diff options
Diffstat (limited to 'support')
-rw-r--r-- | support/doc/docker.md | 71 | ||||
-rw-r--r-- | support/docker/production/config/traefik.toml | 49 | ||||
-rw-r--r-- | support/docker/production/docker-compose.yml | 17 | ||||
-rwxr-xr-x | support/docker/production/docker-entrypoint.sh | 6 |
4 files changed, 110 insertions, 33 deletions
diff --git a/support/doc/docker.md b/support/doc/docker.md index ae2b0f9c0..410db1136 100644 --- a/support/doc/docker.md +++ b/support/doc/docker.md | |||
@@ -6,56 +6,65 @@ You can quickly get a server running using Docker. You need to have | |||
6 | 6 | ||
7 | ## Production | 7 | ## Production |
8 | 8 | ||
9 | ### Build your own Docker image | 9 | ### Install |
10 | |||
11 | ```bash | ||
12 | $ git clone https://github.com/chocobozzz/PeerTube /tmp/peertube | ||
13 | $ cd /tmp/peertube | ||
14 | $ docker build . -f ./support/docker/production/Dockerfile.stretch | ||
15 | ``` | ||
16 | |||
17 | ### Run a preconfigured setup with all dependencies | ||
18 | 10 | ||
19 | PeerTube needs a PostgreSQL and a Redis instance to work correctly. If you want | 11 | PeerTube needs a PostgreSQL and a Redis instance to work correctly. If you want |
20 | to quickly set up a full environment, either for trying the service or in | 12 | to quickly set up a full environment, either for trying the service or in |
21 | production, you can use a `docker-compose` setup. | 13 | production, you can use a `docker-compose` setup. |
22 | 14 | ||
23 | ```bash | 15 | ```bash |
24 | $ git clone https://github.com/chocobozzz/PeerTube /tmp/peertube | 16 | $ cd /your/peertube/directory |
25 | $ cd /tmp/peertube | 17 | $ mkdir ./docker-volume && mkdir ./docker-volume/traefik |
18 | $ curl "https://raw.githubusercontent.com/chocobozzz/PeerTube/master/support/docker/production/config/traefik.toml" > ./docker-volume/traefik/traefik.toml | ||
19 | $ touch ./docker-volume/traefik/acme.json && chmod 600 ./docker-volume/traefik/acme.json | ||
20 | $ curl -s "https://raw.githubusercontent.com/chocobozzz/PeerTube/master/support/docker/production/docker-compose.yml" > ./docker-compose.yml | ||
21 | ``` | ||
22 | |||
23 | Update the reverse proxy configuration: | ||
24 | |||
26 | ``` | 25 | ``` |
26 | $ vim ./docker-volume/traefik/traefik.toml | ||
27 | ``` | ||
28 | |||
29 | Tweak the `docker-compose.yml` file there according to your needs: | ||
27 | 30 | ||
28 | Then tweak the `docker-compose.yml` file there according to your needs. Then | 31 | ``` |
29 | you can use the regular `up` command to set it up, with possible overrides of | 32 | $ vim ./docker-compose.yaml |
33 | ``` | ||
34 | |||
35 | You can use the regular `up` command to set it up, with possible overrides of | ||
30 | the environment variables: | 36 | the environment variables: |
31 | 37 | ||
32 | ```bash | 38 | ```bash |
33 | $ PEERTUBE_WEBSERVER_HOSTNAME=peertube.lvh.me \ | 39 | $ PEERTUBE_WEBSERVER_HOSTNAME="domain.tld" docker-compose up |
34 | PEERTUBE_ADMIN_EMAIL=test@example.com \ | ||
35 | PEERTUBE_TRANSCODING_ENABLED=true \ | ||
36 | PEERTUBE_SIGNUP_ENABLED=true \ | ||
37 | PEERTUBE_SMTP_HOST=mail.lvh.me \ | ||
38 | PEERTUBE_SMTP_PORT=1025 \ | ||
39 | PEERTUBE_SMTP_FROM=noreply@peertube.lvh.me \ | ||
40 | docker-compose -f support/docker/production/docker-compose.yml --project-directory . up | ||
41 | ``` | 40 | ``` |
42 | 41 | ||
43 | Other environment variables are used in | 42 | Other environment variables are used in |
44 | `support/docker/production/config/custom-environment-variables.yaml` and can be | 43 | `support/docker/production/config/custom-environment-variables.yaml` and can be |
45 | intuited from usage. | 44 | intuited from usage. |
46 | 45 | ||
47 | For this example configuration, a reverse proxy is quite recommended. The | ||
48 | example Docker Compose file provides example labels for a Traefik load | ||
49 | balancer, although any HTTP reverse proxy will work fine. See the example | ||
50 | Nginx configuration `support/nginx/peertube` file to get an idea of | ||
51 | recommendations and requirements to run PeerTube the most efficiently. | ||
52 | |||
53 | **Important**: note that you'll get the initial `root` user password from the | 46 | **Important**: note that you'll get the initial `root` user password from the |
54 | program output, so check out your logs to find them. | 47 | program output, so check out your logs to find them. |
55 | 48 | ||
49 | ### Upgrade | ||
50 | |||
51 | Pull the latest images and rerun PeerTube: | ||
52 | |||
53 | ``` | ||
54 | $ docker-compose pull | ||
55 | $ PEERTUBE_WEBSERVER_HOSTNAME="domain.tld" docker-compose up | ||
56 | ``` | ||
57 | |||
58 | |||
59 | ## Build your own Docker image | ||
60 | |||
61 | ```bash | ||
62 | $ git clone https://github.com/chocobozzz/PeerTube /tmp/peertube | ||
63 | $ cd /tmp/peertube | ||
64 | $ docker build . -f ./support/docker/production/Dockerfile.stretch | ||
65 | ``` | ||
66 | |||
56 | ## Development | 67 | ## Development |
57 | 68 | ||
58 | The Docker image that's preconfigured in `support/docker/dev` contains all the | 69 | We don't have a Docker image for development. See [the CONTRIBUTING guide](https://github.com/Chocobozzz/PeerTube/blob/develop/.github/CONTRIBUTING.md#develop) |
59 | services embedded in one image, so as to work correctly on | 70 | for more information on how you can hack PeerTube! \ No newline at end of file |
60 | [Janitor](https://janitor.technology). It is much not advised to use it in | ||
61 | production. | ||
diff --git a/support/docker/production/config/traefik.toml b/support/docker/production/config/traefik.toml new file mode 100644 index 000000000..775a26515 --- /dev/null +++ b/support/docker/production/config/traefik.toml | |||
@@ -0,0 +1,49 @@ | |||
1 | # Uncomment this line in order to enable debugging through logs | ||
2 | # debug = true | ||
3 | defaultEntryPoints = ["http", "https"] | ||
4 | [entryPoints] | ||
5 | [entryPoints.http] | ||
6 | address = ":80" | ||
7 | [entryPoints.https] | ||
8 | address = ":443" | ||
9 | [entryPoints.https.tls] | ||
10 | |||
11 | # Enable ACME (Let's Encrypt): automatic SSL. | ||
12 | [acme] | ||
13 | |||
14 | # Email address used for registration. | ||
15 | # | ||
16 | # Required | ||
17 | # | ||
18 | email = "<MY EMAIL ADDRESS>" | ||
19 | |||
20 | # File or key used for certificates storage. | ||
21 | # | ||
22 | # Required | ||
23 | # | ||
24 | storage = "/etc/acme.json" | ||
25 | # or `storage = "traefik/acme/account"` if using KV store. | ||
26 | |||
27 | # Entrypoint to proxy acme apply certificates to. | ||
28 | # WARNING, if the TLS-SNI-01 challenge is used, it must point to an entrypoint on port 443 | ||
29 | # | ||
30 | # Required | ||
31 | # | ||
32 | entryPoint = "https" | ||
33 | |||
34 | # Domains list. | ||
35 | # | ||
36 | [[acme.domains]] | ||
37 | main = "<MY DOMAIN>" | ||
38 | |||
39 | # Use a HTTP-01 acme challenge rather than TLS-SNI-01 challenge | ||
40 | # | ||
41 | # Optional but recommend | ||
42 | # | ||
43 | [acme.httpChallenge] | ||
44 | |||
45 | # EntryPoint to use for the challenges. | ||
46 | # | ||
47 | # Required | ||
48 | # | ||
49 | entryPoint = "http" | ||
diff --git a/support/docker/production/docker-compose.yml b/support/docker/production/docker-compose.yml index eefd6e5bb..5f8822ad3 100644 --- a/support/docker/production/docker-compose.yml +++ b/support/docker/production/docker-compose.yml | |||
@@ -2,6 +2,19 @@ version: "3.3" | |||
2 | 2 | ||
3 | services: | 3 | services: |
4 | 4 | ||
5 | reverse-proxy: | ||
6 | image: traefik | ||
7 | command: --api --docker # Enables the web UI and tells Træfik to listen to docker | ||
8 | ports: | ||
9 | - "80:80" # The HTTP port | ||
10 | - "443:443" # The HTTPS port | ||
11 | - "8080:8080" # The Web UI (enabled by --api) | ||
12 | volumes: | ||
13 | - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events | ||
14 | - ./docker-volume/traefik/acme.json:/etc/acme.json | ||
15 | - ./docker-volume/traefik/traefik.toml:/traefik.toml | ||
16 | restart: "always" | ||
17 | |||
5 | peertube: | 18 | peertube: |
6 | # If you don't want to use the official image and build one from sources | 19 | # If you don't want to use the official image and build one from sources |
7 | # build: | 20 | # build: |
@@ -49,9 +62,13 @@ services: | |||
49 | volumes: | 62 | volumes: |
50 | - ./docker-volume/db:/var/lib/postgresql/data | 63 | - ./docker-volume/db:/var/lib/postgresql/data |
51 | restart: "always" | 64 | restart: "always" |
65 | labels: | ||
66 | traefik.enable: "false" | ||
52 | 67 | ||
53 | redis: | 68 | redis: |
54 | image: redis:4-alpine | 69 | image: redis:4-alpine |
55 | volumes: | 70 | volumes: |
56 | - ./docker-volume/redis:/data | 71 | - ./docker-volume/redis:/data |
57 | restart: "always" | 72 | restart: "always" |
73 | labels: | ||
74 | traefik.enable: "false" \ No newline at end of file | ||
diff --git a/support/docker/production/docker-entrypoint.sh b/support/docker/production/docker-entrypoint.sh index 8ee968b3d..447cf7fa4 100755 --- a/support/docker/production/docker-entrypoint.sh +++ b/support/docker/production/docker-entrypoint.sh | |||
@@ -4,10 +4,12 @@ set -e | |||
4 | # Populate config directory | 4 | # Populate config directory |
5 | if [ -z "$(ls -A /config)" ]; then | 5 | if [ -z "$(ls -A /config)" ]; then |
6 | cp /app/support/docker/production/config/* /config | 6 | cp /app/support/docker/production/config/* /config |
7 | cp /app/config/default.yaml /config | ||
8 | chown -R peertube:peertube /config | ||
9 | fi | 7 | fi |
10 | 8 | ||
9 | # Always copy default configuration file, in cases where new keys were added | ||
10 | cp /app/config/default.yaml /config | ||
11 | chown -R peertube:peertube /config | ||
12 | |||
11 | # first arg is `-f` or `--some-option` | 13 | # first arg is `-f` or `--some-option` |
12 | # or first arg is `something.conf` | 14 | # or first arg is `something.conf` |
13 | if [ "${1#-}" != "$1" ] || [ "${1%.conf}" != "$1" ]; then | 15 | if [ "${1#-}" != "$1" ] || [ "${1%.conf}" != "$1" ]; then |