]>
Commit | Line | Data |
---|---|---|
63bfad7e C |
1 | # Production guide |
2 | ||
4df6a1b8 C |
3 | * [Installation](#installation) |
4 | * [Upgrade](#upgrade) | |
5 | ||
63bfad7e C |
6 | ## Installation |
7 | ||
8 | ### Dependencies | |
9 | ||
10 | Follow the steps of the [dependencies guide](dependencies.md). | |
11 | ||
12 | ### PeerTube user | |
13 | ||
59c48d49 | 14 | Create a `peertube` user with `/var/www/peertube` home: |
63bfad7e | 15 | |
afe81767 | 16 | ``` |
59c48d49 | 17 | $ sudo useradd -m -d /var/www/peertube -s /bin/bash -p peertube peertube |
e5203ffa TC |
18 | ``` |
19 | ||
20 | Set its password: | |
21 | ``` | |
d2000ca6 | 22 | $ sudo passwd peertube |
63bfad7e C |
23 | ``` |
24 | ||
25 | ### Database | |
26 | ||
e5203ffa | 27 | Create the production database and a peertube user inside PostgreSQL: |
63bfad7e | 28 | |
afe81767 | 29 | ``` |
d2000ca6 C |
30 | $ sudo -u postgres createuser -P peertube |
31 | $ sudo -u postgres createdb -O peertube peertube_prod | |
63bfad7e C |
32 | ``` |
33 | ||
d2000ca6 | 34 | ### Prepare PeerTube directory |
63bfad7e | 35 | |
e5203ffa TC |
36 | Fetch the latest tagged version of Peertube |
37 | ``` | |
38 | $ VERSION=$(curl -s https://api.github.com/repos/chocobozzz/peertube/releases/latest | grep tag_name | cut -d '"' -f 4) && echo "Latest Peertube version is $VERSION" | |
39 | ``` | |
59c48d49 | 40 | |
e5203ffa TC |
41 | Open the peertube directory, create a few required directories |
42 | ``` | |
15dbc134 | 43 | $ cd /var/www/peertube && sudo -u peertube mkdir config storage versions && cd versions |
e5203ffa | 44 | ``` |
59c48d49 | 45 | |
e5203ffa | 46 | Download the latest version of the Peertube client, unzip it and remove the zip |
afe81767 | 47 | ``` |
15dbc134 TC |
48 | $ sudo -u peertube wget -q "https://github.com/Chocobozzz/PeerTube/releases/download/${VERSION}/peertube-${VERSION}.zip" |
49 | $ sudo -u peertube unzip peertube-${VERSION}.zip && sudo -u peertube rm peertube-${VERSION}.zip | |
e5203ffa | 50 | ``` |
59c48d49 | 51 | |
e5203ffa TC |
52 | Install Peertube |
53 | ``` | |
15dbc134 TC |
54 | $ cd ../ && sudo -u peertube ln -s versions/peertube-${VERSION} ./peertube-latest |
55 | $ cd ./peertube-latest && sudo -u peertube yarn install --production --pure-lockfile | |
63bfad7e C |
56 | ``` |
57 | ||
58 | ### PeerTube configuration | |
59 | ||
60 | Copy example configuration: | |
61 | ||
afe81767 | 62 | ``` |
59c48d49 | 63 | $ cd /var/www/peertube && sudo -u peertube cp peertube-latest/config/production.yaml.example config/production.yaml |
63bfad7e C |
64 | ``` |
65 | ||
66 | Then edit the `config/production.yaml` file according to your webserver | |
d2000ca6 | 67 | configuration. |
63bfad7e C |
68 | |
69 | ### Webserver | |
70 | ||
71 | Copy the nginx configuration template: | |
72 | ||
afe81767 | 73 | ``` |
59c48d49 | 74 | $ sudo cp /var/www/peertube/peertube-latest/support/nginx/peertube /etc/nginx/sites-available/peertube |
63bfad7e C |
75 | ``` |
76 | ||
5668bf2e C |
77 | Then modify the webserver configuration file. Please pay attention to the `alias` keys of the static locations. |
78 | It should correspond to the paths of your storage directories (set in the configuration file inside the `storage` key). | |
63bfad7e | 79 | |
afe81767 | 80 | ``` |
63bfad7e C |
81 | $ sudo vim /etc/nginx/sites-available/peertube |
82 | ``` | |
83 | ||
84 | If you want to set https with Let's Encrypt please follow the steps of [this guide](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04). | |
85 | ||
86 | An example of the nginx configuration could be: | |
87 | ||
88 | ``` | |
89 | server { | |
90 | listen 80; | |
91 | listen [::]:80; | |
92 | server_name peertube.example.com; | |
93 | ||
94 | access_log /var/log/nginx/peertube.example.com.access.log; | |
95 | error_log /var/log/nginx/peertube.example.com.error.log; | |
96 | ||
97 | rewrite ^ https://$server_name$request_uri? permanent; | |
98 | } | |
99 | ||
100 | server { | |
101 | listen 443 ssl http2; | |
102 | listen [::]:443 ssl http2; | |
103 | server_name peertube.example.com; | |
104 | ||
105 | # For example with Let's Encrypt | |
106 | ssl_certificate /etc/letsencrypt/live/peertube.example.com/fullchain.pem; | |
107 | ssl_certificate_key /etc/letsencrypt/live/peertube.example.com/privkey.pem; | |
108 | ssl_trusted_certificate /etc/letsencrypt/live/peertube.example.com/chain.pem; | |
109 | ||
110 | access_log /var/log/nginx/peertube.example.com.access.log; | |
111 | error_log /var/log/nginx/peertube.example.com.error.log; | |
112 | ||
113 | location ^~ '/.well-known/acme-challenge' { | |
114 | default_type "text/plain"; | |
115 | root /var/www/certbot; | |
116 | } | |
117 | ||
5668bf2e C |
118 | location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ { |
119 | add_header Cache-Control "public, max-age=31536000, immutable"; | |
120 | ||
59c48d49 | 121 | alias /var/www/peertube/peertube-latest/client/dist/$1; |
5668bf2e C |
122 | } |
123 | ||
2e866cc7 | 124 | location ~ ^/static/(thumbnails|avatars)/(.*)$ { |
5668bf2e C |
125 | add_header Cache-Control "public, max-age=31536000, immutable"; |
126 | ||
59c48d49 | 127 | alias /var/www/peertube/storage/$1/$2; |
5668bf2e C |
128 | } |
129 | ||
63bfad7e C |
130 | location / { |
131 | proxy_pass http://localhost:9000; | |
132 | proxy_set_header X-Real-IP $remote_addr; | |
133 | proxy_set_header Host $host; | |
134 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
135 | ||
136 | # For the video upload | |
137 | client_max_body_size 8G; | |
138 | proxy_connect_timeout 600; | |
139 | proxy_send_timeout 600; | |
140 | proxy_read_timeout 600; | |
141 | send_timeout 600; | |
142 | } | |
143 | ||
144 | # Bypass PeerTube webseed route for better performances | |
145 | location /static/webseed { | |
146 | if ($request_method = 'OPTIONS') { | |
147 | add_header 'Access-Control-Allow-Origin' '*'; | |
148 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; | |
149 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; | |
150 | add_header 'Access-Control-Max-Age' 1728000; | |
151 | add_header 'Content-Type' 'text/plain charset=UTF-8'; | |
152 | add_header 'Content-Length' 0; | |
153 | return 204; | |
154 | } | |
155 | ||
156 | if ($request_method = 'GET') { | |
157 | add_header 'Access-Control-Allow-Origin' '*'; | |
158 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; | |
159 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; | |
5668bf2e C |
160 | |
161 | # Don't spam access log file with byte range requests | |
162 | access_log off; | |
63bfad7e C |
163 | } |
164 | ||
59c48d49 | 165 | alias /var/www/peertube/storage/videos; |
63bfad7e C |
166 | } |
167 | ||
168 | # Websocket tracker | |
169 | location /tracker/socket { | |
170 | # Peers send a message to the tracker every 15 minutes | |
171 | # Don't close the websocket before this time | |
172 | proxy_read_timeout 1200s; | |
173 | proxy_set_header Upgrade $http_upgrade; | |
174 | proxy_set_header Connection "upgrade"; | |
175 | proxy_http_version 1.1; | |
176 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
177 | proxy_set_header Host $host; | |
178 | proxy_pass http://localhost:9000; | |
179 | } | |
180 | } | |
181 | ``` | |
182 | ||
183 | ||
184 | Activate the configuration file: | |
185 | ||
afe81767 | 186 | ``` |
63bfad7e C |
187 | $ sudo ln -s /etc/nginx/sites-available/peertube /etc/nginx/sites-enabled/peertube |
188 | $ sudo systemctl reload nginx | |
189 | ``` | |
190 | ||
191 | ### Systemd | |
192 | ||
193 | Copy the nginx configuration template: | |
194 | ||
afe81767 | 195 | ``` |
59c48d49 | 196 | $ sudo cp /var/www/peertube/peertube-latest/support/systemd/peertube.service /etc/systemd/system/ |
63bfad7e C |
197 | ``` |
198 | ||
199 | Update the service file: | |
200 | ||
afe81767 | 201 | ``` |
d2000ca6 | 202 | $ sudo vim /etc/systemd/system/peertube.service |
63bfad7e C |
203 | ``` |
204 | ||
205 | It should look like this: | |
206 | ||
207 | ``` | |
208 | [Unit] | |
209 | Description=PeerTube daemon | |
210 | After=network.target | |
211 | ||
212 | [Service] | |
213 | Type=simple | |
214 | Environment=NODE_ENV=production | |
59c48d49 | 215 | Environment=NODE_CONFIG_DIR=/var/www/peertube/config |
63bfad7e C |
216 | User=peertube |
217 | Group=peertube | |
218 | ExecStart=/usr/bin/npm start | |
59c48d49 | 219 | WorkingDirectory=/var/www/peertube/peertube-latest |
63bfad7e C |
220 | StandardOutput=syslog |
221 | StandardError=syslog | |
222 | SyslogIdentifier=peertube | |
223 | Restart=always | |
224 | ||
225 | [Install] | |
226 | WantedBy=multi-user.target | |
227 | ``` | |
228 | ||
229 | ||
230 | Tell systemd to reload its config: | |
231 | ||
afe81767 | 232 | ``` |
d2000ca6 | 233 | $ sudo systemctl daemon-reload |
63bfad7e C |
234 | ``` |
235 | ||
6b2ef589 C |
236 | If you want to start PeerTube on boot: |
237 | ||
238 | ``` | |
9625507f | 239 | $ sudo systemctl enable peertube |
6b2ef589 C |
240 | ``` |
241 | ||
63bfad7e C |
242 | ### Run |
243 | ||
afe81767 | 244 | ``` |
d2000ca6 C |
245 | $ sudo systemctl start peertube |
246 | $ sudo journalctl -feu peertube | |
63bfad7e C |
247 | ``` |
248 | ||
249 | ### Administrator | |
250 | ||
251 | The administrator password is automatically generated and can be found in the | |
252 | logs. You can set another password with: | |
253 | ||
afe81767 | 254 | ``` |
59c48d49 | 255 | $ cd /var/www/peertube/peertube-latest && NODE_CONFIG_DIR=/var/www/peertube/config NODE_ENV=production npm run reset-password -- -u root |
63bfad7e C |
256 | ``` |
257 | ||
258 | ## Upgrade | |
259 | ||
ce487e1e | 260 | Make a SQL backup |
c7a9f34f C |
261 | |
262 | ``` | |
263 | $ SQL_BACKUP_PATH="backup/sql-peertube_prod-$(date -Im).bak" && \ | |
59c48d49 | 264 | cd /var/www/peertube && sudo -u peertube mkdir -p backup && \ |
c7a9f34f C |
265 | sudo pg_dump -U peertube -W -h localhost -F c peertube_prod -f "$SQL_BACKUP_PATH" |
266 | ``` | |
267 | ||
ce487e1e | 268 | Fetch the latest tagged version of Peertube: |
23e27dd5 C |
269 | |
270 | ``` | |
ce487e1e | 271 | $ VERSION=$(curl -s https://api.github.com/repos/chocobozzz/peertube/releases/latest | grep tag_name | cut -d '"' -f 4) && echo "Latest Peertube version is $VERSION" |
23e27dd5 C |
272 | ``` |
273 | ||
ce487e1e | 274 | Download the new version and unzip it: |
c7a9f34f | 275 | |
afe81767 | 276 | ``` |
ce487e1e | 277 | $ cd /var/www/peertube/versions && \ |
fd206f0b | 278 | sudo -u peertube wget -q "https://github.com/Chocobozzz/PeerTube/releases/download/${VERSION}/peertube-${VERSION}.zip" && \ |
ce487e1e C |
279 | sudo -u peertube unzip -o peertube-${VERSION}.zip && \ |
280 | sudo -u peertube rm peertube-${VERSION}.zip | |
281 | ``` | |
282 | ||
4805cff1 | 283 | Install node dependencies: |
ce487e1e C |
284 | |
285 | ``` | |
4805cff1 C |
286 | $ cd /var/www/peertube/versions/peertube-${VERSION} && \ |
287 | sudo -u peertube yarn install --production --pure-lockfile | |
ce487e1e C |
288 | ``` |
289 | ||
4805cff1 | 290 | Copy new configuration defaults values and update your configuration file: |
ce487e1e | 291 | |
63bfad7e | 292 | ``` |
4805cff1 C |
293 | $ sudo -u peertube cp /var/www/peertube/versions/peertube-${VERSION}/config/default.yaml /var/www/peertube/config/default.yaml |
294 | $ diff /var/www/peertube/versions/peertube-${VERSION}/config//production.yaml.example /var/www/peertube/config/production.yaml | |
ce487e1e C |
295 | ``` |
296 | ||
4805cff1 | 297 | Change the link to point to the latest version: |
ce487e1e C |
298 | |
299 | ``` | |
4805cff1 C |
300 | $ cd /var/www/peertube && \ |
301 | sudo rm ./peertube-latest && \ | |
302 | sudo -u peertube ln -s versions/peertube-${VERSION} ./peertube-latest | |
ce487e1e C |
303 | ``` |
304 | ||
4805cff1 | 305 | |
ce487e1e C |
306 | Restart PeerTube: |
307 | ``` | |
308 | $ sudo systemctl restart peertube | |
309 | ``` | |
310 | ||
311 | ### Things went wrong? | |
c7a9f34f | 312 | |
ce487e1e | 313 | Change `peertube-latest` destination to the previous version and restore your SQL backup: |
c7a9f34f C |
314 | |
315 | ``` | |
316 | $ OLD_VERSION="v0.42.42" && SQL_BACKUP_PATH="backup/sql-peertube_prod-2018-01-19T10:18+01:00.bak" && \ | |
59c48d49 | 317 | cd /var/www/peertube && rm ./peertube-latest && \ |
c7a9f34f C |
318 | sudo -u peertube ln -s "versions/peertube-$OLD_VERSION" peertube-latest && \ |
319 | pg_restore -U peertube -c -d peertube_prod "$SQL_BACKUP_PATH" | |
320 | sudo systemctl restart peertube | |
321 | ``` |