aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--support/doc/docker.md71
-rw-r--r--support/docker/production/config/traefik.toml49
-rw-r--r--support/docker/production/docker-compose.yml17
-rwxr-xr-xsupport/docker/production/docker-entrypoint.sh6
4 files changed, 110 insertions, 33 deletions
diff --git a/support/doc/docker.md b/support/doc/docker.md
index ae2b0f9c0..410db1136 100644
--- a/support/doc/docker.md
+++ b/support/doc/docker.md
@@ -6,56 +6,65 @@ You can quickly get a server running using Docker. You need to have
6 6
7## Production 7## Production
8 8
9### Build your own Docker image 9### Install
10
11```bash
12$ git clone https://github.com/chocobozzz/PeerTube /tmp/peertube
13$ cd /tmp/peertube
14$ docker build . -f ./support/docker/production/Dockerfile.stretch
15```
16
17### Run a preconfigured setup with all dependencies
18 10
19PeerTube needs a PostgreSQL and a Redis instance to work correctly. If you want 11PeerTube needs a PostgreSQL and a Redis instance to work correctly. If you want
20to quickly set up a full environment, either for trying the service or in 12to quickly set up a full environment, either for trying the service or in
21production, you can use a `docker-compose` setup. 13production, you can use a `docker-compose` setup.
22 14
23```bash 15```bash
24$ git clone https://github.com/chocobozzz/PeerTube /tmp/peertube 16$ cd /your/peertube/directory
25$ cd /tmp/peertube 17$ mkdir ./docker-volume && mkdir ./docker-volume/traefik
18$ curl "https://raw.githubusercontent.com/chocobozzz/PeerTube/master/support/docker/production/config/traefik.toml" > ./docker-volume/traefik/traefik.toml
19$ touch ./docker-volume/traefik/acme.json && chmod 600 ./docker-volume/traefik/acme.json
20$ curl -s "https://raw.githubusercontent.com/chocobozzz/PeerTube/master/support/docker/production/docker-compose.yml" > ./docker-compose.yml
21```
22
23Update the reverse proxy configuration:
24
26``` 25```
26$ vim ./docker-volume/traefik/traefik.toml
27```
28
29Tweak the `docker-compose.yml` file there according to your needs:
27 30
28Then tweak the `docker-compose.yml` file there according to your needs. Then 31```
29you can use the regular `up` command to set it up, with possible overrides of 32$ vim ./docker-compose.yaml
33```
34
35You can use the regular `up` command to set it up, with possible overrides of
30the environment variables: 36the environment variables:
31 37
32```bash 38```bash
33$ PEERTUBE_WEBSERVER_HOSTNAME=peertube.lvh.me \ 39$ PEERTUBE_WEBSERVER_HOSTNAME="domain.tld" docker-compose up
34 PEERTUBE_ADMIN_EMAIL=test@example.com \
35 PEERTUBE_TRANSCODING_ENABLED=true \
36 PEERTUBE_SIGNUP_ENABLED=true \
37 PEERTUBE_SMTP_HOST=mail.lvh.me \
38 PEERTUBE_SMTP_PORT=1025 \
39 PEERTUBE_SMTP_FROM=noreply@peertube.lvh.me \
40 docker-compose -f support/docker/production/docker-compose.yml --project-directory . up
41``` 40```
42 41
43Other environment variables are used in 42Other environment variables are used in
44`support/docker/production/config/custom-environment-variables.yaml` and can be 43`support/docker/production/config/custom-environment-variables.yaml` and can be
45intuited from usage. 44intuited from usage.
46 45
47For this example configuration, a reverse proxy is quite recommended. The
48example Docker Compose file provides example labels for a Traefik load
49balancer, although any HTTP reverse proxy will work fine. See the example
50Nginx configuration `support/nginx/peertube` file to get an idea of
51recommendations and requirements to run PeerTube the most efficiently.
52
53**Important**: note that you'll get the initial `root` user password from the 46**Important**: note that you'll get the initial `root` user password from the
54program output, so check out your logs to find them. 47program output, so check out your logs to find them.
55 48
49### Upgrade
50
51Pull the latest images and rerun PeerTube:
52
53```
54$ docker-compose pull
55$ PEERTUBE_WEBSERVER_HOSTNAME="domain.tld" docker-compose up
56```
57
58
59## Build your own Docker image
60
61```bash
62$ git clone https://github.com/chocobozzz/PeerTube /tmp/peertube
63$ cd /tmp/peertube
64$ docker build . -f ./support/docker/production/Dockerfile.stretch
65```
66
56## Development 67## Development
57 68
58The Docker image that's preconfigured in `support/docker/dev` contains all the 69We don't have a Docker image for development. See [the CONTRIBUTING guide](https://github.com/Chocobozzz/PeerTube/blob/develop/.github/CONTRIBUTING.md#develop)
59services embedded in one image, so as to work correctly on 70for more information on how you can hack PeerTube! \ No newline at end of file
60[Janitor](https://janitor.technology). It is much not advised to use it in
61production.
diff --git a/support/docker/production/config/traefik.toml b/support/docker/production/config/traefik.toml
new file mode 100644
index 000000000..775a26515
--- /dev/null
+++ b/support/docker/production/config/traefik.toml
@@ -0,0 +1,49 @@
1# Uncomment this line in order to enable debugging through logs
2# debug = true
3defaultEntryPoints = ["http", "https"]
4[entryPoints]
5 [entryPoints.http]
6 address = ":80"
7 [entryPoints.https]
8 address = ":443"
9 [entryPoints.https.tls]
10
11# Enable ACME (Let's Encrypt): automatic SSL.
12[acme]
13
14# Email address used for registration.
15#
16# Required
17#
18email = "<MY EMAIL ADDRESS>"
19
20# File or key used for certificates storage.
21#
22# Required
23#
24storage = "/etc/acme.json"
25# or `storage = "traefik/acme/account"` if using KV store.
26
27# Entrypoint to proxy acme apply certificates to.
28# WARNING, if the TLS-SNI-01 challenge is used, it must point to an entrypoint on port 443
29#
30# Required
31#
32entryPoint = "https"
33
34# Domains list.
35#
36[[acme.domains]]
37 main = "<MY DOMAIN>"
38
39# Use a HTTP-01 acme challenge rather than TLS-SNI-01 challenge
40#
41# Optional but recommend
42#
43[acme.httpChallenge]
44
45 # EntryPoint to use for the challenges.
46 #
47 # Required
48 #
49 entryPoint = "http"
diff --git a/support/docker/production/docker-compose.yml b/support/docker/production/docker-compose.yml
index eefd6e5bb..5f8822ad3 100644
--- a/support/docker/production/docker-compose.yml
+++ b/support/docker/production/docker-compose.yml
@@ -2,6 +2,19 @@ version: "3.3"
2 2
3services: 3services:
4 4
5 reverse-proxy:
6 image: traefik
7 command: --api --docker # Enables the web UI and tells Træfik to listen to docker
8 ports:
9 - "80:80" # The HTTP port
10 - "443:443" # The HTTPS port
11 - "8080:8080" # The Web UI (enabled by --api)
12 volumes:
13 - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
14 - ./docker-volume/traefik/acme.json:/etc/acme.json
15 - ./docker-volume/traefik/traefik.toml:/traefik.toml
16 restart: "always"
17
5 peertube: 18 peertube:
6 # If you don't want to use the official image and build one from sources 19 # If you don't want to use the official image and build one from sources
7 # build: 20 # build:
@@ -49,9 +62,13 @@ services:
49 volumes: 62 volumes:
50 - ./docker-volume/db:/var/lib/postgresql/data 63 - ./docker-volume/db:/var/lib/postgresql/data
51 restart: "always" 64 restart: "always"
65 labels:
66 traefik.enable: "false"
52 67
53 redis: 68 redis:
54 image: redis:4-alpine 69 image: redis:4-alpine
55 volumes: 70 volumes:
56 - ./docker-volume/redis:/data 71 - ./docker-volume/redis:/data
57 restart: "always" 72 restart: "always"
73 labels:
74 traefik.enable: "false" \ No newline at end of file
diff --git a/support/docker/production/docker-entrypoint.sh b/support/docker/production/docker-entrypoint.sh
index 8ee968b3d..447cf7fa4 100755
--- a/support/docker/production/docker-entrypoint.sh
+++ b/support/docker/production/docker-entrypoint.sh
@@ -4,10 +4,12 @@ set -e
4# Populate config directory 4# Populate config directory
5if [ -z "$(ls -A /config)" ]; then 5if [ -z "$(ls -A /config)" ]; then
6 cp /app/support/docker/production/config/* /config 6 cp /app/support/docker/production/config/* /config
7 cp /app/config/default.yaml /config
8 chown -R peertube:peertube /config
9fi 7fi
10 8
9# Always copy default configuration file, in cases where new keys were added
10cp /app/config/default.yaml /config
11chown -R peertube:peertube /config
12
11# first arg is `-f` or `--some-option` 13# first arg is `-f` or `--some-option`
12# or first arg is `something.conf` 14# or first arg is `something.conf`
13if [ "${1#-}" != "$1" ] || [ "${1%.conf}" != "$1" ]; then 15if [ "${1#-}" != "$1" ] || [ "${1%.conf}" != "$1" ]; then