SSL no Icecast2

msaulohenrique · Janeiro 31, 2019

8 minutos atrás, SysAdmin disse:

HaProxy fica com a 443 e o streaming ou outro serviço vc usa a porta que quiser, desde que não esteja em uso claro.

Já fiz tunelamento assim, atendeu bem:

bash de instalação:

 	#!/bin/bash -e	clear	YELLOW=`tput setaf 3`	GREEN=`tput setaf 2`	NC=`tput sgr0`	echo "${GREEN}"	echo "===================================================="	echo "Instalando SSL VOXTREAM"	echo "===================================================="	echo "${NC}"	echo "${YELLOW}Dominio (sem http/https ou www): ex. audiobrazil.com${NC}"	read -e dominio	echo "${YELLOW}E-mail${NC}"	read -e email	echo "${YELLOW}Deseja prosseguir? (y/n)${NC}"	read -e run	if [ "$run" == n ] ; then	   exit	else	yum -y install mod_ssl git stunnel	cd /usr/local/	git clone https://github.com/letsencrypt/letsencrypt	cd /usr/local/letsencrypt	./certbot-auto certonly --standalone --email $email -d $dominio -d www.$dominio -d player.$dominio -d cdn.$dominio -d srv01.$dominio	echo '45 2 * * 6 cd /usr/local/letsencrypt && ./certbot-auto renew' >> /var/spool/cron/root	echo 'client=no' >> /etc/stunnel/stunnel.conf	echo 'cert = /etc/letsencrypt/live/dominiosrv/fullchain.pem' >> /etc/stunnel/stunnel.conf	echo 'key = /etc/letsencrypt/live/dominiosrv/privkey.pem' >> /etc/stunnel/stunnel.conf	cd /etc/rc.d/init.d/	wget https://gist.githubusercontent.com/msaulohenrique/6b63396707b3e64dae83be917f4ffd94/raw/455f996d54ed73b849add3958ae34ede05725b67/stunnel	chmod +x /etc/rc.d/init.d/stunnel	/etc/init.d/stunnel start	clear	echo "${GREEN}"	echo "================================================================="	echo	echo "Concluído. ?"	echo	echo "================================================================="	echo "${NC}"	fi

bash de configuração

	 			#!/bin/bash -e				clear				YELLOW=`tput setaf 3`				GREEN=`tput setaf 2`				NC=`tput sgr0`				echo "${GREEN}"				echo "===================================================="				echo "Adicionar SSL ao uma porta de Rádio"				echo "===================================================="				echo "${NC}"				echo "${YELLOW}Porta da rádio${NC}"				read -e porta				echo "${YELLOW}Porta SSL${NC}"				read -e portassl				echo "${YELLOW}Deseja prosseguir? (y/n)${NC}"				read -e run				if [ "$run" == n ] ; then				   exit				else				echo '[portasrv]' >> /etc/stunnel/stunnel.conf				echo 'accept=sslsrv' >> /etc/stunnel/stunnel.conf				echo 'connect=portasrv' >> /etc/stunnel/stunnel.conf				replace 'sslsrv' $portassl -- /etc/stunnel/stunnel.conf				replace 'portasrv' $porta -- /etc/stunnel/stunnel.conf				/etc/init.d/stunnel restart				/etc/init.d/stunnel start				clear				echo "${GREEN}"				echo "================================================================="				echo				echo "Concluído. ?"				echo "SSL na Porta $portassl"				echo "Porta sem SSL $porta"				echo				echo "================================================================="				echo "${NC}"				fi