Sapsan configuration¶
All of Sapsan's configuration lives in a single YAML file, sapsan.yaml. This page describes its sections and reload rules.
File structure¶
listeners: # ports the server listens on
http:
- port: 80
rtsp:
- port: 554
rtmp:
- port: 1935
webrtc:
- port: 5005
streams: # named streams
cam1:
inputs:
- rtsp:
url: rtsp://admin:password@10.0.0.5/stream0
dvr: {}
dvr: # shared archive storage
root: /storage
disks:
- path: d1
auth: {} # playback and publish authorization
config_external: {} # external configuration management
rproxy: {} # Peeklio gateway
api_auth: # Admin API login/password
login: admin
password: secret
| Section | What it configures | Details |
|---|---|---|
listeners |
HTTP, RTSP, RTMP, and WebRTC server ports | this page |
streams |
streams: sources, transcoder, DVR, pushes, screenshots | ingest |
dvr |
on-disk archive storage | DVR recording |
auth |
tokens and auth backends | authorization |
config_external |
fetching configuration from an external server | external configuration |
rproxy |
Peeklio gateway for agents | Peeklio gateway |
api_auth |
Admin API access | Admin API |
Validation¶
Sapsan validates the configuration on load and refuses to start with an invalid one:
- unknown fields are an error (protects against typos);
- every stream input must contain exactly one protocol;
- ports cannot be reused across listeners and streams;
- if a stream has
dvrenabled, the globaldvrsection must exist.
Hot reload¶
On SIGHUP Sapsan re-reads sapsan.yaml and applies changes without restarting the process:
- streams, authorization, and DVR are reconfigured in place;
- listeners are rebound only when a port changes;
- the rproxy gateway keeps agent connections across reloads (but changing
streampoint_key/endpoint_auth_urlrequires a process restart).
kill -HUP $(pidof sapsan)