]>
Commit | Line | Data |
---|---|---|
63bfad7e C |
1 | # Production guide |
2 | ||
3 | ## Installation | |
4 | ||
5 | ### Dependencies | |
6 | ||
7 | Follow the steps of the [dependencies guide](dependencies.md). | |
8 | ||
9 | ### PeerTube user | |
10 | ||
11 | Create a `peertube` user with `/home/peertube` home: | |
12 | ||
afe81767 | 13 | ``` |
63bfad7e C |
14 | sudo useradd -m -d /home/peertube -s /bin/bash -p peertube peertube |
15 | sudo passwd peertube | |
16 | ``` | |
17 | ||
18 | ### Database | |
19 | ||
20 | Create production database and peertube user: | |
21 | ||
afe81767 | 22 | ``` |
63bfad7e C |
23 | sudo -u postgres createuser -P peertube |
24 | sudo -u postgres createdb -O peertube peertube_prod | |
25 | ``` | |
26 | ||
27 | ### Sources | |
28 | ||
29 | Clone, install node dependencies and build application: | |
30 | ||
afe81767 | 31 | ``` |
63bfad7e C |
32 | $ cd /home/peertube |
33 | $ sudo -u peertube git clone -b master https://github.com/Chocobozzz/PeerTube | |
34 | $ cd PeerTube | |
35 | $ sudo -u peertube yarn install --pure-lockfile | |
36 | $ sudo -u peertube npm run build | |
37 | ``` | |
38 | ||
39 | ### PeerTube configuration | |
40 | ||
41 | Copy example configuration: | |
42 | ||
afe81767 | 43 | ``` |
63bfad7e C |
44 | $ sudo -u peertube cp config/production.yaml.example config/production.yaml |
45 | ``` | |
46 | ||
47 | Then edit the `config/production.yaml` file according to your webserver | |
48 | configuration. Keys set in this file will override those of | |
49 | `config/default.yml`. | |
50 | ||
51 | ### Webserver | |
52 | ||
53 | Copy the nginx configuration template: | |
54 | ||
afe81767 | 55 | ``` |
63bfad7e C |
56 | $ sudo cp /home/peertube/PeerTube/support/nginx/peertube-https /etc/nginx/sites-available/peertube |
57 | ``` | |
58 | ||
59 | Then modify the webserver configuration file. Please pay attention to the `alias` key of `/static/webseed` location. | |
60 | It should correspond to the path of your videos directory (set in the configuration file as `storage->videos` key). | |
61 | ||
afe81767 | 62 | ``` |
63bfad7e C |
63 | $ sudo vim /etc/nginx/sites-available/peertube |
64 | ``` | |
65 | ||
66 | If you want to set https with Let's Encrypt please follow the steps of [this guide](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04). | |
67 | ||
68 | An example of the nginx configuration could be: | |
69 | ||
70 | ``` | |
71 | server { | |
72 | listen 80; | |
73 | listen [::]:80; | |
74 | server_name peertube.example.com; | |
75 | ||
76 | access_log /var/log/nginx/peertube.example.com.access.log; | |
77 | error_log /var/log/nginx/peertube.example.com.error.log; | |
78 | ||
79 | rewrite ^ https://$server_name$request_uri? permanent; | |
80 | } | |
81 | ||
82 | server { | |
83 | listen 443 ssl http2; | |
84 | listen [::]:443 ssl http2; | |
85 | server_name peertube.example.com; | |
86 | ||
87 | # For example with Let's Encrypt | |
88 | ssl_certificate /etc/letsencrypt/live/peertube.example.com/fullchain.pem; | |
89 | ssl_certificate_key /etc/letsencrypt/live/peertube.example.com/privkey.pem; | |
90 | ssl_trusted_certificate /etc/letsencrypt/live/peertube.example.com/chain.pem; | |
91 | ||
92 | access_log /var/log/nginx/peertube.example.com.access.log; | |
93 | error_log /var/log/nginx/peertube.example.com.error.log; | |
94 | ||
95 | location ^~ '/.well-known/acme-challenge' { | |
96 | default_type "text/plain"; | |
97 | root /var/www/certbot; | |
98 | } | |
99 | ||
100 | location / { | |
101 | proxy_pass http://localhost:9000; | |
102 | proxy_set_header X-Real-IP $remote_addr; | |
103 | proxy_set_header Host $host; | |
104 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
105 | ||
106 | # For the video upload | |
107 | client_max_body_size 8G; | |
108 | proxy_connect_timeout 600; | |
109 | proxy_send_timeout 600; | |
110 | proxy_read_timeout 600; | |
111 | send_timeout 600; | |
112 | } | |
113 | ||
114 | # Bypass PeerTube webseed route for better performances | |
115 | location /static/webseed { | |
116 | if ($request_method = 'OPTIONS') { | |
117 | add_header 'Access-Control-Allow-Origin' '*'; | |
118 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; | |
119 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; | |
120 | add_header 'Access-Control-Max-Age' 1728000; | |
121 | add_header 'Content-Type' 'text/plain charset=UTF-8'; | |
122 | add_header 'Content-Length' 0; | |
123 | return 204; | |
124 | } | |
125 | ||
126 | if ($request_method = 'GET') { | |
127 | add_header 'Access-Control-Allow-Origin' '*'; | |
128 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; | |
129 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; | |
130 | } | |
131 | ||
132 | alias /var/www/PeerTube/videos; | |
133 | } | |
134 | ||
135 | # Websocket tracker | |
136 | location /tracker/socket { | |
137 | # Peers send a message to the tracker every 15 minutes | |
138 | # Don't close the websocket before this time | |
139 | proxy_read_timeout 1200s; | |
140 | proxy_set_header Upgrade $http_upgrade; | |
141 | proxy_set_header Connection "upgrade"; | |
142 | proxy_http_version 1.1; | |
143 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
144 | proxy_set_header Host $host; | |
145 | proxy_pass http://localhost:9000; | |
146 | } | |
147 | } | |
148 | ``` | |
149 | ||
150 | ||
151 | Activate the configuration file: | |
152 | ||
afe81767 | 153 | ``` |
63bfad7e C |
154 | $ sudo ln -s /etc/nginx/sites-available/peertube /etc/nginx/sites-enabled/peertube |
155 | $ sudo systemctl reload nginx | |
156 | ``` | |
157 | ||
158 | ### Systemd | |
159 | ||
160 | Copy the nginx configuration template: | |
161 | ||
afe81767 | 162 | ``` |
63bfad7e C |
163 | sudo cp /home/peertube/PeerTube/support/systemd/peertube.service /etc/systemd/system/ |
164 | ``` | |
165 | ||
166 | Update the service file: | |
167 | ||
afe81767 | 168 | ``` |
63bfad7e C |
169 | sudo vim /etc/systemd/system/peertube.service |
170 | ``` | |
171 | ||
172 | It should look like this: | |
173 | ||
174 | ``` | |
175 | [Unit] | |
176 | Description=PeerTube daemon | |
177 | After=network.target | |
178 | ||
179 | [Service] | |
180 | Type=simple | |
181 | Environment=NODE_ENV=production | |
182 | User=peertube | |
183 | Group=peertube | |
184 | ExecStart=/usr/bin/npm start | |
185 | WorkingDirectory=/home/peertube/PeerTube | |
186 | StandardOutput=syslog | |
187 | StandardError=syslog | |
188 | SyslogIdentifier=peertube | |
189 | Restart=always | |
190 | ||
191 | [Install] | |
192 | WantedBy=multi-user.target | |
193 | ``` | |
194 | ||
195 | ||
196 | Tell systemd to reload its config: | |
197 | ||
afe81767 | 198 | ``` |
63bfad7e C |
199 | sudo systemctl daemon-reload |
200 | ``` | |
201 | ||
6b2ef589 C |
202 | If you want to start PeerTube on boot: |
203 | ||
204 | ``` | |
205 | sudo systemctl enabled peertube | |
206 | ``` | |
207 | ||
63bfad7e C |
208 | ### Run |
209 | ||
afe81767 | 210 | ``` |
63bfad7e C |
211 | sudo systemctl start peertube |
212 | sudo journalctl -feu peertube | |
213 | ``` | |
214 | ||
215 | ### Administrator | |
216 | ||
217 | The administrator password is automatically generated and can be found in the | |
218 | logs. You can set another password with: | |
219 | ||
afe81767 | 220 | ``` |
63bfad7e C |
221 | $ NODE_ENV=production npm run reset-password -- -u root |
222 | ``` | |
223 | ||
224 | ## Upgrade | |
225 | ||
226 | The following commands will upgrade the source (according to your current | |
227 | branch), upgrade node modules and rebuild client application: | |
228 | ||
afe81767 | 229 | ``` |
63bfad7e C |
230 | # systemctl stop peertube |
231 | $ npm run upgrade-peertube | |
232 | # systemctl start peertube | |
233 | ``` |