sweet captcha site has been hacked – rhpop javascript

datePosted on 18:20, June 23rd, 2015 by Many Ayromlou

Fresh after recovery, I figured I write a small piece before I go home. If you’re seeing ad pop-ups or pop-unders from sites that load up something like rhpop-xxxxxx.js then you might have the sweetcaptcha plugin installed on your wordpress site. Let’s hope you’re the one who installed it — not the hacker :-), you might want to de-activate it and remove it from your system. Their site has been compromised and the wordpress plugin has also been pulled off the list. More general info here:

https://blog.sucuri.net/2015/06/sweetcaptcha-service-used-to-distribute-adware.html

Happy hunting…..

So over christmas holidays I spent about 5 days to perfect my raspberry pi based internet radio player.Screen Shot 2015-01-21 at 9.05.44 AM Screen Shot 2015-01-21 at 9.06.13 AM

You’ll need the following hardware:

  1. Raspberry Pi model B
  2. USB Wifi dongle (something that works with Raspbian would be nice). I got this one (http://www.adafruit.com/products/1030) from Adafruit.
  3. SD card (I’m using a 16GB card, but I think 8GB should be good to start with)
  4. Bluetooth 4.0 dongle. I’m using this one from ASUS (http://www.asus.com/ca-en/Networking/USBBT400/) that seems to work fine in Linux/Raspbian
  5. PiTFT resistive touch screen assembled from Adafruit (http://www.adafruit.com/products/1601)
  6. Pack of 20 tactile buttons from Adafruit (http://www.adafruit.com/products/1489) for the above screen (You need to solder these in…..very simple)
  7. Appropriate power USB power supply. Again I’m using the one from Adafruit (http://www.adafruit.com/products/501)
  8. Standard A to micro-B USB cable (http://www.adafruit.com/products/592)
  9. (optional) PiTFT Enclosure from Adafruit (http://www.adafruit.com/products/1892). Highly recommended as it looks really nice and clean.

 

The screen (PiTFT) comes pre-assembled so all you need to do is solder the 4 buttons on the bottom. This literally takes 5 minutes (8 solder points if you’re keeping track). Once that’s done plugin the screen onto the Pi.

Now grab a copy of the custom Raspbian image off Adafruits website (I’ve grabbed the 9/18/2014 image from http://adafruit-download.s3.amazonaws.com/PiTFT28R_raspbian140909_2014_09_18.zip). There might be a newer one out by the time you read this. Note that this image is only for TFT resistive touch screen NOT the capacitive screen. Unzip the above file (you’ll get a .img file) and burn it onto a SD card (mine is 16GB) following the instructions at http://elinux.org/RPi_Easy_SD_Card_Setup.

I’m plugging in the USB wifi and USB Bluetooth devices into the PI. Also plugin a wired ethernet connection (hopefully you have DHCP on it).

Let’s ssh to the Pi to get it setup (IP is on the PiTFT). I’m logging in as user pi (password raspberry……make sure you change it) and immediately switching to root.

At this point (as root) do the following tasks by running “raspy-config” and using the screenshots as reference:

  1. Expand the file system and reboot.
    Screen Shot 2015-01-21 at 9.27.59 AM
  2. Change the “pi” user passwordScreen Shot 2014-12-29 at 7.47.36 PM
  3. (Optional) Change the internationalization options.Screen Shot 2014-12-29 at 7.47.43 PM Screen Shot 2014-12-29 at 7.47.49 PM Screen Shot 2014-12-29 at 7.51.52 PMNOTE: On the following screen I leave en_GB.UTF-8 as default, although I live in Canada. But I do select _CA and _US as well.Screen Shot 2014-12-29 at 7.52.32 PMBack to main screen and we go back to Internationalization options to change the timezone.Screen Shot 2014-12-29 at 7.54.24 PM Screen Shot 2014-12-29 at 7.56.21 PM Screen Shot 2014-12-29 at 7.55.01 PM
  4. At this point you can also change the Hostname (Under advanced). Once you’ve done that, reboot for good measure and login using “pi” and sudo -i to get to root. Next we want to configure the WIFI USB device.

Now that we have the basics configured, before we install the wifi config tool, it’s a great time to take a break and do a “apt-get update ; apt-get upgrade” cycle. Next we want to make sure that both our USB dongles are detected (WIFI, Bluetooth) by doing “lsusb”.

Screen Shot 2014-12-29 at 8.21.25 PM

We now install wicd-curses using “apt-get install wicd-curses”. Then we run it and not touch anything, you need to press the right keys here. First right off the back press P(references). Note that It’s CAPITAL P.

 

Screen Shot 2014-12-29 at 8.22.10 PM Screen Shot 2014-12-29 at 8.29.52 PM

Once things are setup like the above picture, press F10 key to save it. You might lose connection, just wait until ssh times out and re-ssh back in and sudo -i as well. Now we need to get back into wicd-curses (if the connection dropped) and find the SSID for our WIFI. Once there DO NOT press ENTER. Highlight the entry by using the cursor keys (up,down) and press the RIGHT cursor key (—>) to open the prefs for that SSID. NOTE: the WPA ½ entry has been changed as well.

 

Screen Shot 2014-12-29 at 8.39.10 PM

Press F10 to save. You might get disconnected (you’ll see the WIFI LEDS flashing). If you got timed out, relogin and sudo -i to get root. reboot NOW. Now we need to disconnect the wired connection. This will force the system to turn on WIFI. Once the machine is booted (it might take a bit longer, since we have to wait for wired DHCP to time out), you’ll find the WIFI IP on the TFT.

SSH to the IP and get root shell. We now need to configure bluetooth. Follow along with the pics below. First though we need to install a bunch of stuff with “apt-get install bluetooth bluez bluez-utils bluez-alsa” command. Remove unnecessary services that got installed (scanner, printer, avahi) and disable their autostart.

Screen Shot 2014-12-29 at 9.11.44 PM
Add the following Disable/Enable block (2 lines) to the [General] section of /etc/bluetooth/audio.conf file.
Screen Shot 2014-12-29 at 9.14.21 PM
Okay we need to reboot now and once back in continue as root. First we make sure our BT device is initialized.
Screen Shot 2014-12-29 at 9.22.32 PM
Then we turn on the BT speaker (BeatsPill) and put it in discover mode (hold the b button until the bluetooth LED on the back starts flashing…..might have to push the b button once before). Then we go on to discover the device.
Screen Shot 2014-12-29 at 9.23.18 PM
Note it’s address. We will need to copy and paste it into the next few commands. Put the following in /etc/asound.conf paying attention to replace the MAC address of the BD device with the correct one you copied in the last step.
Screen Shot 2014-12-30 at 12.36.55 AMScreen Shot 2014-12-29 at 9.25.46 PM
Once we get the output 1 from the last command it means that the device is trusted now and Linux will try to auto connect to it if the BT speaker is on when the machine is rebooted. You’ll also hear a beep when the bluetooth-agent command successfully connects. In the last step I’m just trying to establish an audio connection by restarting the bluetooth daemon (make it forget the connection) and using bluez-test-audio to connect back to the speaker. Again you’ll hear a beep when the Pi connects.
Screen Shot 2014-12-29 at 9.28.25 PM
Now we need to install mpd, mpc and the curses based ncmpcpp by using “apt-get install mpd mpc ncmpcpp”.
Once that’s done copy /etc/mpd.conf to /etc/mpd.conf.old and create /etc/mpd.conf with the following content:
# An example configuration file for MPD
# See the mpd.conf man page for a more detailed description of each parameter.
# Files and directories #######################################################
#
# This setting controls the top directory which MPD will search to discover the
# available audio files and add them to the daemon's online database. This 
# setting defaults to the XDG directory, otherwise the music directory will be
# be disabled and audio files will only be accepted over ipc socket (using
# file:// protocol) or streaming files over an accepted protocol.
#
music_directory	"/var/lib/mpd/music"
#
# This setting sets the MPD internal playlist directory. The purpose of this
# directory is storage for playlists created by MPD. The server will use 
# playlist files not created by the server but only if they are in the MPD
# format. This setting defaults to playlist saving being disabled.
#
playlist_directory	"/var/lib/mpd/playlists"
#
# This setting sets the location of the MPD database. This file is used to
# load the database at server start up and store the database while the 
# server is not up. This setting defaults to disabled which will allow
# MPD to accept files over ipc socket (using file:// protocol) or streaming
# files over an accepted protocol.
#
db_file	"/var/lib/mpd/tag_cache"
# 
# These settings are the locations for the daemon log files for the daemon.
# These logs are great for troubleshooting, depending on your log_level
# settings.
#
# The special value "syslog" makes MPD use the local syslog daemon. This
# setting defaults to logging to syslog, otherwise logging is disabled.
#
log_file	"/var/log/mpd/mpd.log"
#
# This setting sets the location of the file which stores the process ID
# for use of mpd --kill and some init scripts. This setting is disabled by
# default and the pid file will not be stored.
#
pid_file	"/var/run/mpd/pid"
#
# This setting sets the location of the file which contains information about
# most variables to get MPD back into the same general shape it was in before
# it was brought down. This setting is disabled by default and the server 
# state will be reset on server start up.
#
state_file	"/var/lib/mpd/state"
#
# The location of the sticker database.  This is a database which
# manages dynamic information attached to songs.
#
sticker_file                   "/var/lib/mpd/sticker.sql"
#
###############################################################################
# General music daemon options ################################################
#
# This setting specifies the user that MPD will run as. MPD should never run as
# root and you may use this setting to make MPD change its user ID after
# initialization. This setting is disabled by default and MPD is run as the
# current user.
#
user	"mpd"
#
# This setting specifies the group that MPD will run as. If not specified
# primary group of user specified with "user" setting will be used (if set).
# This is useful if MPD needs to be a member of group such as "audio" to
# have permission to use sound card.
#
#group                          "nogroup"
#
# This setting sets the address for the daemon to listen on. Careful attention
# should be paid if this is assigned to anything other then the default, any.
# This setting can deny access to control of the daemon. Choose any if you want
# to have mpd listen on every address
#
# For network
#bind_to_address	"any"
bind_to_address	“127.0.0.1"
#
# And for Unix Socket
#bind_to_address	"/var/run/mpd/socket"
#
# This setting is the TCP port that is desired for the daemon to get assigned
# to.
#
port	"6600"
#
# This setting controls the type of information which is logged. Available 
# setting arguments are "default", "secure" or "verbose". The "verbose" setting
# argument is recommended for troubleshooting, though can quickly stretch
# available resources on limited hardware storage.
#
#log_level	"default"
#
# If you have a problem with your MP3s ending abruptly it is recommended that 
# you set this argument to "no" to attempt to fix the problem. If this solves
# the problem, it is highly recommended to fix the MP3 files with vbrfix
# (available as vbrfix in the debian archive), at which
# point gapless MP3 playback can be enabled.
#
gapless_mp3_playback	"yes"
#
# This setting enables MPD to create playlists in a format usable by other
# music players.
#
#save_absolute_paths_in_playlists	"no"
#
# This setting defines a list of tag types that will be extracted during the 
# audio file discovery process. Optionally, 'comment' can be added to this
# list.
#
#metadata_to_use	"artist,album,title,track,name,genre,date,composer,performer,disc"
#
# This setting enables automatic update of MPD's database when files in 
# music_directory are changed.
#
auto_update    "yes"
#
# Limit the depth of the directories being watched, 0 means only watch
# the music directory itself.  There is no limit by default.
#
#auto_update_depth "3"
#
###############################################################################
# Symbolic link behavior ######################################################
#
# If this setting is set to "yes", MPD will discover audio files by following 
# symbolic links outside of the configured music_directory.
#
follow_outside_symlinks	"yes"
#
# If this setting is set to "yes", MPD will discover audio files by following
# symbolic links inside of the configured music_directory.
#
follow_inside_symlinks	"yes"
#
###############################################################################
# Zeroconf / Avahi Service Discovery ##########################################
#
# If this setting is set to "yes", service information will be published with
# Zeroconf / Avahi.
#
zeroconf_enabled	"yes"
#
# The argument to this setting will be the Zeroconf / Avahi unique name for
# this MPD server on the network.
#
zeroconf_name	"iradio"
#
###############################################################################
# Permissions #################################################################
#
# If this setting is set, MPD will require password authorization. The password
# can setting can be specified multiple times for different password profiles.
#
#password                        "password@read,add,control,admin"
#
# This setting specifies the permissions a user has who has not yet logged in. 
#
#default_permissions             "read,add,control,admin"
#
###############################################################################
# Input #######################################################################
#
input {
        plugin "curl"
#       proxy "proxy.isp.com:8080"
#       proxy_user "user"
#       proxy_password "password"
}
#
###############################################################################
# Audio Output ################################################################

# MPD supports various audio output types, as well as playing through multiple 
# audio outputs at the same time, through multiple audio_output settings 
# blocks. Setting this block is optional, though the server will only attempt
# autodetection for one sound card.
#
# See <http://mpd.wikia.com/wiki/Configuration#Audio_Outputs> for examples of 
# other audio outputs.
#
# An example of an ALSA output THIS IS THE DEFAULT:
#
audio_output {
type	"alsa"
name	"My ALSA Device"
device	"hw:0,0"	# optional
format	"44100:16:2"	# optional
mixer_device	"default"	# optional
mixer_control	"PCM"	# optional
mixer_index	"0"	# optional
}
#
# Example for Bluetooth A2DP
#
audio_output {
type            "alsa"
name            "ALSA"
format          "44100:16:2"    # optional
#options         "dev=dmixer"
device          "bluetooth"
}
#
# Enable FIFO Pipe for ncmpcpp Visualizer
#
audio_output {
    type                    "fifo"
    name                    "iradio"
    path                    "/tmp/mpd.fifo"
    format                  "44100:16:1"
}
#
# Example for USB class complaint Audio Card
#
#audio_output {
#	type	"alsa"
#	name	"Output"
#	device	"hw:0,0"	# optional
#	dsd_usb	"no"
#}
#
# An example of an OSS output:
#
#audio_output {
#	type	"oss"
#	name	"My OSS Device"
#	device	"/dev/dsp"	# optional
#	format	"44100:16:2"	# optional
#	mixer_device	"/dev/mixer"	# optional
#	mixer_control	"PCM"	# optional
#}
#
# An example of a shout output (for streaming to Icecast):
#
#audio_output {
#	type	"shout"
#	encoding	"ogg"	# optional
#	name	"My Shout Stream"
#	host	"localhost"
#	port	"8000"
#	mount	"/mpd.ogg"
#	password	"hackme"
#	quality	"5.0"
#	bitrate	"128"
#	format	"44100:16:1"
#	protocol	"icecast2"	# optional
#	user	"source"	# optional
#	description	"My Stream Description"	# optional
#	genre	"jazz"	# optional
#	public	"no"	# optional
#	timeout	"2"	# optional
#}
#
# An example of a recorder output:
#
#audio_output {
#       type            "recorder"
#       name            "My recorder"
#       encoder         "vorbis"                # optional, vorbis or lame
#       path            "/var/lib/mpd/recorder/mpd.ogg"
##      quality         "5.0"                   # do not define if bitrate is defined
#       bitrate         "128"                   # do not define if quality is defined
#       format          "44100:16:1"
#}
#
# An example of a httpd output (built-in HTTP streaming server):
#
#audio_output {
#	type	"httpd"
#	name	"My HTTP Stream"
#	encoder	"vorbis"	# optional, vorbis or lame
#	port	"8000"
#	quality	"5.0"	# do not define if bitrate is defined
#	bitrate	"128"	# do not define if quality is defined
#	format	"44100:16:1"
#}
#
# An example of a pulseaudio output (streaming to a remote pulseaudio server)
#
#audio_output {
#	type	"pulse"
#	name	"My Pulse Output"
#	server	"remote_server"	# optional
#	sink	"remote_server_sink"	# optional
#}
#
## Example "pipe" output:
#
#audio_output {
#	type	"pipe"
#	name	"my pipe"
#	command	"aplay -f cd 2>/dev/null"
## Or if you're want to use AudioCompress
#	command	"AudioCompress -m | aplay -f cd 2>/dev/null"
## Or to send raw PCM stream through PCM:
#	command	"nc example.org 8765"
#	format	"44100:16:2"
#}
#
## An example of a null output (for no audio output):
#
#audio_output {
#	type	"null"
#	name	"My Null Output"
#}
#
# This setting will change all decoded audio to be converted to the specified
# format before being passed to the audio outputs. By default, this setting is
# disabled.
#
#audio_output_format	"44100:16:2"
#
# If MPD has been compiled with libsamplerate support, this setting specifies 
# the sample rate converter to use.  Possible values can be found in the 
# mpd.conf man page or the libsamplerate documentation. By default, this is
# setting is disabled.
#
#samplerate_converter	"Fastest Sinc Interpolator"
#
###############################################################################
# Volume control mixer ########################################################
#
# These are the global volume control settings. By default, this setting will
# be detected to the available audio output device, with preference going to 
# hardware mixing. Hardware and software mixers for individual audio_output
# sections cannot yet be mixed.
#
# An example for controlling an ALSA, OSS or Pulseaudio mixer; If this
# setting is used other sound applications will be affected by the volume
# being controlled by MPD.
#
#mixer_type	"hardware"
#
# An example for controlling all mixers through software. This will control
# all controls, even if the mixer is not supported by the device and will not
# affect any other sound producing applications.
#
#mixer_type	"software"
#
# This example will not allow MPD to touch the mixer at all and will disable
# all volume controls.
#
#mixer_type	"disabled"
#mixer_type	"none"
#
###############################################################################
# Normalization automatic volume adjustments ##################################
#
# This setting specifies the type of ReplayGain to use. This setting can have
# the argument "album" or "track". See <http://www.replaygain.org> for more
# details. This setting is disabled by default.
#
#replaygain	"album"
#
# This setting sets the pre-amp used for files that have ReplayGain tags. By
# default this setting is disabled.
#
#replaygain_preamp	"0"
#
# This setting enables on-the-fly normalization volume adjustment. This will
# result in the volume of all playing audio to be adjusted so the output has 
# equal "loudness". This setting is disabled by default.
#
volume_normalization	"no"
#
###############################################################################
# MPD Internal Buffering ######################################################
#
# This setting adjusts the size of internal decoded audio buffering. Changing
# this may have undesired effects. Don't change this if you don't know what you
# are doing.
#
audio_buffer_size	"2048"
#
# This setting controls the percentage of the buffer which is filled before 
# beginning to play. Increasing this reduces the chance of audio file skipping, 
# at the cost of increased time prior to audio playback.
#
buffer_before_play	"20%"
#
###############################################################################
# Resource Limitations ########################################################
#
# These settings are various limitations to prevent MPD from using too many
# resources. Generally, these settings should be minimized to prevent security
# risks, depending on the operating resources.
#
#connection_timeout	"60"
#max_connections	"10"
#max_playlist_length	"16384"
#max_command_list_size	"2048"
#max_output_buffer_size	"8192"
#
###############################################################################
# Character Encoding ##########################################################
#
# If file or directory names do not display correctly for your locale then you 
# may need to modify this setting. After modification of this setting mpd 
# --create-db must be run to change the database.
#
filesystem_charset	"UTF-8"
#
# This setting controls the encoding that ID3v1 tags should be converted from.
#
id3v1_encoding	"UTF-8"
#
###############################################################################
# SIDPlay decoder #############################################################
#
# songlength_database:
#  Location of your songlengths file, as distributed with the HVSC.
#  The sidplay plugin checks this for matching MD5 fingerprints.
#  See http://www.c64.org/HVSC/DOCUMENTS/Songlengths.faq
#
# default_songlength:
#  This is the default playing time in seconds for songs not in the
#  songlength database, or in case you're not using a database.
#  A value of 0 means play indefinitely.
#
# filter:
#  Turns the SID filter emulation on or off.
#
#decoder {
#       plugin                  "sidplay"
#       songlength_database     "/media/C64Music/DOCUMENTS/Songlengths.txt"
#       default_songlength      "120"
#       filter "true"
#}
#
###############################################################################

There are 3 audio_output sections for the internal headphone jack, bluetooth audio and a third one for ncmpcpp’s spectrum analyzer (although I don’t use it in this project).

Next we need a playlist file in m3u format. You’ll find a good one below (contains di.fm, sky.fm, CBC and somafm AAC links). Copy this into /var/lib/mpd/playlist/something.m3u (remember the filename since we will then use mpc to load it):


http://pub6.di.fm/di_00sclubhits_aac
http://pub6.di.fm/di_ambient_aac
http://pub6.di.fm/di_bassnjackinhouse_aac
http://pub6.di.fm/di_bassline_aac
http://pub6.di.fm/di_bigbeat_aac
http://pub6.di.fm/di_bigroomhouse_aac
http://pub6.di.fm/di_breaks_aac
http://pub6.di.fm/di_chillhop_aac
http://pub6.di.fm/di_chilloutdreams_aac
http://pub6.di.fm/di_chillout_aac
http://pub6.di.fm/di_chillstep_aac
http://pub6.di.fm/di_chiptunes_aac
http://pub6.di.fm/di_classiceurodance_aac
http://pub6.di.fm/di_classiceurodisco_aac
http://pub6.di.fm/di_classictrance_aac
http://pub6.di.fm/di_classicvocaltrance_aac
http://pub6.di.fm/di_clubdubstep_aac
http://pub6.di.fm/di_club_aac
http://pub6.di.fm/di_cosmicdowntempo_aac
http://pub6.di.fm/di_darkdnb_aac
http://pub6.di.fm/di_darkpsytrance_aac
http://pub6.di.fm/di_deephouse_aac
http://pub6.di.fm/di_deepnudisco_aac
http://pub6.di.fm/di_deeptech_aac
http://pub6.di.fm/di_discohouse_aac
http://pub6.di.fm/di_djmixes_aac
http://pub6.di.fm/di_downtempolounge_aac
http://pub6.di.fm/di_drumandbass_aac
http://pub6.di.fm/di_drumstep_aac
http://pub6.di.fm/di_dub_aac
http://pub6.di.fm/di_dubstep_aac
http://pub6.di.fm/di_ebm_aac
http://pub6.di.fm/di_eclectronica_aac
http://pub6.di.fm/di_electro_aac
http://pub6.di.fm/di_electronicpioneers_aac
http://pub6.di.fm/di_electronics_aac
http://pub6.di.fm/di_electropop_aac
http://pub6.di.fm/di_electroswing_aac
http://pub6.di.fm/di_epictrance_aac
http://pub6.di.fm/di_eurodance_aac
http://pub6.di.fm/di_funkyhouse_aac
http://pub6.di.fm/di_futuregarage_aac
http://pub6.di.fm/di_futuresynthpop_aac
http://pub6.di.fm/di_gabber_aac
http://pub6.di.fm/di_glitchhop_aac
http://pub6.di.fm/di_goapsy_aac
http://pub6.di.fm/di_handsup_aac
http://pub6.di.fm/di_hardcore_aac
http://pub6.di.fm/di_harddance_aac
http://pub6.di.fm/di_hardstyle_aac
http://pub6.di.fm/di_hardtechno_aac
http://pub6.di.fm/di_house_aac
http://pub6.di.fm/di_jungle_aac
http://pub6.di.fm/di_latinhouse_aac
http://pub6.di.fm/di_liquiddnb_aac
http://pub6.di.fm/di_liquiddubstep_aac
http://pub6.di.fm/di_lounge_aac
http://pub6.di.fm/di_mainstage_aac
http://pub6.di.fm/di_minimal_aac
http://pub6.di.fm/di_moombahton_aac
http://pub6.di.fm/di_nightcore_aac
http://pub6.di.fm/di_nudisco_aac
http://pub6.di.fm/di_oldschoolacid_aac
http://pub6.di.fm/di_oldschoolhouse_aac
http://pub6.di.fm/di_oldschoolrave_aac
http://pub6.di.fm/di_classictechno_aac
http://pub6.di.fm/di_progressive_aac
http://pub6.di.fm/di_progressivepsy_aac
http://pub6.di.fm/di_psybient_aac
http://pub6.di.fm/di_psychill_aac
http://pub6.di.fm/di_russianclubhits_aac
http://pub6.di.fm/di_scousehouse_aac
http://pub6.di.fm/di_soulfulhouse_aac
http://pub6.di.fm/di_spacemusic_aac
http://pub6.di.fm/di_techhouse_aac
http://pub6.di.fm/di_techno_aac
http://pub6.di.fm/di_trance_aac
http://pub6.di.fm/di_trap_aac
http://pub6.di.fm/di_tribalhouse_aac
http://pub6.di.fm/di_ukgarage_aac
http://pub6.di.fm/di_umfradio_aac
http://pub6.di.fm/di_undergroundtechno_aac
http://pub6.di.fm/di_vocalchillout_aac
http://pub6.di.fm/di_vocallounge_aac
http://pub6.di.fm/di_vocaltrance_aac
http://pub7.radiotunes.com/radiotunes_00srnb_aac
http://pub7.radiotunes.com/radiotunes_60srock_aac
http://pub7.radiotunes.com/radiotunes_80sdance_aac
http://pub7.radiotunes.com/radiotunes_80srock_aac
http://pub7.radiotunes.com/radiotunes_hit90s_aac
http://pub7.radiotunes.com/radiotunes_90srnb_aac
http://pub7.radiotunes.com/radiotunes_beatles_aac
http://pub7.radiotunes.com/radiotunes_altrock_aac
http://pub7.radiotunes.com/radiotunes_rtambient_aac
http://pub7.radiotunes.com/radiotunes_americansongbook_aac
http://pub7.radiotunes.com/radiotunes_baroque_aac
http://pub7.radiotunes.com/radiotunes_bebop_aac
http://pub7.radiotunes.com/radiotunes_hit60s_aac
http://pub7.radiotunes.com/radiotunes_the80s_aac
http://pub7.radiotunes.com/radiotunes_bossanova_aac
http://pub7.radiotunes.com/radiotunes_cafedeparis_aac
http://pub7.radiotunes.com/radiotunes_rtchillout_aac
http://pub7.radiotunes.com/radiotunes_guitar_aac
http://pub7.radiotunes.com/radiotunes_classicalperiod_aac
http://pub7.radiotunes.com/radiotunes_classicalpianotrios_aac
http://pub7.radiotunes.com/radiotunes_christmas_aac
http://pub7.radiotunes.com/radiotunes_classicrap_aac
http://pub7.radiotunes.com/radiotunes_classicmotown_aac
http://pub7.radiotunes.com/radiotunes_classicrock_aac
http://pub7.radiotunes.com/radiotunes_clubbollywood_aac
http://pub7.radiotunes.com/radiotunes_christian_aac
http://pub7.radiotunes.com/radiotunes_country_aac
http://pub7.radiotunes.com/radiotunes_dancehits_aac
http://pub7.radiotunes.com/radiotunes_datempolounge_aac
http://pub7.radiotunes.com/radiotunes_davekoz_aac
http://pub7.radiotunes.com/radiotunes_discoparty_aac
http://pub7.radiotunes.com/radiotunes_downtempolounge_aac
http://pub7.radiotunes.com/radiotunes_dreamscapes_aac
http://pub7.radiotunes.com/radiotunes_edmfest_aac
http://pub7.radiotunes.com/radiotunes_eurodance_aac
http://pub7.radiotunes.com/radiotunes_hardrock_aac
http://pub7.radiotunes.com/radiotunes_hit70s_aac
http://pub7.radiotunes.com/radiotunes_holidaysmoothjazz_aac
http://pub7.radiotunes.com/radiotunes_indierock_aac
http://pub7.radiotunes.com/radiotunes_israelihits_aac
http://pub7.radiotunes.com/radiotunes_jazzclassics_aac
http://pub7.radiotunes.com/radiotunes_jpop_aac
http://pub7.radiotunes.com/radiotunes_lounge_aac
http://pub7.radiotunes.com/radiotunes_lovemusic_aac
http://pub7.radiotunes.com/radiotunes_meditation_aac
http://pub7.radiotunes.com/radiotunes_mellowjazz_aac
http://pub7.radiotunes.com/radiotunes_mellowsmoothjazz_aac
http://pub7.radiotunes.com/radiotunes_metal_aac
http://pub7.radiotunes.com/radiotunes_modernblues_aac
http://pub7.radiotunes.com/radiotunes_modernrock_aac
http://pub7.radiotunes.com/radiotunes_classical_aac
http://pub7.radiotunes.com/radiotunes_soundtracks_aac
http://pub7.radiotunes.com/radiotunes_mozart_aac
http://pub7.radiotunes.com/radiotunes_nature_aac
http://pub7.radiotunes.com/radiotunes_newage_aac
http://pub7.radiotunes.com/radiotunes_oldies_aac
http://pub7.radiotunes.com/radiotunes_oldschoolfunknsoul_aac
http://pub7.radiotunes.com/radiotunes_pianojazz_aac
http://pub7.radiotunes.com/radiotunes_popchristmas_aac
http://pub7.radiotunes.com/radiotunes_poppunk_aac
http://pub7.radiotunes.com/radiotunes_poprock_aac
http://pub7.radiotunes.com/radiotunes_reggaeton_aac
http://pub7.radiotunes.com/radiotunes_relaxation_aac
http://pub7.radiotunes.com/radiotunes_relaxingambientpiano_aac
http://pub7.radiotunes.com/radiotunes_relaxingexcursions_aac
http://pub7.radiotunes.com/radiotunes_romantica_aac
http://pub7.radiotunes.com/radiotunes_romantic_aac
http://pub7.radiotunes.com/radiotunes_rootsreggae_aac
http://pub7.radiotunes.com/radiotunes_russiandance_aac
http://pub7.radiotunes.com/radiotunes_russianpop_aac
http://pub7.radiotunes.com/radiotunes_salsa_aac
http://pub7.radiotunes.com/radiotunes_ska_aac
http://pub7.radiotunes.com/radiotunes_slowjams_aac
http://pub7.radiotunes.com/radiotunes_smoothbossanova_aac
http://pub7.radiotunes.com/radiotunes_smoothjazz247_aac
http://pub7.radiotunes.com/radiotunes_smoothjazz_aac
http://pub7.radiotunes.com/radiotunes_smoothlounge_aac
http://pub7.radiotunes.com/radiotunes_softrock_aac
http://pub7.radiotunes.com/radiotunes_solopiano_aac
http://pub7.radiotunes.com/radiotunes_tophits_aac
http://pub7.radiotunes.com/radiotunes_uptemposmoothjazz_aac
http://pub7.radiotunes.com/radiotunes_urbanjamz_aac
http://pub7.radiotunes.com/radiotunes_urbanpophits_aac
http://pub7.radiotunes.com/radiotunes_vocalchillout_aac
http://pub7.radiotunes.com/radiotunes_vocallounge_aac
http://pub7.radiotunes.com/radiotunes_vocalnewage_aac
http://pub7.radiotunes.com/radiotunes_vocalsmoothjazz_aac
http://pub7.radiotunes.com/radiotunes_world_aac
http://3023.live.streamtheworld.com:80/CBC_70S001_H_SC
http://9223.live.streamtheworld.com:80/CBC_80S001_H_SC
http://6093.live.streamtheworld.com:80/CBC_90S001_H_SC
http://6693.live.streamtheworld.com:3690/CBC_90S001_H_SC
http://1721.live.streamtheworld.com:80/CBC_ABORIG_H_SC
http://3163.live.streamtheworld.com:80/CBC_ADLTAL_H_SC
http://5853.live.streamtheworld.com:80/CBC_ADLTPO_H_SC
http://2903.live.streamtheworld.com:80/CBC_ALTCRY_H_SC
http://9233.live.streamtheworld.com:80/CBC_AMBIEN_H_SC
http://3143.live.streamtheworld.com:80/CBC_BAROQU_H_SC
http://2073.live.streamtheworld.com:80/CBC_BLCLAS_H_SC
http://2083.live.streamtheworld.com:80/CBC_BLUES1_H_SC
http://9213.live.streamtheworld.com:80/CBC_CANCOM_H_SC
http://1521.live.streamtheworld.com:80/CBC_CANSON_H_SC
http://4293.live.streamtheworld.com:80/CBC_CLSCRY_H_SC
http://1451.live.streamtheworld.com:3690/CBC_CLSCRY_H_SC
http://2953.live.streamtheworld.com:80/CBC_CONTRY_H_SC
http://2933.live.streamtheworld.com:80/CBC_ECLASS_H_SC
http://2062.live.streamtheworld.com:80/CBC_ELECTR_H_SC
http://2903.live.streamtheworld.com:80/CBC_GGSAMP_H_SC
http://2903.live.streamtheworld.com:80/CBC_HAROCK_H_SC
http://3023.live.streamtheworld.com:80/CBC_HIPHOP_H_SC
http://3163.live.streamtheworld.com:80/CBC_INDIE1_H_SC
http://2773.live.streamtheworld.com:80/CBC_JAZCDN_H_SC
http://2793.live.streamtheworld.com:80/CBC_JAZMAS_H_SC
http://2093.live.streamtheworld.com:80/CBC_JAZSMO_H_SC
http://2773.live.streamtheworld.com:80/CBC_JAZSON_H_SC
http://3413.live.streamtheworld.com:80/CBC_JUKEBO_H_SC
http://3153.live.streamtheworld.com:80/CBC_MODMAS_H_SC
http://3163.live.streamtheworld.com:80/CBC_OPERAT_H_SC
http://3153.live.streamtheworld.com:80/CBC_ORCHES_H_SC
http://3023.live.streamtheworld.com:80/CBC_PIANO1_H_SC
http://9233.live.streamtheworld.com:80/CBC_POP040_H_SC
http://1651.live.streamtheworld.com:80/CBC_R1_CGY_H_SC
http://2953.live.streamtheworld.com:80/CBC_R1_CHR_H_SC
http://3373.live.streamtheworld.com:80/CBC_R1_COR_H_SC
http://2073.live.streamtheworld.com:80/CBC_R1_EDM_H_SC
http://2783.live.streamtheworld.com:80/CBC_R1_EKW_H_SC
http://2913.live.streamtheworld.com:80/CBC_R1_FRD_H_SC
http://2893.live.streamtheworld.com:80/CBC_R1_GBA_H_SC
http://2093.live.streamtheworld.com:80/CBC_R1_GFA_H_SC
http://3383.live.streamtheworld.com:80/CBC_R1_HFX_H_SC
http://3593.live.streamtheworld.com:80/CBC_R1_INK_H_SC
http://1661.live.streamtheworld.com:80/CBC_R1_IQA_H_SC
http://3143.live.streamtheworld.com:80/CBC_R1_KAM_H_SC
http://9453.live.streamtheworld.com:80/CBC_R1_KEL_H_SC
http://3143.live.streamtheworld.com:80/CBC_R1_LDN_H_SC
http://1531.live.streamtheworld.com:80/CBC_R1_MCT_H_SC
http://6093.live.streamtheworld.com:80/CBC_R1_MTL_H_SC
http://3903.live.streamtheworld.com:3690/CBC_R1_MTL_H_SC
http://1591.live.streamtheworld.com:80/CBC_R1_N_MTL_H_SC
http://1671.live.streamtheworld.com:80/CBC_R1_OTT_H_SC
http://9453.live.streamtheworld.com:80/CBC_R1_PRG_H_SC
http://2953.live.streamtheworld.com:80/CBC_R1_QQU_H_SC
http://9453.live.streamtheworld.com:80/CBC_R1_REG_H_SC
http://3143.live.streamtheworld.com:80/CBC_R1_SNB_H_SC
http://6733.live.streamtheworld.com:80/CBC_R1_SNF_H_SC
http://2963.live.streamtheworld.com:3690/CBC_R1_SNF_H_SC
http://5463.live.streamtheworld.com:80/CBC_R1_SSK_H_SC
http://5463.live.streamtheworld.com:80/CBC_R1_SUD_H_SC
http://6093.live.streamtheworld.com:80/CBC_R1_SYD_H_SC
http://6693.live.streamtheworld.com:3690/CBC_R1_SYD_H_SC
http://1671.live.streamtheworld.com:80/CBC_R1_TBA_H_SC
http://6693.live.streamtheworld.com:80/CBC_R1_TOR_H_SC
http://1451.live.streamtheworld.com:3690/CBC_R1_TOR_H_SC
http://3903.live.streamtheworld.com:80/CBC_R1_VCR_H_SC
http://6093.live.streamtheworld.com:3690/CBC_R1_VCR_H_SC
http://1651.live.streamtheworld.com:80/CBC_R1_VIC_H_SC
http://2093.live.streamtheworld.com:80/CBC_R1_WDR_H_SC
http://1671.live.streamtheworld.com:80/CBC_R1_WHS_H_SC
http://1661.live.streamtheworld.com:80/CBC_R1_WPG_H_SC
http://2953.live.streamtheworld.com:80/CBC_R1_YKN_H_SC
http://1651.live.streamtheworld.com:80/CBC_R2CLAS_H_SC
http://9433.live.streamtheworld.com:80/CBC_R2_EDM_H_SC
http://3143.live.streamtheworld.com:80/CBC_R2_HFX_H_SC
http://8653.live.streamtheworld.com:80/CBC_R2_IET_H_SC
http://5523.live.streamtheworld.com:80/CBC_R2_IPT_H_SC
http://2073.live.streamtheworld.com:80/CBC_R2_TOR_H_SC
http://2793.live.streamtheworld.com:80/CBC_R2_VCR_H_SC
http://3023.live.streamtheworld.com:80/CBC_R2_WPG_H_SC
http://1942.live.streamtheworld.com:80/CBC_RBSOUL_H_SC
http://2973.live.streamtheworld.com:80/CBC_ROCK01_H_SC
http://2093.live.streamtheworld.com:80/CBC_ROCKCL_H_SC
http://1952.live.streamtheworld.com:80/CBC_SINSON_H_SC
http://2773.live.streamtheworld.com:80/CBC_WORLDM_H_SC
http://ice.somafm.com/bagel-64.aac
http://ice.somafm.com/beatblender-64.aac
http://uwstream2.somafm.com:2000
http://ice.somafm.com/bootliquor-64.aac
http://uwstream2.somafm.com:8048
http://ice.somafm.com/brfm-64.aac
http://ice.somafm.com/christmas-64.aac
http://ice.somafm.com/cliqhop-64.aac
http://ice.somafm.com/covers-64.aac
http://ice.somafm.com/deepspaceone-64.aac
http://ice.somafm.com/defcon-64.aac
http://uwstream2.somafm.com:8906
http://ice.somafm.com/digitalis-64.aac
http://ice.somafm.com/doomed-64.aac
http://uwstream2.somafm.com:8100
http://ice.somafm.com/dronezone-64.aac
http://ice.somafm.com/dubstep-64.aac
http://uwstream2.somafm.com:5106
http://ice.somafm.com/earwaves-64.aac
http://ice.somafm.com/folkfwd-64.aac
http://xstream1.somafm.com:3000
http://ice.somafm.com/groovesalad-64.aac
http://xstream1.somafm.com:8504
http://ice.somafm.com/illstreet-64.aac
http://xstream1.somafm.com:8070
http://ice.somafm.com/indiepop-64.aac
http://ice.somafm.com/jollysoul-64.aac
http://uwstream2.somafm.com:8808
http://ice.somafm.com/lush-64.aac
http://ice.somafm.com/missioncontrol-64.aac
http://ice.somafm.com/poptron-64.aac
http://xstream1.somafm.com:9010
http://ice.somafm.com/secretagent-64.aac
http://ice.somafm.com/sf1033-64.aac
http://ice.somafm.com/sonicuniverse-64.aac
http://xstream1.somafm.com:8200
http://ice.somafm.com/spacestation-64.aac
http://uwstream2.somafm.com:8854
http://ice.somafm.com/suburbsofgoa-64.aac
http://ice.somafm.com/thetrip-64.aac
http://uwstream2.somafm.com:2406
http://ice.somafm.com/u80s-64.aac
http://ice.somafm.com/xmasinfrisko-64.aac
http://ice.somafm.com/xmasrocks-64.aac

One last file we need to get setup is /etc/default/bluetooth and then we reboot (and make sure your BT speaker is in BT mode…..on the pill you need to press the big b button so the bluetooth LED turns on in the back).

Screen Shot 2014-12-29 at 10.09.06 PM

If you’ve made it this far, during the Pi boot cycle the Beatspill should have beeped signifying a bluetooth connection. Hopefully :-). If it doesn’t take the next step with the mpc commands. If it still doesn’t work after the mpc commands (to get mpd playing some streams) then something has gone wrong. You need to troubleshoot.
Now login and get to root shell and follow along for a quick audio test using mpc command.
Screen Shot 2014-12-30 at 11.45.47 AM
Hopefully you got everything working with BT and you’re hearing music now. If not, stop and do some googling. For sake of completeness I’ve put the commands I usually use to troubleshoot. Basically find the Beatspill MAC address, try connecting to it (mine barfs in the picture below since it’s already connected), disconnect and reconnect. Kick mpd since it can loose it’s mind if you take the audio interface away. Once mpd has restarted, get mpc to kick off the tunes by tuning into item 99 from the playlist (yeah I like the 80’s).
Screen Shot 2014-12-30 at 11.52.25 AM
Next we need to install python-pip (to get the “pip” command). Use “apt-get install python-pip” to install it (don’t worry about version 2.6 install of python, python 2.7 will still be the default).
Screen Shot 2014-12-30 at 3.04.15 PM
Okay, this next bit is a bit hairy. You need to follow it right until I finish editing /etc/modprobe.d/raspi-blacklist.conf and only then do you reboot……If you reboot like the picture shows below, you’ll end up with a white screen on the PiTFT. The Pi is still working, so worst case, put up with the white PiTFT screen, ssh, and make the three changes to the three files in /etc and give it another reboot…..and viola, PiTFT should be back and good to go. So lets update everything by doing the 3 commands in the below picture. REMEMBER DO NOT REBOOT…..KEEP GOING AND EDIT THE NEXT 3 FILES, THEN REBOOT.
Screen Shot 2014-12-30 at 2.51.49 PM Screen Shot 2014-12-29 at 11.39.14 PM
Add ipv6, stmpe_device, gpio_backlight_device, gpio_keys, gpio_keys_device and btusb to /etc/modules to make the kernel load them. We need these for later when we play around with the buttons using triggerhappy service. You don’t strictly need ipv6, but heck it might be useful later.
Screen Shot 2014-12-30 at 11.29.30 AM
Next we set the options for the modules we’re loading. If your took the reboot too soon and you screen went white the problem is this file. Note that I’ve commented the first line and put in the second line (I believe adafruit had their TFT named in their kernel module, but after the kernel update — above — the new module has pitft instead. There are some comments in there as well to explain the GPIO button assignment and it’s interface with triggerhappy (later).
Screen Shot 2014-12-31 at 4.09.58 PM
This file just needs a single comment. You’ll see later why we need this.
Screen Shot 2014-12-30 at 11.33.21 AM
Okay….still with me…..good. Now we need to configure the triggerhappy service so it can respond to the four PiTFT buttons.
Screen Shot 2014-12-30 at 12.44.21 PM
I’ve configured the buttons as (from left to right):
  1. shutdown -h now
  2. mpc play and start the pygame graphical UI (does not come up at boot. Only when you press this button). More on this later, below.
  3. mpc play and mpc prev. This button starts playing and then goes to the previous playlist item (previous radio station). The mpc play is not crucial. I just have it there to force start mpd if it’s not already playing something.
  4. mpc play and mpc next. This button starts playing and then goes to the next playlist item (next radio station). The mpc play is not crucial. I just have it there to force start mpd if it’s not already playing something.

If you want to configure your own commands you need the appropriate KEY_XXXX kernel strings and the key numbers are at this website (https://github.com/torvalds/linux/blob/master/include/uapi/linux/input.h). The numbers are options in /etc/modprobe.d/adafruit.conf file and the corresponding KEY_XXXX entries end up in /etc/triggerhappy/triggers.d/mpc.conf. More info on gpio_keys_device module is here (https://github.com/notro/fbtft_tools/wiki/gpio_keys_device). A good reference for triggerhappy and other PiTFT stuff is here (https://github.com/notro/fbtft/wiki/FBTFT-shield-image), under triggerhappy (thd) heading. Also check out the man pages for thd.

We also need to modify the system startup script for triggerhappy so that it starts as user root (by default it starts as nobody). If we don’t do this we will not be able to run our nice ui python file later on from the buttons. Make the changes to DAEMON_ARGS variable (I’ve commented the original in the pic below), change “nobody” to “root”.
Screen Shot 2014-12-30 at 3.29.49 PM
In the next step we’ll reconfigure the init process to bypass login on console 1 (on PiTFT) and disable all the other consoles (we’re not using them and they waste memory). Once login has been bypassed we can freely run ncmpcpp on the PiTFT during boot. For this we need to create two files in /root. First /root/.ncmpcpp/config and then a shell script (don’t forget to chmod 700 it so you can execute it) called ncmpcpp.sh which we’ll call from /etc/inittab later.
Screen Shot 2014-12-30 at 1.02.11 PMScreen Shot 2014-12-30 at 1.06.32 PM
Note: MAKE SURE YOU “chmod 700 /root/ncmpcpp.sh”, otherwise you could end up with a infinite boot loop which is not fun.
Screen Shot 2014-12-30 at 1.13.58 PM
The contents of my /etc/inittab are here (be extremely careful when changing things in here).

# /etc/inittab: init(8) configuration.
# $Id: inittab,v 1.91 2002/01/25 13:35:21 miquels Exp $
# The default runlevel.
id:2:initdefault:
# Boot-time system configuration/initialization script.
# This is run first except when booting in emergency (-b) mode.
si::sysinit:/etc/init.d/rcS
# What to do in single-user mode.
~~:S:wait:/sbin/sulogin
# /etc/init.d executes the S and K scripts upon change
# of runlevel.
#
# Runlevel 0 is halt.
# Runlevel 1 is single-user.
# Runlevels 2-5 are multi-user.
# Runlevel 6 is reboot.
l0:0:wait:/etc/init.d/rc 0
l1:1:wait:/etc/init.d/rc 1
l2:2:wait:/etc/init.d/rc 2
l3:3:wait:/etc/init.d/rc 3
l4:4:wait:/etc/init.d/rc 4
l5:5:wait:/etc/init.d/rc 5
l6:6:wait:/etc/init.d/rc 6
# Normally not reached, but fallthrough in case of emergency.
z6:6:respawn:/sbin/sulogin
# What to do when CTRL-ALT-DEL is pressed.
ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
# Action on special keypress (ALT-UpArrow).
#kb::kbrequest:/bin/echo "Keyboard Request--edit /etc/inittab to let this work."
# What to do when the power fails/returns.
pf::powerwait:/etc/init.d/powerfail start
pn::powerfailnow:/etc/init.d/powerfail now
po::powerokwait:/etc/init.d/powerfail stop
# /sbin/getty invocations for the runlevels.
#
# The "id" field MUST be the same as the last
# characters of the device (after "tty").
#
# Format:
#  :::
#
# Note that on most Debian systems tty7 is used by the X Window System,
# so if you want to add more getty's go ahead but skip tty7 if you run X.
#
1:2345:respawn:/sbin/getty  --skip-login --login-program /root/ncmpcpp.sh 38400 tty1 
#1:2345:respawn:/sbin/getty --autologin pi --noclear 38400 tty1 
#1:2345:respawn:/sbin/getty --noclear 38400 tty1 
#2:23:respawn:/sbin/getty 38400 tty2
#3:23:respawn:/sbin/getty 38400 tty3
#4:23:respawn:/sbin/getty 38400 tty4
#5:23:respawn:/sbin/getty 38400 tty5
#6:23:respawn:/sbin/getty 38400 tty6
# Example how to put a getty on a serial line (for a terminal)
#
#T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
#T1:23:respawn:/sbin/getty -L ttyS1 9600 vt100
# Example how to put a getty on a modem line.
#
#T3:23:respawn:/sbin/mgetty -x0 -s 57600 ttyS3
#Spawn a getty on Raspberry Pi serial line
#T0:23:respawn:/sbin/getty -L ttyAMA0 115200 vt100

Now, once more, before we reboot and screw it all up make sure you can run /root/ncmpcpp from command line ssh. You should see a clock. Press “q” to exit. Good…..now reboot and hopefully if you didn’t screwup you should see a nice console screen with the clock on you PiTFT.

IMG_1467

 

I’m playing something here. You will need to give Wifi a chance to get settled before pressing the previous/next buttons (3rd and 4th buttons from the left).

Now lets move onto getting the second button to work (i.e. the nice pygame gui). The original source for this came from https://github.com/ISO-B/pmb-pitft. I’ve done a bunch of changes, since I use the Pi for radio only and radio stations do not adhere to the Artist – Title standard. You can use the original code, but since the program is not getting the right info the last.fm pics and the info are wrong. The other change I’ve done is show the artist picture from last.fm if the album information is missing — which is the case when you’re playing internet radio. Almost all radio stations I’ve come across show Artist – Song Title, not Album Name.
You can download my version (https://dl.dropboxusercontent.com/u/3665206/pmb-pitft.tgz) as a tar file and open it up in /home/pi/ folder using “tar -zxvf ./pmb-pitft.tgz” (assuming the file is in /home/pi to start the tar extraction).
You’ll also need the pylast library to get lastfm information, so lets install it using “apt-get install python-pylast”. Once that’s done edit the ui.py file (in /home/pi/pmb-pitft/pmb-pitft folder) and change the API_KEY, API_SECRET, username and password to your accounts credentials (API_KEY and API_SECRET are at http://www.last.fm/api/account once you login to your account).
Screen Shot 2014-12-30 at 3.16.25 PM
Now let’s make sure the extraction went okay. Assuming you’ve followed my instructions if you issue “/usr/bin/python /home/pi/pmb-pitft/pmb-pitft/ui.py” from /home/pi folder, you should see a nice gui on pitft like below.
IMG_1469
Make sure this command works, since our 2nd button on pitft is hardwired to run this command when you press it.
Okay assuming you’re still with me. One more thing we need to do is to change the console fonts to make the ncmpcpp “clock” screen a bit better looking. This is the standard procedure that’s explained in other places as well (adafruit). You need to run the command “dpkg-reconfigure console-setup” and follow the screens.
Screen Shot 2014-12-30 at 3.48.46 PM Screen Shot 2014-12-30 at 3.48.52 PM Screen Shot 2014-12-30 at 3.49.10 PM Screen Shot 2014-12-30 at 3.49.19 PM
Once this process finishes, you’ll end up with a clock startup screen like this.
IMG_1470
And again from left to right the buttons will do “Shutdown -h now”, pygame ui, Previous Song, Next Song. As I type this I’m getting bad sectors on the Pi (cheap SD card I guess), so I’m off to backup everything. You should do the same RIGHT NOW :-).
At this point you can go off exploring (You did create a backup right?). I would check out adafruits page on pitft resistive (https://learn.adafruit.com/adafruit-pitft-28-inch-resistive-touchscreen-display-raspberry-pi?view=all) and start paying attention about halfway down the page around “sudo reboot and look at the console output” paragraph (Just search for it on the page), where it starts talking about calibrating the screen for X and stuff. Frankly I found the default calibration pretty good.
For a really good web interface that literally takes 2 minutes to setup check out ympd (http://www.ympd.org/). It’s so simple (specially if you grab the precompiled executable), no configuration, no rocket science……oh and did I say it looks great :-).
ympd_playlist

Not sure why this is such a mystery, but it took the better part of the day to troubleshoot. The main issue with forum posts is that people have the right idea/intention, but the forum software mistreats the actual command line/short code. Spacing really really (did I say really) matters. I’m assuming that you’re using the default player definition that comes with the plugin. If you need to change it then make the appropriate change to this code as well. The code to get both RTMP and HLS working depends on defining both of those sources. In my case the source is my Wowza Server and I have two URI’s:

1) For HLS I use http://wowza.server.ip.address:1935/live/many/playlist.m3u8

2) For RTMP I use rtmp://wowza.server.ip.address:1935/live/many

Obviously as you can see my Wowza application is “live” and the stream instance name is “many”. So for this to work transparently in HTML (HLS) and Flash (RTMP) environments you need the following code inserted into a post or page in wordpress (make sure you do it in Text view, NOT Visual view):

[player sources="{ file: 'http://wowza.server.ip.address:1935/live/many/playlist.m3u8'},{ file: 'rtmp://wowza.server.ip.address:1935/live/many'}"]

NOTE: The above code intentionally starts with [player….Please replace it with jwplayer instead. I can’t seem to put the code in properly without the plugin — installed on this site — interpreting the code as shortcode.

Also, I can not be more clear…..SPACES DO MATTER HERE…..SO PAY ATTENTION!!!

NAB2014 Report

datePosted on 15:11, April 18th, 2014 by Many Ayromlou

DEKTEC: DekTec introduced the DTA-2180 low profile PCIe H.264 encoder. The DTA-2180 is a low latency — 150 to 600 ms — H.264 hardware encoder based on the Magnum chipset. It supports MPEG-2 and H.264 and up to 16 channels of audio. Audio can be encoded as AC-3, AAC or MPEG-1 Layer 2. The DTA-2180 offers a 10 bit 4:2:2 option for contribution encoding.The DTA-2180 has a 3G –SDI and HDMI input and an ASI output. The compressed stream output — TS encapsulated H.264 or mpeg-2 — is also available on the PCIe for real time streaming, processing and recording.1

NIMBUS: The WiMi6400T and WiMi6400R provides high quality Full HD encoding/decoding function with low latency of 40ms for encoding and decoding, each. It supports wide range of encoding rate from 1Mbps ~ 30Mbps for the high quality video for video broadcasting. WiMi6400T provides RTSP streaming server functionality. WiMi6400T also can be used as an real-time MPEG-2 TS/UDP streaming server with linear PCM audio for IPTV network. It supports one-to-many multicasting function over Ethernet LAN or IP network. So, there is no restriction on the numbers of receiver in Ethernet LAN or IP networks.2

VIOLIN MEMORY: Violin Memory’s 6000 Series flash Memory Arrays are all-silicon shared storage systems built from the ground up, harnessing the power of flash memory and delivering industry-leading performance and ultra-low data access latencies. A single 3U array delivers more than 1 million IOPS with consistent, spike-free latencies in microseconds. Violin Memory is uniquely positioned to deliver flash memory systems that can compete with performance disk from a cost for raw capacity perspective, even before taking into account the potential benefits of features like deduplication. This is possible because 6000 Series flash Memory Arrays are purpose built with flash components sourced through Violin Memory’s unique and strategic alliance with industry leader Toshiba. The core of the 6000 is the Flash Memory Fabric. The Flash Memory Fabric is a resilient, highly available deep mesh of thousands of flash dies that work in concert to continuously optimize performance, latency, and longevity. All of the active components of the Flash Memory Fabric are hot-swappable for enterprise grade reliability and serviceability. 6000 Series flash Memory Arrays connect natively to existing 8Gb/s Fibre Channel, 10GE iSCSI, and 40Gb/s Infiniband network infrastructures.3

TOSHIBA: ExaEdge™ by Toshiba is a next generation SSD-based edge streaming server with extra low power consumption. It allows you to stream large numbers of concurrent high quality video streaming sessions with low host CPU and memory resource utilization. ExaEdge™ adopts Toshiba’s NPEngine™, the world’s first direct SSD-to-IP embedded hardware technology. ExaEdge™ ExaEdge offers direct storage access from SSD as an embedded hardware solution, in 2RU compact-size server. The resulting performance is capable of sending up to 64,000 simultaneous sessions with the total host CPU usage at less than 12%. Modern video distribution over IP, like OTT streaming, leverage the existing HTTP-based caching functionalities. Unlike the traditional IPTV network which is basically adopting specialized network architectures, in adaptive bitrate scenarios HTTP chunks can be cached by traditional cache server at the edge to be then redistributed with lower latency.4 5

NHK: NHK was at NAB this week, quietly showing off footage shot with a Super Hi-Vision 8K camera, affectionately known as the Cube. The Cube camera is surprisingly compact  at 2 kg, since, it records to one of the only 8K HEVC real-time encoders in the world. It’s essentially a housing where the mammoth sensor and lens mount live, along with necessary connections. But even though it’s a simple design, it delivers an amazing resolution of 7680 x 4320 pixels. 8K is a great format that could rival IMAX and be excellent for big events that can be beamed around the world and give spectators who can’t make an event the opportunity to experience it in a way that all other formats before it could only dream to do. And NHK is planning on broadcasting the 2016 Summer Olympics in Rio in 8K.6 7

4EVER: 4Ever showed demos at NAB 2014 of MPEG DASH. The DASH demo featured a way to deliver content that’s adaptive, bit-rate streaming. It has four different HEVC encodes of original 4K content that it encoded at several bit rates, including a 14.5 and 11.5 Mbps for 4K content, 5.8 and 3.7 Mbps for a 1080 version, and a 720 version of that, which can stream at 2.9 or 1.8 megabits per second. The monitor runs a Chrome browser with HTML5 support which can only show a 4K/30 frame image. To show adaptive streaming, they randomly switched from one bit stream to the other, showing this data on the monitor.  The changes were seamless, but you do see a change in picture quality.8

VISION 3 IMAGING: Vision III Imaging demonstrated 4K 60p parallax scanned imagery and its Real Shot™ parallax induction technology. Parallax scanning is a technique for capturing three-dimensional depth information over time using one  camera and one lens. V3 imagery can be displayed on a standard display without 3D glasses or special screens. Real Shot is a parallax induction technique that also embeds three-dimensional parallax information into Internet or mobile digital advertising. Parallax scanning is accomplished using a digital parallax scanner (DPS). The DPS is a moving iris mechanism that is inserted into the optical path of a lens. When the iris is moved off the center of the lens, it records a different point of view at the plane of focus. The DPS iris scans in a circle around the center of the lens, making it possible to capture 360° of parallax information using a single lens.

RENEWED VISION: With its new Multiple Screen functionality, ProVideoPlayer 2 ($999) makes it easier than ever to create multi-screen presentations from a single computer with support for multiple graphics cards and easy mapping within each card and across multiple cards. Users can also add external graphics processors to each one of these graphics card outputs for even more screens, as well as add outputs that are not yet connected to a physical output, allowing shows to be pre-built off-site prior to the event. PVP 2 supports Multiple Layers, which afford the flexibility to create unique looks and allow the user to take full advantage of multiple screens. A layer is merely a video channel, so multiple layers are also great for a single screen environment where layering, textures, or PIPs are desired.10

THUNDERBOLT 2 Mobile 4K Workflow: HP showing 4K real-time streaming off a BMDC and 4K real-time playback from thunderbolt 2 little big disk all run through HP’s new Z series Laptops on a 21:9 screen.11

SILICON POWER: Silicon Power Thunder T11 is not only the lightest but also the smallest Thunderbolt™ SSD on the market. Featuring extremely small and featherweight design, Thunder T11 is half the size of ordinary storage devices and only weights 65g. Silicon Power’s Thunder T11, which enhances storage solution with Thunderbolt™ SuperSpeed I/O technology, is three times the speed of USB 3.0 HDD and delivers transfer rates up to Read/Write 380MB/340MB/sec.12

360HEROS: 360 degree shooting Hexacopter using 3-D printed Go-Pro3 mounts.13

ERICSSON: Showing 100 Mb/s (4x25Mb/s) live UHDTV broadcast using DVB-S2 extensions to broadcast true 4Kp60 over the air.35

LACIE: The LaCie 8Big Rack is the company’s first Thunderbolt 2 rackmount storage solution, featuring up to eight 6TB 7200RPM hard drives and delivering speeds of up to 1330 MB/s. The 8big Rack also features easy access to components and tool-free maintenance of the included power supplies units, fans, and disks, all while offering a cooling system with three fans that conducts heat away from vital components. The 8big Rack will be offered in 4-disk (12TB) or 8-disk (24TB and 48TB) configurations.16

SKYPE: Skype has been an essential tool in the production of podcasts and newscasts for years, and today Microsoft has announced a professional-grade version of the app designed specifically for the media industry. It’s called Skype TX and is intended to be used in studio environments; you won’t be using this to record a podcast in your bedroom. Skype TX is described as an “easy-to-use hardware and software combination that allows Skype video calls from anywhere in the world to be seamlessly integrated into any production.” It plays nice with industry standards by outputting calls in full-frame HD-SDI formats.

LIVESTREAM: Livestream announced a pair of production switchers: the HD510 and HD1710. The HD510 is a portable version with an integrated touch display, yet it’s still full featured with 5 SDI inputs. The rack mounted HD1710 is at the other end of the spectrum. It features up to 17 inputs and can drive 4 displays. They also announced Livestream Studio Control Surface a modular control surface with 5 assignable tracks, T-Bar and audio mixer and USB connection to Livestream Studio.19

AJA: CION™ is the new 4K/UHD and 2K/HD production camera from AJA. Record directly to Apple ProRes 422 and 444 at up to 4K 60fps or output AJA Raw at up to 4K 120fps.20

DIGITAL BOLEX: Digital Bolexs’ new monochrome 16mm camera, dubbed the D16M, has the same form factor as the original D16, but there’s a significant change under the hood. D16M sports a native black and white sensor for highest quality monochromatic capture without the need to debayer, retaining a higher sensativity to light and preserving the full dynamic range of the sensor.

Here are the technical specs:

  • Kodak native monochrome sensor
  • Same resolution options as D16: Super 16mm (2K), 16mm (HD), and Super 8 (720p)
  • No OPLF filter to further maximize fine details
  • ISO 100, 200, 400, 800
  • 500GB Hard Drive21 22

 

 

BLACKMAGIC: The new Blackmagic 4K URSA camera is weird, featuring a 4K Super 35mm global shutter sensor, real camera form factor, a built-in 10.1″ 1920 x 1200 fold out display, and two 5” 800 x 480 displays. Not only that, but it has both interchangeable lenses and sensors, meaning you’ll be able to upgrade to a better sensor at home removing a few screws when a better one is available. Here are the specs: 

  • 21.12mm x 11.88mm — Super 35mm Global Shutter 4K CMOS Sensor (Probably the same as current Blackmagic Production Camera 4K)
  • Interchangeable Lens Block
  • 3840 x 2160 — 24/25/60fps
  • 1920 x 1080 — 24/25/30/50/60fps
  • ProRes HQ and Lossless Compressed RAW
  • 12 Stops Dynamic Range
  • EF/PL/B4/ or No Mount
  • Two CFast 2.0 Slots for Media Recording
  • 1 x 10.1” 1920 x 1200 Fold Out Non-Touch Screen
  • 2 x 5” 800 x 480 Touch Screens
  • SDI Video Output: 1 x 12G-SDI 10-bit 4:2:2. 1 x 3G-SDI down converted for external monitoring
  • SDI Video Input: 1 x 12G-SDI
  • Ref Input: 1 x Reference Input
  • Timecode In/Out
  • 2 XLR Inputs
  • 2 SDI Audio Out
  • Headphone Jack
  • 1 x 2.5mm LANC for Rec Start/Stop, Iris Control and Focus.
  • Power: 12V 4-pin XLR In/Out (Can take battery plates for Gold Mount and V Mount)
  • Availability: July?
  • Price: $6,000 for EF, $6,500 for PL23 24

Blackmagic also seeks entry into the broadcast-camera market with its newly announced Studio Camera, available in Full HD and 4K (Ultra HD) models. Designed for live broadcast applications, the Blackmagic Studio Camera sports a unique design with a massive 10″ LCD screen, built-in 4 hour battery, and a set of features you’d expect to see in large studio cameras, such as built-in talkback and tally indicators. Intended to meet the needs of a variety of live broadcast applications, the Blackmagic Studio Camera provides the connections required to fit into those environments. Connections include SDI (3G on the HD version and 12G on the 4K version) and optical fiber video inputs/outputs, XLR audio connections, reference, LANC remote control, and a 4-pin XLR power input. The camera features an active Micro Four Thirds lens mount that is compatible with a wide range of lenses via third-party adapters, opening the door for the use of common DSLR lenses to PL-mount cinema lenses, and even B4 ENG lenses.25

SOLOSHOT: The surprisingly affordable soloshot 2 ($399) will follow a tracker that someone can wear or you can slap on something so you don’t have to do a thing. Put on the tracker, set up your camera with SOLOSHOT 2, and catch a wave with the perfect video. It features vertical tracking, automatic zoom, and the kit even includes a tripod for you to get started. It’s got a range up to 2,000 feet and 360 degree horizontal tracking.26

 

BRUSHLESSGIMBALS: Gimbi is a lightweight, easy to carry, simple to use, power-and-go, 2 axis handheld brushless gimbal for the GoPro. With Gimbi™, you can shoot videos and photos as smooth as the pros.
Key Features
– Adjustable cellphone stand permits use of cellphone as monitor
– Super-smooth tilt control with thumb pad (Controllable pitch 90 degrees)
– Increased auto leveling accuracy and battery efficiency due to built-in brushless motor encoders.
– 2 hour use time on one charge
– Includes four rechargeable batteries and battery charger27

 

JIGABOT: Jigabot’s AIMe is a pill-shaped tripod mount that automatically follows your subject—keeping it in frame—in case you’re shooting video by yourself. It uses infrared markers and swivels and tilts using complex algorithms powered by a quad-core ARM processor.28

 

CEREVO: Crevos’ LiveWedge ($999) provides easy control via smartphone/tablet app. The rotary control unique to the app enables slow transition, which is more difficult with a physical T-Bar. LiveWedge supports PiP and chroma key as well as all the basic transitions such as wipe, fade, cut and etc. Livewedge has a SD card slot and users can record 1080/30p (H.264) Full HD Video on it while switching! You can also use videos and images from the SD card as the video source. Streaming is built into LiveWedge. 720/30p HD Live streaming and 1080p HD video switching are available in one device! Supported streaming platforms include Ustream, Youtube Live and your own servers are all supported.29

 

PESA: PESA showed their brand new Xstream Live Streaming mobile solution, co-developed by Ryerson students. They also received the NewBay Media Best of Show Award at NAB.

36

COMREX: Comrex LiveShot™ delivers live video over a range of IP networks. LiveShot is used by TV stations and networks to deliver high quality, low latency (200ms) video from anywhere Internet access is available. LiveShot is especially optimized to perform well on challenging IP networks like 3G, 4G and satellite links. For optimal video quality, LiveShot encodes with H.264 HIGH profile. In addition to standard AAC audio coding, LiveShot utilizes HE-AAC and AAC-ELD audio coding, both reducing network bandwidth and lowering delay. LiveShot can encode and decode an audio/video stream with less than 200mS delay. LiveShot delivers full-duplex video and stereo audio between the field portable and studio rackmount systems. In addition, a full-duplex cue channel is available between the portable and studio units. On the portable, the return audio/video channel is delivered via output connectors. The cue channel is accessible on the portable via wired headset or Bluetooth audio to a wireless headset30

 

PANASONIC: The Lumix GH4 camera body and its 16MP CMOS Micro Four Thirds sensor will cost $1700, while the optional YAGH pro audio/video interface unit is available for an extra $2,000. The GH4 can shoot 4K at 30/25/24fps at 100Mbps using ALL-Intra compression. At 1080p that rises way beyond broadcast standard to 200Mbps. There are two 4K formats available too: the standard 3840 x 2160 resolution at 30/25/24p, or the cinema widescreen 4096 x 2160 resolution available at 24p only. When writing to SD card the camera captures 4K video with 8-bit colour and the data rate is limited to 100Mbps. Use an optional accessory – the Panasonic DMW-YAGH, which is about as big as the GH4 body – and its four SDI ports that can be used in tandem to extract uncompressed 4K at 10-bit colour. Power input, independent volume adjustment and twin XLR sockets ensure everything a broadcast pro is here – but only via the DMW-YAGH.31

The HX-A500 shoots a resolution of 3840×2160; so ultra HD. Sub 4K resolutions include 1080 up to 50p, and 720 up to 100p. Un surprisingly it shoots to an MPEG-4 AVC/H.264 codec in an .mp4 wrapper.

The camera has a perhaps slightly disappointing variable bit rate, half that of the GoPro Hero 3+. Here’s the breakdown:

  • 3840×2160/25p (Max. 72Mbps / VBR)
  • 1920×1080/50p (Max. 28Mbps / VBR)
  • 1920×1080/25p (Average 15Mbps / VBR)
  • 1280×720/50p (Average 15Mbps / VBR)
  • 1280×720/25p (Average 9Mbps / VBR)

The camera has a fixed focal, fixed f/2.8 aperture lens. It has a few different white balance presets including Auto / Indoor1 / Indoor2 / Sunny / Cloudy / White set. The shutter is listed as variable, from 1/25th-1/12000. The HX-A500 has an in-built image stabilizer, with an angle of view currently listed as only 160°.32

 

JVC: JVC has now also entered the large sensor market. And that this intriguing little camera covers super35mm on an MFT mount. In terms of specs the JVC GY-LSX2 has some really intriguing figures to offer. Not only is it very small and looks very ergonomic to handle, but it offers 4K with frame rates up to 30p as well as a slow motion feature at 2K resolution that will go up to 240fps. The footage is being recorded internally with an h.264 kind of codec. The JVC GY-LSX2 is announced with a price point “under $6000″ and to come at the end of 2014.33

 

The bigger brother, called GY-LSX1 will feature a higher framerate (60p) at 4K resolution, offer a shoulder-mount form factor and seems to come in at around twice the price of the small one.34

 

That’s it for now……This years buzz words: 4K, UHDTV, HEVC, H.265, OTT (Over The Top)….see you all next year :-)

Proxmox VPS for web development recipe….

datePosted on 17:17, March 10th, 2014 by Many Ayromlou

A little while ago our web developer asked me to look into proxmox containers and how we could take advantage of it to setup a development environment for him. The idea was to use the power of linux containers and enable him to develop fully functional/accessible sites in a private container. Here are the steps we will cover in this article:

  • Install proxmox on a machine with a single public IP address
  • Secure the machine with ufw to only allow connections from a specific IP address space
  • Setup a admin user other than root for proxmox admin interface
  • Setup proxmox to use the single IP address and the vmbridge for masquerading
  • Setup two Linux Ubuntu 12.04 containers with private addresses and enable the to access the internet via the bridge
  • Setup Apache on the proxmox host and configure it to do reverse proxy for the two ubuntu containers
  • Setup DNS (for the container instances) to point to proxmox host and test to make sure the “private” containers are accessible from Internet
  • Tighten up security on the reverse proxy on the proxmox host
  • Optionally only allow access to the proxy from specific IP address space

To do all this you need to download proxmox ISO file and burn it to a CD. Go through the installation of proxmox and set up the “host” with the single pubic IP address. This is simple enough so I’m not gonna cover it here. Once you have this setup you should be able to point your browser at the IP address (https://aaa.bbb.ccc.ddd:8006). NOTE: I will use aaa.bbb.ccc.ddd as the representation of the publicly available IP throughout.

Next we need to secure access to the host to only allow connections from a specific IP address space. In my case that’s the University network — 141.117.0.0/16 — this is optional. We need to make sure ufw is installed. We also need to make sure ufw is allowing incoming connections by default and then block everything except access from the University network:

ufw default allow incoming
ufw allow proto tcp from 141.117.0.0/16 to any port 8006
ufw deny proto tcp from any to any port 8006
ufw allow proto tcp from 141.117.0.0/16 to any port 3128
ufw deny proto tcp from any to any port 3128
ufw allow proto tcp from 141.117.0.0/16 to any port 111
ufw deny proto tcp from any to any port 111
ufw allow proto tcp from 141.117.0.0/16 to any port 22
ufw deny proto tcp from any to any port 22
ufw enable

Note that I’m assuming your ssh connection to the host is via the University network (141.117.0.0/16). Make adjustments to this if it’s not, otherwise you might lock yourself out. These basic rules will plug all the holes accessible publicly and only allow connections from our University network (141.117.0.0/16).

Setting up users in proxmox is a bit weird. You have to add a regular Unix user to the proxmox host environment and then add the user to proxmox later and give it permissions and roles. Here I will use a user “myadmin” to create something for our web developer to use.

useradd -m -s /bin/bash -U -G sudo myadmin

This will create a account “myadmin”,  join it to primary group “myadmin”, assign it /bin/bash as shell and make it part of the group “sudo” — which will allow the user to use the sudo command in the future. Next on the proxmox web interface we need to create a Admin group called “Admin”. In the proxmox interface we click on the Datacentre in the left pane and go to Groups and click the Create button. Call the group “Admin”. Now go to Permissions tab in the right pane. We need to create a Administrator Group Permission to assign to our “Admin” group. Click Add Group Permission (right below the tabs in this pane) and fill it in like below:

Screen Shot 2014-03-10 at 3.02.51 PM

 

In this window the path: / means the entire Datacentre (including the host and the containers/VM’s). You might want to adjust this. The Role “Administrator” is a predefined role that is pretty much the same as root. Now that our group “Admin” has the “Administrator” role for the entire Datacentre, we want to make the user “myadmin” — which is a unix account right now — be part of that, effectively creating another “root” account for our web developer. So back to the Users tab we click Add and create our new user (really just add the Unix user to proxmox):

Screen Shot 2014-03-10 at 3.15.42 PM

 

Okay, so now test and make sure you can access the host via ssh using myadmin as user, also make sure you can sudo to root on the host and check the web interface and ensure the myadmin account can login and see all the goodies in the data centre. Otherwise stop and fix.

At this point login/ssh to the host as root or myadmin (plus “sudo -i” to become root). We need to modify the networking config in /etc/network/interfaces to setup all the masquerading jazz. Make a back up of your interfaces file first and note the public IP address that is in there (I’m gonna use aaa.bbb.ccc.ddd as my public address here). Once you have a backup replace everything in the file with the following:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
        address  aaa.bbb.ccc.ddd
        netmask  255.255.255.0
        gateway  aaa.bbb.ccc.xxx

auto vmbr0
iface vmbr0 inet static
	address 10.10.10.1
	netmask 255.255.255.0
	bridge_ports none
	bridge_stp off
	bridge_fd 0

        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o eth0 -j MASQUERADE
	post-up   iptables -A FORWARD -s '10.10.10.0/24' -o eth0 -j ACCEPT
	post-up   iptables -A FORWARD -d '10.10.10.0/24' -m state --state ESTABLISHED,RELATED -i eth0 -j ACCEPT
        post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o eth0 -j MASQUERADE
	post-down iptables -D FORWARD -s '10.10.10.0/24' -o eth0 -j ACCEPT
	post-down iptables -D FORWARD -d '10.10.10.0/24' -m state --state ESTABLISHED,RELATED -i eth0 -j ACCEPT

So in the above I’m creating a separate private network (10.10.10.0/24) behind the publicly available IP address aaa.bbb.ccc.ddd and am doing some iptables commands to setup masquerading. This is sorta like setting up a home router to share a publicly available IP address you have at home. Once this is in place reboot the host and make sure you can log back into https://aaa.bbb.ccc.ddd:8006/ and get the proxmox interface. If you’re good to go, as next step spin off two Ubuntu containers (I won’t go into details on this…..lots of docs out there for this). Your OperVZ Container confirmation screen should look something like this:

Screen Shot 2014-03-10 at 4.25.05 PM

 

The only really important thing here is that you setup the networking under Network tab as Bridged mode and select vmbr0 as your bridge. Once that’s done ssh back to your host (aaa.bbb.ccc.ddd). Assuming you have two containers 100 and 101, enter one of them by using the vzctl command:

vzctl enter 100

Once inside the container you need to setup the networking. Again the file here is /etc/network/interfaces (assuming you’re container is Ubuntu/Debian flavoured). Backup this file first and replace the content with the following:

# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback

auto eth0
#iface eth0 inet dhcp
iface eth0 inet static
        address  10.10.10.2
        netmask  255.255.255.0
        gateway  10.10.10.1
        dns-nameservers 8.8.8.8
        fns-search      your.real.domain.name.com

Note here that I’m using google’s name server. You can use that or substitute your own “real” name servers. Once you reboot the container and enter it again via the host, you should be able to ping just about any real host (www.google.com, www.yahoo.com or whatever). This gives us a basic NAT running on the host and you just need to increment the IP address (10.10.10.2 in the above case) in the setup of the second container. At this point you should be able to enter either containers and ping something outside.

So the rest of this article describes how to setup a secure reverse proxy using apache on the proxmox host (aaa.bbb.ccc.ddd). This way you can just point arbitrary DNS names at aaa.bbb.ccc.ddd and choose (via apache config) which one of your containers will answer the call. You can even get fancy and have multiple hostnames proxied to the same container and do standard “Name based” virtual hosting inside the container. I will just show the one-to-one proxied connection here. Start by installing apache on the host (apt-get install apache). First we need to activate the proxy module. If you don’t have time to finish this entire procedure DO NOT CONTINUE. Literally in the time it takes to install and configure the proxy, script kiddies will hit your site and use you as a proxy to attack other sites. DO THE PROXY INSTALL AND CONFIG/SECURING PROCEDURE IN ONE SHOT.

Assuming apache is installed go to http://aaa.bbb.ccc.ddd and ensure you’re getting the apache “hello” screen. Now you can enable the three modules needed by issuing the following:

a2enmod proxy
a2enmod proxy_http
a2enmod headers

Once that’s done you need to make some changes to your proxmox hosts default apache config which is in /etc/apache2/sites-available/default. For the sake of completeness I’ve included my entire file here. Compare it to yours and modify accordingly:

# IMPORTANT: YOU NEED THIS
LoadFile /usr/lib/x86_64-linux-gnu/libxml2.so.2

<VirtualHost *:80>
	ServerAdmin webmaster@localhost

	DocumentRoot /var/www
	<Directory />
		Options FollowSymLinks
		AllowOverride None
	</Directory>
	<Directory /var/www/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
	</Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.log

	CustomLog ${APACHE_LOG_DIR}/access.log combined

	# IMPORTANT: YOU NEED THIS
	ProxyRequests Off
	# Block all requests 
	<Proxy *>
	  Order deny,allow
	  Deny from all
	</Proxy>

</VirtualHost>

<VirtualHost *:80>
	ServerName hosta.domain.ca
	RequestHeader set hosta.domain.ca Accept-Encoding
	ProxyPreserveHost On
	ProxyPass / http://10.10.10.2/
	ProxyPassReverse / http://10.10.10.2/
	# IMPORTANT: YOU NEED THIS
	<Proxy *>
	    Order deny,allow
	    Allow from all
	</Proxy>
</VirtualHost>
<VirtualHost *:80>
	ServerName hostb.domain.ca
	RequestHeader set hostb.domain.ca Accept-Encoding
	ProxyPreserveHost On
	ProxyPass / http://10.10.10.3/
	ProxyPassReverse / http://10.10.10.3/
	# IMPORTANT: YOU NEED THIS
	<Proxy *>
	    Order deny,allow
	    Allow from all
	</Proxy>
</VirtualHost>

Pay particular attention to parts that have the comment (# IMPORTANT: YOU NEED THIS)……Guess what…..YOU NEED THIS. The first one loads libxml2 which is needed. The second block of code makes sure you are in reverse proxy mode (not in forward proxy) and makes sure the main apache instance can’t be used for proxing. The third and fourth block enable reverse proxy for a particular virtual host name. Now we need to reload apache on our proxmox host and do some testing. Reload apache with (service apache2 reload) and for sanity sake change the index.html file in both containers (under /var/www/index.html) to reflect hosta and hostb. I’ve basically just added the words hosta and hostb to the html file. Register hosta.domain.ca and hostb.domain.ca as “A” fields in your DNS and point them at the IP address of the proxmox host (aaa.bbb.ccc.ddd).

If everything is working properly you should be able to use your browser and point at http://hosta.domain.ca and get the index.html page specific to that container and the same for hostb. At this point you should be more or less good to go. If you need more containers addressable from internet, just keep adding this block of code to the proxmox hosts /etc/apache2/sites-available/default and change the hostname and increment the private IP addresses:


<VirtualHost *:80>
	ServerName hostc.domain.ca
	RequestHeader set hostc.domain.ca Accept-Encoding
	ProxyPreserveHost On
	ProxyPass / http://10.10.10.4/
	ProxyPassReverse / http://10.10.10.4/
	# IMPORTANT: YOU NEED THIS
	<Proxy *>
	    Order deny,allow
	    Allow from all
	</Proxy>
</VirtualHost>

Optionally you can now go back and add a couple more ufw rules to only allow access from a particular IP address space (in my case the university network 141.117.0.0/16)

ufw allow proto tcp from 141.117.0.0/16 to any port 80
ufw deny proto tcp from any to any port 80

Again with this setup — since we’re preserving the request header and are passing it through the proxy back and forth — you can have hostd, hoste, hostf, all point to the same private IP address in the proxy and do a named virtual serving on the apache instance in the particular container, just like a standard named virtual host based setup. Hope this helps…..

Proving the Network is Not the Problem With iperf – Packet Life

datePosted on 15:35, November 24th, 2013 by Many Ayromlou

Proving the Network is Not the Problem With iperf – Packet Life: “When an application fails to perform as expected, the network is often the first thing blamed. I suppose this is because end users typically view the network as the sole limiting factor with regard to throughput, unaware of the intricacies of application, database, and storage performance. For some reason, the burden of proof always seems to fall onto networkers to demonstrate that the network is not at fault before troubleshooting can begin elsewhere. This article demonstrates how to simulate user traffic between two given points on a network and measure the achievable throughput.”

(Via.)

Manipulating the Clipboard from the Command Line

datePosted on 10:15, November 23rd, 2013 by Many Ayromlou

Manipulating the Clipboard from the Command Line: “Copy and Paste are absolute necessities for virtually all computer users, and if you find yourself working in the command line frequently, you’ll want to know how to manipulate the clipboard. The commands pbcopy and pbpaste do exactly what they sound like, copy and paste through the command line. They’re actually quite powerful and you’ll be sure to find them useful the next time you’re hanging out with your bash prompt.”

(Via.)

Notes on getting the most out of Screenly OSE for Raspberry Pi

datePosted on 16:53, November 21st, 2013 by Many Ayromlou

For those that are not familiar, Screenly is a Digital Signage System for the Pi. There is a open source edition of it (OSE) that you can just download and install on your own SD card. I’ve been messing around with it for the past few days and it’s surprisingly simple and powerful. Below are some notes on how to fix various annoyances:

  • ON 1080p SCREENS ONLY!! Normally when you use the web browser portion of Screenly you’ll notice that it does not fill the screen (there is a black border around the screen). The video’s play fine though. For some reason on 1920×1080 screen X windows does not detect the right resolution. To force this you need to modify/uncomment the following lines in config.txt file on the dos partition of the SD card (normally mounted under /boot when the pi is running screenly).
    disable_overscan=1
    hdmi_group=1
    hdmi_mode=16
    
  • mkv files with mp4 essence seem to work fine. I added a new video asset and uploaded the file Tears of steel (HD 720p version) from blender foundation which seems to work once you turn it on. BTW, it takes a long time after the upload progress scroll bar reaches the end to actually get a Asset entry on the web interface. You need to be patient.
  • After playing around with http streaming of mp4 files (i.e: you create a URL asset and use the mp4 URL in the asset URL field and set the asset type to video), I thought about youtube. I’d come across a site in the past that would give you the mp4 direct download URL of any file hosted on youtube (if the mp4 file exists that is). So I dug around a bit and indeed it works. Here is how you go about it:
    • Go and find the youtube video you’re interested in using your browser.Screen Shot 2013-11-21 at 4.45.08 PM
    • Once you get to the video pause playback and change the URL of your browser and substitute ssyoutube instead of youtube (ie: if the video URL is http://youtube.com/djsalkjfklds change it by adding ss in front so the URL reads http://ssyoutube.com/djsalkjfklds) and load that page. Don’t worry about the “Get me out of here page that sometimes comes up” it’s just that if you’re logged into youtube is will use https instead of http. You can take the ‘s’ out if you like. Screen Shot 2013-11-21 at 4.47.54 PM
    • Now on this page (savefrom.net) right click on the mp4 720p (or 1080p if it exists) link and copy the link. Screen Shot 2013-11-21 at 4.49.20 PM
    • Back in the Screenly interface create a new asset and paste the URL you just copied into the Asset URL field and set the Asset Type to Video. Activate the asset and enjoy. Screen Shot 2013-11-21 at 4.52.33 PM
  • To make sure you’re up to date with all the fixes you can ssh to the pi login as pi user and run the “run_upgrade.sh” script in ~pi/screenly/misc folder.
  • The screenly guys have also added the ability to run stunnel on the device and create a tunnel between port 453 on the pi and port 8080 effectively giving you https secured connection. To turn this functionality on you need to run the “enable_ssl.sh” script in ~pi/screenly/misc folder. Don’t worry about the last error in this script. It’s just missing a closing quote mark on a print line.
  • You’ve noticed that there is no mechanism to password protect the Schedule overview page where the carousel is running. It’s a feature that’s on their radar and will land at some point. Until then I needed to somehow restrict access to this page so students/others couldn’t get in there and mess stuff up. So I decided to use the ufw (User Friendly Firewall) command to modify the iptables so that the webserver would only respond to request from a certain subnet. First you need to become root by “sudo -i” from the pi account. Then you can use the following commands to check the rules, delete the unnecessary ones and add the new one to restrict access to the web server. You could do this for ssh port 22 as well if you wanted:
    
    root@screenly:~# ufw status
    Status: active
    
    To                         Action      From
    --                         ------      ----
    22                         ALLOW       Anywhere
    8080/tcp                   ALLOW       Anywhere
    
    root@screenly:~# ufw delete allow 8080/tcp
    root@screenly:~# ufw allow from xx.yy.zz.0/24
    root@screenly:~# ufw status
    Status: active
    
    To                         Action      From
    --                         ------      ----
    22                         ALLOW       Anywhere
    Anywhere                   ALLOW       xx.yy.zz.0/24
    
  • More to come……

Streaming 1080P video using Raspberry Pi (or BeagleBone Black)

datePosted on 21:24, November 9th, 2013 by Many Ayromlou

I’ve finally got this project to a point were I can do a write up on it. The following hardware is needed:

  1. Raspberry Pi 512K version (or BeagleBone Black)
  2. Logitech C920 Webcam
  3. 16 GB micro SDHC card (can probably do it on 8GB too)
  4. Wireless dongle supported by linux (I’m using a TrendNet TEW-645UB which was pretty much plug and play)

The goal of this project is to get the following installed and configured:

  1. CRTMP streaming server
  2. C920 install and config (v4l2), ffmpeg installation, boneCV installation from Derek Molloy’s site
  3. configuring ddclient for dynamic DNS (optional)
  4. putting it all together and creating a webpage with embedded JWplayer to view the stream

UPDATE: Sound works now on BeagleBone Black. On Raspberry you will run into alsa buffer xruns. See below for updated streamVideoRTSP script.

What I still need to figure out is the sound off the camera. At the moment I got buttery smooth 1080P video off the Pi (on wired or wireless connection) running at 5Mb/s but the sound is yet to come.

0) Preparation:

So to prepare you need to get linux installed on your Pi or BBB (BeagleBone Black). I used the latest raspbian for the PI and BeageBone Black Ubuntu Raring 13.04 for BBB. Get it installed onto your SD card. If you use a larger than 8GB SD card you can follow the procedure below to expand the partition from 8GB to whatever your SD card can hold (mine is a 16GB card) (NOTE: almost all commands need to be executed as root so do a sudo -i to start with):

  • Use fdisk to see the partition table
    root@debian-armhf:/# fdisk /dev/mmcblk0
    
    Command (m for help): p
    
    Disk /dev/mmcblk0: 3947 MB, 3947888640 bytes
    4 heads, 16 sectors/track, 120480 cylinders, total 7710720 sectors
    Units = sectors of 1 * 512 = 512 bytes
    Sector size (logical/physical): 512 bytes / 512 bytes
    I/O size (minimum/optimal): 512 bytes / 512 bytes
    Disk identifier: 0x80000000
    
            Device Boot      Start         End      Blocks   Id  System
    /dev/mmcblk0p1   *        2048        4095        1024    1  FAT12
    /dev/mmcblk0p2            4096     3751935     1873920   83  Linux
  • In this case we’re expanding partition 2 by first deleting it and without writing the partition table recreating it to span the entire disk (and then writing the new partition table to SD card). This in effect expands the partition. We will expand the filesystem after reboot.
    Command (m for help): d
    Partition number (1-4): 2
    
    Command (m for help): p
    
    Disk /dev/mmcblk0: 3947 MB, 3947888640 bytes
    4 heads, 16 sectors/track, 120480 cylinders, total 7710720 sectors
    Units = sectors of 1 * 512 = 512 bytes
    Sector size (logical/physical): 512 bytes / 512 bytes
    I/O size (minimum/optimal): 512 bytes / 512 bytes
    Disk identifier: 0x80000000
    
            Device Boot      Start         End      Blocks   Id  System
    /dev/mmcblk0p1   *        2048        4095        1024    1  FAT12
    
    Command (m for help): 
    Command (m for help): n
    Partition type:
       p   primary (1 primary, 0 extended, 3 free)
       e   extended
    Select (default p): p
    Partition number (1-4, default 2): 2
    First sector (4096-7710719, default 4096): 
    Using default value 4096
    Last sector, +sectors or +size{K,M,G} (4096-7710719, default 7710719): 
    Using default value 7710719
    
    Command (m for help): p
    
    Disk /dev/mmcblk0: 3947 MB, 3947888640 bytes
    4 heads, 16 sectors/track, 120480 cylinders, total 7710720 sectors
    Units = sectors of 1 * 512 = 512 bytes
    Sector size (logical/physical): 512 bytes / 512 bytes
    I/O size (minimum/optimal): 512 bytes / 512 bytes
    Disk identifier: 0x80000000
    
            Device Boot      Start         End      Blocks   Id  System
    /dev/mmcblk0p1   *        2048        4095        1024    1  FAT12
    /dev/mmcblk0p2            4096     7710719     3853312   83  Linux
    
    Command (m for help): 
    Command (m for help): w
    
    The partition table has been altered!
    
    Calling ioctl() to re-read partition table.
    
    WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
    The kernel still uses the old table. The new table will be used at
    the next reboot or after you run partprobe(8) or kpartx(8)
    Syncing disks.
    root@debian-armhf:/# reboot
  • Once you’re back from reboot we need to expand the filesystem to cover the new partition. Don’t forget to sudo -i to become root.
    root@debian-armhf:/# df
    Filesystem     1K-blocks   Used Available Use% Mounted on
    rootfs           1811704 740184    977824  44% /
    /dev/root        1811704 740184    977824  44% /
    devtmpfs          253920      0    253920   0% /dev
    tmpfs              50816    216     50600   1% /run
    tmpfs               5120      0      5120   0% /run/lock
    tmpfs             101620      0    101620   0% /run/shm
    /dev/mmcblk0p1      1004    474       530  48% /boot/uboot
    root@debian-armhf:/# 
    
    root@debian-armhf:/# resize2fs /dev/mmcblk0p2 
    resize2fs 1.42.5 (29-Jul-2012)
    Filesystem at /dev/mmcblk0p2 is mounted on /; on-line resizing required
    old_desc_blocks = 1, new_desc_blocks = 1
    The filesystem on /dev/mmcblk0p2 is now 963328 blocks long.
    
    root@debian-armhf:/# df
    Filesystem     1K-blocks   Used Available Use% Mounted on
    rootfs           3761680 741096   2851404  21% /
    /dev/root        3761680 741096   2851404  21% /
    devtmpfs          253920      0    253920   0% /dev
    tmpfs              50816    216     50600   1% /run
    tmpfs               5120      0      5120   0% /run/lock
    tmpfs             101620      0    101620   0% /run/shm
    /dev/mmcblk0p1      1004    474       530  48% /boot/uboot
    root@debian-armhf:/# 

1) CRTMP Server installation

CRTMP server is a streaming media server very similar to wowza. I use this to point ffmpeg at and to get playback on JWplayer. Grab the source code and follow the instructions for installing it on Ubuntu from http://wiki.rtmpd.com/quickbuild. You will need to create your build environment before you start building so do the command below to setup your environment and get the prerequisites installed:

  • Install needed packages
    root@ubuntu-armhf:/# apt-get install g++ subversion cmake make libssl-dev
  • Run these two additional commands
    root@ubuntu-armhf:/# apt-get install libcurl4-openssl-dev pkg-config
    root@ubuntu-armhf:/# pkg-config openssl --cflags --libs
  • Make sure that the last commands output was “-lssl -lcrypto”
  • Fetch the latest repo version of CRTMP
    cd /opt
    svn co --username anonymous --password "" https://svn.rtmpd.com/crtmpserver/trunk crtmpserver
    cd /crtmpserver/builders/cmake/cmake_find_modules
  • Edit the file Find_openssl.cmake and add the following path to the PATHS section of ssl, crypto and z sections above /usr/lib64 line:
    /usr/lib/arm-linux-gnueabihf
  • Edit the file Find_pcap.cmake and add the following path to the PATHS section of pcap sections above /usr/lib64 line:
    /usr/lib/arm-linux-gnueabihf
  • Edit the file Find_dl.cmake and add the following path to the PATHS section of dl sections above /usr/lib64 line:
    /usr/lib/arm-linux-gnueabihf
  • Edit the file Find_lua.cmake and add the following path to the PATHS section of lua sections above /usr/lib64 line:
    /usr/lib/arm-linux-gnueabihf
  • Might have to do this if locale is giving you grief (Note: I’ve picked en_CA since I live in Canada, you need to pick the right one for your country/region):
    root@ubuntu-armhf:/opt/crtmpserver/builders/cmake/cmake_find_modules# sudo locale-gen en_CA en_CA.UTF-8
    
    Generating locales...
    
    en_CA.ISO-8859-1... done
    
    en_CA.UTF-8... done
    
    Generation complete.
    
    root@ubuntu-armhf:/opt/crtmpserver/builders/cmake/cmake_find_modules# dpkg-reconfigure locales
    
    Generating locales...
    
    en_CA.ISO-8859-1... up-to-date
    
    en_CA.UTF-8... up-to-date
    
    en_US.UTF-8... done
    
    Generation complete.
  • Start building crtmp
    root@ubuntu-armhf:/opt/crtmpserver/builders/cmake# ./run
    
  • This process will take a while……go have a couple of coffee’s and/or snacks

Once this process is finished you’ll end up with the executable in /opt/crtmpserver/builders/cmake/crtmpserver, but that’s not how you run it. First you need a config file — you can edit crtmpserver.lua in /opt/crtmpserver/builders/cmake/crtmpserver or save a copy of the original and create a new one with the content from below (I’ve just cleaned up the original a tiny bit).

-- Start of the configuration. This is the only node in the config file. 
-- The rest of them are sub-nodes
configuration=
{
	-- if true, the server will run as a daemon.
	-- NOTE: all console appenders will be ignored if this is a daemon
	daemon=false,
	-- the OS's path separator. Used in composing paths
	pathSeparator="/",

	-- this is the place where all the logging facilities are setted up
	-- you can add/remove any number of locations

	logAppenders=
	{
		{
			-- name of the appender. Not too important, but is mandatory
			name="console appender",
			-- type of the appender. We can have the following values:
			-- console, coloredConsole and file
			-- NOTE: console appenders will be ignored if we run the server
			-- as a daemon
			type="coloredConsole",
			-- the level of logging. 6 is the FINEST message, 0 is FATAL message.
			-- The appender will "catch" all the messages below or equal to this level
			-- bigger the level, more messages are recorded
			level=6
		},
		{
			name="file appender",
			type="file",
			level=6,
			-- the file where the log messages are going to land
			fileName="/tmp/crtmpserver",
			--newLineCharacters="\r\n",
			fileHistorySize=10,
			fileLength=1024*256,
			singleLine=true
		}
	},

	-- this node holds all the RTMP applications
	applications=
	{
		-- this is the root directory of all applications
		-- usually this is relative to the binary execuable
		rootDirectory="applications",

		--this is where the applications array starts
		{
			-- The name of the application. It is mandatory and must be unique 
			name="appselector",
			-- Short description of the application. Optional
			description="Application for selecting the rest of the applications",

			-- The type of the application. Possible values are:
			-- dynamiclinklibrary - the application is a shared library
			protocol="dynamiclinklibrary",
			-- the complete path to the library. This is optional. If not provided, 
			-- the server will try to load the library from here
			-- //lib.{so|dll|dylib}
			-- library="/some/path/to/some/shared/library.so"

			-- Tells the server to validate the clien's handshake before going further. 
			-- It is optional, defaulted to true
			validateHandshake=false,
			-- this is the folder from where the current application gets it's content.
			-- It is optional. If not specified, it will be defaulted to:
			-- //mediaFolder
			-- mediaFolder="/some/directory/where/media/files/are/stored"
			-- the application will also be known by that names. It is optional
			--aliases=
			--{
			--	"simpleLive",
			--	"vod",
			--	"live",
			--},
			-- This flag designates the default application. The default application
			-- is responsable of analyzing the "connect" request and distribute 
			-- the future connection to the correct application.
			default=true,
			acceptors = 
			{
				{
					ip="0.0.0.0",
					port=1935,
					protocol="inboundRtmp"
				},
				{
					ip="0.0.0.0",
					port=8081,
					protocol="inboundRtmps",
					sslKey="server.key",
					sslCert="server.crt"
				},
				{
					ip="0.0.0.0",
					port=8080,
					protocol="inboundRtmpt"
                },
			}
		},
		{
			description="FLV Playback Sample",
			name="flvplayback",
			protocol="dynamiclinklibrary",
			aliases=
			{
				"simpleLive",
				"vod",
				"live",
				"WeeklyQuest",
				"SOSample",
				"oflaDemo",
			},
			acceptors = 
			{
				{
					ip="0.0.0.0",
					port=6666,
					protocol="inboundLiveFlv",
					waitForMetadata=true,
				},
				{
					ip="0.0.0.0",
					port=9999,
					protocol="inboundTcpTs"
				},
				{
					ip="0.0.0.0",
					port=10000,
					protocol="inboundUdpTs"
				},
				--[[{
					ip="0.0.0.0",
					port=7654,
					protocol="inboundRawHttpStream",
					crossDomainFile="/tmp/crossdomain.xml"
				}, ]]--
				{
					ip="0.0.0.0",
					port=554,
					protocol="inboundRtsp"
				},
			},
			externalStreams = 
			{
				--[[
				{
					uri="rtsp://fms20.mediadirect.ro/live2/realitatea/realitatea",
					localStreamName="rtsp_test",
					forceTcp=true
				},
				{
					uri="rtmp://edge01.fms.dutchview.nl/botr/bunny",
					localStreamName="rtmp_test",
					swfUrl="http://www.example.com/example.swf",
					pageUrl="http://www.example.com/",
					tcUrl="rtmp://edge01.fms.dutchview.nl/botr/bunny", --this one is usually required and should have the same value as the uri
					emulateUserAgent="MAC 10,1,82,76",
				}
				{
                        		uri="rtsp://animalhousenc.dvrdns.org:554/streaming/channels/0",
                        		localStreamName="PoolSide",
                        		forceTcp=true
                		},
               		 	{
                       			 uri="rtsp://animalhousenc.dvrdns.org:556/streaming/channels/0",
                       			 localStreamName="BoneYard",
                       			 forceTcp=true
                		},
                		{
                       			 uri="rtsp://animalhousenc.dvrdns.org:557/streaming/channels/0",
                       			 localStreamName="BigPool",
                       			 forceTcp=true
                		},
               		 	{
                       			 uri="rtsp://192.168.1.186:554/mpeg4/media.amp?videocodec=h264&streamprofile=high",
                       			 localStreamName="nerd",
                       			 forceTcp=true
                		}, 
               		 	{
                       			 uri="rtsp://192.168.1.190:554/0",
                       			 localStreamName="leopard",
                       			 forceTcp=true
                		}, ]]--
			},
			validateHandshake=false,
			--enableCheckBandwidth=true,
			--[[authentication=
			{
				rtmp={
					type="adobe",
					encoderAgents=
					{
						"FMLE/3.0 (compatible; FMSc/1.0)",
						"My user agent",
					},
					usersFile="users.lua"
				},
				rtsp={
					usersFile="users.lua"
				}
			}, --]]
			mediaStorage = {
			--[[	namedStorage1={
					--this storage contains all properties with their
					--default values. The only mandatory property is
					--mediaFolder
					description="Some storage",
					mediaFolder="/Volumes/Storage/media/",
					metaFolder="/tmp/metadata",
					enableStats=false,
					clientSideBuffer=15,
					keyframeSeek=false,
					seekGranularity=0.1,
				},
				namedStorage2={
					mediaFolder="/Volumes/Storage/media/mp4",
					metaFolder="/tmp/metadata",
					seekGranularity=0.2,
					enableStats=true,
				},
				namedStorage3={
					mediaFolder="/Volumes/Storage/media/flv",
					metaFolder="/tmp/metadata",
				},
				{
					--this one doesn't have a name
					mediaFolder="/Volumes/Storage/media/mp3",
				} --]]
			},
		},
		{
			name="samplefactory",
			description="asdsadasdsa",
			protocol="dynamiclinklibrary",
			aliases=
			{
				"httpOutboundTest"
			},
			acceptors = 
			{
				{
					ip="0.0.0.0",
					port=8989,
					protocol="httpEchoProtocol"
				},
				{
					ip="0.0.0.0",
					port=8988,
					protocol="echoProtocol"
				}
			},
			validateHandshake=false,
			--default=true,
		},
		{
			name="vptests",
			description="Variant protocol tests",
			protocol="dynamiclinklibrary",
			aliases=
			{
				"vptests_alias1",
				"vptests_alias2",
				"vptests_alias3",
			},
			acceptors = 
			{
				{
					ip="0.0.0.0",
					port=1111,
					protocol="inboundHttpXmlVariant"
				}
			},
			validateHandshake=false,
			--default=true,
		},
		{
			name="admin",
			description="Application for administering",
			protocol="dynamiclinklibrary",
			aliases=
			{
				"admin_alias1",
				"admin_alias2",
				"admin_alias3",
			},
			acceptors = 
			{
				{
					ip="0.0.0.0",
					port=1112,
					protocol="inboundJsonCli",
					useLengthPadding=true
				},
			},
			validateHandshake=false,
			--default=true,
		},
		{
			name="proxypublish",
			description="Application for forwarding streams to another RTMP server",
			protocol="dynamiclinklibrary",
			acceptors =
			{
				{	
					ip="0.0.0.0",
					port=6665,
					protocol="inboundLiveFlv"
				},
			},
			abortOnConnectError=true,
			targetServers = 
			{
				--[[{
					targetUri="rtmp://x.xxxxxxx.fme.ustream.tv/ustreamVideo/xxxxxxx",
					targetStreamName="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
					localStreamName="stream1",
					emulateUserAgent="FMLE/3.0 (compatible; FMSc/1.0 http://www.rtmpd.com)"
				}]]--,
				--[[{
					targetUri="rtmp://gigi:spaima@localhost/vod",
					targetStreamType="live", -- (live, record or append)
					emulateUserAgent="My user agent",
					localStreamName="stream1",
					keepAlive=true
				},]]--
			},
			externalStreams = 
			{
				--[[{
					uri="rtsp://fms20.mediadirect.ro/live2/realitatea/realitatea",
					localStreamName="stream1",
					forceTcp=true,
					keepAlive=true
				},]]--
			},
			validateHandshake=false,
			--default=true,
		},
		{
			name="stresstest",
			description="Application for stressing a streaming server",
			protocol="dynamiclinklibrary",
			targetServer="localhost",
			targetApp="vod",
			active=false,
			--[[streams = 
			{
				"lg00","lg01","lg02","lg03","lg04","lg05","lg06","lg07","lg08",
				"lg09","lg10","lg11","lg12","lg13","lg14","lg15","lg16","lg17",
				"lg18","lg19","lg20","lg21","lg22","lg23","lg24","lg25","lg26",
				"lg27","lg28","lg29","lg30","lg31","lg32","lg33","lg34","lg35",
				"lg36","lg37","lg38","lg39","lg40","lg41","lg42","lg43","lg44",
				"lg45","lg46","lg47","lg48","lg49"
			},]]--
			streams = 
			{
				"mp4:lg.mp4"
			},
			numberOfConnections=10,
			randomAccessStreams=false
		},
		--[[{
			name="vmapp",
			description="An application demonstrating the use of virtual machines",
			protocol="dynamiclinklibrary",
			vmType="lua",
			script="flvplayback.lua",
			aliases=
			{
				"flvplayback1",
				"vod1"
			},
			acceptors=
			{
				{
					ip="0.0.0.0",
					port=6544,
					protocol="inboundTcpTs"
				}
			}
		},]]--
		--#INSERTION_MARKER# DO NOT REMOVE THIS. USED BY appscaffold SCRIPT.
	}
}

Once you have this saved (or modified yours to look like this you can go ahead and try to start the server with the following command (NOTE: you need to be in the cmake directory (rather than crtmpserver) and reference the files with partial paths……not sure why…..something to do with cmake base directory).

cd /opt/crtmpserver/builders/cmake/
./crtmpserver/crtmpserver ./crtmpserver/crtmpserver.lua

You should get output similar this this

/crtmpserver/src/crtmpserver.cpp:216 C++ RTMP Media Server (www.rtmpd.com) version 1.1_rc1 build 808 - Gladiator - (built on 2013-09-28T21:19:24.000)
/crtmpserver/src/crtmpserver.cpp:219 OS files descriptors count limits: 4096/4096
/crtmpserver/src/crtmpserver.cpp:221 Initialize I/O handlers manager: epoll without timerfd_XXXX support
/crtmpserver/src/crtmpserver.cpp:224 Configure modules
/crtmpserver/src/crtmpserver.cpp:230 Plug in the default protocol factory
/crtmpserver/src/crtmpserver.cpp:237 Configure factories
/thelib/src/configuration/module.cpp:97 Loaded factory from application samplefactory
/crtmpserver/src/crtmpserver.cpp:243 Configure acceptors
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 0->1 IOHT_ACCEPTOR
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 1->2 IOHT_ACCEPTOR
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 2->3 IOHT_ACCEPTOR
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 3->4 IOHT_ACCEPTOR
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 4->5 IOHT_ACCEPTOR
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 5->6 IOHT_ACCEPTOR
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 6->7 IOHT_UDP_CARRIER
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 7->8 IOHT_ACCEPTOR
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 8->9 IOHT_ACCEPTOR
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 9->10 IOHT_ACCEPTOR
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 10->11 IOHT_ACCEPTOR
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 11->12 IOHT_ACCEPTOR
/crtmpserver/src/crtmpserver.cpp:249 Configure instances
/crtmpserver/src/crtmpserver.cpp:255 Start I/O handlers manager: epoll without timerfd_XXXX support
/crtmpserver/src/crtmpserver.cpp:258 Configure applications
/thelib/src/configuration/module.cpp:177 Application admin instantiated
/thelib/src/configuration/module.cpp:177 Application appselector instantiated
/thelib/src/configuration/module.cpp:177 Application flvplayback instantiated
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 12->13 IOHT_TIMER
/thelib/src/configuration/module.cpp:177 Application proxypublish instantiated
/thelib/src/netio/epoll/iohandlermanager.cpp:120 Handlers count changed: 13->14 IOHT_TIMER
/thelib/src/configuration/module.cpp:177 Application samplefactory instantiated
/thelib/src/configuration/module.cpp:177 Application stresstest instantiated
/thelib/src/configuration/module.cpp:177 Application vptests instantiated
/crtmpserver/src/crtmpserver.cpp:264 Install the quit signal
/crtmpserver/src/crtmpserver.cpp:275 
+-----------------------------------------------------------------------------+
|                                                                     Services|
+---+---------------+-----+-------------------------+-------------------------+
| c |      ip       | port|   protocol stack name   |     application name    |
+---+---------------+-----+-------------------------+-------------------------+
|tcp|        0.0.0.0| 1112|           inboundJsonCli|                    admin|
+---+---------------+-----+-------------------------+-------------------------+
|tcp|        0.0.0.0| 1935|              inboundRtmp|              appselector|
+---+---------------+-----+-------------------------+-------------------------+
|tcp|        0.0.0.0| 8081|             inboundRtmps|              appselector|
+---+---------------+-----+-------------------------+-------------------------+
|tcp|        0.0.0.0| 8080|             inboundRtmpt|              appselector|
+---+---------------+-----+-------------------------+-------------------------+
|tcp|        0.0.0.0| 6666|           inboundLiveFlv|              flvplayback|
+---+---------------+-----+-------------------------+-------------------------+
|tcp|        0.0.0.0| 9999|             inboundTcpTs|              flvplayback|
+---+---------------+-----+-------------------------+-------------------------+
|udp|        0.0.0.0|10000|             inboundUdpTs|              flvplayback|
+---+---------------+-----+-------------------------+-------------------------+
|tcp|        0.0.0.0|  554|              inboundRtsp|              flvplayback|
+---+---------------+-----+-------------------------+-------------------------+
|tcp|        0.0.0.0| 6665|           inboundLiveFlv|             proxypublish|
+---+---------------+-----+-------------------------+-------------------------+
|tcp|        0.0.0.0| 8989|         httpEchoProtocol|            samplefactory|
+---+---------------+-----+-------------------------+-------------------------+
|tcp|        0.0.0.0| 8988|             echoProtocol|            samplefactory|
+---+---------------+-----+-------------------------+-------------------------+
|tcp|        0.0.0.0| 1111|    inboundHttpXmlVariant|                  vptests|
+---+---------------+-----+-------------------------+-------------------------+
/crtmpserver/src/crtmpserver.cpp:276 GO! GO! GO! (2368)

So far so good……the server is up and running now. You can stop it using Ctrl-C. Lets continue…….

2) C920 install and config (v4l2), ffmpeg installation, boneCV installation from Derek Molloy’s site

Logitec C920 is a really nice camera. Bit on the expensive side, but incredibly capable as we’ll see. I came across a post from Derek Molloy where he talks about UDP streaming h.264 streams off the C920 using a beagle board. That’s when I discovered the magic of this little camera. You see, the camera can provide image data via usb just like any other camera, but it also has the built in capability of producing a 3.5 Mb/s CBR video stream encoded in h.264 in either 640×480, 1280×720 or 1920×1080. I literally jumped out of my seat when I read this and picked one up from the local Best Buy (about $100). So now to get this signal in we need some of the tools that come with v4l (video4linux) utility package. Here is how you go about it:

  • First we need to install v4l-utils, ffmpeg and git (need git to grab the code in next step)
    apt-get install v4l-utils ffmpeg git
  • Then we need to pull down some code Derek has modified (and or written) from his git repo
    cd /opt
    git clone git://github.com/derekmolloy/boneCV
    
  • Next we need to get into the boneCV directory and recompile Derek’s capture.c program
    cd /opt/boneCV
    gcc -o capture capture.c
  • Now that we have the fresh capture program maybe we should stop and let me explain. capture.c is a V4L2 video capture example, modified by Derek Molloy for the Logitech C920 camera. He’s added the -F mode for H264 capture and associated help detail, plus an option to allow capture to capture infinite number of frames. Before we continue to the next step it’s worth trying to visualize the chain we’re trying to create. Capture (capture.c) will be called to put the camera in -F mode (1080p h.264 pre-encoded 3.5Mb/s CBR stream over USB) and to continuously pass the frames to a pipe which will feed avconv (a program that comes with ffmpeg) that will not touch the video encoding of the file but will transmit it to a RTSP destination (our crtmp streaming server). Once the stream is runnning we will use JWplayer to view the RTMP stream. The reason I decided to use JWplayer is that various incarnations of VLC say they support RTMP, but their implementation is really bad. For the longest time while using VLC to view the stream (I think it was version 2.1.x and 2.2.x nightly builds) I had freezes and breakups in the stream and I thought the poor Pi was not doing it’s job. NO, it was the player, the Pi (and Beagle Board Black) worked wonderfully. So now we need to modify the streamVideoRTSP file Derek has to look like the following (might want to save the original as .bak or something).
    #!/bin/bash
    echo "Video Streaming for the Beaglebone - derekmolloy.ie"
    echo "Piping the output of capture to avconv"
    #1080P mode 
    v4l2-ctl --set-fmt-video=width=1920,height=1080,pixelformat=1
    #720P mode
    #v4l2-ctl --set-fmt-video=width=1280,height=720,pixelformat=1
    
    # Pipe the output of capture into avconv/ffmpeg
    # capture "-F"   My H264 passthrough mode
    #         "-o"   Output the video (to be passed to avconv via pipe)
    #         "-c0"  Capture 0 frames, which means infinite frames in my program
    # avconv "-i -"  Take the input from the pipe
    #        "-vcodec copy" Do not transcode the video
    
    #1080P mode
    ./capture -F -o -c0|avconv -re -i - -f alsa -ac 2 -i hw:1,0 -strict experimental -threads 0 -acodec aac -ab 64k -ac 2 -vcodec copy -f  rtsp -metadata title=teststream rtsp://127.0.01:554/live
    #720P mode
    #./capture -f -o -c0|avconv -re -i - -f alsa -ac 2 -i hw:1,0 -strict experimental -threads 0 -acodec aac -ab 64k -ac 2 -vcodec copy -f  rtsp -metadata title=teststream rtsp://127.0.01:554/live
     

3) Configuring ddclient for dynamic DNS (optional)

This is totally optional and has no effect on the final product (makes life a bit simpler). I’m just going to provide the bare minimum explanation and my config. This process is very dependant on your DNS provider (if you have one), my example config is for my provider easydns.com. Your mileage will vary :-).

  • First we need to get ddclient program installed (this is one of dynamic dns tools available in linux)
    apt-get install ddclient
  • Then we need to edit the config file located in /etc called ddclient.conf. Here is mine which is specific for easydns.com. YOU WILL HAVE TO MODIFY THIS TO SUITE YOUR DNS PROVIDER.
    
    # Configuration file for ddclient generated by debconf
    #
    # /etc/ddclient.conf
    # updates internet ip on wired
    protocol=easydns,
    # Use this is you want to register the interface ip address (ie: You're not behind a NAT or you don't care)
    use=if, if=eth0,
    # Use this is you want to register your external ip address (ie: You're behind a NAT and want to register your outside IP address not the internal 192.168.x.x one)
    #use=web, web=checkip.dyndns.com/, web-skip='IP Address' 
    server=members.easydns.com,
    login=easydnsuserid,
    password='easydnspassword',
    hostname.domain.com
    
  • If you’ve enabled two factor authentication on easyDNS (or maybe even if you have not) there is a token that you’ll need to get called “Dynamic Authentication Token”. You can grab yours under the dynamic records page by enabling “Dynamic Authentication Token” and vieing your code. I will use XXXXXXXXXXXXXXXX as my code in the following example (NOTE: server and password clauses need to be changed):
    
    # Configuration file for ddclient generated by debconf
    #
    # /etc/ddclient.conf
    # updates internet ip on wired
    protocol=easydns,
    # Use this is you want to register the interface ip address (ie: You're not behind a NAT or you don't care)
    use=if, if=eth0,
    # Use this is you want to register your external ip address (ie: You're behind a NAT and want to register your outside IP address not the internal 192.168.x.x one)
    #use=web, web=checkip.dyndns.com/, web-skip='IP Address' 
    server=api.cp.easydns.com,
    login=easydnsuserid,
    password='XXXXXXXXXXXXXXXX',
    hostname.domain.com
    
  • Once the config is there we can restart the ddclient service
    service ddclient restart
  • If you want to check/test/debug your ddclient config, first stop the daemon that’s running in the backgroud, start it from command line in forground like below
    service ddclient stop
    ddclient -daemon=0 -debug -verbose -noquiet

4) Putting it all together and creating a webpage with embedded JWplayer to view the stream

So now you need to grab JWplayer (the free version) install it (copy the jwplayer folder) into a folder on your webserver (I copied mine into a folder of my blog server). The main file here is the HTML file that has the specifications for the stream in it. You need to create this to suite your need (ie: if you have dynamic DNS use the DNS name or if you don’t use the IP address of the Pi/BeagleBoard. Your mileage will vary :-).

Screen Shot 2013-11-09 at 4.42.17 PM

The above code is an example you will need to sustitute your own data to get it to work. We need two ssh windows off the Pi (one to run the crtmpserver and the other to start capturing and feeding it via streamVideoRTSP script. So go ahead start crtmp (see above….we did this as a test in step 1) and in the other window start streamVideoRTSP script. Those two windows should look like this:

Screen Shot 2013-11-09 at 4.59.39 PM

That’s pretty much it. If you now load the html file for jwplayer and press play (assuming you’ve done everything correctly) the stream should start playing in about 4-5 seconds. The encoding delay in the entire chain is about 2-3 seconds, the quality (considering it’s a webcam feeding a $35 computer) is really good and given proper power the Pi can steam this 1080p/30 stream without a issue. Just for the fun of it I also (at the same time) tried to feed the crtmp server (on the pi) a seperate quarter rez HD stream (640×360) encoded by ffmpeg on my desktop and yep, no problems (although the Pi is on medium overclocking settings). These RTMP streams can also be very easily scaled by passing them to larger crtmp installations and/or ustream/wowza for rebroadcast. Below you’ll find a bunch of ffmpeg command line entries I used for this second stream and also a quick (optional) write up on how I got the wireless dongle from Trendnet to work and configured from CLI.

./ffmpeg -re -i /Volumes/Qmultimedia/1217209\(73\).avi -vcodec libx264  -b 500000 -s 640x360 -strict experimental -g 25 -me_method zero -acodec aac -ab 96000 -ar 48000 -ac 2 -vbsf h264_mp4toannexb -f mpegts -metadata title=xxx udp://192.168.1.69:10000?pkt_size=1316
./ffmpeg -re -i /Volumes/Qmultimedia/1217209\(73\).avi -vcodec libx264  -b 500000 -s 640x360 -strict experimental -g 25 -me_method zero -acodec aac -ab 96000 -ar 48000 -ac 2 -f flv rtmp://192.168.1.69:1935/live/xxx
./ffmpeg -re -i /Volumes/Qmultimedia/1217209\(73\).avi -vcodec libx264  -b 500000 -s 640x360 -strict experimental -g 25 -me_method zero -acodec aac -ab 96000 -ar 48000 -ac 2 -f rtsp -metadata title=xxx rtsp://192.168.1.69:554/live

For wireless I’m using a TrendNet TEW-645UB which is directly supported under linux. Initially I used wpa_cli to get things configured and once the system was configured I massaged the files a bit. Here is a log of the whole thing:

root@picrtmp:~# lsusb
Bus 001 Device 002: ID 0424:9512 Standard Microsystems Corp. 
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 001 Device 003: ID 0424:ec00 Standard Microsystems Corp. 
Bus 001 Device 004: ID 157e:3013 TRENDnet 
Bus 001 Device 006: ID 046d:082d Logitech, Inc. 
root@picrtmp:~# wpa_cli 
wpa_cli v1.0
Copyright (c) 2004-2012, Jouni Malinen <[email protected]> and contributors

This program is free software. You can distribute it and/or modify it
under the terms of the GNU General Public License version 2.

Alternatively, this software may be distributed under the terms of the
BSD license. See README and COPYING for more details.

Selected interface 'wlan0'

Interactive mode

> scan
OK
CTRL-EVENT-SCAN-RESULTS 
> scan_results
bssid / frequency / signal level / flags / ssid
7c:d1:c3:zz:yy:xx	2411	-50	[WPA2-PSK-CCMP][ESS]	Nerdlogger
7c:d1:c3:zz:yy:xx	2412	-51	[WPA2-PSK-CCMP][ESS]	MaNiAc 2Ghz
8c:7c:b5:zz:yy:xx	2437	-64	[WPA-PSK-CCMP][ESS]	PS3-3313551
> add_network
0
> set_network 0 ssid "Nerdlogger"
OK
> set_network 0 psk "supersecretpassword"
OK
> enable_network 0
OK
> add_network
1
> set_network 1 ssid "MaNiAc 2Ghz"
OK
> set_network 1 psk "supersecretpassword"
OK
> enable_network 1
OK
> save_config
OK
> quit
> 
root@picrtmp:~# iwconfig
wlan0     IEEE 802.11bgn  ESSID:"MaNiAc 2Ghz"  
          Mode:Managed  Frequency:2.412 GHz  Access Point: 7C:D1:C3:CA:0F:7A   
          Bit Rate=43.3 Mb/s   Tx-Power=20 dBm   
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:on
          Link Quality=59/70  Signal level=-51 dBm  
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:1   Missed beacon:0

lo        no wireless extensions.

eth0      no wireless extensions.

root@picrtmp:~# ifconfig
eth0      Link encap:Ethernet  HWaddr b8:27:eb:37:a6:b3  
          inet addr:192.168.1.189  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:10397 errors:0 dropped:1 overruns:0 frame:0
          TX packets:5361 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:726543 (709.5 KiB)  TX bytes:918179 (896.6 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

wlan0     Link encap:Ethernet  HWaddr 00:14:d1:cc:16:d2  
          inet addr:192.168.1.69  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1389 errors:0 dropped:41 overruns:0 frame:0
          TX packets:36 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:466517 (455.5 KiB)  TX bytes:4773 (4.6 KiB)

root@picrtmp:~# cat /etc/network/interfaces 
auto lo

iface lo inet loopback
auto eth0
iface eth0 inet dhcp

auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual
	wpa-driver wext
	wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf

iface default inet dhcp

iface work inet dhcp

iface home inet static
	address 192.168.1.69
	netmask 255.255.255.0
	network 192.168.1.0
	broadcast 192.168.1.255
	gateway 192.168.1.1
	dns-nameservers 192.168.1.1

root@picrtmp:~# cat /etc/wpa_supplicant/wpa_supplicant.conf 
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
	ssid="Nerdlogger"
	psk="supersecretpassword"
	id_str="work"
}

network={
	ssid="MaNiAc 2Ghz"
	psk="supersecretpassword"
	id_str="home"
}

root@picrtmp:~# 

After battling this for about a week I think I’ve got it figured out. You can install all the required packages and get everything to talk to your license server from command line. BTW, before I start, you need to have a functional license server otherwise you can stop reading now. I’m gonna use licserver.com as the domain name of mine, so substitute your DNS name where necessary. Before we start you need to figure out your product codes from the table at the following address:

http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=21481916&linkID=12305695

My products are Maya (657F1), Mudbox (498F1) and my Suite number for ECSU is 793F1. You’ll need these later. Also my base directory (current directory) in these commands is “MacOSX”, there are separate folders for the individual ECSU apps under this folder. First we install Maya:

installer -verbose -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Maya2014.mpkg -target /

Then we create a file named Maya2014.lic in folder /private/var/flexlm and put the following text inside it:

SERVER licserver.com 0 
USE_SERVER

Make sure this file has at least read permission for group and others (mine is 744). Then we create another file named License.env in folder /Applications/Autodesk/maya2014/ and put the following text inside it:

MAYA_LICENSE=unlimited 
MAYA_LICENSE_METHOD=network

Install the standalone adlmgr package (you’ll get errors later if you don’t do this):

installer -pkg ./MacOSX/Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/AdLM_standalone.mpkg -target /

Now comes the fun part of enrolling the serial number into the license manager. Remember the Product code and the Suite code I had you look up earlier, we need them now. In the following command line -i inserts, “N” is for network license type, First Code is the Product code (Maya) and the second code is the Suite code (ECSU in my case). The following command should get the license added (use the proper serial# starting with 379):

adlmreg -i N 657F1 793F1 2014.0.0.F 379-XXXXXXXX /Library/Application\ Support/Autodesk/Adlm/PIT/2014/MayaConfig.pit

If you screw up you can remove the license via this command:

adlmreg -u N 657F1

Next step is optional. When Maya starts it displays a bunch of intro screens. Since my deployment is run by a KACE appliance I need to be able to Pre-disable these popup screens. The following command will let you do that:

/usr/bin/defaults write /Library/Preferences/com.autodesk.MC3Framework MC3Enabled -int 0

Next we need to install all the Optional installs Maya comes with. Some of it is probably already installed by the Maya installer, but I installed them again for good measure. No harm done. Use the following 11 installer commands to install them:

installer -verboseR -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/ADC_docs8.0.pkg -target /
installer -verboseR -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/AutodeskBackburner2014.mpkg -target /
installer -verboseR -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/AutodeskDirectConnect8.0.pkg/ -target /
installer -verboseR -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/Composite2014.pkg -target /
installer -verboseR -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/MatchMover2014.pkg -target /
installer -verboseR -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/Maya_quicktime_components.pkg -target /
installer -verboseR -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/autodesk.backburner.monitor-2014.0_439_i386.pkg -target /
installer -verboseR -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/autodesk.dlcommon.libraries_2014.2-2043.i386.pkg -target /
installer -verboseR -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/autodesk.webentry-1.0-603.i386.pkg -target /
installer -verboseR -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/backburner-2014.0_1635_i386.pkg -target /
installer -verboseR -pkg ./Maya/Install\ Maya\ 2014.app/Contents/Resources/Maya/Additional\ Items/mentalrayForMaya2014.0.pkg -target /

Now check to make sure Maya is working and all the other extra little apps we installed are functional. They should be. If not stop and review. Assuming it’s all working, lets move on and install Mudbox and the last few optional installs. First we need to install Mudbox:

installer -verboseR -pkg ./Mudbox/Install\ Mudbox\ 2014.app/Contents/Resources/Mudbox/Mudbox2014.mpkg/ -target /

Then we need to create the License.env file in /Applications/Autodesk/Mudbox2014/ folder with the following content:

MUDBOX_LICENSE=unlimited 
MUDBOX_LICENSE_METHOD=network

Now comes the fun part of enrolling the serial number into the license manager. Remember the Product code and the Suite code I had you look up earlier, we need them now. In the following command line -i inserts, “N” is for network license type, First Code is the Product code (Mudbox) and the second code is the Suite code (ECSU in my case). The following command should get the license added (use the proper serial# starting with 379):

adlmreg -i N 498F1 793F1 2014.0.0.F 379-XXXXXXXX /Library/Application\ Support/Autodesk/Adlm/PIT/2014/MudboxConfig.pit

If you screw up you can remove the license via this command:

adlmreg -u N 498F1

Only two more install command left to go. These are optional packages that are part of ECSU. Use the following two installer commands to get them installed:

installer -verboseR -pkg ./mentalraySatellite/Install\ mentalraysatellite\ 3.11.1.app/Contents/Resources/mrsat/mrsat3.11.1.mpkg -target /
installer -verboseR -pkg ./SuiteExclusives/Install\ Suite\ Exclusives\ 2014.app/Contents/Resources/Turtle/MayaTurtlePlugIn2014.0.pkg/ -target /

Now you should be able to run Mudbox and pretty much all the other apps that are in Autodesk folder under Applications. Hopefully it all worked out for you. I will try to get a KACE workflow done for this in the next few days. If you’re a KACE user and end up making the workflow before I do, please share :-).

123... 626364Next