Server

Hardware / OS

  • Dell Precision WorkStation 390

  • Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz

  • 4GB RAM DDR 667 MHz

  • HDD (going to be 4TB 2x)

  • with Ubuntu 18.04

Accounts

  • root

  • jelko

  • luca

  • leo

SSH

SSH is running and available to the internet (!). Only Pubkey authentication is allowed.

Firewall

ufw is administering the firewall rules. Default: Deny all. Internal networks: 10.10.0.0/16 (HfK Inhouse) + 192.168.0.0/16 (HfK VPN)

Rules (by 2019-02-04):

Output active numbered rules: ufw status numbered. You may find an introduction to UFW at Digital Ocean.

Port Forwarding 8080 -> 8002

Since some organizations-network firewalls block outgoing connections to "unusual" ports (z.B. HBK BS in der Produktion mit der Schwankhalle am 23.05.2021), we have set up an alternative port at 8080. This is forwarded to 8002 internally using NAT at /etc/ufw/before.rules:

Reload with systemctl restart ufw

Source: https://www.cogini.com/blog/port-forwarding-with-iptables/ or https://serverfault.com/a/238565

You can monitor incoming bandwith with: sudo tcptrack -i enp4s0 port 8001.

Backup

Backups of the are composited in three stages:

  1. Daily staging of changes via rsync

  2. Weekly staging of changes via rsync

  3. Monthly backup to external HDD via tar

For the monthly backups to happen the Backup HDD (labeled as such) needs to be plugged into the server.

Now on: https://github.com/radioangrezi/angrezi-backup

Cronjobs

The cronjobs are scheduled as such. Update (2020-05-06): They are not scheduled in /etc/cron* but via monit (!) in /etc/monit/monitrc (Group Backup). → Disabled and moved to /etc/cron.d/angrezi-backup

Locations and Script

Locations backed up: /etc /var/angrezi /root /boot /opt /usr/local /srv /var/lib /var/mail /var/www /var/backups /var/local /var/opt /var/log Excluded are: --exclude="*.wav" --exclude=/home/*/.gvfs --exclude=/home/*/.cache --exclude=/home/*/.local/share/Trash --exclude=/media

The script for montly backup mounts the HDD, stores the last staged weekly changes to the HDD and unmounts the HDD. Do not fiddle with the HDD! If you want to initiate a manual backup, run ./mnt/backup/monthly_backup.sh as root.

Monitoring

We use monit to monitor all "important" services at http://studio.radioangrezi.de:2812/.

Webserver

Domains Mapped:

  • stream.radioangrezi.de

  • server.radioangrezi.de

  • studio.radioangrezi.de

  • voip.radioangrezi.de

Webservices:

  • AirTime

  • Angrezi Controller

  • Fileserver (Directory Listing with styling)

  • Icecast (Port 8000)

  • Cockpit (Port 9090)

Angrezi Controller

Self-build controller interface. Source on GitHub.

studio.radioangrezi.de/controller

Services

  • darkice (installed via apt service manually placed in /etc/systemd/system/darkice.service and removed in init.d)

  • angrezi-master-recorder (self made)

  • angrezi-stream-monitor (self made)

  • angrezi-file-watch (self made)

After changes to the services in /etc/systemd/system/ you can reload them with systemctl daemon-reload + systemctl enable <service name>

angrezi-file-watch

angrezi-file-watch uses inotifywatch -m -r -e create to monitor the directories of recordings. If a file has been created (aka a new show has been recorded) it automatically appends chattr +a to prevent deletion.

Soundcard

  • onboard sound card (Intel) disabled in /etc/modprobe.d/blacklist-angrezi.conf

  • Pulse Audio disabled in /etc/pulse/client.conf

Using ALSA with Behringer UMC202HD with following config in asound.conf

two capture devices are available:

  • stream_in_32 with S32_LE (hardware default)

  • stream_in_16 with S16_LE (software conversion via plug)

Test with (software monitor): arecord -f S16_LE -r44100 -c2 -D stream_in_16 | aplay -D hw:1 -

Darkice

The local studio audio in form stream_in_16 is broadcasted to Icecast via Darkice 1.3. Darkice only supports 16 bit sampling (which makes the downconversion necessary). Recording in DarkIce was disabled after a bug corrupted the recording on server reconnection occurred.

This local Darkice stream functions as master source in AirTime / liquidsoap.

Recording

FM Relay to Radio Weser TV

Radio Weser TV gets a special relay stream out (with a defined URL), which is made to never fail (go silent): http://stream.radioangrezi.de:8000/live-radioweser.

The stream is produced by relaying our live stream in a seperate liquidsoap instance (service: angrezi-relay-out-radioweser) which falls back to a playback of mp3 files if the stream goes silent for more than 10 seconds.

Fallback music (MP3, 44100, min. 192 kbit/s, Stereo) must be placed in /media/storage/share/Automation/Live-Out-RWTV/Music-MP3/ and fallback Jingles in /media/storage/share/Automation/Live-Out-RWTV/Jingles-MP3/. Jingles and Music are randomly picked in the radio 1:5. (If all fallback is empty as well, the script will fallback to a single audio file placed at /var/angrezi/relay-out-radioweser-fallback.mp3.)

Notice: The service needs to be restarted if the music folder is updated.

TODO: We could add a special config on Icecast so even if liquidsoap fails, there would be a fallback. TODO: Hide the mountpoint from Icecast.

PreviousVU-Meter

Last updated

Was this helpful?