⚠️ AI-Generated Code Warning: This project contains code generated with the assistance of AI tools (GitHub Copilot). While thoroughly tested, this software is provided as-is and may not be suitable for production environments without proper review, testing, and validation by qualified developers. Use at your own risk.
A Rust-based ONVIF Media Transcoder that converts media streams (RTSP, HTTP, etc.) into ONVIF-compatible RTSP streams. It includes a built-in WS-Discovery server for device discovery.
- Input Stream Support: Re-mux MediaMTX-compatible input (HLS, MP4, RTSP, HTTP streams)
- ONVIF Compliance: ONVIF Profile S compatibility with standard endpoints
- Network Discovery: WS-Discovery implementation for device detection
- Authentication: HTTP Basic, HTTP Digest, and WS-Security support
- Stream Re-muxing: Direct stream re-muxing without re-encoding, minimal latency
git clone https://github.com/W4ff1e/onvif-media-transcoder.git
cd onvif-media-transcoder
./scripts/quick-start.sh run# Run with default demo stream
docker run --rm --network host w4ff1e/onvif-media-transcoder:latest
# Run with custom stream and credentials
docker run --rm --network host \
-e INPUT_URL="https://your-stream.m3u8" \
-e DEVICE_NAME="My-Custom-Camera" \
-e ONVIF_USERNAME="myuser" \
-e ONVIF_PASSWORD="mypassword" \
w4ff1e/onvif-media-transcoder:latestlatest: Latest stable releaseunstable: Latest commit to main branchv0.x.x: Specific version releases
| Variable | Default | Description |
|---|---|---|
INPUT_URL |
Demo HLS stream | Source video stream URL |
RTSP_OUTPUT_PORT |
8554 |
RTSP server port |
RTSP_PATH |
/stream |
RTSP stream path |
ONVIF_PORT |
8080 |
ONVIF web service port |
DEVICE_NAME |
ONVIF-Media-Transcoder |
Camera device name |
ONVIF_USERNAME |
admin |
ONVIF authentication username |
ONVIF_PASSWORD |
onvif-rust |
ONVIF authentication password |
WS_DISCOVERY_ENABLED |
true |
Enable WS-Discovery service |
DEBUGLOGGING |
false |
Enable debug logging |
Note: --network host is recommended for WS-Discovery to work across network boundaries.
The service consists of three components:
- ONVIF Service (Rust): SOAP web service for device management.
- WS-Discovery Service (Rust): Multicast discovery service.
- MediaMTX: RTSP server for stream re-muxing.
┌─────────────────┐ ┌─────────────────┐
│ Input Stream │──▶│ MediaMTX │
│ (HLS/MP4/etc) │ │ Re-mux & RTSP │
└─────────────────┘ └────────┬────────┘
│
▼
┌─────────────────┐ ┌─────────────────┐
│ ONVIF Clients │◀──│ ONVIF Service │
│ │ │ (Port 8080) │
└────────┬────────┘ └────────┬────────┘
│ │
▼ ▲
┌─────────────────┐ ┌─────────────────┐
│ WS-Discovery │──▶│ Device │
│ (Port 3702) │ │ Discovery │
└─────────────────┘ └─────────────────┘
Device Service (/onvif/device_service):
GetCapabilities,GetDeviceInformation
Media Service (/onvif/media_service):
GetProfiles,GetStreamUri,GetVideoSources,GetServiceCapabilities
⚠️ Warning: The authentication implementation is custom-built. It is strongly recommended to restrict access at the network level.
- Methods: HTTP Basic, HTTP Digest, WS-Security (PasswordDigest/PasswordText)
- Default:
admin/onvif-rust
- Protocol: WS-Discovery (UDP 3702)
- Multicast:
239.255.255.250:3702
# Test device discovery
curl -X POST http://localhost:8080/onvif/device_service \
-H "Content-Type: application/soap+xml" \
-d '<?xml version="1.0"?><soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope"><soap:Body><GetCapabilities/></soap:Body></soap:Envelope>'
# Test RTSP stream
ffprobe rtsp://localhost:8554/stream- WS-Discovery: Use
--network host. Ensure UDP 3702 is open. - Connection: Check ports 8080/8554. Verify credentials.
- Logs: Check container logs for details.
- Docker
- Rust 1.70+ (for local dev)
# Build with Docker
docker build -t onvif-media-transcoder .
# Build locally
cargo build --releaseProject structure:
├── src/ # Rust source code
│ ├── lib.rs # Library root
│ ├── main.rs # Application entry point
│ ├── config.rs # Configuration management
│ ├── ws_discovery.rs # WS-Discovery implementation
│ └── onvif/ # ONVIF logic
│ ├── mod.rs # Request handling
│ ├── endpoints.rs # Constants
│ └── responses.rs # SOAP templates
├── examples/ # Example configurations
├── scripts/ # Utility scripts
├── docs/ # Documentation
├── Dockerfile # Multi-stage build
├── entrypoint.sh # Service orchestration
└── mediamtx.yml # MediaMTX configuration
Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like to change.
Code Guidelines:
- This project uses AI-assisted development with GitHub Copilot
- All contributions should be reviewed and tested before merging
- Ensure proper error handling and documentation
- Follow existing code patterns and style
- Add tests and update documentation as needed
Please make sure to update tests as appropriate and follow the existing code style.
Security is an important consideration for ONVIF Media Transcoder, especially given its network-exposed services and authentication mechanisms.
- Default Credentials: Change the default
admin/onvif-rustcredentials in production - Network Exposure: Multiple services (ONVIF, RTSP, WS-Discovery) are exposed by default
- Authentication: Supports multiple methods including WS-Security
- Container Security: Regular vulnerability scanning and security updates
Please report security vulnerabilities responsibly:
For detailed security information, deployment best practices, and vulnerability reporting procedures, see the Security Policy.
This project is licensed under the MIT License - see the LICENSE file for details.
Disclaimer: This software is provided "AS IS" without warranty of any kind. The use of AI-generated code components requires additional validation and testing before deployment in production environments.
- @W4ff1e - Initial work and maintenance
- GitHub Copilot - Pair programming and code assistance
Made with 💛 by Waffle in collaboration with GitHub Copilot