How to Install AirSonic on CentOS 7

• Prerequisites
• Step 1: Basic system configuration
• Step 2: Install OpenJDK Java Runtime Environment (JRE) 8
• Step 3: Install AirSonic
• Step 4: Test the installation
• Step 5: Obtain a Let's Encrypt SSL certificate for your AirSonic site
• Step 6: Install Nginx as a reverse proxy

AirSonic is a free and open source media streaming server. In this tutorial, I will guide you through the process of deploying an AirSonic server instance from scratch on a CentOS 7 server instance.

Prerequisites

• A newly deployed Vultr CentOS 7 server instance with at least 2GB of memory. Say it has an IPv4 address 203.0.113.1.
• A sudo user.
• A domain airsonic.example.com being pointed to the server instance mentioned above.

Step 1: Basic system configuration

Create a swap file

In order to get better system performance, it's recommended to create a 2GB (2048M) swap file on a machine with 2GB of memory:

sudo dd if=/dev/zero of=/swapfile count=2048 bs=1M
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
echo '/swapfile   none    swap    sw    0   0' | sudo tee -a /etc/fstab
free -m

Note: If you are using a different server size, the suitable size of the swap partition may vary.

Setup the machine's hostname and fully qualified domain name (FQDN)

Properly setting up a hostname and an FQDN for the machine is required for enabling HTTPS security with a Let's Encrypt SSL certificate.

The following commands will setup a hostname airsonic and an FQDN airsonic.example.com for the machine:

sudo hostnamectl set-hostname airsonic
cat <<EOF | sudo tee /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
203.0.113.1 airsonic.example.com airsonic
127.0.0.1 airsonic
::1       airsonic
EOF

The results can be confirmed with the following:

hostname
hostname -f

Modify firewall rules in order to allow inbound HTTP and HTTPS traffic

Remove CentOS 7's default block on ports 80 (HTTP) and 443 (HTTPS):

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo systemctl reload firewalld.service

Install the repo

Install the EPEL YUM repo and then update the system:

sudo yum install -y epel-release
sudo yum -y update && sudo shutdown -r now

After the system reboots, log back in as the same sudo user to move on.

Step 2: Install OpenJDK Java Runtime Environment (JRE) 8

Install OpenJDK JRE 8 and then confirm the result on CentOS 7:

sudo yum install -y java-1.8.0-openjdk.x86_64
java -version

The output of the second command will be similar to the following:

openjdk version "1.8.0_171"
OpenJDK Runtime Environment (build 1.8.0_171-8u171-b11-0ubuntu0.18.04.1-b11)
OpenJDK 64-Bit Server VM (build 25.171-b11, mixed mode)

In addition, you need to setup the JAVA_HOME environment variable as follows:

echo "JAVA_HOME=$(readlink -f /usr/bin/java | sed "s:bin/java::")" | sudo tee -a /etc/profile
source /etc/profile

Step 3: Install AirSonic

AirSonic can be deployed using various methods. In this tutorial, we will install AirSonic using the AirSonic WAR package.

Create a dedicated user and a dedicated group, both named airsonic:

sudo groupadd airsonic
sudo mkdir /var/airsonic
sudo useradd -s /bin/nologin -g airsonic -d /var/airsonic -M airsonic

Download the latest AirSonic WAR package:

cd /var/airsonic
sudo wget https://github.com/airsonic/airsonic/releases/download/v10.1.2/airsonic.war
sudo chown -R airsonic:airsonic /var/airsonic

Download the predefined AirSonic systemd unit files and then start the AirSonic service:

sudo wget https://raw.githubusercontent.com/airsonic/airsonic/master/contrib/airsonic.service -O /etc/systemd/system/airsonic.service
sudo wget https://raw.githubusercontent.com/airsonic/airsonic/master/contrib/airsonic-systemd-env -O /etc/sysconfig/airsonic
sudo systemctl daemon-reload
sudo systemctl start airsonic.service
sudo systemctl enable airsonic.service

Note: You may need to review and customize the two AirSonic systemd unit files on your own machine.

Step 4: Test the installation

AirSonic will be up and running now, listening on port 8080. You can use the following command to confirm that this is the case:

ps -ef|grep airsonic

You can also directly visit the AirSonic site, but you need to temporarily modify firewall rules first:

sudo firewall-cmd --permanent --add-port=8080/tcp
sudo systemctl reload firewalld.service

Next, point your favorite web browser to http://203.0.113.1:8080/airsonic, and then use the default credentials listed below to log in:

• Username: admin
• Password: admin

For security purposes, you should change the administrator's password immediately after logging in.

Once the result is confirmed, restrict access on port 8080 again:

sudo firewall-cmd --permanent --remove-port=8080/tcp
sudo systemctl reload firewalld.service

Step 5: Obtain a Let's Encrypt SSL certificate for your AirSonic site

For security purposes, it's recommended to enable HTTPS security on every newly created website. The most convenient practice for that is to deploy a Let's Encrypt SSL certificate as follows.

Install the Certbot utility on CentOS 7:

sudo yum -y install yum-utils
sudo yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional
sudo yum install -y certbot

Use Certbot to apply for a Let's Encrypt SSL certificate for the domain airsonic.example.com:

sudo certbot certonly --standalone --agree-tos --no-eff-email -m [email protected] -d airsonic.example.com

The certificate and chain will be saved at the following:

/etc/letsencrypt/live/airsonic.example.com/fullchain.pem

The key file will be saved here:

/etc/letsencrypt/live/airsonic.example.com/privkey.pem

The Let's Encrypt SSL certificate is designed to expire in three months. You can setup a cron job to renew your certificates automatically:

sudo crontab -e

Press I, and then input the following entry:

0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew

Save and quit:

:wq

This cron job will attempt to update the Let's Encrypt certificate every day at noon.

Step 6: Install Nginx as a reverse proxy

With the help of Nginx, you can both facilitate visitors' access (so that they no longer need to input the 8080 port number), and enable HTTPS security on your AirSonic website.

Install Nginx using YUM:

sudo yum install -y nginx

Next, create a config file for AirSonic:

cat <<EOF | sudo tee /etc/nginx/conf.d/airsonic.conf
# Redirect HTTP to HTTPS
server {
    listen      80;
    server_name airsonic.example.com;
    return      301 https://\$server_name\$request_uri;
}

server {

    # Setup HTTPS certificates
    listen       443 default ssl;
    server_name  airsonic.example.com;
    ssl_certificate      /etc/letsencrypt/live/airsonic.example.com/fullchain.pem;
    ssl_certificate_key  /etc/letsencrypt/live/airsonic.example.com/privkey.pem;

    # Proxy to the Airsonic server
    location /airsonic {
        proxy_set_header X-Real-IP         \$remote_addr;
        proxy_set_header X-Forwarded-For   \$proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-Host  \$http_host;
        proxy_set_header Host              \$http_host;
        proxy_max_temp_file_size           0;
        proxy_pass                         http://127.0.0.1:8080;
        proxy_redirect                     http:// https://;
    }
}
EOF

Restart Nginx in order to put your configuration into effect:

sudo systemctl restart nginx.service
sudo systemctl enable nginx.service

Finally, point your favorite web browser to http://airsonic.example.com/airsonic or https://airsonic.example.com/airsonic to start exploring your AirSonic website.