diff --git a/.github/workflows/code_lint.yml b/.github/workflows/lint.yml similarity index 98% rename from .github/workflows/code_lint.yml rename to .github/workflows/lint.yml index 66ba3036..c033a934 100644 --- a/.github/workflows/code_lint.yml +++ b/.github/workflows/lint.yml @@ -1,4 +1,4 @@ -name: code_lint +name: lint on: push: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b3912e45..1edfd33a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -62,8 +62,7 @@ jobs: + `\n` + `## Security\n` + `\n` - + `Binaries are compiled from source through the [Release workflow](https://github.com/${owner}/${repo}/actions/workflows/release.yml?query=branch%3Amain) without human intervention,` - + ` preventing any external interference.\n` + + `Binaries are compiled from source code by the [Release workflow](https://github.com/${owner}/${repo}/actions/workflows/release.yml) without human intervention.\n` + `\n` + 'You can verify that binaries have been produced by the workflow by using [GitHub Attestations](https://docs.github.com/en/actions/concepts/security/artifact-attestations):\n' + `\n` diff --git a/.github/workflows/code_test.yml b/.github/workflows/test.yml similarity index 97% rename from .github/workflows/code_test.yml rename to .github/workflows/test.yml index 7e6f74b0..9d981019 100644 --- a/.github/workflows/code_test.yml +++ b/.github/workflows/test.yml @@ -1,4 +1,4 @@ -name: code_test +name: test on: push: diff --git a/README.md b/README.md index 7fc8b761..c12e5346 100644 --- a/README.md +++ b/README.md @@ -7,8 +7,8 @@
[![Website](https://img.shields.io/badge/website-mediamtx.org-1c94b5)](https://mediamtx.org) - [![Test](https://github.com/bluenviron/mediamtx/actions/workflows/code_test.yml/badge.svg?branch=main)](https://github.com/bluenviron/mediamtx/actions/workflows/code_test.yml?query=branch%3Amain) - [![Lint](https://github.com/bluenviron/mediamtx/actions/workflows/code_lint.yml/badge.svg?branch=main)](https://github.com/bluenviron/mediamtx/actions/workflows/code_lint.yml?query=branch%3Amain) + [![Test](https://github.com/bluenviron/mediamtx/actions/workflows/test.yml/badge.svg?branch=main)](https://github.com/bluenviron/mediamtx/actions/workflows/test.yml?query=branch%3Amain) + [![Lint](https://github.com/bluenviron/mediamtx/actions/workflows/lint.yml/badge.svg?branch=main)](https://github.com/bluenviron/mediamtx/actions/workflows/lint.yml?query=branch%3Amain) [![CodeCov](https://codecov.io/gh/bluenviron/mediamtx/branch/main/graph/badge.svg)](https://app.codecov.io/gh/bluenviron/mediamtx/tree/main) [![Release](https://img.shields.io/github/v/release/bluenviron/mediamtx)](https://github.com/bluenviron/mediamtx/releases) [![Docker Hub](https://img.shields.io/badge/docker-bluenviron/mediamtx-blue)](https://hub.docker.com/r/bluenviron/mediamtx) diff --git a/docs/1-kickoff/2-install.md b/docs/1-kickoff/2-install.md index 37f2889c..0f60fc59 100644 --- a/docs/1-kickoff/2-install.md +++ b/docs/1-kickoff/2-install.md @@ -58,7 +58,7 @@ COPY --from=mediamtx /mediamtx / COPY --from=mediamtx.yml / RUN apt update && apt install -y \ - (insert here additional utilities) + (insert additional utilities here) ENTRYPOINT [ "/mediamtx" ] ``` diff --git a/docs/2-usage/01-basic-usage.md b/docs/2-usage/01-basic-usage.md index dd064520..2932d971 100644 --- a/docs/2-usage/01-basic-usage.md +++ b/docs/2-usage/01-basic-usage.md @@ -1,9 +1,10 @@ # Basic usage -1. Publish a stream. For instance, you can publish a video/audio file with _FFmpeg_: +1. [Publish](publish) a stream. For instance, you can publish a stream from a MP4 file with _FFmpeg_: ```sh - ffmpeg -re -stream_loop -1 -i file.ts -c copy -f rtsp rtsp://localhost:8554/mystream + ffmpeg -re -stream_loop -1 -i file.mp4 -c copy \ + -f rtsp rtsp://localhost:8554/mystream ``` or _GStreamer_: @@ -13,7 +14,7 @@ ! qtdemux name=d d.video_0 ! queue ! s.sink_0 d.audio_0 ! queue ! s.sink_1 ``` -2. Read the stream. For instance, you can read the stream with _VLC_: +2. [Read](read) the stream. For instance, you can read the stream with _VLC_: ```sh vlc --network-caching=50 rtsp://localhost:8554/mystream diff --git a/docs/2-usage/02-publish.md b/docs/2-usage/02-publish.md index 7595960d..a66718a6 100644 --- a/docs/2-usage/02-publish.md +++ b/docs/2-usage/02-publish.md @@ -443,7 +443,7 @@ FFmpeg can publish a stream to the server in several ways. The recommended one c #### FFmpeg and RTSP ```sh -ffmpeg -re -stream_loop -1 -i file.ts -c copy -f rtsp rtsp://localhost:8554/mystream +ffmpeg -re -stream_loop -1 -i file.mp4 -c copy -f rtsp rtsp://localhost:8554/mystream ``` The resulting stream will be available on path `/mystream`. @@ -451,7 +451,7 @@ The resulting stream will be available on path `/mystream`. #### FFmpeg and RTMP ```sh -ffmpeg -re -stream_loop -1 -i file.ts -c copy -f flv rtmp://localhost:1935/mystream +ffmpeg -re -stream_loop -1 -i file.mp4 -c copy -f flv rtmp://localhost:1935/mystream ``` #### FFmpeg and MPEG-TS over UDP @@ -459,7 +459,7 @@ ffmpeg -re -stream_loop -1 -i file.ts -c copy -f flv rtmp://localhost:1935/mystr In _MediaMTX_ configuration, add a path with `source: udp+mpegts://238.0.0.1:1234`. Then: ```sh -ffmpeg -re -stream_loop -1 -i file.ts -c copy -f mpegts 'udp://238.0.0.1:1234?pkt_size=1316' +ffmpeg -re -stream_loop -1 -i file.mp4 -c copy -f mpegts 'udp://238.0.0.1:1234?pkt_size=1316' ``` #### FFmpeg and MPEG-TS over Unix socket @@ -491,7 +491,7 @@ ffmpeg -re -f lavfi -i testsrc=size=1280x720:rate=30 \ #### FFmpeg and SRT ```sh -ffmpeg -re -stream_loop -1 -i file.ts -c copy -f mpegts 'srt://localhost:8890?streamid=publish:stream&pkt_size=1316' +ffmpeg -re -stream_loop -1 -i file.mp4 -c copy -f mpegts 'srt://localhost:8890?streamid=publish:stream&pkt_size=1316' ``` #### FFmpeg and WebRTC diff --git a/docs/2-usage/13-on-demand-publishing.md b/docs/2-usage/13-on-demand-publishing.md index 4296b94b..2bc30f28 100644 --- a/docs/2-usage/13-on-demand-publishing.md +++ b/docs/2-usage/13-on-demand-publishing.md @@ -5,7 +5,7 @@ Edit `mediamtx.yml` and replace everything inside section `paths` with the follo ```yml paths: ondemand: - runOnDemand: ffmpeg -re -stream_loop -1 -i file.ts -c copy -f rtsp rtsp://localhost:$RTSP_PORT/$MTX_PATH + runOnDemand: ffmpeg -re -stream_loop -1 -i file.mp4 -c copy -f rtsp rtsp://localhost:$RTSP_PORT/$MTX_PATH runOnDemandRestart: yes ``` diff --git a/docs/4-other/3-security.md b/docs/4-other/3-security.md index 57ca746a..0da3a21b 100644 --- a/docs/4-other/3-security.md +++ b/docs/4-other/3-security.md @@ -2,9 +2,9 @@ ## Security of released binaries -Binaries published in the [Releases](https://github.com/bluenviron/mediamtx/releases) section of GitHub are the output of a process which has been designed with a security-first approach. Every step from source code to the intended final destination of binaries is fully visible, immune from external interferences and independently verifiable. This is the process: +Binaries published in the [Releases](https://github.com/bluenviron/mediamtx/releases) section of GitHub are the output of a process that is fully visible, both in terms of "ingredients" (the source code) and "recipe" (the process steps), and verifiable by third parties. This should prevent external interferences and guarantee security. This is the process: -1. During every release, the [Release workflow](https://github.com/bluenviron/mediamtx/actions/workflows/release.yml?query=branch%3Amain) is triggered on GitHub. +1. During every release, the [Release workflow](https://github.com/bluenviron/mediamtx/actions/workflows/release.yml) is triggered on GitHub. 2. The release workflow pulls the source code and builds binaries. @@ -12,7 +12,7 @@ Binaries published in the [Releases](https://github.com/bluenviron/mediamtx/rele 4. Checksums and binaries are published on the Release page. -5. Binaries are downloaded by users to the intended final destination. +5. Binaries can be downloaded by users. It is possible to verify that SHA256 checksums of binaries correspond to the one published on Sigstore by running: diff --git a/mediamtx.yml b/mediamtx.yml index ad08426c..61e403fd 100644 --- a/mediamtx.yml +++ b/mediamtx.yml @@ -497,7 +497,7 @@ pathDefaults: alwaysAvailable: false # An MP4 file can be used instead of the default offline segment. alwaysAvailableFile: '' - # Tracks of the offline segment. + # Tracks of the default offline segment. alwaysAvailableTracks: # Available values are: AV1, VP9, H265, H264, Opus, MPEG4Audio, G711, LPCM - codec: H264