How to install Ampache Music Streaming Server on Fedora 33

How to install Ampache Music Streaming Server on Fedora 33

Ampache is a web-based open source personal audio streaming application written in PHP. It allows you to host and manage your digital music collection on the server and stream it to a computer, smartphone, tablet or smart TV.You can use various Android with IOS App to stream your music from Ampache music server to your personal device.

This tutorial will show you how to install the Ampache application on a Fedora 33-based server and how to upload music to it for streaming.


  • A server running Fedora 33.

  • Non-root user sudo user.

  • Make sure everything has been updated.

    $ sudo dnf upgrade
  • The system requires few software packages.

    $ sudo dnf install wget curl nano zip -y
  • Disable SELinux.

    $ sudo setenforce 0

Configure firewall

The first step is to configure the firewall. Firewalld is pre-installed on Fedora server.

Check if the firewall is running.

$ sudo firewall-cmd --state

You should get the following output.


Set the default zone of the firewall to public.

$ sudo firewall-cmd --set-default-zone=public

Check the currently allowed services/ports.

$ sudo firewall-cmd --zone=public --permanent --list-services

It should display the following output.

dhcpv6-client mdns ssh

Allow HTTP and HTTPS ports.

$ sudo firewall-cmd --zone=public --permanent --add-service=http
$ sudo firewall-cmd --zone=public --permanent --add-service=https

Check the status of the firewall again.

$ sudo firewall-cmd --zone=public --permanent --list-services

You should see similar output.

dhcpv6-client http https mdns ssh

Reload the firewall.

$ sudo systemctl reload firewalld

Install Git

Before continuing, we need to install Git.

$ sudo dnf install git

Next, configure Git with your personal details.

$ git config --global "Your Name"
$ git config --global "[email protected]"

Install MariaDB

MariaDB is a direct replacement for MySQL, which means that the commands for running and operating MariaDB are the same as those for MySQL.

Fedora 33 comes with MariaDB 10.4 bur by default, because MariaDB 10.5 is the latest stable version, we will use the official MariaDB repository for this.

Create a file /etc/yum.repos.d/MariaDB.repo And open it for editing.

$ sudo nano /etc/yum.repos.d/MariaDB.repo

Paste the following code into it.

# MariaDB 10.5 Fedora repository list
name = MariaDB
baseurl =

Save and close the file by pressing Ctrl + X Then enter ÿ When prompted.

To install MariaDB, issue the following command.

$ sudo dnf install MariaDB-server -y

Please make sure you enter MariaDB-server In the above command instead of mariadb-server Because the former will install it from the official repository, while the latter command will install the old version from Fedora’s repository.

Check if MariaDB is installed correctly.

$ mysql --version

You should see the following output.

mysql  Ver 15.1 Distrib 10.5.9-MariaDB, for Linux (x86_64) using  EditLine wrapper

Enable and start MariaDB service.

$ sudo systemctl enable mariadb
$ sudo systemctl start mariadb

Run the following commands to perform the default configuration, such as providing root password, deleting anonymous users, prohibiting remote root login, and deleting test tables.

$ sudo mysql_secure_installation

With MariaDB 10.4, you will now be asked whether to use the root password or unix_socket insert. The plugin allows you to log in to MariaDB using Linux user credentials. Although you will need a traditional username/password to use third-party applications like phpMyAdmin, it is considered more secure. In this tutorial, we will stick with plugins. You can still use phpMyAdmin with a specific user created for the database.

Press Enter to select the default option (the uppercase one, in this case Y).


In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none): [PRESS ENTER]
OK, successfully used password, moving on...

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.

You already have your root account protected, so you can safely answer 'n'.

Switch to unix_socket authentication [Y/n] [PRESS ENTER]
Enabled successfully!
Reloading privilege tables..
 ... Success!

You already have your root account protected, so you can safely answer 'n'.

Change the root password? [Y/n] [ANSWER n]
... skipping.

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] [PRESS ENTER]
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] [PRESS ENTER]
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] [PRESS ENTER]
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] [PRESS ENTER]
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

That’s it.Next time you want to log in to MySQL, use the following command

$ sudo mysql

Enter your root password when prompted.

Configure MariaDB for Ampache

Now, we need to set up a database for use in the Ampache application. To do this, log in to the MySQL prompt.

$ sudo mysql

When prompted, enter the following command, which will create a file named Ampache And a database user named ampuser And grant it access to the database.

mysql> CREATE DATABASE ampache;
mysql> CREATE USER 'ampuser'@'localhost' IDENTIFIED BY 'yourpassword';
mysql> GRANT ALL PRIVILEGES ON ampache.* TO 'ampuser'@'localhost';
mysql> exit

Install PHP

Fedora 33 comes with PHP 7.4 by default, but to have an updated PHP repository, we will add the REMI repository.

Install the REMI repository, which is the official Fedora repository for installing PHP packages.

$ sudo dnf -y install

Install PHP 7.4 as a module.

$ sudo dnf module install php:remi-7.4

Check if PHP is working properly.

$ php --version

You should see similar output.

PHP 7.4.16 (cli) (built: Mar  2 2021 10:35:17) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies

Install PHP extension

Ampache requires several PHP extensions. Use the following command to install.

sudo dnf install php-curl php-gd php-intl php-mysql

Configure PHP-FPM

Open file /etc/php-fpm.d/www.conf.

$ sudo nano /etc/php-fpm.d/www.conf

We need to set the Unix user/PHP process group to Nginx.Find out user=apache with group=apache And change the line in the file to nginx.

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
;       will be used.
; RPM: apache user chosen to provide access to the same directories as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx

Save the file by pressing Ctrl + X Then enter ÿ When prompted.

Next, we need to /etc/php.ini file. Open the file for editing.

$ sudo nano /etc/php.ini

Change the following lines

. . .
post_max_size = 8M
. . .
upload_max_filesize = 2M


. . .
post_max_size = 110M
. . .
upload_max_filesize = 100M
. . .

Now you can upload files up to 100MB. You can change the value to any value you like.Just be sure post_max_size more than the upload_max_filesize Changing.

Save the file by pressing Ctrl + X Then enter ÿ When prompted.

Restart the PHP-fpm process.

$ sudo systemctl restart php-fpm

Install Nginx

Fedora 33 comes with the latest stable version of Nginx by default. (1.18.0).

Install Nginx.

$ sudo dnf install nginx -y

Check if it is working properly.

$ nginx -v

Depending on the version of Nginx you chose to install, you should see the following output.

nginx version: nginx/1.18.0

Start and enable Nginx.

$ sudo systemctl start nginx
$ sudo systemctl enable nginx

Open the server’s IP address in a browser to view the next page. This means that Nginx is working properly.

Configure Nginx

Set the directory where the server block will reside.

$ sudo mkdir /etc/nginx/sites-available
$ sudo mkdir /etc/nginx/sites-enabled

turn on /etc/nginx/nginx.conf The file is edited.

$ sudo nano /etc/nginx/nginx.conf	

Paste the following lines after this line include /etc/nginx/conf.d/*.conf

include /etc/nginx/sites-enabled/*.conf;
server_names_hash_bucket_size 64;

press Ctrl + X Close the editor and press ÿ When prompted to save the file.

Run the following command to add Ampache configuration file.

$ sudo nano /etc/nginx/sites-available/ampache.conf

Paste the following code into the editor.

server {

    # listen to
    listen  [::]:80;
    listen       80;

    charset utf-8;

    # Logging, error_log mode [notice] is necessary for rewrite_log on,
    # (very usefull if rewrite rules do not work as expected)

    error_log       /var/log/nginx/ampache.error.log; # notice;
    access_log      /var/log/nginx/ampache.access.log;
    # rewrite_log     on;

    # Use secure headers to avoid XSS and many other things
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header Referrer-Policy "no-referrer";
    add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self'; object-src 'self'";

    # Avoid information leak
    server_tokens off;
    fastcgi_hide_header X-Powered-By;

    root /var/www/html/ampache;
    index index.php;
    client_max_body_size 100m;

    # Somebody said this helps, in my setup it doesn't prevent temporary saving in files
    proxy_max_temp_file_size 0;

    # Rewrite rule for Subsonic backend
    if ( !-d $request_filename ) {
        rewrite ^/rest/(.*).view$ /rest/index.php?action=$1 last;
        rewrite ^/rest/fake/(.+)$ /play/$1 last;

    # Rewrite rule for Channels
    if (!-d $request_filename){
      rewrite ^/channel/([0-9]+)/(.*)$ /channel/index.php?channel=$1&target=$2 last;

    # Beautiful URL Rewriting
    rewrite ^/play/ssid/(w+)/type/(w+)/oid/([0-9]+)/uid/([0-9]+)/name/(.*)$ /play/index.php?ssid=$1&type=$2&oid=$3&uid=$4&name=$5 last;
    rewrite ^/play/ssid/(w+)/type/(w+)/oid/([0-9]+)/uid/([0-9]+)/client/(.*)/name/(.*)$ /play/index.php?ssid=$1&type=$2&oid=$3&uid=$4&client=$5&name=$6 last;
    rewrite ^/play/ssid/(w+)/type/(w+)/oid/([0-9]+)/uid/([0-9]+)/client/(.*)/player/(.*)/name/(.*)$ /play/index.php?ssid=$1&type=$2&oid=$3&uid=$4&client=$5&player=$6&name=$7 last;
    rewrite ^/play/ssid/(w+)/type/(w+)/oid/([0-9]+)/uid/([0-9]+)/client/(.*)/bitrate/([0-9]+)/player/(.*)/name/(.*)$ /play/index.php?ssid=$1&type=$2&oid=$3&uid=$4&client=$5&bitrate=$6player=$7&name=$8 last;
    rewrite ^/play/ssid/(w+)/type/(w+)/oid/([0-9]+)/uid/([0-9]+)/client/(.*)/transcode_to/(w+)/bitrate/([0-9]+)/player/(.*)/name/(.*)$ /play/index.php?ssid=$1&type=$2&oid=$3&uid=$4&client=$5&transcode_to=$6&bitrate=$7&player=$8&name=$9 last;
    rewrite ^/play/ssid/(w+)/type/(w+)/oid/([0-9]+)/uid/([0-9]+)/client/(.*)/noscrobble/([0-1])/name/(.*)$ /play/index.php?ssid=$1&type=$2&oid=$3&uid=$4&client=$5&noscrobble=$6&name=$7 last;
    rewrite ^/play/ssid/(w+)/type/(w+)/oid/([0-9]+)/uid/([0-9]+)/client/(.*)/noscrobble/([0-1])/player/(.*)/name/(.*)$ /play/index.php?ssid=$1&type=$2&oid=$3&uid=$4&client=$5&noscrobble=$6&player=$7&name=$8 last;
    rewrite ^/play/ssid/(w+)/type/(w+)/oid/([0-9]+)/uid/([0-9]+)/client/(.*)/noscrobble/([0-1])/bitrate/([0-9]+)/player/(.*)/name/(.*)$ /play/index.php?ssid=$1&type=$2&oid=$3&uid=$4&client=$5&noscrobble=$6&bitrate=$7player=$8&name=$9 last;
    rewrite ^/play/ssid/(w+)/type/(w+)/oid/([0-9]+)/uid/([0-9]+)/client/(.*)/noscrobble/([0-1])/transcode_to/(w+)/bitrate/([0-9]+)/player/(.*)/name/(.*)$ /play/index.php?ssid=$1&type=$2&oid=$3&uid=$4&client=$5&noscrobble=$6&transcode_to=$7&bitrate=$8&player=$9&name=$10 last;

    # the following line was needed for me to get downloads of single songs to work
    rewrite ^/play/ssid/(.*)/type/(.*)/oid/([0-9]+)/uid/([0-9]+)/action/(.*)/name/(.*)$ /play/index.php?ssid=$1&type=$2&oid=$3&uid=$4action=$5&name=$6 last;
    location /play {
        if (!-e $request_filename) {
			rewrite ^/play/art/([^/]+)/([^/]+)/([0-9]+)/thumb([0-9]*).([a-z]+)$ /image.php?object_type=$2&object_id=$3&auth=$1 last;

		rewrite ^/([^/]+)/([^/]+)(/.*)?$ /play/$3?$1=$2;
		rewrite ^/(/[^/]+|[^/]+/|/?)$ /play/index.php last;

   location /rest {
      limit_except GET POST {
         deny all;

   location ^~ /bin/ {
      deny all;
      return 403;

   location ^~ /config/ {
      deny all;
      return 403;

   location / {
      limit_except GET POST HEAD{
         deny all;

   location ~ ^/.*.php {
        fastcgi_index index.php;

        # sets the timeout for requests in [s] , 60s are normally enough
        fastcgi_read_timeout 600s;

        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

        # Mitigate HTTPOXY
        fastcgi_param HTTP_PROXY "";

        # has to be set to on if encryption (https) is used:
        fastcgi_param HTTPS on;

        fastcgi_split_path_info ^(.+?.php)(/.*)$;

        # chose as your php-fpm is configured to listen on
        fastcgi_pass unix:/run/php-fpm/www.sock;

   # Rewrite rule for WebSocket
   location /ws {
        rewrite ^/ws/(.*) /$1 break;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;

The file assumes that we install Ampache into the domain And in the directory /var/www/html/ Ctrl + X Close the editor and press ÿ When prompted to save the file.

By linking it to sites-enabled table of Contents.

$ sudo ln -s /etc/nginx/sites-available/ampache.conf /etc/nginx/sites-enabled/

Test the Nginx configuration.

$ sudo nginx -t

You should see the following output, indicating that your configuration is correct.

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Reload the Nginx service.

$ sudo systemctl reload nginx

Use “Let’s Encrypt” to set up HTTPS

To use “Let’s Encrypt”, we need to install Certbot package.

Install Certbot.

$ sudo dnf install certbot certbot-nginx -y

Install the certificate.

$ sudo certbot --nginx -d

If this is your first time using the tools on this server, you need to agree to the terms and enter your email address.Say Do not When asked if you want to share your email with the EFF Foundation.

If it succeeds certbot You will be asked how to configure HTTPS settings.

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
Select the appropriate number [1-2] then [enter] (press 'c' to cancel):

Choose 2, then click ENTER. Your certificate is now installed and activated.

Run the following command to set up automatic renewal.

$ echo "0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew" | sudo tee -a /etc/crontab > /dev/null

Install Ampache

Create an empty document root folder for Ampache.

$ sudo mkdir -p /var/www/html/ampache

This -p Parameter to ensure parent directory var with www If it does not exist, it will be created automatically.

Next, download the ZIP archive of the latest version of Ampache. You can find its link in its latest version. Github release page. At the time of writing this tutorial, 4.4.1 is the latest version, so we will download that version.

$ wget

Next, unzip the ZIP file into the directory we created earlier.

$ sudo unzip -d /var/www/html/ampache/

Next, in /var/www/html/ampache The directory of the Nginx web server.

$ sudo chown --recursive  nginx:nginx /var/www/html/ampache/

Create another directory to store your music. There is no need for sudo, because we created it in our own user directory.

$ sudo mkdir -p /data/Music

Change ownership /home/user/music to nginx This way the server can read and write in the directory where you will store the music.

$ sudo chown -R nginx:nginx /data/Music

To complete the setup of Ampache, please install FFmpeg, a utility that converts audio and video files from one format to another. Ampache uses FFmpeg to convert the running audio file from the upload format into a format that can be played by the monitoring device in real time.

Fedora does not come with FFmpeg by default, so we need to add the RPMFusion repository first.

$ sudo dnf install$(rpm -E %fedora).noarch.rpm$(rpm -E %fedora).noarch.rpm

Next, install FFmpeg.

$ sudo dnf install ffmpeg

Use Ampache installer

Your Ampache website is ready to use and can be accessed via in your browser. When you open it for the first time, Ampache’s web installer greets you.

Ampache installer home page

Choose your language and continue to the next page, if your server meets Ampache’s requirements, this page will be displayed.

Ampache installer requirements

If you followed this tutorial correctly, you should be able to move on to the next page and ask you to fill in the database details. Since we have already created the database, we can uncheck the checkbox. The same is true for database users. Fill in the database name, user and password we created, and then go to the next page.

Ampache database settings

Next, the configuration options for Ampache will be displayed. Most of the information is pre-filled and does not require any modification.

Ampache installer configuration

For some reasons, the Ampache Web installer cannot detect the installed FFmpeg binaries on Fedora. We will enable it later by manually editing the configuration file.

Next, fill in the details of the Ampache administrator account.

Ampache administrator account settings

Now you will be redirected to Ampache’s login page.

Ampache login

Fill in your user details and you can now access the Ampache player.

Ampach House

Before we start using it, we need to enable FFmpeg for transcoding.To do this, you need to open /var/www/html/ampache/config/ampache.cfg.php The file is edited.

$ sudo nano /var/www/html/ampache/config/ampache.cfg.php

Replace the following lines

;transcode_cmd = "ffmpeg"

Replace it with the following line by deleting the preceding ampersand.

transcode_cmd = "ffmpeg"

press Ctrl + X Close the editor and press ÿ When prompted to save the file. You can make more changes through this file. Your Ampache installation is ready, but to make it work, we need to add some music first.

Add music

To add music to Ampache, we need to create a directory in the player and then upload the file from the web interface.

First, use Add directory Options on the home page.

Ampache add directory

select Local As the type of directory and fill in the path /home/user/music.If you want to import a playlist, you can choose Build a playlist from a playlist file.Name your directory and click Add directory carry on.

After creating the directory, we need to enable this option to upload music files.To do this, click the fourth navigation button on the upper left toolbar to access administrative Set up.

Ampache administrator button

Scroll down to server configuration Section and click system.

Ampache server configuration section

Find out Allow users to upload Line and select on From the drop-down menu. You can also select the types of users who are allowed to add files. In our case, Catalog manager He also happens to be an administrator.

You also need to set the destination for users to upload can use it Target directory line. Select the directory we just created from the drop-down menu.

Ampache upload settings

Click on Update preferences after finishing. You can now add music to your Ampache installation.To do this, click Headphone icon In the navigation menu at the top left.

Ampache toolbar

then click upload Link in the music section.

Ampaki Music Course

in upload On the page, browse and select your music files from your local PC, and then upload them. If you leave the “artist” and “album” fields blank, Ampache will automatically try to use the ID3 tag in the file itself for identification.

Ampache upload page

When you are done, you can now find the file on any part of the left pane, and you can now stream music.

in conclusion

This concludes our tutorial on how to install and use the Ampache Music streaming server supported by Fedora 33. If you have any questions or feedback, please post in the comments below.

Related Posts