because in two and a half hours it’s possible to talk about many things, and they do talk about a lot of interesting subjects. Mainly the subject of A.I. and Elon’s view on the subject is something that is very note-worthy. So just press play, and listen to the whole podcast while you do something else in the meantime, like clean your house or do the dishes or whatever 🙂

Gutenberg is coming to WordPress! Soon!

Gutenberg is a feature that has been under development for a while now, will be released with version 5 of WordPress in the very near future. Until that time, it can be installed as a WP Plugin if you wanna try it out. I’m pretty exited about this cause it looks pretty awesome to me. The designers are already thinking ahead and here is how they see the future of the internet and what Gutenberg’s role will be in this.

httpv://www.youtube.com/watch?v=08Cav2SkUO4

Google Assistant for Android

If you are an Android user, you will probably have found a new app called Google Assistant on your mobile recently. It took them long enough! I read an article that said all Android users would receive the app in the next couple of days when living in the Netherlands. I waited for a while, and then a bit, and in the end I waited well over a week, when I sorta gave up hope. I figured that my version of Android was probably too old or something.

But today I was looking for a specific app and that’s when I found my recently installed Google Assistant. Of course I introduced myself to her first. She knows my name now. Been messing around a lot with it since then, to see where it can go and where it won’t go. Anyways.. it’s fun for the whole family to speak with the Google Assistant. If you’re not sure if you have it on your mobile, you can always install it from here: Google Assistant – Apps on Google Play. For those that don’t know this… you interact with her by using your voice. She understands Dutch perfectly and will answer you in Dutch. I find this very useful when setting my alarm or adding things to my to-do list for example. It’s fun, check it out!

Digital LSD

Have you ever used a hallucinogenic drug in your life? If so, then the following video might put a smile on your face because this “digital LSD” really works. See for yourself. But this experiment is perhaps even more fun for people who have never used any hallucinogenics, but are perhaps a bit curious to find out what the effects are a bit. But no worries, you won’t have to take any drugs. The only thing you need to do is watch the following video, and once you hear the voice say that you can look away then you should watch any direction in the environment you are in. What you see then only lasts a couple of seconds so make sure you look around you. This effect is the result of tricking our eyesight by the technology that is used in the video. Click on the image to have the video full-screen in a popup. If that doesn’t work for you use this link.