X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=support%2Fdoc%2Fproduction.md;h=9a84f19a388abe120b32d07b3e117b692abb6c1d;hb=81bd40d2cb563a4c1c7be9c2b17e37fc04bfff6a;hp=6d7744b1f613349ee343277bc02645930b1ce185;hpb=5d2fd66ab4a75281dab6363ba9131adee7be3a2b;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/support/doc/production.md b/support/doc/production.md
index 6d7744b1f..9a84f19a3 100644
--- a/support/doc/production.md
+++ b/support/doc/production.md
@@ -25,6 +25,12 @@ Set its password:
 $ sudo passwd peertube
 ```
 
+Ensure the peertube root directory is traversable by nginx:
+
+```bash
+$ ls -ld /var/www/peertube # Should be drwxr-xr-x
+```
+
 **On FreeBSD**
 
 ```bash
@@ -109,8 +115,14 @@ $ cd /var/www/peertube
 $ sudo -u peertube cp peertube-latest/config/production.yaml.example config/production.yaml
 ```
 
-Then edit the `config/production.yaml` file according to your webserver
-and database configuration (`webserver`, `database`, `redis`, `smtp` and `admin.email` sections in particular).
+Then edit the `config/production.yaml` file according to your webserver and database configuration. In particular:
+ * `webserver`: Reverse proxy public information
+ * `secrets`: Secret strings you must generate manually (PeerTube version >= 5.0)
+ * `database`: PostgreSQL settings
+ * `redis`: Redis settings
+ * `smtp`: If you want to use emails
+ * `admin.email`: To correctly fill `root` user email
+
 Keys defined in `config/production.yaml` will override keys defined in `config/default.yaml`.
 
 **PeerTube does not support webserver host change**. Even though [PeerTube CLI can help you to switch hostname](https://docs.joinpeertube.org/maintain-tools?id=update-hostjs) there's no official support for that since it is a risky operation that might result in unforeseen errors.
@@ -154,12 +166,6 @@ $ sudo certbot certonly --standalone --post-hook "systemctl restart nginx"
 $ sudo systemctl reload nginx
 ```
 
-Now you have the certificates you can reload nginx:
-
-```bash
-$ sudo systemctl reload nginx
-```
-
 Certbot should have installed a cron to automatically renew your certificate.
 Since our nginx template supports webroot renewal, we suggest you to update the renewal config file to use the `webroot` authenticator:
 
@@ -169,16 +175,19 @@ $ # Add webroot_path = /var/www/certbot
 $ sudo vim /etc/letsencrypt/renewal/your-domain.com.conf
 ```
 
-**FreeBSD**
+If you plan to have many concurrent viewers on your PeerTube instance, consider increasing `worker_connections` value: https://nginx.org/en/docs/ngx_core_module.html#worker_connections.
+
+<details>
+<summary><strong>If using FreeBSD</strong></summary>
+
 On FreeBSD you can use [Dehydrated](https://dehydrated.io/) `security/dehydrated` for [Let's Encrypt](https://letsencrypt.org/)
 
 ```bash
 $ sudo pkg install dehydrated
 ```
+</details>
 
-### :alembic: TCP/IP Tuning
-
-**On Linux**
+### :alembic: Linux TCP/IP Tuning
 
 ```bash
 $ sudo cp /var/www/peertube/peertube-latest/support/sysctl.d/30-peertube-tcp.conf /etc/sysctl.d/
@@ -223,7 +232,9 @@ $ sudo systemctl start peertube
 $ sudo journalctl -feu peertube
 ```
 
-**FreeBSD**
+<details>
+<summary><strong>If using FreeBSD</strong></summary>
+
 On FreeBSD, copy the startup script and update rc.conf:
 
 ```bash
@@ -236,8 +247,10 @@ Run:
 ```bash
 $ sudo service peertube start
 ```
+</details>
 
-### :bricks: OpenRC
+<details>
+<summary><strong>If using OpenRC</strong></summary>
 
 If your OS uses OpenRC, copy the service script:
 
@@ -257,6 +270,7 @@ Run and print last logs:
 $ sudo /etc/init.d/peertube start
 $ tail -f /var/log/peertube/peertube.log
 ```
+</details>
 
 ### :technologist: Administrator
 
@@ -281,18 +295,17 @@ Now your instance is up you can:
 
 ### PeerTube instance
 
-**Check the changelog (in particular BREAKING CHANGES!):** https://github.com/Chocobozzz/PeerTube/blob/develop/CHANGELOG.md
+**Check the changelog (in particular the *IMPORTANT NOTES* section):** https://github.com/Chocobozzz/PeerTube/blob/develop/CHANGELOG.md
 
-#### Auto
-
-The password it asks is PeerTube's database user password.
+Run the upgrade script (the password it asks is PeerTube's database user password):
 
 ```bash
 $ cd /var/www/peertube/peertube-latest/scripts && sudo -H -u peertube ./upgrade.sh
 $ sudo systemctl restart peertube # Or use your OS command to restart PeerTube if you don't use systemd
 ```
 
-#### Manually
+<details>
+<summary><strong>Prefer manual upgrade?</strong></summary>
 
 Make a SQL backup
 
@@ -338,8 +351,18 @@ $ cd /var/www/peertube && \
     sudo unlink ./peertube-latest && \
     sudo -u peertube ln -s versions/peertube-${VERSION} ./peertube-latest
 ```
+</details>
+
+### Update PeerTube configuration
+
+Check for configuration changes, and report them in your `config/production.yaml` file:
+
+```bash
+$ cd /var/www/peertube/versions
+$ diff -u "$(ls --sort=t | head -2 | tail -1)/config/production.yaml.example" "$(ls --sort=t | head -1)/config/production.yaml.example"
+```
 
-### nginx
+### Update nginx configuration
 
 Check changes in nginx configuration:
 
@@ -348,7 +371,7 @@ $ cd /var/www/peertube/versions
 $ diff -u "$(ls --sort=t | head -2 | tail -1)/support/nginx/peertube" "$(ls --sort=t | head -1)/support/nginx/peertube"
 ```
 
-### systemd
+### Update systemd service
 
 Check changes in systemd configuration: