aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorKim <1877318+kimsible@users.noreply.github.com>2020-02-24 15:30:14 +0100
committerGitHub <noreply@github.com>2020-02-24 15:30:14 +0100
commite962e1c3c52b77075ec7b46ed0984476684551ab (patch)
tree4c5afdba0862b8668763a7e26f7b2334ba9c323f
parentf30736c8917e66ed8940dd664d75826dc5a2853b (diff)
downloadPeerTube-e962e1c3c52b77075ec7b46ed0984476684551ab.tar.gz
PeerTube-e962e1c3c52b77075ec7b46ed0984476684551ab.tar.zst
PeerTube-e962e1c3c52b77075ec7b46ed0984476684551ab.zip
Chore/docker-documentation-improvements (#2494)
* unify env_var names to replace * detail more and improve docker doc * fix title * move acme email and domains to traefik command * add details about TRAEFIK_ACME_* variables * Fix preview links from /develop to /master
-rw-r--r--support/doc/docker.md88
-rw-r--r--support/docker/production/.env23
-rw-r--r--support/docker/production/config/traefik.toml11
-rw-r--r--support/docker/production/docker-compose.yml5
4 files changed, 88 insertions, 39 deletions
diff --git a/support/doc/docker.md b/support/doc/docker.md
index b251329d0..2ee922b87 100644
--- a/support/doc/docker.md
+++ b/support/doc/docker.md
@@ -14,43 +14,95 @@ PeerTube needs a PostgreSQL and a Redis instance to work correctly. If you want
14to quickly set up a full environment, either for trying the service or in 14to quickly set up a full environment, either for trying the service or in
15production, you can use a `docker-compose` setup. 15production, you can use a `docker-compose` setup.
16 16
17#### Go to your peertube workdir
17```shell 18```shell
18$ cd /your/peertube/directory 19cd /your/peertube/directory
19$ mkdir ./docker-volume && mkdir ./docker-volume/traefik
20$ curl "https://raw.githubusercontent.com/chocobozzz/PeerTube/master/support/docker/production/config/traefik.toml" > ./docker-volume/traefik/traefik.toml
21$ touch ./docker-volume/traefik/acme.json && chmod 600 ./docker-volume/traefik/acme.json
22$ curl -s "https://raw.githubusercontent.com/chocobozzz/PeerTube/master/support/docker/production/docker-compose.yml" -o docker-compose.yml "https://raw.githubusercontent.com/Chocobozzz/PeerTube/master/support/docker/production/.env" -o .env
23``` 20```
24View the source of the files you're about to download: [docker-compose.yml](https://github.com/Chocobozzz/PeerTube/blob/develop/support/docker/production/docker-compose.yml) and the [traefik.toml](https://github.com/Chocobozzz/PeerTube/blob/develop/support/docker/production/config/traefik.toml) and the [.env](https://github.com/Chocobozzz/PeerTube/blob/develop/support/docker/production/.env)
25 21
26Update the reverse proxy configuration: 22#### Create the reverse proxy configuration directory
27 23
28```shell 24```shell
29$ vim ./docker-volume/traefik/traefik.toml 25mkdir -p ./docker-volume/traefik
30``` 26```
31 27
32Tweak the `docker-compose.yml` file there according to your needs: 28#### Get the latest reverse proxy configuration
33 29
34```shell 30```shell
35$ vim ./docker-compose.yml 31curl https://raw.github.com/chocobozzz/PeerTube/master/support/docker/production/config/traefik.toml > ./docker-volume/traefik/traefik.toml
36``` 32```
37 33
38Then tweak the `.env` file to change the environment variables: 34View the source of the file you're about to download: [traefik.toml](https://github.com/Chocobozzz/PeerTube/blob/master/support/docker/production/config/traefik.toml)
35
36#### Create Let's Encrypt ACME certificates as JSON file
39 37
40```shell 38```shell
41$ vim ./.env 39touch ./docker-volume/traefik/acme.json
42``` 40```
43If you did not download the .env file above, here you can look at the variables that can be set: 41Needs to have file mode 600:
44https://github.com/Chocobozzz/PeerTube/blob/develop/support/docker/production/.env 42```shell
43chmod 600 ./docker-volume/traefik/acme.json
44```
45
46#### Get the latest Compose file
47
48```shell
49curl https://raw.github.com/chocobozzz/PeerTube/master/support/docker/production/docker-compose.yml > docker-compose.yml
50```
51
52View the source of the file you're about to download: [docker-compose.yml](https://github.com/Chocobozzz/PeerTube/blob/master/support/docker/production/docker-compose.yml)
53
54
55#### Get the latest env_file
56
57```shell
58curl https://raw.github.com/Chocobozzz/PeerTube/master/support/docker/production/.env > .env
59```
60
61View the source of the file you're about to download: [.env](https://github.com/Chocobozzz/PeerTube/blob/master/support/docker/production/.env)
62
63#### Update the reverse proxy configuration
64
65```shell
66vim ./docker-volume/traefik/traefik.toml
67```
68
69~~You must replace `<MY EMAIL ADDRESS>` and `<MY DOMAIN>` to enable Let's Encrypt SSL Certificates creation.~~ Now included in `.env` file with `TRAEFIK_ACME_EMAIL` and `TRAEFIK_ACME_DOMAINS` variables used through traefik service command value of `docker-compose.yml` file.
70
71More at: https://docs.traefik.io/v1.7
72
73#### Tweak the `docker-compose.yml` file there according to your needs
74
75```shell
76vim ./docker-compose.yml
77```
78
79#### Then tweak the `.env` file to change the environment variables
80
81```shell
82vim ./.env
83```
84In the downloaded example [.env](https://github.com/Chocobozzz/PeerTube/blob/master/support/docker/production/.env), you must replace:
85- `<MY POSTGRES USERNAME>`
86- `<MY POSTGRES PASSWORD>`
87- `<MY POSTGRES DB>`
88- `<MY DOMAIN>` without 'https://'
89- `<MY EMAIL ADDRESS>`
45 90
46Other environment variables are used in 91Other environment variables are used in
47`support/docker/production/config/custom-environment-variables.yaml` and can be 92[/support/docker/production/config/custom-environment-variables.yaml](https://github.com/Chocobozzz/PeerTube/blob/master/support/docker/production/config/custom-environment-variables.yaml) and can be
48intuited from usage. 93intuited from usage.
49 94
50You can use the regular `up` command to set it up: 95#### Testing local Docker setup
96
97To test locally your Docker setup, you must add your domain (`<MY DOMAIN>`) in `/etc/hosts`:
98```
99127.0.0.1 localhost mydomain.tld
100```
101
102#### You can use the regular `up` command to set it up
51 103
52```shell 104```shell
53$ docker-compose up 105docker-compose up
54``` 106```
55### Obtaining Your Automatically Generated Admin Credentials 107### Obtaining Your Automatically Generated Admin Credentials
56Now that you've installed your PeerTube instance you'll want to grep your peertube container's logs for the `root` password. 108Now that you've installed your PeerTube instance you'll want to grep your peertube container's logs for the `root` password.
@@ -88,5 +140,5 @@ $ docker build . -f ./support/docker/production/Dockerfile.buster
88 140
89## Development 141## Development
90 142
91We don't have a Docker image for development. See [the CONTRIBUTING guide](https://github.com/Chocobozzz/PeerTube/blob/develop/.github/CONTRIBUTING.md#develop) 143We don't have a Docker image for development. See [the CONTRIBUTING guide](https://github.com/Chocobozzz/PeerTube/blob/master/.github/CONTRIBUTING.md#develop)
92for more information on how you can hack PeerTube! 144for more information on how you can hack PeerTube!
diff --git a/support/docker/production/.env b/support/docker/production/.env
index 95ca42d69..0321b04ae 100644
--- a/support/docker/production/.env
+++ b/support/docker/production/.env
@@ -1,10 +1,11 @@
1POSTGRES_USER=peertube 1POSTGRES_USER=<MY POSTGRES USERNAME>
2POSTGRES_PASSWORD=peertube 2POSTGRES_PASSWORD=<MY POSTGRES PASSWORD>
3POSTGRES_DB=peertube 3POSTGRES_DB=<MY POSTGRES DB>
4PEERTUBE_DB_USERNAME=$(POSTGRES_USER) 4PEERTUBE_DB_USERNAME=<MY POSTGRES USERNAME>
5PEERTUBE_DB_PASSWORD=$(POSTGRES_PASSWORD) 5PEERTUBE_DB_PASSWORD=<MY POSTGRES PASSWORD>
6# PEERTUBE_DB_HOSTNAME is the Postgres service name in docker-compose.yml
6PEERTUBE_DB_HOSTNAME=postgres 7PEERTUBE_DB_HOSTNAME=postgres
7PEERTUBE_WEBSERVER_HOSTNAME=domain.tld 8PEERTUBE_WEBSERVER_HOSTNAME=<MY DOMAIN>
8PEERTUBE_WEBSERVER_PORT=443 9PEERTUBE_WEBSERVER_PORT=443
9PEERTUBE_WEBSERVER_HTTPS=true 10PEERTUBE_WEBSERVER_HTTPS=true
10# If you need more than one IP as trust_proxy 11# If you need more than one IP as trust_proxy
@@ -14,11 +15,15 @@ PEERTUBE_TRUST_PROXY=["127.0.0.1", "loopback", "172.18.0.0/16"]
14#PEERTUBE_SMTP_PASSWORD= 15#PEERTUBE_SMTP_PASSWORD=
15PEERTUBE_SMTP_HOSTNAME=postfix 16PEERTUBE_SMTP_HOSTNAME=postfix
16PEERTUBE_SMTP_PORT=25 17PEERTUBE_SMTP_PORT=25
17PEERTUBE_SMTP_FROM=noreply@domain.tld 18PEERTUBE_SMTP_FROM=noreply@<MY DOMAIN>
18PEERTUBE_SMTP_TLS=false 19PEERTUBE_SMTP_TLS=false
19PEERTUBE_SMTP_DISABLE_STARTTLS=false 20PEERTUBE_SMTP_DISABLE_STARTTLS=false
20PEERTUBE_ADMIN_EMAIL=admin@domain.tld 21PEERTUBE_ADMIN_EMAIL=<MY EMAIL ADDRESS>
21POSTFIX_myhostname=${PEERTUBE_WEBSERVER_HOSTNAME} 22POSTFIX_myhostname=<MY DOMAIN>
23TRAEFIK_ACME_EMAIL=<MY EMAIL ADDRESS>
24# If you need to obtain ACME certificates for more than one DOMAIN
25# pass them as a comma separated string
26TRAEFIK_ACME_DOMAINS=<MY DOMAIN>
22# /!\ Prefer to use the PeerTube admin interface to set the following configurations /!\ 27# /!\ Prefer to use the PeerTube admin interface to set the following configurations /!\
23#PEERTUBE_SIGNUP_ENABLED=true 28#PEERTUBE_SIGNUP_ENABLED=true
24#PEERTUBE_TRANSCODING_ENABLED=true 29#PEERTUBE_TRANSCODING_ENABLED=true
diff --git a/support/docker/production/config/traefik.toml b/support/docker/production/config/traefik.toml
index 6abced3db..1d7d207fd 100644
--- a/support/docker/production/config/traefik.toml
+++ b/support/docker/production/config/traefik.toml
@@ -37,12 +37,6 @@ defaultEntryPoints = ["http", "https"]
37# Enable ACME (Let's Encrypt): automatic SSL. 37# Enable ACME (Let's Encrypt): automatic SSL.
38[acme] 38[acme]
39 39
40# Email address used for registration.
41#
42# Required
43#
44email = "<MY EMAIL ADDRESS>"
45
46# File or key used for certificates storage. 40# File or key used for certificates storage.
47# 41#
48# Required 42# Required
@@ -57,11 +51,6 @@ storage = "/etc/acme.json"
57# 51#
58entryPoint = "https" 52entryPoint = "https"
59 53
60# Domains list.
61#
62[[acme.domains]]
63 main = "<MY DOMAIN>"
64
65# Use a HTTP-01 acme challenge rather than TLS-SNI-01 challenge 54# Use a HTTP-01 acme challenge rather than TLS-SNI-01 challenge
66# 55#
67# Optional but recommend 56# Optional but recommend
diff --git a/support/docker/production/docker-compose.yml b/support/docker/production/docker-compose.yml
index b81a8745b..72b08b855 100644
--- a/support/docker/production/docker-compose.yml
+++ b/support/docker/production/docker-compose.yml
@@ -5,7 +5,10 @@ services:
5 reverse-proxy: 5 reverse-proxy:
6 image: traefik:v1.7 6 image: traefik:v1.7
7 network_mode: "host" 7 network_mode: "host"
8 command: --docker # Tells Træfik to listen to docker 8 command:
9 - "--docker" # Tells Træfik to listen to docker
10 - "--acme.email=${TRAEFIK_ACME_EMAIL}" # Let's Encrypt ACME email
11 - "--acme.domains=${TRAEFIK_ACME_DOMAINS}" # Let's Encrypt ACME domain list
9 ports: 12 ports:
10 - "80:80" # The HTTP port 13 - "80:80" # The HTTP port
11 - "443:443" # The HTTPS port 14 - "443:443" # The HTTPS port