Creating a fifo-based ffmpeg service

- Posted in Linux by

I needed an encoder-service waiting to handle ffmpeg-workloads, and decided to use systemctl and a fifo pipe, so jobs could be queued without the need of RabbitMQ/other.

I'm aware of DLQ and fancy scaling, however this does the trick and hasn't failed for years.

1) Create script for initiating the fifo pipe, save it at /opt/

# pipe location

trap "rm -f $pipe" EXIT

# Initiate pipe
[[ -p $pipe ]] || mkfifo $pipe

while true; do
    exec 3<> $pipe
    read line < $pipe
    bash <<< "/opt/ $line"

2) Create your ffmpeg-worker, with your ffmpeg args, at /opt/

# Do ffmpeg stuff
/usr/bin/ffmpeg -y input.avi [yourargs] output.mp4

3) Create service file at /etc/systemd/system/ffmpeg-encoder.service:

Description=ffmpeg encoder service



3) Reload systemctl daemon: systemctl daemon-reload

4) Enable service: systemctl enable ffmpeg-encoder.service

Verify the service state with: systemctl status ffmpeg-encoder.service

Verifying service status programatially can be done by running:

systemctl is-active --quiet ffmpeg-encoder.service

where exitcode 0 is the active state of the service.

I also wrote a simple ffmpeg-log-parser for polling state via PHP, but that's for another post.


Encrypted storage container with LUKS

- Posted in Linux by

Create an encrypted container for storage with LUKS

Change the names and paths to reflect your environment and needs

1) Make sure cryptsetup is installed: sudo apt update && apt install cryptsetup -y

2) Create an empty file for the container: sudo dd if=/dev/zero bs=1M of=/path/to/lukscontainer count=10240 (I prefer using a flat file, instead of a device, for portability)

3) Create the LUKS volume within the flat file: sudo cryptsetup luksOpen /path/to/lukscontainer container_crypt

4) Create a filesystem within the LUKS volume: sudo mkfs.ext4 /dev/mapper/container_crypt

5) Create a mountpoint for the container: sudo mkdir -p /storage/container/

6) Mount the container in your newly created mountpoint: sudo mount /dev/mapper/container_crypt /storage/container/

To easily unmount and mount the container in the future, create 2 simple scripts:

#!/bin/sh /usr/bin/umount /dev/mapper/container_crypt /sbin/cryptsetup luksClose /dev/mapper/container_crypt

#!/bin/sh /sbin/cryptsetup luksOpen /path/to/lukscontainer container_crypt /usr/bin/mount /dev/mapper/container_crypt /storage/container/

(the editor in htmly isn't playing nice, insert linebreaks manually)

Make the scrips executable with chmod +x luks* and run them with ./

Make sure to upgrade your KDF to argon2id (default for latest version at the time of writing):


Create a RAM-drive in Linux

- Posted in Linux by

Add the following line to /etc/fstab to create an 8 GB RAM-drive in Linux with tmpfs

tmpfs           /mnt/ramdisk tmpfs      defaults,size=8192M 0 0

Mount with sudo mount -a and use /mnt/ramdisk/


Simple pyproxy TCP example

- Posted in Linux by

./ --tcp -s -d domain.tld:12345 -v

Script source-code: download here

openssl pkcs12 -inkey certificate.key -in certificate.pem -export -out certificate.pfx