Definitive Guide to Installing Rivendell v3 on a Digitalocean CentOS 7 Droplet

Definitive Guide to Installing Rivendell v3 on a Digitalocean CentOS 7 Droplet

  • December 9, 2019
  • /
  • Linux

By the time you reach the end of the Definitive Guide to Installing Rivendell v3 on a Digitalocean CentOS 7 Droplet, you will have a fully functioning Rivendell on a Cloud with Liquidsoap, Icecast, Jack, QJackCtl, and Stereo Tool. This will be less of an article and more of a “recipe” to pull it all together quickly. It’s also a work in progress — I’ll be updating it with how to create persistent Jack patches, processing audio with Stereo Tool, and more.

If you don’t have a Digitalocean account yet, please use my referral link for a $10 credit, which will hook me up too! 

Spin up a $5 CentOS 7.6 x64 Droplet on Digitalocean

Most of the Linux pre-installation stuff is done for you when you spin up a new Droplet, so we can jump ahead to the part about “Running the Installation Script” referenced in the Rivendell Appliance script HERE.


Before we install the Rivendell core, let’s do some light housekeeping:

hostname should be all lower-case, alphanumeric and not more than 32 characters. In case you want to rename your droplet (this will also be your Rivendell hostname and MUST MATCH your Linux hostname)

Set the system time for your timezone – VIEW TIMEZONE CODES:

Bring CentOS current:


Ready to install Rivendell:

Three different types of installation are available. Choose your installation type.

For a stand-alone setup (single, self-contained Rivendell system), start the script with the command:

For a server setup (system capable of hosting Rivendell client machines that share the server’s database and audio store), start the script with the command:

For a pure client setup (one that uses a central server for the database and audio store), first create a host entry for the new client in RDAdmin on the server (RDAdmin->ManageHosts->Add), then start the script with the command:
When installation finishes, reboot.

Secure rd and MariaDB


Login in to the rd user now:

Set the MariaDB administrator password with the following command (substitute your password for pwd):


Configure and secure VNC server:

Create the VNC systemd unit and enable it:
save and close the file.
Technically, your desktop is good to go with VNC, but we still have some command line work to do, so standby.

Now, let’s harden security a bit more

NOTE: VNC is FULLY EXPOSED to the public internet. You should lock down tcp/5900 to YOUR PRIVATE IP. *You can skip this step if you have a Digitalocean external firewall defined in your DO control panel with the following rules assigned to this Droplet:

Lock down SSH to Pubkey authentication ONLY and disable password authentication (make sure you added your public key to your droplet or you could get LOCKED OUT if VNC fails):

Look for the following and confirm:

Uncomment the following and change “yes” to “no”

Save and close the file, then restart SSH.



It can’t be over-stated. To get all of this working properly, Rivendell needs to run as a regular user — rd — NOT ROOT. Otherwise, Rivendell starts jackd with root permissions, Liquidsoap completely fails to start and Rivendell is invisible to QJackCtl and Patchage. Edit the rivendell.service systemd unit and add “User=rd” to the end of the [Service] section so that Rivendell starts with the proper user permissions:

Save and close the file.

Install Icecast and QJackCtl

There are 4 sections we need to edit in the icecast.xml:
Create secure passwords for your Icecast install:
Replace bind-address with your Droplet’s static IP (not a floating IP) and uncomment <shoutcast-mount> below:
In Debian and Ubuntu, Icecast runs as the normal user by default. In CentOS, it defaults to the icecast user — which will prevent Liquidsoap from connecting — so we need to chroot Icecast to the rd user.

But first, we need to change the path in <logdir> to the rd home folder so that Icecast has write permissions. Without write permissions to the log directory, Icecast will fail. Scroll down and find the <paths> section in icecast.xml.

Now, scroll down to the <security> section at the end of icecast.xml and chroot to the rd user

Save and close icecast.xml file.

To Start Icecast, enable the icecast systemd unit which was generated automatically:


Before we forget, let’s create a “logs” directory in the rd home folder. We’ll use it for rdimport and Liquidsoap logs too:



Let’s get Liquidsoap installed:


If you’d like to add support for AAC:

Let’s create our liquidsoap config file:

Copy and paste the following in the file you you just created — replacing “icecast-source-pass” with your actual icecast source password :

Save, close, and make the file executable.

Install patchage (visual patchbay for jackd)

Download Stereo Tool for use later


Not absolutely necessary, but handy:


VNC into the desktop with your favorite client and your Droplet’s static IP:


Tap the “Applications” menu and choose Settings >> Display
Tap resolution and choose 1920×1080 and click the “Apply” button
Close display settings window

Tell Rivendell to use the JACK driver and start JACK as the rd user:

It should be blank, but tap the “Save” button anyway to remove the default alsa config stored in /etc/asound.conf so Rivendell will use the JACK driver.

Open RDAdmin >> Manage Hosts >> your RD host >> Jack Settings:
Tick Start JACK Server and add the line below to JACK command line:

Click “ok”

Configure Now & Next PAD

Open RDAdmin >> Manage Hosts >> your RD host >> PyPad Instances >> Add >> >> open
Edit the following with your droplet’s settings:


Click “OK” button to save and close config


When the system comes back up, Rivendell, Liquidsoap, Icecast and Jack will all be running as the rd user with the proper permissions now. Confirm Rivendell is using the JACK driver with:

RDAdmin >> Manage Hosts >> your RD host >> Audio Resources >> Scroll down to the AUDIO ADAPTERS section.

If you see “Card 0: JACK Audio connection Kit” Rivendell is configured to work with JACK.

Create an empty file called and paste the text below.

Save, close and make the file executable.

Add a shortcut to launch your stream in the dock

  1. Right-click on the dock, choose “panel” and then “Add new items”
  2. When the window pops up, choose “Launcher” and click “Add”
  3. When it appears in the dock, right-click on it and choose “Properties”
  4. Click the icon just below the “+” icon
  5. Name it Launch Stream
  6. In Command, paste the following
  7. Click the “icon” button and choose an icon
  8. Click “Create” button

Repeat the steps to add any other applications you want quick access to in the dock.

Then, close all the “panel” windows

NOTE 1: This works on Digitalocean which uses KVM virtualization. Your mileage may vary depending on virtualization platform and host. Unprocessed audio works on the $5 Droplet without any problems. If you want to enable Stereo Tool processing, you’ll need more resources (2GB / 2vCPU for $15/mo). Interestingly, Stereo Tool performs better on a 2GB/2vCPU droplet than a 4 Core / 8GB Droplet — probably because of kernel and processor optimization.

NOTE 2: If you plan on taking snapshots of your droplet after you get everything dialed in the way you want, then it’s better to do a temporary CPU/RAM resize. You can’t restore a droplet with a larger disk to a droplet with a smaller one, so backups and all future droplets based on the snapshot cost more. You can always upgrade later.

NOTE 3: It costs a little more, (and can get expensive quickly if you have a large library) but I recommend adding a Block Storage Volume as insurance and mounting it to /var/snd in fstab. That way, if you bork a droplet and want to restore from a snapshot, you don’t have to keep reimporting your library. Don’t forget to make occasional backups of your database to the external volume for the same reason.

Refer to our QUCIKSTART GUIDE for our pre-built Digitalocean droplet for reference.