Browse Source

update config

master
Dryusdan 4 months ago
parent
commit
ff84ece681
6 changed files with 81 additions and 244 deletions
  1. +17
    -39
      Dockerfile
  2. +0
    -82
      rootfs/PeerTube/config/production.yaml
  3. +0
    -47
      rootfs/etc/nginx/sites-enabled/peertube.conf
  4. +0
    -38
      rootfs/usr/local/bin/startup-alpine
  5. +0
    -38
      rootfs/usr/local/bin/startup-debian
  6. +64
    -0
      support/docker/production/docker-entrypoint.sh

+ 17
- 39
Dockerfile View File

@@ -1,29 +1,14 @@
FROM debian:bullseye-slim

ARG PEERTUBE_VER=v2.0.0
ARG NPM_RUN_BUILD_OPTS

ENV UID=991 \
GID=991 \
FORCE_CHOWN=false \
NODE_ENV=production \
NODE_CONFIG_DIR=/config

ENV UID=991 GID=991 \
HTTPS=false \
HOSTNAME=peertube.localhost \
PORT=80 \
DATABASE_HOST=localhost \
DATABASE_PORT=5432 \
DATABASE_USERNAME=peertube \
DATABASE_PASSWORD=peertube \
ADMIN_EMAIL=admin@domain.local \
SIGNUP_ENABLE=false \
TRANSCODING_ENABLE=false \
TRANSCODING_THREADS=2 \
BODY_SIZE=100M \
CACHE_SIZE=100 \
SIGNUP_LIMIT=10 \
VIDEO_QUOTA=-1 \
RESOLUTION_280=true \
RESOLUTION_360=true \
RESOLUTION_480=true \
RESOLUTION_720=true \
RESOLUTION_1080=true \
DEBIAN_FRONTEND=noninteractive

RUN groupadd -g 991 peertube && useradd -u 991 -g 991 --create-home peertube \
&& echo "deb http://ftp.debian.org/debian bullseye-backports main contrib non-free" >> /etc/apt/sources.list \
@@ -31,42 +16,35 @@ RUN groupadd -g 991 peertube && useradd -u 991 -g 991 --create-home peertube \
&& curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
&& echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list \
&& apt-get update \
&& apt-get -y --no-install-recommends install nodejs yarn curl gosu gnupg dirmngr ffmpeg openssl git build-essential nginx-light \
&& apt-get -y --no-install-recommends install nodejs yarn curl gnupg dirmngr ffmpeg openssl git build-essential \
&& apt-get clean \
&& echo "****** Clone Peertube ******" \
&& git clone --branch ${PEERTUBE_VER} https://github.com/Chocobozzz/PeerTube /PeerTube \
&& git clone --branch ${PEERTUBE_VER} https://github.com/Chocobozzz/PeerTube /app \
&& echo "****** chown ******" \
&& chown -R peertube:peertube PeerTube \
&& cd /PeerTube \
&& chown -R peertube:peertube /app \
&& cd /app \
&& echo "****** run npm install as user ******" \
&& su - peertube -c "cd /PeerTube && npm install" \
&& su - peertube -c "cd /app && npm run build -- $NPM_RUN_BUILD_OPTS && rm -r ./node_modules ./client/node_modules " \
&& echo "****** run yarn install as user ******" \
&& su - peertube -c "cd /PeerTube && yarn install" \
&& echo "****** run npm run build as user ******" \
&& su - peertube -c "cd /PeerTube && npm run build" \
&& su - peertube -c "cd /app && yarn install --pure-lockfile --production && yarn cache clean" \
&& apt-get remove --purge --yes build-essential curl git \
&& apt-get autoremove -y \
&& apt-get clean \
&& rm -rf /PeerTube/.git \
&& rm -rf /app/.git \
&& rm -rf /tmp/* /var/lib/apt/lists/* /var/cache/debconf/*-old \
&& rm -rf /usr/share/man/?? \
&& rm -rf /usr/share/man/??_* \
&& mkdir -p /{data,config} \
&& chown -R peertube:peertube /data /config

WORKDIR /PeerTube/

ENV NODE_ENV production
ENV NODE_CONFIG_DIR /config
WORKDIR /app/

VOLUME ["/data", "/config"]
VOLUME /config

EXPOSE 9000

COPY rootfs /
COPY ./support/docker/production/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh

RUN chmod +x /usr/local/bin/startup
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]

ENTRYPOINT ["/usr/local/bin/startup"]
CMD ["npm", "start"]

+ 0
- 82
rootfs/PeerTube/config/production.yaml View File

@@ -1,82 +0,0 @@
listen:
port: 9000

# Correspond to your reverse proxy "listen" configuration
webserver:
https: <https>
hostname: '<hostname>'
port: <port>

# Your database name will be "peertube"+database.suffix
database:
hostname: '<database_host>'
port: <database_port>
suffix: '_prod'
username: '<database_username>'
password: '<database_password>'

redis:
hostname: 'redis_hostname'
port: 'redis_port'
auth: null

smtp:
hostname: '<smtp_hostname>'
port: <smtp_port>
username: '<smtp_username>'
password: '<smtp_password>'
tls: <smtp_tls>
ca_file: null # Used for self signed certificates
from_address: '<from_address>'

# From the project root directory
storage:
avatars: 'avatars/'
certs: 'certs/'
videos: 'videos/'
logs: 'logs/'
previews: 'previews/'
thumbnails: 'thumbnails/'
torrents: 'torrents/'

log:
level: 'info' # debug/info/warning/error

cache:
previews:
size: <cache_size>

admin:
email: '<admin_email>'

signup:
enabled: <signup_enabled>
limit: <signup_limit> # When the limit is reached, registrations are disabled. -1 == unlimited

user:
# Default value of maximum video BYTES the user can upload (does not take into account transcoded files).
# -1 == unlimited
video_quota: <video_quota>

# If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag
# Uses a lot of CPU!
transcoding:
enabled: <transcoding_enable>
threads: <transcoding_threads>
resolutions: # Only created if the original video has a higher resolution
240p: <resolution_280>
360p: <resolution_360>
480p: <resolution_480>
720p: <resolution_720>
1080p: <resolution_1080>


instance:
name: '<instance_name>'
description: '' # Support markdown
terms: '' # Support markdown
default_client_route: '/videos/trending'
customizations:
javascript: '' # Directly your JavaScript code (without <script> tags). Will be eval at runtime
css: '' # Directly your CSS code (without <style> tags). Will be injected at runtime

+ 0
- 47
rootfs/etc/nginx/sites-enabled/peertube.conf View File

@@ -1,47 +0,0 @@
server {
listen 8080;

location / {
proxy_pass http://localhost:9000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

# For the video upload
client_max_body_size <body_size>;
}

# Bypass PeerTube webseed route for better performances
location /static/webseed {
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}

if ($request_method = 'GET') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}

alias /PeerTube/videos;
}

# Websocket tracker
location /tracker/socket {
# Peers send a message to the tracker every 15 minutes
# Don't close the websocket before this time
proxy_read_timeout 1200s;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://localhost:9000;
}
}

+ 0
- 38
rootfs/usr/local/bin/startup-alpine View File

@@ -1,38 +0,0 @@
#!/bin/sh

#groupadd -g ${GID} peertube && useradd -u ${UID} -M -g ${GID} peertube

usermod -u ${GID} peertube
groupmod -g ${UID} peertube

sed -i -e 's|<https>|'${HTTPS}'|' \
-e 's|<hostname>|'${HOSTNAME}'|' \
-e 's|<port>|'${PORT}'|' \
-e 's|<database_host>|'${DATABASE_HOST}'|' \
-e 's|<database_port>|'${DATABASE_PORT}'|' \
-e 's|<database_username>|'${DATABASE_USERNAME}'|' \
-e 's|<database_password>|'${DATABASE_PASSWORD}'|' \
-e 's|<admin_email>|'${ADMIN_EMAIL}'|' \
-e 's|<signup_enabled>|'${SIGNUP_ENABLE}'|' \
-e 's|<transcoding_enable>|'${TRANSCODING_ENABLE}'|' \
-e 's|<transcoding_threads>|'${TRANSCODING_THREADS}'|' \
-e 's|<cache_size>|'${CACHE_SIZE}'|' \
-e 's|<signup_limit>|'${SIGNUP_LIMIT}'|' \
-e 's|<video_quota>|'${VIDEO_QUOTA}'|' \
-e 's|<resolution_280>|'${RESOLUTION_280}'|' \
-e 's|<resolution_360>|'${RESOLUTION_360}'|' \
-e 's|<resolution_480>|'${RESOLUTION_480}'|' \
-e 's|<resolution_720>|'${RESOLUTION_720}'|' \
-e 's|<resolution_1080>|'${RESOLUTION_1080}'|' /PeerTube/config/production.yaml

sed -i -e 's|<body_size>|'${BODY_SIZE}'|' /etc/nginx/sites-enabled/peertube.conf

chown -R $UID:$GID /home/peertube
chown -R $UID:$GID /PeerTube

nginx
if [ $# -eq 0 ]; then
exec su-exec peertube:peertube NODE_ENV=production npm start
else
exec su-exec peertube:peertube NODE_ENV=production npm $#
fi

+ 0
- 38
rootfs/usr/local/bin/startup-debian View File

@@ -1,38 +0,0 @@
#!/bin/sh

#groupadd -g ${GID} peertube && useradd -u ${UID} -M -g ${GID} peertube

usermod -u ${GID} peertube
groupmod -g ${UID} peertube

sed -i -e 's|<https>|'${HTTPS}'|' \
-e 's|<hostname>|'${HOSTNAME}'|' \
-e 's|<port>|'${PORT}'|' \
-e 's|<database_host>|'${DATABASE_HOST}'|' \
-e 's|<database_port>|'${DATABASE_PORT}'|' \
-e 's|<database_username>|'${DATABASE_USERNAME}'|' \
-e 's|<database_password>|'${DATABASE_PASSWORD}'|' \
-e 's|<admin_email>|'${ADMIN_EMAIL}'|' \
-e 's|<signup_enabled>|'${SIGNUP_ENABLE}'|' \
-e 's|<transcoding_enable>|'${TRANSCODING_ENABLE}'|' \
-e 's|<transcoding_threads>|'${TRANSCODING_THREADS}'|' \
-e 's|<cache_size>|'${CACHE_SIZE}'|' \
-e 's|<signup_limit>|'${SIGNUP_LIMIT}'|' \
-e 's|<video_quota>|'${VIDEO_QUOTA}'|' \
-e 's|<resolution_280>|'${RESOLUTION_280}'|' \
-e 's|<resolution_360>|'${RESOLUTION_360}'|' \
-e 's|<resolution_480>|'${RESOLUTION_480}'|' \
-e 's|<resolution_720>|'${RESOLUTION_720}'|' \
-e 's|<resolution_1080>|'${RESOLUTION_1080}'|' /PeerTube/config/production.yaml

sed -i -e 's|<body_size>|'${BODY_SIZE}'|' /etc/nginx/sites-enabled/peertube.conf

chown -R $UID:$GID /home/peertube
chown -R $UID:$GID /PeerTube

nginx
if [ $# -eq 0 ]; then
su - peertube -c "cd /PeerTube && NODE_ENV=production npm start"
else
su - peertube -c "cd /PeerTube && NODE_ENV=production npm $#"
fi

+ 64
- 0
support/docker/production/docker-entrypoint.sh View File

@@ -0,0 +1,64 @@
#!/bin/bash
## author : Dryusdan
## date : 16/11/2019
## description : Start Peertube
## usage : ./docker-entrypoint.sh

## Bash strict mode ####################################
set -o errexit # abort on nonzero exitstatus
set -o nounset # abort on unbound variable
set -o pipefail # don't hide errors within pipes

## Bash color ##########################################
# Set colors
RED='\033[0;31m'
GREEN='\033[00;32m'
YELLOW='\033[00;33m'
BLUE='\033[00;34m'
PURPLE='\033[00;35m'
CYAN='\033[00;36m'
LIGHTGRAY='\033[00;37m'
LRED='\033[01;31m'
LGREEN='\033[01;32m'
LYELLOW='\033[01;33m'
LBLUE='\033[01;34m'
LPURPLE='\033[01;35m'
LCYAN='\033[01;36m'
WHITE='\033[01;37m'
NC='\033[0m' # No Color

## Logs ################################################
readonly SCRIPTNAME="$(basename "$0")"
info() { echo -e "${LBLUE}[INFO] $* ${NC}" | logger --tag "${SCRIPTNAME}" --stderr ; }
warning() { echo -e "${YELLOW}[WARNING] $* ${NC}" | logger --tag "${SCRIPTNAME}" --stderr ; }
error() { echo -e "${LRED}[ERROR] $* ${NC}" | logger --tag "${SCRIPTNAME}" --stderr ; }
fatal() { echo -e "${RED}[FATAL] $* ${NC}" | logger --tag "${SCRIPTNAME}" --stderr ; exit 1 ; }
########################################################

usermod -u ${GID} peertube
groupmod -g ${UID} peertube

info "Populate config directory"
if [ -z "$(ls -A /config)" ]; then
cp /app/support/docker/production/config/* /config
fi

# Always copy default and custom env configuration file, in cases where new keys were added
cp /app/config/default.yaml /config
cp /app/support/docker/production/config/custom-environment-variables.yaml /config
find /config ! -user peertube -exec chown peertube:peertube {} \;

# first arg is `-f` or `--some-option`
# or first arg is `something.conf`
if [ "${1#-}" != "${1}" ] || [ "${1%.conf}" != "${1}" ]; then
set -- npm "${@}"
fi

if [ ${FORCE_CHOWN} ]; then
warning "Force chown is set to true. This may take a time"
find /data ! -user peertube -exec chown peertube:peertube {} \;
fi

info "PeerTube Launch"
exec su - peertube -c "cd /app && npm start"


Loading…
Cancel
Save