diff options
author | kaiyou <pierre@jaury.eu> | 2018-01-29 08:52:20 +0100 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-01-29 08:52:20 +0100 |
commit | e8395f027b6c3e3f757c740e35b20e76c51b03bd (patch) | |
tree | ee0e761357b7407b6992600342306669de880689 /support | |
parent | 8dfd8fd7ca376e7898c912bb985a7a4a997cd966 (diff) | |
download | PeerTube-e8395f027b6c3e3f757c740e35b20e76c51b03bd.tar.gz PeerTube-e8395f027b6c3e3f757c740e35b20e76c51b03bd.tar.zst PeerTube-e8395f027b6c3e3f757c740e35b20e76c51b03bd.zip |
Add production Alpine and Debian Stretch Docker images (#225)
* First pass at a (swarm-compatible) docker image
Uses an existing traefik server as a https reverse proxy.
* Add example config for a Docker swarm deployment
* Point to traefik config for docker compose setup
* Clarify that traefik is needed for the example config
* Use node:8-stretch base image and don't install yarn
(The base image already contains yarn.)
* Initial commit for an Alpine Docker image
* Fix docker volume path
* Merge #213 and #225 and move files around
* Remove unnecessary dependencies from the alpine build
* Update Dockerfiles to match install path, config path, etc.
* Update the configuration in the example compose file
* Update the configuration in the example swarm file
* Remove the declared networks and volumes from the compose example, which are not strictly required
* Update attachment path in the documentation
* Display traefik as a suggestion and not a required dependency
* Update the Docker ignored files
* Fix typos reported in #225
* Move production Dockerfiles to a production directory
* Add the redis configuration settings
* Add Docker files to the dockerignore
* Make the signup limit configurable
Diffstat (limited to 'support')
-rw-r--r-- | support/doc/production.md | 18 | ||||
-rw-r--r-- | support/docker/production/Dockerfile.alpine | 24 | ||||
-rw-r--r-- | support/docker/production/Dockerfile.stretch | 25 | ||||
-rw-r--r-- | support/docker/production/config/custom-environment-variables.yaml | 40 | ||||
-rw-r--r-- | support/docker/production/config/production.yaml | 64 | ||||
-rw-r--r-- | support/docker/production/docker-compose.yml | 35 | ||||
-rw-r--r-- | support/docker/production/swarm-stack.sample.yml | 52 |
7 files changed, 258 insertions, 0 deletions
diff --git a/support/doc/production.md b/support/doc/production.md index c18b4ead0..ae7f3e0f6 100644 --- a/support/doc/production.md +++ b/support/doc/production.md | |||
@@ -315,3 +315,21 @@ $ OLD_VERSION="v0.42.42" && SQL_BACKUP_PATH="backup/sql-peertube_prod-2018-01-19 | |||
315 | pg_restore -U peertube -c -d peertube_prod "$SQL_BACKUP_PATH" | 315 | pg_restore -U peertube -c -d peertube_prod "$SQL_BACKUP_PATH" |
316 | sudo systemctl restart peertube | 316 | sudo systemctl restart peertube |
317 | ``` | 317 | ``` |
318 | |||
319 | ## Installation on Docker Swarm | ||
320 | |||
321 | There is an example configuration for deploying peertube and a postgres database as a Docker swarm stack. It works like this: | ||
322 | |||
323 | (_Note_: You need to make sure to set `traefik` and `peertube` labels on the target node(s) for this configuration to work.) | ||
324 | |||
325 | 1. Install a traefik loadbalancer stack (including Let's Encrypt) on your docker swarm. [Here](https://gist.github.com/djmaze/2684fbf147d775c8ee441b4302554823) is an example configuration. | ||
326 | |||
327 | 2. Copy the [example stack file](support/docker/production/docker-stack.example.yml) for peertube: | ||
328 | |||
329 | scp support/docker/production/docker-stack.example.yml root@your-server:/path/to/your/swarm-config/peertube.yml | ||
330 | |||
331 | 2. Have a look at the file and adjust the variables to your need. | ||
332 | |||
333 | 3. Deploy the stack: | ||
334 | |||
335 | docker stack deploy -c peertube.yml peertube | ||
diff --git a/support/docker/production/Dockerfile.alpine b/support/docker/production/Dockerfile.alpine new file mode 100644 index 000000000..939b2d23b --- /dev/null +++ b/support/docker/production/Dockerfile.alpine | |||
@@ -0,0 +1,24 @@ | |||
1 | FROM node:8-alpine | ||
2 | |||
3 | # Install dependencies | ||
4 | RUN apk add --no-cache ffmpeg openssl bash make g++ git \ | ||
5 | && apk add --no-cache --repository https://dl-3.alpinelinux.org/alpine/edge/testing/ vips-dev fftw-dev | ||
6 | |||
7 | # Install the application | ||
8 | WORKDIR /app | ||
9 | |||
10 | COPY . ./ | ||
11 | RUN bash -c 'yarn install --pure-lockfile && npm run build' | ||
12 | |||
13 | # Configure the application | ||
14 | RUN addgroup -g 991 peertube \ | ||
15 | && adduser -D -u 991 -G peertube -h /data peertube | ||
16 | USER peertube | ||
17 | |||
18 | ENV NODE_ENV production | ||
19 | ENV NODE_CONFIG_DIR /app/support/docker/production/config/ | ||
20 | |||
21 | # Run the application | ||
22 | CMD ["npm", "start"] | ||
23 | VOLUME ["/data"] | ||
24 | EXPOSE 9000 | ||
diff --git a/support/docker/production/Dockerfile.stretch b/support/docker/production/Dockerfile.stretch new file mode 100644 index 000000000..c739247a6 --- /dev/null +++ b/support/docker/production/Dockerfile.stretch | |||
@@ -0,0 +1,25 @@ | |||
1 | FROM node:8-stretch | ||
2 | |||
3 | # Install dependencies | ||
4 | RUN apt-get update \ | ||
5 | && apt-get -y install ffmpeg \ | ||
6 | && rm /var/lib/apt/lists/* -fR | ||
7 | |||
8 | # Install the application | ||
9 | WORKDIR /app | ||
10 | |||
11 | COPY . ./ | ||
12 | RUN yarn install --pure-lockfile && npm run build | ||
13 | |||
14 | # Configure the application | ||
15 | RUN groupadd -g 991 peertube \ | ||
16 | && useradd -u 991 -g peertube -d /data -m peertube | ||
17 | USER peertube | ||
18 | |||
19 | ENV NODE_ENV production | ||
20 | ENV NODE_CONFIG_DIR /app/support/docker/production/config | ||
21 | |||
22 | # Run the application | ||
23 | CMD ["npm", "start"] | ||
24 | VOLUME ["/data"] | ||
25 | EXPOSE 9000 | ||
diff --git a/support/docker/production/config/custom-environment-variables.yaml b/support/docker/production/config/custom-environment-variables.yaml new file mode 100644 index 000000000..5226e1742 --- /dev/null +++ b/support/docker/production/config/custom-environment-variables.yaml | |||
@@ -0,0 +1,40 @@ | |||
1 | webserver: | ||
2 | hostname: "PEERTUBE_HOSTNAME" | ||
3 | port: | ||
4 | __name: "PEERTUBE_PORT" | ||
5 | __format: "json" | ||
6 | https: | ||
7 | __name: "PEERTUBE_HTTPS" | ||
8 | __format: "json" | ||
9 | |||
10 | database: | ||
11 | hostname: "PEERTUBE_DB_HOSTNAME" | ||
12 | port: | ||
13 | __name: "PEERTUBE_DB_PORT" | ||
14 | __format: "json" | ||
15 | suffix: "PEERTUBE_DB_SUFFIX" | ||
16 | username: "PEERTUBE_DB_USERNAME" | ||
17 | password: "PEERTUBE_DB_PASSWORD" | ||
18 | |||
19 | redis: | ||
20 | hostname: "PEERTUBE_REDIS_HOSTNAME" | ||
21 | port: | ||
22 | __name: "PEERTUBE_REDIS_PORT" | ||
23 | __format: "json" | ||
24 | auth: "PEERTUBE_REDIS_AUTH" | ||
25 | |||
26 | admin: | ||
27 | email: "PEERTUBE_ADMIN_EMAIL" | ||
28 | |||
29 | signup: | ||
30 | enabled: | ||
31 | __name: "PEERTUBE_SIGNUP_ENABLED" | ||
32 | __format: "json" | ||
33 | limit: | ||
34 | __name: "PEETUBE_SIGNUP_LIMIT" | ||
35 | __format: "json" | ||
36 | |||
37 | transcoding: | ||
38 | enabled: | ||
39 | __name: "PEERTUBE_TRANSCODING_ENABLED" | ||
40 | __format: "json" | ||
diff --git a/support/docker/production/config/production.yaml b/support/docker/production/config/production.yaml new file mode 100644 index 000000000..4666ea2ed --- /dev/null +++ b/support/docker/production/config/production.yaml | |||
@@ -0,0 +1,64 @@ | |||
1 | listen: | ||
2 | port: 9000 | ||
3 | |||
4 | # Correspond to your reverse proxy "listen" configuration | ||
5 | webserver: | ||
6 | https: true | ||
7 | hostname: undefined | ||
8 | port: 443 | ||
9 | |||
10 | # Your database name will be "peertube"+database.suffix | ||
11 | database: | ||
12 | hostname: 'db' | ||
13 | port: 5432 | ||
14 | suffix: '' | ||
15 | username: 'postgres' | ||
16 | password: 'postgres' | ||
17 | |||
18 | # Redis server for short time storage | ||
19 | redis: | ||
20 | hostname: 'redis' | ||
21 | port: 6379 | ||
22 | auth: null | ||
23 | |||
24 | # From the project root directory | ||
25 | storage: | ||
26 | avatars: '../data/avatars/' | ||
27 | certs: '../data/certs/' | ||
28 | videos: '../data/videos/' | ||
29 | logs: '../data/logs/' | ||
30 | previews: '../data/previews/' | ||
31 | thumbnails: '../data/thumbnails/' | ||
32 | torrents: '../data/torrents/' | ||
33 | cache: '../data/cache/' | ||
34 | |||
35 | log: | ||
36 | level: 'info' # debug/info/warning/error | ||
37 | |||
38 | cache: | ||
39 | previews: | ||
40 | size: 100 # Max number of previews you want to cache | ||
41 | |||
42 | admin: | ||
43 | email: undefined | ||
44 | |||
45 | signup: | ||
46 | enabled: false | ||
47 | limit: -1 | ||
48 | |||
49 | user: | ||
50 | # Default value of maximum video BYTES the user can upload (does not take into account transcoded files). | ||
51 | # -1 == unlimited | ||
52 | video_quota: -1 | ||
53 | |||
54 | # If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag | ||
55 | # Uses a lot of CPU! | ||
56 | transcoding: | ||
57 | enabled: false | ||
58 | threads: 2 | ||
59 | resolutions: # Only created if the original video has a higher resolution | ||
60 | 240p: true | ||
61 | 360p: true | ||
62 | 480p: true | ||
63 | 720p: true | ||
64 | 1080p: true | ||
diff --git a/support/docker/production/docker-compose.yml b/support/docker/production/docker-compose.yml new file mode 100644 index 000000000..db1c7d587 --- /dev/null +++ b/support/docker/production/docker-compose.yml | |||
@@ -0,0 +1,35 @@ | |||
1 | version: "3.3" | ||
2 | |||
3 | services: | ||
4 | peertube: | ||
5 | |||
6 | build: . | ||
7 | image: peertube:stretch | ||
8 | environment: | ||
9 | PEERTUBE_HOSTNAME: my.domain.tld | ||
10 | PEERTUBE_PORT: 443 | ||
11 | PEERTUBE_HTTPS: true | ||
12 | PEERTUBE_ADMIN_EMAIL: admin@domain.tld | ||
13 | PEERTUBE_DB_USERNAME: user | ||
14 | PEERTUBE_DB_PASSWORD: password | ||
15 | PEERTUBE_SIGNUP_ENABLED: true | ||
16 | PEERTUBE_TRANSCODING_ENABLED: true | ||
17 | # Traefik labels are suggested as an example for people using Traefik, | ||
18 | # remove them if you are using another reverse proxy. | ||
19 | labels: | ||
20 | traefik.enable: "true" | ||
21 | traefik.frontend.rule: "Host:${PEERTUBE_HOSTNAME}" | ||
22 | traefik.port: "9000" | ||
23 | volumes: | ||
24 | - ./data:/usr/src/app/data | ||
25 | depends_on: | ||
26 | - db | ||
27 | |||
28 | db: | ||
29 | image: postgres:10 | ||
30 | environment: | ||
31 | POSTGRES_USERNAME: user | ||
32 | POSTGRES_PASSWORD: password | ||
33 | POSTGRES_DB: peertube_prod | ||
34 | volumes: | ||
35 | - ./db:/var/lib/postgresql/data | ||
diff --git a/support/docker/production/swarm-stack.sample.yml b/support/docker/production/swarm-stack.sample.yml new file mode 100644 index 000000000..794f44753 --- /dev/null +++ b/support/docker/production/swarm-stack.sample.yml | |||
@@ -0,0 +1,52 @@ | |||
1 | version: "3.3" | ||
2 | |||
3 | services: | ||
4 | app: | ||
5 | image: peertube:stretch | ||
6 | environment: | ||
7 | PEERTUBE_HOSTNAME: my.domain.tld | ||
8 | PEERTUBE_PORT: 443 | ||
9 | PEERTUBE_HTTPS: true | ||
10 | PEERTUBE_ADMIN_EMAIL: admin@domain.tld | ||
11 | PEERTUBE_DB_USERNAME: user | ||
12 | PEERTUBE_DB_PASSWORD: password | ||
13 | PEERTUBE_SIGNUP_ENABLED: true | ||
14 | PEERTUBE_TRANSCODING_ENABLED: true | ||
15 | labels: &labels | ||
16 | traefik.frontend.rule: "Host:my.domain.tld" | ||
17 | traefik.docker.network: traefik | ||
18 | traefik.port: "9000" | ||
19 | volumes: | ||
20 | - app_data:/usr/src/app/data | ||
21 | networks: | ||
22 | - traefik | ||
23 | - backend | ||
24 | depends_on: | ||
25 | - db | ||
26 | deploy: | ||
27 | labels: *labels | ||
28 | placement: | ||
29 | constraints: | ||
30 | - node.labels.peertube == 1 | ||
31 | |||
32 | db: | ||
33 | image: postgres:10 | ||
34 | environment: | ||
35 | POSTGRES_DB: peertube_prod | ||
36 | volumes: | ||
37 | - db_data:/var/lib/postgresql/data | ||
38 | networks: | ||
39 | - backend | ||
40 | deploy: | ||
41 | placement: | ||
42 | constraints: | ||
43 | - node.labels.peertube == 1 | ||
44 | |||
45 | volumes: | ||
46 | app_data: | ||
47 | db_data: | ||
48 | |||
49 | networks: | ||
50 | backend: | ||
51 | traefik: | ||
52 | external: true | ||