]>
Commit | Line | Data |
---|---|---|
63bfad7e C |
1 | # Production guide |
2 | ||
4df6a1b8 C |
3 | * [Installation](#installation) |
4 | * [Upgrade](#upgrade) | |
5 | ||
63bfad7e C |
6 | ## Installation |
7 | ||
1185c246 C |
8 | **Please don't install PeerTube for production on a small device behind a low bandwidth connection because it could slow down the fediverse.** |
9 | ||
63bfad7e C |
10 | ### Dependencies |
11 | ||
12 | Follow the steps of the [dependencies guide](dependencies.md). | |
13 | ||
14 | ### PeerTube user | |
15 | ||
59c48d49 | 16 | Create a `peertube` user with `/var/www/peertube` home: |
63bfad7e | 17 | |
afe81767 | 18 | ``` |
59c48d49 | 19 | $ sudo useradd -m -d /var/www/peertube -s /bin/bash -p peertube peertube |
e5203ffa TC |
20 | ``` |
21 | ||
22 | Set its password: | |
23 | ``` | |
d2000ca6 | 24 | $ sudo passwd peertube |
63bfad7e C |
25 | ``` |
26 | ||
27 | ### Database | |
28 | ||
e5203ffa | 29 | Create the production database and a peertube user inside PostgreSQL: |
63bfad7e | 30 | |
afe81767 | 31 | ``` |
d2000ca6 C |
32 | $ sudo -u postgres createuser -P peertube |
33 | $ sudo -u postgres createdb -O peertube peertube_prod | |
63bfad7e C |
34 | ``` |
35 | ||
d2000ca6 | 36 | ### Prepare PeerTube directory |
63bfad7e | 37 | |
e5203ffa TC |
38 | Fetch the latest tagged version of Peertube |
39 | ``` | |
40 | $ VERSION=$(curl -s https://api.github.com/repos/chocobozzz/peertube/releases/latest | grep tag_name | cut -d '"' -f 4) && echo "Latest Peertube version is $VERSION" | |
41 | ``` | |
59c48d49 | 42 | |
e5203ffa TC |
43 | Open the peertube directory, create a few required directories |
44 | ``` | |
15dbc134 | 45 | $ cd /var/www/peertube && sudo -u peertube mkdir config storage versions && cd versions |
e5203ffa | 46 | ``` |
59c48d49 | 47 | |
e5203ffa | 48 | Download the latest version of the Peertube client, unzip it and remove the zip |
afe81767 | 49 | ``` |
15dbc134 TC |
50 | $ sudo -u peertube wget -q "https://github.com/Chocobozzz/PeerTube/releases/download/${VERSION}/peertube-${VERSION}.zip" |
51 | $ sudo -u peertube unzip peertube-${VERSION}.zip && sudo -u peertube rm peertube-${VERSION}.zip | |
e5203ffa | 52 | ``` |
59c48d49 | 53 | |
e5203ffa TC |
54 | Install Peertube |
55 | ``` | |
15dbc134 | 56 | $ cd ../ && sudo -u peertube ln -s versions/peertube-${VERSION} ./peertube-latest |
09c93c20 | 57 | $ cd ./peertube-latest && sudo -H -u peertube yarn install --production --pure-lockfile |
63bfad7e C |
58 | ``` |
59 | ||
60 | ### PeerTube configuration | |
61 | ||
62 | Copy example configuration: | |
63 | ||
afe81767 | 64 | ``` |
59c48d49 | 65 | $ cd /var/www/peertube && sudo -u peertube cp peertube-latest/config/production.yaml.example config/production.yaml |
63bfad7e C |
66 | ``` |
67 | ||
68 | Then edit the `config/production.yaml` file according to your webserver | |
d2000ca6 | 69 | configuration. |
63bfad7e C |
70 | |
71 | ### Webserver | |
72 | ||
73 | Copy the nginx configuration template: | |
74 | ||
afe81767 | 75 | ``` |
59c48d49 | 76 | $ sudo cp /var/www/peertube/peertube-latest/support/nginx/peertube /etc/nginx/sites-available/peertube |
63bfad7e C |
77 | ``` |
78 | ||
5668bf2e C |
79 | Then modify the webserver configuration file. Please pay attention to the `alias` keys of the static locations. |
80 | It should correspond to the paths of your storage directories (set in the configuration file inside the `storage` key). | |
63bfad7e | 81 | |
afe81767 | 82 | ``` |
63bfad7e C |
83 | $ sudo vim /etc/nginx/sites-available/peertube |
84 | ``` | |
85 | ||
86 | If you want to set https with Let's Encrypt please follow the steps of [this guide](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04). | |
87 | ||
88 | An example of the nginx configuration could be: | |
89 | ||
90 | ``` | |
91 | server { | |
92 | listen 80; | |
93 | listen [::]:80; | |
94 | server_name peertube.example.com; | |
95 | ||
96 | access_log /var/log/nginx/peertube.example.com.access.log; | |
97 | error_log /var/log/nginx/peertube.example.com.error.log; | |
98 | ||
99 | rewrite ^ https://$server_name$request_uri? permanent; | |
100 | } | |
101 | ||
102 | server { | |
103 | listen 443 ssl http2; | |
104 | listen [::]:443 ssl http2; | |
105 | server_name peertube.example.com; | |
106 | ||
107 | # For example with Let's Encrypt | |
108 | ssl_certificate /etc/letsencrypt/live/peertube.example.com/fullchain.pem; | |
109 | ssl_certificate_key /etc/letsencrypt/live/peertube.example.com/privkey.pem; | |
110 | ssl_trusted_certificate /etc/letsencrypt/live/peertube.example.com/chain.pem; | |
111 | ||
112 | access_log /var/log/nginx/peertube.example.com.access.log; | |
113 | error_log /var/log/nginx/peertube.example.com.error.log; | |
114 | ||
115 | location ^~ '/.well-known/acme-challenge' { | |
116 | default_type "text/plain"; | |
117 | root /var/www/certbot; | |
118 | } | |
119 | ||
5668bf2e C |
120 | location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ { |
121 | add_header Cache-Control "public, max-age=31536000, immutable"; | |
122 | ||
59c48d49 | 123 | alias /var/www/peertube/peertube-latest/client/dist/$1; |
5668bf2e C |
124 | } |
125 | ||
2e866cc7 | 126 | location ~ ^/static/(thumbnails|avatars)/(.*)$ { |
5668bf2e C |
127 | add_header Cache-Control "public, max-age=31536000, immutable"; |
128 | ||
59c48d49 | 129 | alias /var/www/peertube/storage/$1/$2; |
5668bf2e C |
130 | } |
131 | ||
63bfad7e C |
132 | location / { |
133 | proxy_pass http://localhost:9000; | |
134 | proxy_set_header X-Real-IP $remote_addr; | |
135 | proxy_set_header Host $host; | |
136 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
137 | ||
138 | # For the video upload | |
139 | client_max_body_size 8G; | |
140 | proxy_connect_timeout 600; | |
141 | proxy_send_timeout 600; | |
142 | proxy_read_timeout 600; | |
143 | send_timeout 600; | |
144 | } | |
145 | ||
146 | # Bypass PeerTube webseed route for better performances | |
147 | location /static/webseed { | |
148 | if ($request_method = 'OPTIONS') { | |
149 | add_header 'Access-Control-Allow-Origin' '*'; | |
150 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; | |
151 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; | |
152 | add_header 'Access-Control-Max-Age' 1728000; | |
153 | add_header 'Content-Type' 'text/plain charset=UTF-8'; | |
154 | add_header 'Content-Length' 0; | |
155 | return 204; | |
156 | } | |
157 | ||
158 | if ($request_method = 'GET') { | |
159 | add_header 'Access-Control-Allow-Origin' '*'; | |
160 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; | |
161 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; | |
5668bf2e C |
162 | |
163 | # Don't spam access log file with byte range requests | |
164 | access_log off; | |
63bfad7e C |
165 | } |
166 | ||
59c48d49 | 167 | alias /var/www/peertube/storage/videos; |
63bfad7e C |
168 | } |
169 | ||
170 | # Websocket tracker | |
171 | location /tracker/socket { | |
172 | # Peers send a message to the tracker every 15 minutes | |
173 | # Don't close the websocket before this time | |
174 | proxy_read_timeout 1200s; | |
175 | proxy_set_header Upgrade $http_upgrade; | |
176 | proxy_set_header Connection "upgrade"; | |
177 | proxy_http_version 1.1; | |
178 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
179 | proxy_set_header Host $host; | |
180 | proxy_pass http://localhost:9000; | |
181 | } | |
182 | } | |
183 | ``` | |
184 | ||
185 | ||
186 | Activate the configuration file: | |
187 | ||
afe81767 | 188 | ``` |
63bfad7e C |
189 | $ sudo ln -s /etc/nginx/sites-available/peertube /etc/nginx/sites-enabled/peertube |
190 | $ sudo systemctl reload nginx | |
191 | ``` | |
192 | ||
193 | ### Systemd | |
194 | ||
195 | Copy the nginx configuration template: | |
196 | ||
afe81767 | 197 | ``` |
59c48d49 | 198 | $ sudo cp /var/www/peertube/peertube-latest/support/systemd/peertube.service /etc/systemd/system/ |
63bfad7e C |
199 | ``` |
200 | ||
201 | Update the service file: | |
202 | ||
afe81767 | 203 | ``` |
d2000ca6 | 204 | $ sudo vim /etc/systemd/system/peertube.service |
63bfad7e C |
205 | ``` |
206 | ||
207 | It should look like this: | |
208 | ||
209 | ``` | |
210 | [Unit] | |
211 | Description=PeerTube daemon | |
212 | After=network.target | |
213 | ||
214 | [Service] | |
215 | Type=simple | |
216 | Environment=NODE_ENV=production | |
59c48d49 | 217 | Environment=NODE_CONFIG_DIR=/var/www/peertube/config |
63bfad7e C |
218 | User=peertube |
219 | Group=peertube | |
220 | ExecStart=/usr/bin/npm start | |
59c48d49 | 221 | WorkingDirectory=/var/www/peertube/peertube-latest |
63bfad7e C |
222 | StandardOutput=syslog |
223 | StandardError=syslog | |
224 | SyslogIdentifier=peertube | |
225 | Restart=always | |
226 | ||
227 | [Install] | |
228 | WantedBy=multi-user.target | |
229 | ``` | |
230 | ||
231 | ||
232 | Tell systemd to reload its config: | |
233 | ||
afe81767 | 234 | ``` |
d2000ca6 | 235 | $ sudo systemctl daemon-reload |
63bfad7e C |
236 | ``` |
237 | ||
6b2ef589 C |
238 | If you want to start PeerTube on boot: |
239 | ||
240 | ``` | |
9625507f | 241 | $ sudo systemctl enable peertube |
6b2ef589 C |
242 | ``` |
243 | ||
63bfad7e C |
244 | ### Run |
245 | ||
afe81767 | 246 | ``` |
d2000ca6 C |
247 | $ sudo systemctl start peertube |
248 | $ sudo journalctl -feu peertube | |
63bfad7e C |
249 | ``` |
250 | ||
251 | ### Administrator | |
252 | ||
253 | The administrator password is automatically generated and can be found in the | |
254 | logs. You can set another password with: | |
255 | ||
afe81767 | 256 | ``` |
59c48d49 | 257 | $ cd /var/www/peertube/peertube-latest && NODE_CONFIG_DIR=/var/www/peertube/config NODE_ENV=production npm run reset-password -- -u root |
63bfad7e C |
258 | ``` |
259 | ||
260 | ## Upgrade | |
261 | ||
ce487e1e | 262 | Make a SQL backup |
c7a9f34f C |
263 | |
264 | ``` | |
265 | $ SQL_BACKUP_PATH="backup/sql-peertube_prod-$(date -Im).bak" && \ | |
59c48d49 | 266 | cd /var/www/peertube && sudo -u peertube mkdir -p backup && \ |
c7a9f34f C |
267 | sudo pg_dump -U peertube -W -h localhost -F c peertube_prod -f "$SQL_BACKUP_PATH" |
268 | ``` | |
269 | ||
ce487e1e | 270 | Fetch the latest tagged version of Peertube: |
23e27dd5 C |
271 | |
272 | ``` | |
ce487e1e | 273 | $ VERSION=$(curl -s https://api.github.com/repos/chocobozzz/peertube/releases/latest | grep tag_name | cut -d '"' -f 4) && echo "Latest Peertube version is $VERSION" |
23e27dd5 C |
274 | ``` |
275 | ||
ce487e1e | 276 | Download the new version and unzip it: |
c7a9f34f | 277 | |
afe81767 | 278 | ``` |
ce487e1e | 279 | $ cd /var/www/peertube/versions && \ |
fd206f0b | 280 | sudo -u peertube wget -q "https://github.com/Chocobozzz/PeerTube/releases/download/${VERSION}/peertube-${VERSION}.zip" && \ |
ce487e1e C |
281 | sudo -u peertube unzip -o peertube-${VERSION}.zip && \ |
282 | sudo -u peertube rm peertube-${VERSION}.zip | |
283 | ``` | |
284 | ||
4805cff1 | 285 | Install node dependencies: |
ce487e1e C |
286 | |
287 | ``` | |
4805cff1 C |
288 | $ cd /var/www/peertube/versions/peertube-${VERSION} && \ |
289 | sudo -u peertube yarn install --production --pure-lockfile | |
ce487e1e C |
290 | ``` |
291 | ||
4805cff1 | 292 | Copy new configuration defaults values and update your configuration file: |
ce487e1e | 293 | |
63bfad7e | 294 | ``` |
4805cff1 C |
295 | $ sudo -u peertube cp /var/www/peertube/versions/peertube-${VERSION}/config/default.yaml /var/www/peertube/config/default.yaml |
296 | $ diff /var/www/peertube/versions/peertube-${VERSION}/config//production.yaml.example /var/www/peertube/config/production.yaml | |
ce487e1e C |
297 | ``` |
298 | ||
4805cff1 | 299 | Change the link to point to the latest version: |
ce487e1e C |
300 | |
301 | ``` | |
4805cff1 C |
302 | $ cd /var/www/peertube && \ |
303 | sudo rm ./peertube-latest && \ | |
304 | sudo -u peertube ln -s versions/peertube-${VERSION} ./peertube-latest | |
ce487e1e C |
305 | ``` |
306 | ||
4805cff1 | 307 | |
ce487e1e C |
308 | Restart PeerTube: |
309 | ``` | |
310 | $ sudo systemctl restart peertube | |
311 | ``` | |
312 | ||
313 | ### Things went wrong? | |
c7a9f34f | 314 | |
ce487e1e | 315 | Change `peertube-latest` destination to the previous version and restore your SQL backup: |
c7a9f34f C |
316 | |
317 | ``` | |
318 | $ OLD_VERSION="v0.42.42" && SQL_BACKUP_PATH="backup/sql-peertube_prod-2018-01-19T10:18+01:00.bak" && \ | |
59c48d49 | 319 | cd /var/www/peertube && rm ./peertube-latest && \ |
c7a9f34f | 320 | sudo -u peertube ln -s "versions/peertube-$OLD_VERSION" peertube-latest && \ |
f529f983 | 321 | pg_restore -U peertube -W -h localhost -c -d peertube_prod "$SQL_BACKUP_PATH" |
c7a9f34f C |
322 | sudo systemctl restart peertube |
323 | ``` |