Skip to content

Instantly share code, notes, and snippets.

@curtishall
Last active November 10, 2024 00:47
Show Gist options
  • Save curtishall/77b9dd3660511b7e173fbc4647ccfcb3 to your computer and use it in GitHub Desktop.
Save curtishall/77b9dd3660511b7e173fbc4647ccfcb3 to your computer and use it in GitHub Desktop.
rtsp-simple-server ATAK configuration (Linux)

1/10/2024 - I have linked a slightly newer version, still out of date, but I need to test newer versions to make sure there is no configuration changes.

Some users report having to comment out the following, your mileage may vary:

readBufferSize, runOnPublish, runOnPublishRestart, runOnRead, runOnReadRestart

ATAK users change the observer URL in UAS Tool to point to 554 (or whatever port you decide to use)

Download the latest rtsp-simple-server (0.17.13)

wget https://github.com/bluenviron/mediamtx/releases/download/v0.19.0/rtsp-simple-server_v0.19.0_linux_amd64.tar.gz

Extract the binary and a yaml config file

tar -zxvf rtsp-simple-server_v0.19.0_linux_amd64.tar.gz

Copy the binary to /usr/local/bin/

sudo cp rtsp-simple-server /usr/local/bin/rtsp-simple-server

Copy the configuration file to use with ATAK to /usr/local/etc

sudo curl https://gist.githubusercontent.com/curtishall/77b9dd3660511b7e173fbc4647ccfcb3/raw/be64945dcecad80f02e48c7bd763a1a7a3b77920/rtsp-simple-server.yml -o usr/local/etc/rtsp-simple-config.yml

Create a server file

sudo tee /etc/systemd/system/rtsp-simple-server.service >/dev/null << EOF
[Unit]
After=network.target
[Service]
ExecStart=/usr/local/bin/rtsp-simple-server /usr/local/etc/rtsp-simple-config.yml
[Install]
WantedBy=multi-user.target
EOF

Enable the newly created rtsp-simple-server service

sudo systemctl enable rtsp-simple-server

Start rtsp-simple-server and tail syslog to see how things look

sudo systemctl start rtsp-simple-server && tail -f /var/log/syslog

In ATAK UAS Tool use the following Network Preferences:

  • Video Broadcast Type: Wowza Video
  • Destination IP Address: i.e. - 192.168.86.232
  • Video Destination Port: 554
  • Use SSL: No
  • Video Broadcast Identifier: live/ATAK

(The live/ATAK can be changed, but make sure to not put an ending slash)

Then try to broadcast video, you should see this in /var/log/syslog:

Jan 12 23:55:41 rtsp-atak rtsp-simple-server[17053]: 2022/01/12 23:55:41 INF [RTSP] [conn 192.168.86.60:52250] opened Jan 12 23:55:41 rtsp-atak rtsp-simple-server[17053]: 2022/01/12 23:55:41 INF [RTSP] [session 343057601] opened by 192.168.86.60:52250 Jan 12 23:55:41 rtsp-atak rtsp-simple-server[17053]: 2022/01/12 23:55:41 INF [RTSP] [session 343057601] is publishing to path 'live/ATAK', 1 track with TCP

Then test with VLC -> Open Network Stream, adjust path name according:

rtsp://ipaddress:554/live/ATAK

HLS instructions coming soon.

###############################################
# General parameters
# sets the verbosity of the program; available values are "error", "warn", "info", "debug".
logLevel: info
# destinations of log messages; available values are "stdout", "file" and "syslog".
logDestinations: [stdout]
# if "file" is in logDestinations, this is the file which will receive the logs.
logFile: /tmp/rtsp-simple-server.log
# timeout of read operations.
readTimeout: 10s
# timeout of write operations.
writeTimeout: 10s
# number of read buffers.
# a higher number allows a higher throughput,
# a lower number allows to save RAM.
readBufferCount: 512
# enable the HTTP API.
api: yes
# address of the API listener.
apiAddress: 0.0.0.0:9997
# enable Prometheus-compatible metrics.
metrics: no
# address of the metrics listener.
metricsAddress: 127.0.0.1:9998
# enable pprof-compatible endpoint to monitor performances.
pprof: no
# address of the pprof listener.
pprofAddress: 127.0.0.1:9999
# command to run when a client connects to the server.
# this is terminated with SIGINT when a client disconnects from the server.
# the server port is available in the RTSP_PORT variable.
runOnConnect:
# the restart parameter allows to restart the command if it exits suddenly.
runOnConnectRestart: no
###############################################
# RTSP parameters
# disable support for the RTSP protocol.
rtspDisable: no
# supported RTSP transport protocols.
# UDP is the most performant, but doesn't work when there's a NAT/firewall between
# server and clients, and doesn't support encryption.
# UDP-multicast allows to save bandwidth when clients are all in the same LAN.
# TCP is the most versatile, and does support encryption.
# The handshake is always performed with TCP.
protocols: [tcp, udp]
# encrypt handshake and TCP streams with TLS (RTSPS).
# available values are "no", "strict", "optional".
encryption: "no"
# address of the TCP/RTSP listener. This is needed only when encryption is "no" or "optional".
rtspAddress: :554
# address of the TCP/TLS/RTSPS listener. This is needed only when encryption is "strict" or "optional".
rtspsAddress: :8555
# address of the UDP/RTP listener. This is needed only when "udp" is in protocols.
rtpAddress: :8000
# address of the UDP/RTCP listener. This is needed only when "udp" is in protocols.
rtcpAddress: :8001
# IP range of all UDP-multicast listeners. This is needed only when "multicast" is in protocols.
multicastIPRange: 224.1.0.0/16
# port of all UDP-multicast/RTP listeners. This is needed only when "multicast" is in protocols.
multicastRTPPort: 8002
# port of all UDP-multicast/RTCP listeners. This is needed only when "multicast" is in protocols.
multicastRTCPPort: 8003
# path to the server key. This is needed only when encryption is "strict" or "optional".
# this can be generated with:
# openssl genrsa -out server.key 2048
# openssl req -new -x509 -sha256 -key server.key -out server.crt -days 3650
serverKey: server.key
# path to the server certificate. This is needed only when encryption is "strict" or "optional".
serverCert: server.crt
# authentication methods.
authMethods: [basic, digest]
# read buffer size.
# this doesn't influence throughput and shouldn't be touched unless the server
# reports errors about the buffer size.
readBufferSize: 2048
###############################################
# RTMP parameters
# disable support for the RTMP protocol.
rtmpDisable: no
# address of the RTMP listener.
rtmpAddress: :1935
###############################################
# HLS parameters
# disable support for the HLS protocol.
hlsDisable: no
# address of the HLS listener.
hlsAddress: :8888
# by default, HLS is generated only when requested by a user;
# this option allows to generate it always, avoiding an initial delay.
hlsAlwaysRemux: no
# number of HLS segments to generate.
# increasing segments allows more buffering,
# decreasing segments decreases latency.
hlsSegmentCount: 3
# minimum duration of each segment.
# the final segment duration is also influenced by the interval between IDR frames,
# since the server changes the segment duration to include at least a IDR frame in each one.
hlsSegmentDuration: 1s
# value of the Access-Control-Allow-Origin header provided in every HTTP response.
# This allows to play the HLS stream from an external website.
hlsAllowOrigin: '*'
###############################################
# Path parameters
# these settings are path-dependent.
# it's possible to use regular expressions by using a tilde as prefix.
# for example, "~^(test1|test2)$" will match both "test1" and "test2".
# for example, "~^prefix" will match all paths that start with "prefix".
# the settings under the path "all" are applied to all paths that do not match
# another entry.
paths:
all:
# source of the stream - this can be:
# * publisher -> the stream is published by a RTSP or RTMP client
# * rtsp://existing-url -> the stream is pulled from another RTSP server
# * rtsps://existing-url -> the stream is pulled from another RTSP server with RTSPS
# * rtmp://existing-url -> the stream is pulled from another RTMP server
# * http://existing-url/stream.m3u8 -> the stream is pulled from another HLS server
# * https://existing-url/stream.m3u8 -> the stream is pulled from another HLS server with HTTPS
# * redirect -> the stream is provided by another path or server
source: publisher
# if the source is an RTSP or RTSPS URL, this is the protocol that will be used to
# pull the stream. available values are "automatic", "udp", "multicast", "tcp".
# the TCP protocol can help to overcome the error "no UDP packets received recently".
sourceProtocol: automatic
# if the source is an RTSP or RTSPS URL, this allows to support sources that
# don't provide server ports or use random server ports. This is a security issue
# and must be used only when interacting with sources that require it.
sourceAnyPortEnable: no
# if the source is a RTSPS or HTTPS URL, and the source certificate is self-signed
# or invalid, you can provide the fingerprint of the certificate in order to
# validate it anyway.
# the fingerprint can be obtained by running:
# openssl s_client -connect source_ip:source_port </dev/null 2>/dev/null | sed -n '/BEGIN/,/END/p' > server.crt
# openssl x509 -in server.crt -noout -fingerprint -sha256 | cut -d "=" -f2 | tr -d ':'
sourceFingerprint:
# if the source is an RTSP or RTMP URL, it will be pulled only when at least
# one reader is connected, saving bandwidth.
sourceOnDemand: no
# if sourceOnDemand is "yes", readers will be put on hold until the source is
# ready or until this amount of time has passed.
sourceOnDemandStartTimeout: 10s
# if sourceOnDemand is "yes", the source will be closed when there are no
# readers connected and this amount of time has passed.
sourceOnDemandCloseAfter: 10s
# if the source is "redirect", this is the RTSP URL which clients will be
# redirected to.
sourceRedirect:
# if the source is "publisher" and a client is publishing, do not allow another
# client to disconnect the former and publish in its place.
disablePublisherOverride: no
# if the source is "publisher" and no one is publishing, redirect readers to this
# path. It can be can be a relative path (i.e. /otherstream) or an absolute RTSP URL.
fallback:
# username required to publish.
# sha256-hashed values can be inserted with the "sha256:" prefix.
publishUser:
# password required to publish.
# sha256-hashed values can be inserted with the "sha256:" prefix.
publishPass:
# ips or networks (x.x.x.x/24) allowed to publish.
publishIPs: []
# username required to read.
# sha256-hashed values can be inserted with the "sha256:" prefix.
readUser:
# password required to read.
# sha256-hashed values can be inserted with the "sha256:" prefix.
readPass:
# ips or networks (x.x.x.x/24) allowed to read.
readIPs: []
# command to run when this path is initialized.
# this can be used to publish a stream and keep it always opened.
# this is terminated with SIGINT when the program closes.
# the path name is available in the RTSP_PATH variable.
# the server port is available in the RTSP_PORT variable.
runOnInit:
# the restart parameter allows to restart the command if it exits suddenly.
runOnInitRestart: no
# command to run when this path is requested.
# this can be used to publish a stream on demand.
# this is terminated with SIGINT when the path is not requested anymore.
# the path name is available in the RTSP_PATH variable.
# the server port is available in the RTSP_PORT variable.
runOnDemand:
# the restart parameter allows to restart the command if it exits suddenly.
runOnDemandRestart: no
# readers will be put on hold until the runOnDemand command starts publishing
# or until this amount of time has passed.
runOnDemandStartTimeout: 10s
# the runOnDemand command will be closed when there are no
# readers connected and this amount of time has passed.
runOnDemandCloseAfter: 10s
# command to run when a client starts publishing.
# this is terminated with SIGINT when a client stops publishing.
# the path name is available in the RTSP_PATH variable.
# the server port is available in the RTSP_PORT variable.
runOnPublish:
# the restart parameter allows to restart the command if it exits suddenly.
runOnPublishRestart: no
# command to run when a clients starts reading.
# this is terminated with SIGINT when a client stops reading.
# the path name is available in the RTSP_PATH variable.
# the server port is available in the RTSP_PORT variable.
runOnRead:
# the restart parameter allows to restart the command if it exits suddenly.
runOnReadRestart: no
@Maxime-Favier
Copy link

Maxime-Favier commented Mar 23, 2023

the command to download the config file should be

sudo curl https://gist.githubusercontent.com/curtishall/77b9dd3660511b7e173fbc4647ccfcb3/raw/be64945dcecad80f02e48c7bd763a1a7a3b77920/rtsp-simple-server.yml -o usr/local/etc/rtsp-simple-config.yml

otherwise it download the HTML source code of the page instead of the raw text

@curtishall
Copy link
Author

Thanks, I made the changes

@GR1M144
Copy link

GR1M144 commented Feb 11, 2024

How exactly is the "create a server file" supposed to work? The tail function isn't working when trying to start the server.

[admin@localhost ~]$ sudo systemctl start rtsp-simple-server && tail -f /var/log/syslog
tail: cannot open '/var/log/syslog' for reading: No such file or directory
tail: no files remaining

and when I check status i get this:

[admin@localhost ~]$ sudo systemctl status rtsp-simple-server
● rtsp-simple-server.service
Loaded: loaded (/etc/systemd/system/rtsp-simple-server.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Sat 2024-02-10 19:50:40 EST; 37s ago
Process: 147692 ExecStart=/usr/local/bin/rtsp-simple-server /usr/local/etc/rtsp-simple-config.yml (code=exited, status=1/FAILURE)
Main PID: 147692 (code=exited, status=1/FAILURE)

Feb 10 19:50:40 localhost.localdomain systemd[1]: Started rtsp-simple-server.service.
Feb 10 19:50:40 localhost.localdomain rtsp-simple-server[147692]: ERR: parameter paths, key all: non-existent parameter: 'runOnPublish'
Feb 10 19:50:40 localhost.localdomain systemd[1]: rtsp-simple-server.service: Main process exited, code=exited, status=1/FAILURE
Feb 10 19:50:40 localhost.localdomain systemd[1]: rtsp-simple-server.service: Failed with result 'exit-code'.

@drummerboy5134
Copy link

When i go to this step, Copy the configuration file to use with ATAK to /usr/local/etc, i keep getting Failure writing output to destination. I have looked all over trying to remedy this problem, none of the fixes i found worked. Any ideas?

@GR1M144
Copy link

GR1M144 commented Feb 14, 2024

When i go to this step, Copy the configuration file to use with ATAK to /usr/local/etc, i keep getting Failure writing output to destination. I have looked all over trying to remedy this problem, none of the fixes i found worked. Any ideas?

I can answer this... his command you copy is missing a /

it is written "usr/local/etc/rtsp-simple-config.yml"

it should be "/usr/local/etc/rtsp-simple-config.yml"

@drummerboy5134
Copy link

wow cant believe i didnt catch that. Let me give that a try now. Thank you

@drummerboy5134
Copy link

Seems as if im having problems starting the actual server. Would running this in a virtual computer be the cause of any problems?

@GR1M144
Copy link

GR1M144 commented Feb 14, 2024

Seems as if im having problems starting the actual server. Would running this in a virtual computer be the cause of any problems?

This is the same issue I'm having... I'm running a physical server. I've used his process before, so it may be something else. I just don't remember the "create a server file" part.

@drummerboy5134
Copy link

drummerboy5134 commented Feb 19, 2024

Im trying to run this on a rpi 4 running ubuntu. Cant seem to get it work. I did download the ARM version. im getting this message on the status

yan@ryan:~$ sudo systemctl status rtsp-simple-server
× rtsp-simple-server.service
Loaded: loaded (/etc/systemd/system/rtsp-simple-server.service; enabled; preset: enabled)
Active: failed (Result: exit-code) since Mon 2024-02-19 15:40:18 EST; 7s ago
Duration: 25ms
Process: 9448 ExecStart=/usr/local/bin/rtsp-simple-server /usr/local/etc/rtsp-simple-config.yml (code=exited, status=1/FAILURE)
Main PID: 9448 (code=exited, status=1/FAILURE)
CPU: 25ms

Feb 19 15:40:18 ryan systemd[1]: Started rtsp-simple-server.service.
Feb 19 15:40:18 ryan rtsp-simple-server[9448]: ERR: invalid source: 'publisher'
Feb 19 15:40:18 ryan systemd[1]: rtsp-simple-server.service: Main process exited, code=exited, status=1/FAILURE
Feb 19 15:40:18 ryan systemd[1]: rtsp-simple-server.service: Failed with result 'exit-code'.

@oggiegb
Copy link

oggiegb commented Feb 22, 2024

Has same error:-
Feb 10 19:50:40 localhost.localdomain rtsp-simple-server[147692]: ERR: parameter paths, key all: non-existent parameter: 'runOnPublish'

To get server started I had to comment out following parameters:-
readBufferSize, runOnPublish, runOnPublishRestart

@curtishall
Copy link
Author

I'm sorry...I've been behind on alot of other things and just now catching up on this.

I'll try to make time this weekend to work with the latest versions and get a working configuration.

@GR1M144
Copy link

GR1M144 commented Feb 23, 2024

I'm sorry...I've been behind on alot of other things and just now catching up on this.

I'll try to make time this weekend to work with the latest versions and get a working configuration.

Thanks, you rock 💪

@drummerboy5134
Copy link

I'm sorry...I've been behind on alot of other things and just now catching up on this.

I'll try to make time this weekend to work with the latest versions and get a working configuration.

If possible could you also link a "ARM" file for running on RPI. Thanks

@drummerboy5134
Copy link

I got everything running and everything work fine on network. As soon as I go off my local network I can’t connect the stream from the host or viewing device. Any ideas? Ports open on the router as well.

@GR1M144
Copy link

GR1M144 commented Mar 22, 2024

I'm sorry...I've been behind on alot of other things and just now catching up on this.

I'll try to make time this weekend to work with the latest versions and get a working configuration.

Any chance of an update on this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment