Recipe for MCP Video Playback Computer

  • base netinst install of jessie - deselect everything from tasksel
    • hostname playback – domain mcp.lcl
    • root on SSD (discard, noatime)
    • RAID-1 across two 1 TB drives, LVM with swap and video partitions
  • > /etc/motd
  • apt-get --no-install-recommends install aptitude
  • aptitude install ssh (this will pull in xauth, but that's okay)
  • aptitude install less fbset screen rsync psmisc file patch ethtool strace tcpdump vim bzip2 xz-utils
  • aptitude --without-recommends install dnsutils
  • adduser tdobes adm
  • adduser tdobes systemd-journal
  • aptitude install dbus
  • sed -i -e 's/^deb.* main$/& contrib non-free/g' /etc/apt/sources.list
  • aptitude update && aptitude forget-new
  • aptitude install intel-microcode
  • aptitude install firmware-realtek # for r8169 NIC's
  • adjust /etc/udev/rules.d/70-persistent-net.rules to set NIC with main network as eth0
    • if it was necessary to swap eth0/eth1, update etc/network/interfaces as well
  • aptitude install ifplugd
  • sed -i -e 's/^INTERFACES=""/INTERFACES="eth0"/g' /etc/default/ifplugd
  • sed -i -e 's/^allow-hotplug eth0/#allow-hotplug eth0/g' /etc/network/interfaces
  • echo >> /etc/network/interfaces
    echo '# Secondary NIC (DS network)' >> /etc/network/interfaces
    echo '#allow-hotplug eth1' >> /etc/network/interfaces
    echo 'iface eth1 inet dhcp' >> /etc/network/interfaces
    echo $'\tmetric 1' >> /etc/network/interfaces
    
    sed -i -e 's/^INTERFACES="eth0"/INTERFACES="eth0 eth1"/g' /etc/default/ifplugd
    
    # this takes care of the two DHCP interfaces fighting over resolv.conf:
    aptitude install resolvconf
    systemctl enable resolvconf
    systemctl start resolvconf
    
    systemctl restart ifplugd
  • aptitude --without-recommends install ntp
    echo '[Unit]' > /etc/systemd/system/ntp.service
    echo 'Description=Network Time Protocol daemon' >> /etc/systemd/system/ntp.service
    echo 'After=network.target' >> /etc/systemd/system/ntp.service
    echo >> /etc/systemd/system/ntp.service
    echo '[Service]' >> /etc/systemd/system/ntp.service
    echo 'ExecStart=/usr/sbin/ntpd -n -g -u ntp:ntp' >> /etc/systemd/system/ntp.service
    echo >> /etc/systemd/system/ntp.service
    echo '[Install]' >> /etc/systemd/system/ntp.service
    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/ntp.service
    systemctl enable ntp.service
  • mkdir -p /etc/systemd/system/ssh.socket.d
    echo '[Socket]' > /etc/systemd/system/ssh.socket.d/port-2222.conf
    echo 'ListenStream=2222' >> /etc/systemd/system/ssh.socket.d/port-2222.conf
    systemctl disable ssh.service && systemctl enable ssh.socket
  • mkdir -p /etc/systemd/system/getty\@tty1.service.d
    echo '[Service]' > /etc/systemd/system/getty\@tty1.service.d/noclear.conf
    echo 'TTYVTDisallocate=no' >> /etc/systemd/system/getty\@tty1.service.d/noclear.conf
  • systemctl mask networking.service # we use ifplugd instead
    echo 'D /run/network 0755 root root' > /etc/tmpfiles.d/debian-networking.conf
    echo 'F /run/network/ifstate 0644 root root - lo=lo' >> /etc/tmpfiles.d/debian-networking.conf
  • aptitude purge acpid acpi-support-base # systemd-logind takes care of this
  • sed -i -e 's/^GRUB_CMDLINE_LINUX_DEFAULT="quiet"$/GRUB_CMDLINE_LINUX_DEFAULT="quiet panic=5"/g' /etc/default/grub && update-grub
  • systemctl mask keyboard-setup.service
    systemctl mask console-setup.service
    systemctl mask rc-local.service
  • aptitude --without-recommends install irqbalance
  • echo '/dev/mapper/raid-video        /mnt/video     ext4     rw,noatime     0       2' >> /etc/fstab
    mkdir -p /mnt/video
    mount /mnt/video
  • aptitude install xserver-xorg-video-nouveau xserver-xorg-input-evdev xserver-xorg-input-void
  • aptitude install xinit xinput evilwm xdotool x11vnc unclutter x11-xserver-utils
  • sed -i 's/START_UNCLUTTER="true"/START_UNCLUTTER="false"/g' /etc/default/unclutter
    sed -i -e 's/^use-ssh-agent$/#use-ssh-agent/g' /etc/X11/Xsession.options
  • dpkg-reconfigure x11-common – set “Users allowed to start the X server” to “Anybody”
  • aptitude install alsa-utils fonts-freefont-ttf
  • adduser player # Name: Video Player (no password)
  • adduser player audio
  • adduser player video
  • adduser tdobes audio
  • adduser tdobes video
  • install mplayer (not in jessie, so use testing)<code> echo 'deb http://ftp.us.debian.org/debian/ testing main' > /etc/apt/sources.list.d/testing.list echo 'Package: mplayer' » /etc/apt/preferences.d/mplayer-testing echo 'Pin: release a=testing' » /etc/apt/preferences.d/mplayer-testing echo 'Pin-Priority: 999' » /etc/apt/preferences.d/mplayer-testing echo 'Package: *' > /etc/apt/preferences.d/testing echo 'Pin: release a=testing' » /etc/apt/preferences.d/testing echo 'Pin-Priority: 99' » /etc/apt/preferences.d/testing aptitude update && aptitude forget-new && aptitude install mplayer </code>
  • aptitude install mpv
  • aptitude install youtube-dl # but deselect mplayer2
  • # install libdvdcss: (see http://www.videolan.org/developers/libdvdcss.html)
    echo '# libdvdcss from http://www.videolan.org/developers/libdvdcss.html' > /etc/apt/sources.list.d/libdvdcss.list
    echo 'deb http://download.videolan.org/pub/debian/stable/ /' >> /etc/apt/sources.list.d/libdvdcss.list
    echo 'deb-src http://download.videolan.org/pub/debian/stable/ /' >> /etc/apt/sources.list.d/libdvdcss.list
    wget -O - http://download.videolan.org/pub/debian/videolan-apt.asc | apt-key add -
    aptitude update && aptitude forget-new && aptitude install libdvdcss2
  • echo '#!/bin/sh' > /usr/local/bin/player-xsession.sh
    echo >> /usr/local/bin/player-xsession.sh
    echo 'pkill -9 evilwm' >> /usr/local/bin/player-xsession.sh
    echo 'pkill -9 x11vnc' >> /usr/local/bin/player-xsession.sh
    echo >> /usr/local/bin/player-xsession.sh
    echo 'xrandr --output DVI-I-1 --mode 1920x1080' >> /usr/local/bin/player-xsession.sh
    echo >> /usr/local/bin/player-xsession.sh
    echo 'x11vnc -rfbport 5900 -q -usepw -N -ncache 0 -shared -forever &' >> /usr/local/bin/player-xsession.sh
    echo >> /usr/local/bin/player-xsession.sh
    echo 'xset s off #disable screensaver' >> /usr/local/bin/player-xsession.sh
    echo 'xset -dpms #disable automatic power saving' >> /usr/local/bin/player-xsession.sh
    echo 'unclutter -grab -idle 2 & #daemon to auto-hide mouse' >> /usr/local/bin/player-xsession.sh
    echo >> /usr/local/bin/player-xsession.sh
    echo '#SHELL=/bin/bash xterm &' >> /usr/local/bin/player-xsession.sh
    echo >> /usr/local/bin/player-xsession.sh
    echo "# for some reason, this doesn't work unless you do it twice:" >> /usr/local/bin/player-xsession.sh
    echo 'systemd-notify READY=1' >> /usr/local/bin/player-xsession.sh
    echo 'systemd-notify READY=1' >> /usr/local/bin/player-xsession.sh
    echo >> /usr/local/bin/player-xsession.sh
    echo "exec evilwm -fn '*-clean-*'" >> /usr/local/bin/player-xsession.sh
    chmod +x /usr/local/bin/player-xsession.sh
    ln -s /usr/local/bin/player-xsession.sh /home/player/.xsession
    
    echo '[Unit]' > /etc/systemd/system/startx\@.service
    echo 'Description=Start Xorg for %I' >> /etc/systemd/system/startx\@.service
    echo >> /etc/systemd/system/startx\@.service
    echo '[Service]' >> /etc/systemd/system/startx\@.service
    echo 'ExecStart=-/usr/bin/startx -- -layout player -nolisten tcp -sharevts' >> /etc/systemd/system/startx\@.service
    echo 'ExecStopPost=-/usr/bin/pkill -9 -U %I evilwm' >> /etc/systemd/system/startx\@.service
    echo 'User=%I' >> /etc/systemd/system/startx\@.service
    echo 'Type=notify' >> /etc/systemd/system/startx\@.service
    echo 'NotifyAccess=all' >> /etc/systemd/system/startx\@.service
    echo 'Restart=always' >> /etc/systemd/system/startx\@.service
    echo 'RestartSec=1' >> /etc/systemd/system/startx\@.service
    echo >> /etc/systemd/system/startx\@.service
    echo '[Install]' >> /etc/systemd/system/startx\@.service
    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/startx\@.service
    # systemctl enable startx\@player.service # doesn't work on old systemd releases
    ln -s /etc/systemd/system/startx\@.service /etc/systemd/system/multi-user.target.wants/startx\@player.service
    
    echo '[Unit]' > /etc/systemd/system/xterm.service
    echo 'Description=xterm for troubleshooting' >> /etc/systemd/system/xterm.service
    echo 'After=startx@player.service' >> /etc/systemd/system/xterm.service
    echo 'Requires=startx@player.service' >> /etc/systemd/system/xterm.service
    echo >> /etc/systemd/system/xterm.service
    echo '[Service]' >> /etc/systemd/system/xterm.service
    echo 'ExecStart=-/usr/bin/xterm' >> /etc/systemd/system/xterm.service
    echo 'User=player' >> /etc/systemd/system/xterm.service
    echo 'Environment=DISPLAY=:0' >> /etc/systemd/system/xterm.service
  • sed -i -e 's/^GRUB_CMDLINE_LINUX_DEFAULT="quiet panic=5"$/GRUB_CMDLINE_LINUX_DEFAULT="quiet panic=5 drm_kms_helper.edid_firmware=DVI-I-1:edid\/1920x1080.bin"/g' /etc/default/grub && update-grub
  • mkdir ~player/.vnc
    x11vnc -storepasswd **PASSWORD** ~player/.vnc/passwd
    chown -R player:player ~player/.vnc
    chmod 0600 ~player/.vnc/passwd
  • Paste into /etc/X11/xorg.conf:
    Section "ServerLayout"
      Identifier     "player"
      Screen      0  "player-screen" 0 0
      InputDevice    "Void" "CorePointer"
      InputDevice    "Void" "CoreKeyboard"
      Option         "AutoAddDevices" "Off"
    EndSection
    
    Section "InputDevice"
      Identifier  "Void"
      Driver      "void"
    EndSection
    
    Section "Monitor"
      Identifier   "DVI-I-1"
      ModeLine "1080p" 148.35 1920 2008 2052 2200 1080 1084 1089 1125 +HSync +VSync
      Option "PreferredMode" "1080p"
    EndSection
    
    Section "Device"
      Identifier  "nVidia"
      Driver      "nouveau"
      BusID       "PCI:1:0:0"
      Option      "Monitor-DVI-I-1" "DVI-I-1"
    EndSection
    
    Section "Screen"
      Identifier "player-screen"
      Device     "nVidia"
      #Monitor specified in Device section
      DefaultDepth 24
      SubSection "Display"
        Modes "1920x1080"
        Virtual 1920 1080
        Depth 24
      EndSubSection
    EndSection
  • Copy over /opt/spice_player
  • Set up spice player:
    echo '[Unit]' > /etc/systemd/system/spice_player.service
    echo 'Description=Spice Player' >> /etc/systemd/system/spice_player.service
    echo 'After=startx@player.service network.target' >> /etc/systemd/system/spice_player.service
    echo 'Requires=startx@player.service' >> /etc/systemd/system/spice_player.service
    echo >> /etc/systemd/system/spice_player.service
    echo '[Service]' >> /etc/systemd/system/spice_player.service
    echo 'ExecStart=/opt/spice_player/spice_recv.py' >> /etc/systemd/system/spice_player.service
    echo 'WorkingDirectory=/opt/spice_player' >> /etc/systemd/system/spice_player.service
    echo 'User=player' >> /etc/systemd/system/spice_player.service
    echo 'Environment=PYTHONUNBUFFERED=1' >> /etc/systemd/system/spice_player.service
    echo 'Environment=DISPLAY=:0' >> /etc/systemd/system/spice_player.service
    echo >> /etc/systemd/system/spice_player.service
    echo 'Restart=always' >> /etc/systemd/system/spice_player.service
    echo 'RestartSec=1' >> /etc/systemd/system/spice_player.service
    echo >> /etc/systemd/system/spice_player.service
    echo '[Install]' >> /etc/systemd/system/spice_player.service
    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/spice_player.service
    
    systemctl enable spice_player
    systemctl start spice_player
  • aptitude install samba winbind libnss-winbind libpam-winbind
  • mv /etc/samba/smb.conf /etc/samba/smb.conf.orig
  • Paste in /etc/samba/smb.conf:
    [global]
      security = ADS
      workgroup = MCP
      realm = MCP.LCL
      password server = ad1.mcp.lcl ad2.mcp.lcl *
      server string = Video Playback Server
      idmap config MCP:backend = rid
      idmap config MCP:base_rid = 0
      idmap config MCP:range = 10000-20000
      idmap config *:backend = tdb
      idmap config *:range = 9000-9999
      winbind separator = +
      template homedir = /home/%U
    
      # disable shell logins by default
      template shell = /bin/false
      # don't try to become browse master
      local master = no
      # don't use DNS for NetBIOS lookups
      dns proxy = no
      # allow enumeration of users, groups (i.e. getent passwd; getent group)
      winbind enum users = yes
      winbind enum groups = yes
      # don't require domain name to login
      winbind use default domain = yes
      # cache login credentials
      winbind offline logon = true
      # don't flood DNS servers with useless queries (see manpage; DC lookup still uses DNS)... also disable broadcast resolution
      # name resolve order = wins
      name resolve order = wins host
      # manpage says this shouldn't be necessary
      ;auth methods = winbind
      # ensure that we follow PAM rules (hopefully this will enforce home directory auto-creation)
      obey pam restrictions = yes
      # no broadcast announcements (we're not using OS/2)
      lm announce = no
    
      # disable print server
      load printers = no
      show add printer wizard = no
      disable spoolss = yes
    
      # logging
      log file = /var/log/samba/log.%m
      # cap logfiles at 1MB
      max log size = 1000
      log level = 2
      # don't send anything to syslog
      syslog = 0
      # mail the admin if we crash
      panic action = /usr/share/samba/panic-action %d
    
      # performance tweaks
      socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
      use sendfile = yes
      max protocol = SMB2
      strict allocate = yes
    
      # obtain permissions from parent dir
      inherit permissions = yes
      # drop connections with no open files after 15 minutes of inactivity
      deadtime = 15
      # allow Windows to handle inheritance correctly
      map acl inherit = yes
    
      # hide Apple-specific files from Windows, but delete them if we're deleting a folder
      veto files = /.AppleDesktop/Network Trash Folder/TheVolumeSettingsFolder/.AppleDouble/.AppleDB/.DS_Store/.TemporaryItems/
      delete veto files = yes
    
      create mask = 0664
      directory mask = 0775
    
      # this wreaks all sorts of havoc with symlinks
      unix extensions = no
    
      # emulate DOS attributes using xattr
      store dos attributes = yes
    
    [video]
      comment = Video Storage
      path = /mnt/video
      writable = yes
      hide files = /lost+found/
  • Set up samba server:
    sed -i -e 's/^passwd:.*compat$/& winbind/g' -e 's/^group:.*compat$/& winbind/g' /etc/nsswitch.conf
    
    net ads join -U tdobes
    # the DNS update error is normal
    
    systemctl restart winbind
    # verify that users show up in "wbinfo -u" and "getent passwd"
    systemctl restart nmbd smbd
  • Audio setup – optical S/PDIF (merged into HDMI with Monoprice 5369):
    amixer -c MID sset IEC958 on
    # we do this in mpv.py instead to avoid ALSA bug when setting S/PDIF parameters:
    #echo 'defaults.pcm.card 0' > /home/player/.asoundrc
    #echo 'defaults.pcm.device 1' >> /home/player/.asoundrc
  • GPU-accelerated video decoding:
    aptitude install mesa-vdpau-drivers vainfo
    # obtain firmware -- see http://nouveau.freedesktop.org/wiki/VideoAcceleration/#firmware
    
    # RUN AS USER ACCOUNT:
    mkdir /tmp/nouveau
    pushd /tmp/nouveau
    wget --no-check-certificate https://raw.github.com/imirkin/re-vp2/master/extract_firmware.py
    wget http://us.download.nvidia.com/XFree86/Linux-x86/325.15/NVIDIA-Linux-x86-325.15.run
    sh NVIDIA-Linux-x86-325.15.run --extract-only
    python2 extract_firmware.py
    
    su
    # RUN AS ROOT:
    mkdir -p /lib/firmware/nouveau
    cp -d nv* vuc-* /lib/firmware/nouveau/
    
    popd
    rm -r /tmp/nouveau
  • FUTURE: Modify mpv control to use JSON instead of legacy protocol. (JSON is not supported in the mpv in Jessie, but will be in Stretch) – see https://mpv.io/manual/stable/#json-ipc https://github.com/gustaebel/python-mpv https://www.snip2code.com/Snippet/523011/A-small-script-for-controlling-mpv-via-t or the libmpv based https://github.com/jaseg/python-mpv
computer/mcp_video_playback_computer.txt · Last modified: 2016/05/07 18:57 by tdobes
Recent changes RSS feed Driven by DokuWiki Valid XHTML 1.0 Valid CSS