Docker compose stack that provides a distributed time synchronized Spotify Connect speaker, wrapped in ssl.
Doesn't play audio locally, requires web or native snapcast clients.
- docker
- docker-compose
- amd64 arch computer (multiarch support coming soon)
- Spotify premium
- Web interface wrapped in SSL, A+ on Qualys' SSL Server Test
- Automatically obtains and renews ssl certificate, assuming traffic is forwarded correctly
- Provides a Spotify Connect Speaker on your network
- Distributed, time synchronized audio
- Clone this repo
- Copy the settings.example folder and rename it to settings
- Go through settings/common.env and fill out anything you want to change, specifically the following
- HOSTED_URL
- ADMIN_EMAIL
- Generate a dhparam.pem for nginx by running
mkdir -p appdata/nginx && openssl dhparam -out ./appdata/nginx/dhparam.pem 2048
in the repo's root - Ensure traffic is routed and your DNS resolves correctly
- Ensure req'd ports are open and not blocked by firewall. Defaults ports required are 80, 443 and 5454.
- Run
./start
- In a Spotify client, select the speaker, "librespot-docker" with the default settings/common.env, and play some music
- In a browser, you should be able to go to "$SNAPSERVER_SUBDOMAIN.$HOSTED_URL", or "snapcast.example.com" with the default settings/common.env
- Press the play icon in the top right hand corner of the screen and you should hear your Spotify connect stream
- Repeat steps 8 and 9 with other devices
- 80 nginx http - only used by nginx for getting the ssl cert, OK to face the internet
- 443 nginx ssl - nginx ssl port, snapcast web server http interface will be available here after cert is obtained
- 1704 snapcast tcp - snapcast uses this port to communicate with other snapcast clients. I wouldn't expose this to the internet
- 1705 snapcast ??? - ???, ditto?
- 1780 snapcast http - snapcast http webserver, don't expose to internet
- 5454 zeroconf - used for communication with librespot, the spotify connect provider
- Use wireguard and set $LISTEN_IP to the ip assigned to your wireguard interface
- You can listen on your router's public IP address with port 80 to obtain a cert, while keeping port 443 traffic local to your network.