░█░░░█▀█░▀█▀░▀█▀░█▀█░█░░░▀█▀░█▀█░█░█░█░█░█░░░▀█▀░█▀█░█░█░█▀▀ ░█░░░█░█░░█░░░█░░█▀█░█░░░░█░░█░█░█░█░▄▀▄░█░░░░█░░█░█░█▀▄░▀▀█ ░▀▀▀░▀▀▀░░▀░░░▀░░▀░▀░▀▀▀░▀▀▀░▀░▀░▀▀▀░▀░▀░▀▀▀░▀▀▀░▀░▀░▀░▀░▀▀▀
An old linux user rambling on about linux, FOSS, and other geekery.
Since updating and reviving my webpage, I noticed that the HTML5 embedded audio player had stop working on my MODcast page[1], where I serve a continuous playlist of 242,430 MOD files (think chiptune music if you do not know what MOD files are).
=> 1: /modcast
What was weird about this was that the embedded audio player had been working just fine for 4 years--or so I thought. Sometime in last 48 months the html player on the page stopped working. The reason I had not noticed it had stopped working is that do not listen to the stream from my webpage, but from a terminal, an app on my phone or TV, from my icecast server URL, or in a browser tab directly linked to the icecast stream mountpoint.
I guess the even weirder part was that when serving the Jekyll page locally the embedded audio player worked just fine, but stopped working once deployed on my website.
I racked my brain over this for almost 2 days, thinking the cause had something to do with my updating Jekyll, or the new dark theme, That did not make sense, but was the first route I went down trying to fix this. I just could not figure out why the browser would open and play the stream from a new tab, but not from the html audio player.
After eliminating Jekyll as the cause, I got to looking at icecast. Icecast is the only forward facing service I run without TLS/SSL. Thinking that perhaps browsers had become more secure in the last 48 months (forbidding unencrypted streams in embedded audio players), I decided to enable SSL on my icecast server.
The hitch I ran into next was that icecast requires certificates to be bundled in one pem file--instead of separate fullkey and privkey pem files like apache. The solution was amazingly straight forward, and elegant.
All I had to do was (as root) cat the contents on the fullkey.pem and privkey.pem files into one new file (e.g. bundle.pem) accessible to icecast; that and update my icecast.xml and .buttrc files, and change ports.
Even better, in the /etc/letsencrypt/renewal/ directory I was able to append (prepended by post_hook = ) the cat command combining the two pem files to the conf file, at the end of the renewal parems section. Adding a && systemctl restart icecast2.service at the end of the cat command, ensures that when my letsencrypt certs are renewed, icecast will get renewed too.
This solved my problem and now the embedded audio player works. The new https stream URL (now on port 8001) is now:
https://lottalinuxlinks.com:8001/stream
-dsyates
=> MOD | streaming | retro | music | geekery | SSL | icecast | letsencrypt | jekyll
=> The lottalinuxlinks.com linux user web blog | The MODcast | The lottalinuxlinks.com gopher hole | Fosstodon
=> Links to other cool gemini capsules
e: dsyates@lottalinuxlinks.com
m: @dsyates@fosstodon.org
x: dsyates@xmpp.jp
-dsyates
(o_!_/o)
text/gemini;lang=en-USThis content has been proxied by September (3851b).