Preparing the Server

The following instructions assume that you have root access (sudo on most distributions) to a GNU/Linux server, and are familiar with basic command line tasks.

The recommended LibreTime server platform is Ubuntu 16.04 LTS (Xenial Xerus).

The server should have at least a 1GHz processor and 1GB of RAM, preferably 2GB RAM or more. If you are using a desktop environment and web browser directly on the server you should install at least 2GB RAM, to avoid swapping to disk.

The LibreTime installation does not use much disk space, but you should allow plenty of storage capacity for the LibreTime library. A hot-swap RAID array is recommended for media storage, in case of disk failure. You should also consider a UPS or other battery-powered system to offer some protection against short-term power failures.

LibreTime depends on infrastructure and services that need to be configured properly for it to run smoothly. This chapter will go through the individual parts of a LibreTime install and help you assess how you need to manage them.

Firewall

LibreTime should only be run on a Server behind a firewall. This can either be a dedicated firewall in the network (like on some cloud providers) or a local firewall running iptables (as you would use on a root server or a local machine).

Setting up a local firewall is done differently on all the supported distros.

There is a vast amount of ways to configure your network, firewall included. Choose the way that best fits your deploy and dont internal expose parts of your LibreTime install on the network.

The following ports are relevant to the deploy and need to be opened to varying degrees.

Port Description
80 Default unsecure web port. Needs to be open for the webserver to serve the LibreTime webinterface or if you enable TLS a redirect to the secure web port.
443 Default secure web port. This is where your LibreTime webinterface lives if you choose to configure TLS.
8000 Main Icecast instance. This is where your listeners connect if you plan on using your LibreTime server to directly serve such connections. You can also configure external Icecast or ShoutCast instances for this later.
8001 and 8002 Master and Show source input ports. Only open these ports if you plan on letting anyone use these features. You might want to consider usinga fixed IP if you use the master source for studio connections on port 8001 and only allow DJ to connect over a VPN link or similar depending your security needs.

The remaining parts of LibreTime might open additional ports that should not be accessible from any untrusted networks. You should consider how to configure their firewall access individually once you configure them.

PostgreSQL

You should set up PostgreSQL properly according to the instructions for your distro. Distro provided packages are fine for LibreTime as it does not have any specific version dependencies.

You should restrict access to the database and create a user specific to LibreTime. The default installer script create a user with the password airtime which is far to open and should be replaced with a self provided user and a secure password. See the PostgreSQL docs on roles and databases.

Please take care to ensure that your database is properly backed up at regular intervals. LibreTime uses the database to store your schedule, settings, playout history and more. See backing up the server for more information on this.

RabbitMQ

LibreTime uses RabbitMQ interfacing various components like the main interface and parts of the system like the audio analyzer and podcast downloader as well as the playout system through a common message queue. Again, the version provided by your distro will probably work fine for all LibreTime is concerned.

The install script sets airtime as the password on the default user. It is recommended to provide your own user using a secure password.

You can use rabbitmqctl or the Management Plugin to manage your RabbitMQ users.

There is no state in the RabbitMQ system that you need to backup but you want to ensure that your RabbitMQ configuration and user permissions are safe.

RabbitMQ hostname

RabbitMQ requires a fixed and resolvable hostname (see the docs), which is normal for a server. For a desktop or laptop machine where the hostname changes frequently or is not resolvable, this issue may prevent RabbitMQ from starting. When using a desktop or laptop computer with a dynamic IP address, such as an address obtained from a wireless network, the rabbitmq-server daemon must not start up before the NetworkManager service or network.target. You may also choose to configure RabbitMQ to only listen on the loopback interface with a localhost node name. You can use environment variables or a configuration file to do this.

See these links for more information: