Thu, 20 Mar 2003
Writing up the procedure I use to stream music got me thinking about problems with it and alternatives. One problem that it has is that I must be logged in on the console, in X, running xmms. A power-outage forced reboot could end my musical bliss at work ;). Someone else pointed out that I really should consider ogg. While re-encoding all my source CD's would be a massive undertaking this would eventually be a good goal. Transcoding from mp3->ogg is a bad idea but for a low quality stream it may have little impact.
So I found gnump3d and liked what I saw. So I installed it, reconfigured some firewall rules, and liked it even more. This is a web-based way to control and stream an music collection. The web interface is well-designed and skinnable. It seems to give me more control than xmms-shell. I can cue up individual songs or albums. Each song is a playlist so I can easily scramble within my xmms client at work rather than on the server. I can create customer playlists through the web interface.
The coolest feature is the way resampling is handled. The parameters for resampling (called downsampling in gnump3d.conf allow you to specify subnets that do not require downsampling. Thus I can fire up a session on my local desktop and use it to control music and those songs will not be re-encoded to a lower bitrate. The cacheing that happens between each song due to stream is instantaneous on a local connection so album play is minimally interrupted.
gnump3d doesn't utilize a MySQL or other backend database. It's very simple to setup and has taken some reasonable security precautions. I like it's "keep it simple" approach.
It doesn't work well through the reverse inbound proxy so I run it through an alternate port on the firewall and redirect that to the internal gnump3d server. One way I could deal with this is switch to Apache::MP3. This is a mod_perl solution that runs within Apache. So even SSL-encrypted streaming could work through this. Port 80 name-based virtual hosts work fine Apache::MP3::Skin and Apache::MP3::Resample would provide the additional similar functionality. A user can choose the level of resampling desired so it's pretty interesting.
Since gnump3d works so well for me I didn't try the Apache perl module approach but I may mess with it at a layer time. I've been experimenting with mod_perl stuff for a while so it may be educational to mess with this.
It's hard to imagine anything positive to say about war -- regardless of one's opinions of the decisions that led up to it. Hopefully few (or none!) are hurt or killed and this ends quickly. Hopefully the divisions that have been created are mended. It's hard for me to imagine positive outcomes but I hope that I am wrong.Thu, 13 Mar 2003
I'd done this a long time ago and pretty much forgotton all about it. I've used procmail for a long time to pre-sort all my mailing list mail among other tasks. I also use it as a mechanism to distribute my gpg public key. If you send me a message with the subject "get key", you'll get a response containing my public key in ASCII format. Here's a snippet from my .procmailrc:
VERBOSE=off PATH=$HOME:/usr/bin:/bin:/usr/local/bin:. MAILDIR=$HOME/Mail # You'd better make sure it exists DEFAULT=/var/mail/scotth LOGFILE=$HOME/Mail/from LOCKFILE=$HOME/.lockfile SENDMAIL=/usr/sbin/sendmail :0 Wh: msgid.lock # get's rid of duplicates | formail -D 8192 msgid.cache # Autoresponder :0i * !^Subject:.*Re: * !^FROM_DAEMON * ^Subject:.*get key | (formail -r -A "From: firstname.lastname@example.org" ; cat $HOME/.pubkey.asc)\ | $SENDMAIL -oi -t # SpamAssassin :0: * ^X-Spam-Status: Yes.* $MAILDIR/junk # mailing list inet-access :0: * TO.*inet-access $MAILDIR/inet-access
If you just need an autoresponder, you'd just use formail in a .forward. Here's how I do it using a mail server running qmail. Just create ~/alias/.qmail-autorespond containing the following text
| (/usr/local/bin/formail -r -A "From: email@example.com" ;\ cat /var/qmail/alias/autoresond.txt) | qmail-injectPut your autoresponce email body in /var/qmail/alias/autorespond.txt. The 'qmail-inject' is qmail's way of saying '/usr/sbin/sendmail -oi -t'.
I have decided to start using my GPG key again to sign emails and such. It's a good thing to use encryption and digital signature technology. Consequently, I've gone ahead and posted my key hereWed, 12 Mar 2003
If you're like me, you've taken the time to rip your entire music collection to mp3. I have a huge collection of CDs and like to listen to them in the car with my portable mp3 player. I also like to listen to them at work. Since I have a PC and net access, I just stream them and pick the stream up with xmms (or mpg123 or winamp). I use the liveice plugin for Xmms and the Xmms::shell perl module to remotely control the Xmms session and manage playing tunes. There are many ways to do this, but this method works for me
Things you need
What to do
You'll be downloading a pile of software. Everything for me was available as Debian packages so apt-get (packagename) worked for me. I'll link to the original sites here.
First and foremost, you need xmms. You also need icecast. Along with that you'll need liveice and the liveice-xmms plugin. What this will do is send the output of whatever is playing in xmms to your icecast server.
The other thing you'll need is lame because liveice needs to reencode mp3's on the fly. I encode mine for high quality and they're much too large to stream. Thus I re-encode them on the fly to a paltry 64kbps stream. This is bandwidth friendly and my workstation running xmms can more than handle the load.
In Xmms just go to the Options dialog and select the Effects/General plugins tab. From there you can choose to configure and enable the liveice plugin. There are boxes for the stream bitrate (640000 in my case) and the encoder choice (lame)./p>
You're almost set. You need to set up your firewall and/or apache proxy to get the traffic in to your icecast server. Icecast runs by default on port 8000. So for the first option, pass that port through and then you'd connect your remote mp3 software to http://www.yoursite.com:8000 to catch the stream.
Because I'm stuck behind a highly restrictive firewall/http proxy at work, I needed to use the apache proxy magic and DNS. First I set up a new DNS alias pointing to my single IP address -- ie. music.yoursite.com. Then I set my apache mod_proxy on my firewall to pass the traffic through to my internal icecast server (ie. 10.10.1.5 below).
NameVirtualHost your.external.ip.address <VirtualHost your.external.ip.address> ServerAdmin firstname.lastname@example.org ServerName music.yoursite.com ProxyPass / http://10.10.1.5:8000/ ProxyPassReverse / http://10.10.1.5:8000/ ErrorLog /var/log/apache/music.yoursite.net/error_log TransferLog /var/log/apache/music.yoursite.net/access_log <VirtualHost>
So at work I use mpg123 ( I could use any mp3 player really) to connect to my stream remotely: mpg123 -p http://my.work.proxy http://tunes.yoursite.com. If Xmms+liveice-plugin+icecast is running on the server, I get a stream. If not I get a standard HTTP 404 error.
There's one more issue -- remotely controlling that Xmms session. There's lots of ways to do that and the control plugins to xmms are available at the xmms site. I've experimented with some of the web-based plugins and xmms-shell as well. I settled on the perl module Xmms::shell. I can ssh to my site and then use perl -MXmms -e shell to start xmms and manipulate the playlist to my heart's content. I used apt-get libperl-xmms on my Debian setup but non-Debian users might do this:
perl -MCPAN -e shell CPAN> install Bundle::XmmsIf you're not familiar with CPAN you should read up on it first. Once I'm in the Xmms shell I can do almost anything I can do in the GUI.
As always, you need to be concerned about security when you start opening holes on your firewall and running new servers. In this case, you've got a firewall, apache, mod_proxy, icecast, and liveice-xmms to be concerned about. That means you've got to watch for vulernabilities in all of these items. This is hardly a mission-critical service so it's no big deal to turn it off should a new vulnerability be discovered. You may also want to restrict it further via your firewall and your apache proxy server using Limit directives in your VirtualHost container.Fri, 07 Mar 2003
Well, it's finally come and gone and I for one shall miss it. Mardi Gras has to be my favorite holiday. It's special. it's different. Everywhere else, Tuesday was just another Tuesday. In New Orleans it's so much more.
Lots of people only think of Bourbon Street and baring body parts for beads. Sure that's going on but really the entire city -- the entire southern half of the state -- celebrates in a myriad of ways. There are the lavish parades, not just in New Orleans, but also in the 'burbs. There's the music, the impromptu parties, the private marching krewes. There's even a parade for dogs. I put up my annual onslaught of pictures here. It's perhaps the central cultural event of New Orleans and a great reminder of how different this place is from anywhere else.
p.s. Now that it's over, I've taken the time to launch NOLUG with the new site.
I've had a few questions lately about my lab. I no longer host NOLUG on my personal equipment. My company OTIS hosts it on a FreeBSD box that Mikey and I set up. Nonetheless I do have a pretty extensive little personal lab for testing and development.
My primary workstation is an Athlon with 512M RAM. I've run Debian unstable on this box since I built it. It's for burning Cd's and just generally workstation and development. It's got a GeForce2 and decent sound as well. One thing I've learned the hard way about early Athlons is that they run hot. I burned up two good motherboards on this thing; the capacitors around the CPU just melted.
I also have an old PII-233 which was my second Linux workstation. The first was a 486 running Slackware 2.1 then Debian Hamm and is long gone. It's been running FreeBSD since the 3.x days and is currently at 4.7. This is my mailserver running postfix and UW-IMAP (internally only). It also runs apache where I typically mirror regular web content. I also use djbdns on it with IPv6 patches applied. It's secondary dns for my domains as well as an internal DNS server for the LAN. It also handles DHCP duties. Lastly, it has a secondary harddisk with all of my mp3 archive on it. I used to stream them via a mounted NFS partition from my primary workstation but since my current job has such strict firewall restrictions I no longer do that. I rather miss my personal radio station that consisted of my entire record collection
I also have a SunBlade 100 running Solaris 9. I have a few NFS partitions on it holding the source and ports trees for my BSD boxes, which have limited disk space. Also running Sun's build of Gnome2 on the desktop and will probably play with LDAP on it as well to see if I can implement single sign on across my little network. Plan to do that for the office so testing it out at home first will be useful. The only thing I can't test out is integrating Windows into the SSO because I don't have any Windows boxes.
My firewall is -- believe it or not -- a Packard Bell P75. I upgraded the RAM on it but not much else. It's been running OpenBSD since 2.6 and is at the current 3.2 release now. I've upgraded using both binary procedure (replacing all the binaries) and using buildworld. In addition to being my pf-based firewall this box is also my Wireless LAN access point. Rather than using insecure WEP, I implemented the built in IPSEC to encrypt and authenticate the wireless link. I also have used IPSEC to VPN in to my network from the office. Also, I use freenet6.net's tools to get my net visible via Ip6. This box is the Ip6 router and firewall. I can go to work, fire up an IP6 tunnel, and connect to apache and ssh directly via IP6 rather than having to use NAT. At some point I will put an apache proxy on this box to get into the multiple web servers behind my firewall.
Lastly I have an old Sun Enterprise 150. It used to be a server for an ISP I worked for and is quite out of date. Unfortunately, the /var disk is dead and I just haven't replaced it yet. Actually I have two of these beasts though one no longer works at all; the motherboard appears to be gone on that one. So at least I have a spare parts shelf. These things are also really loud and they suck power big time. Still, it is a solid fileserving platform. And these suckers did real work. We hosted nearly 200 domains mail and web on them and numerous other services. They barely blinked at the load. I have some SCSI disks now so I may resurrect this thing. Or I may grab another newer sun off of ebay some time and retire these puppies.
They're really cool though. The motherboard(s) float in a hard foam shell. Of course these are SBUS rather than PCI. Everything is much more solid than even the modern PCI-based 250's and the like. It's also tons heavier than those guys. I guess it's about vintage 1997 and would have set you back around $30K at the time. There's one on ebay today with a "Buy it Now" link for $250. wow.
And of course I have my laptop, a Dell Inspiron 8200. The big brick with 15 inch screen and DVD. It's large for a laptop but it's also a workhorse and it's really what I need.
I also have various and sundry pieces parts like anyone else who does this for a living and a hobby. I almost have enough to cobble together another (decent) PC. At some point I'll probably move my Athlon to the front and drop in a capture card and a new video card with NTSC output and try out one of these "build your own PVR" projects.