From the Terminal
Port forwarding a database through a VPN with Docker and Nginx
This goes into your docker-compose.yml
version: '3.9'
services:
openvpn-client:
image: ghcr.io/wfg/openvpn-client
container_name: openvpn-client
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
volumes:
- ./.docker/openvpn:/config # place config.ovpn file into this folder
#network_mode: container:openvpn-client
#restart: unless-stopped
environment:
- CONFIG_FILE=config.ovpn
- ALLOWED_SUBNETS=192.168.0.0/24,192.168.1.0/24
# - AUTH_SECRET=credentials.txt
networks:
front-tier:
ipv4_address: 172.25.0.7
proxy:
image: nginx:1.25.1
container_name: db-proxy
network_mode: container:openvpn-client
volumes:
- ./.docker/proxy/nginx/:/etc/nginx/
- ./.docker/proxy/logs/:/var/log/nginx/
depends_on:
- openvpn-client
networks:
front-tier:
ipam:
driver: default
config:
- subnet: "172.25.0.0/24"
Make sure to create the folders .docker/proxy/nginx/
and .docker/proxy/logs/
.
Place this into .docker/proxy/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
# This is where all http server configs go.
}
stream {
server {
listen 5432;
proxy_connect_timeout 60s;
proxy_socket_keepalive on;
proxy_pass 10.0.3.11:5432;
}
}
Just make sure to set proxy_pass
to the destination.
After running docker-compose up
you'll be good to go.
Configuring an RTMP streaming server for VRChat with Nginx
I recently picked up a Valve Index and I've started to explore the music community
One of the most compelling aspects of VRChat as a platform is how you can use it as a way of discovering music. A vast and diverse community of individuals with varied musical tastes and backgrounds already exists. In VRChat, you can attend music festivals, explore custom-built music worlds, and interact with other users who share your passion for various musical genres. This environment encourages discovery and exposes you to a wide range of genres, artists, and tracks that you may not have encountered otherwise. It's a melting pot of musical creativity waiting to be explored.
Moreover, VRChat offers a unique opportunity for musicians, DJs, and producers to hone their craft and experiment with performing, mixing, and DJing in a virtual setting. Through the integration of streaming music into VRChat, you can curate and share playlists, perform live DJ sets, and even create your own virtual music venues. The interactive nature of VRChat enables you to receive immediate feedback from your audience, allowing you to refine your skills, experiment with new techniques, and build a dedicated following.
While Twitch and YouTube have transformed the streaming landscape, they do have limitations that can impact the quality and control of your stream. These platforms often inject ads into your content, disrupting viewer engagement, and they impose restrictions on bitrate, limiting the stream's video quality. To overcome these challenges, many streamers are turning to Nginx for RTMP. By configuring Nginx to stream directly to your audience, you regain control over your stream, eliminate unwanted ads, and achieve higher bitrates for an uninterrupted, high-quality viewing experience.
This reference should let you quickly set up a public facing site.
nano /etc/nginx/sites-enabled/stream.conf
server {
listen 443 ssl;
server_name stream.yourdomain.example;
ssl_certificate /etc/letsencrypt/live/stream.yourdomain.example/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/stream.yourdomain.example/privkey.pem; # managed by Certbot
include sites-available/include-ssl.conf;
server_tokens off;
# rtmp stat
location /stat {
rtmp_stat all;
rtmp_stat_stylesheet stat.xsl;
}
location /stat.xsl {
root /var/www/stream/rtmp;
}
# rtmp control
location /control {
rtmp_control all;
}
location /hls {
# Serve HLS fragments
types {
application/vnd.apple.mpegurl m3u8;
video/mp2t ts;
}
root /tmp;
add_header Cache-Control no-cache;
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Expose-Headers' 'Content-Length';
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
}
}
Make sure to add this global rtmp config.
sudo nano /etc/nginx/rtmp.conf
rtmp {
server {
listen 1935; # this is the port, you may change it if necessary.
chunk_size 4096;
application live { # "live" may be changed to whatever you'd like, this will affect the URLs we use later, though.
live on;
allow publish 0.0.0.0; # put your IP here.
deny publish all; # denied if none of the above apply.
# -- HLS --
hls on;
hls_path /tmp/hls; # this is where all of HLS's files will be stored.
# They are a running replacement so disk space will be minimal.
# Adjust other HLS settings if necessary to level it out if it's a problem.
hls_playlist_length 60s;
hls_fragment 1s;
# optionally,
hls_continuous on;
}
}
}
Add this to the bottom of /etc/nginx/nginx.conf
include rtmp.conf;
The URL will actually be rtmp://stream.yourdomain.example/live/random-stream-key
but in OBS we will actually put in rtmp://stream.yourdomain.example/live
and the second field in OBS is our key.
Finally the stream link we will put into VRC will look like this.
https://stream.yourdomain.example/live/random-stream-key.m3u8