From b8f3e6b00b3300f4ebf37bf77711739964c9e5d6 Mon Sep 17 00:00:00 2001 From: Rigel Kent Date: Mon, 22 Jun 2020 13:06:54 +0200 Subject: move traefik to its own override file --- support/doc/docker-traefik.md | 44 +++++++++++++++++++++++++++ support/doc/docker.md | 71 ++++++++++++------------------------------- 2 files changed, 63 insertions(+), 52 deletions(-) create mode 100644 support/doc/docker-traefik.md (limited to 'support/doc') diff --git a/support/doc/docker-traefik.md b/support/doc/docker-traefik.md new file mode 100644 index 000000000..fcd63364a --- /dev/null +++ b/support/doc/docker-traefik.md @@ -0,0 +1,44 @@ +### Docker + Traefik + +After following the [docker guide](/support/doc/docker.md), you can choose to run traefik +as your reverse-proxy. + +#### Create the reverse proxy configuration directory + +```shell +mkdir -p ./docker-volume/traefik +``` + +#### Get the latest reverse proxy configuration + +```shell +curl https://raw.githubusercontent.com/chocobozzz/PeerTube/master/support/docker/production/config/traefik.toml > ./docker-volume/traefik/traefik.toml +``` + +View the source of the file you're about to download: [traefik.toml](https://github.com/Chocobozzz/PeerTube/blob/master/support/docker/production/config/traefik.toml) + +#### Create Let's Encrypt ACME certificates as JSON file + +```shell +touch ./docker-volume/traefik/acme.json +``` +Needs to have file mode 600: +```shell +chmod 600 ./docker-volume/traefik/acme.json +``` + +#### Update the reverse proxy configuration + +```shell +$EDITOR ./docker-volume/traefik/traefik.toml +``` + +~~You must replace `` and `` to enable Let's Encrypt SSL Certificates creation.~~ Now included in `.env` file with `TRAEFIK_ACME_EMAIL` and `TRAEFIK_ACME_DOMAINS` variables used through traefik service command value of `docker-compose.yml` file. + +More at: https://docs.traefik.io/v1.7 + +#### Run with traefik + +```shell +docker-compose -f {docker-compose.yml,docker-compose.traefik.yml} up -d +``` diff --git a/support/doc/docker.md b/support/doc/docker.md index fc89e4c4c..e55aee9fc 100644 --- a/support/doc/docker.md +++ b/support/doc/docker.md @@ -1,46 +1,19 @@ # Docker guide -You can quickly get a server running using Docker. You need to have -[docker](https://www.docker.com/community-edition) and +This guide requires [docker](https://www.docker.com/community-edition) and [docker-compose](https://docs.docker.com/compose/install/) installed. ## Production ### Install -**PeerTube does not support webserver host change**. Keep in mind your domain name is definitive after your first PeerTube start. - -PeerTube needs a PostgreSQL and a Redis instance to work correctly. If you want -to quickly set up a full environment, either for trying the service or in -production, you can use a `docker-compose` setup. +**PeerTube does not support webserver host change**. Keep in mind your domain +name is definitive after your first PeerTube start. #### Go to your peertube workdir -```shell -cd /your/peertube/directory -``` - -#### Create the reverse proxy configuration directory - -```shell -mkdir -p ./docker-volume/traefik -``` -#### Get the latest reverse proxy configuration - -```shell -curl https://raw.githubusercontent.com/chocobozzz/PeerTube/master/support/docker/production/config/traefik.toml > ./docker-volume/traefik/traefik.toml -``` - -View the source of the file you're about to download: [traefik.toml](https://github.com/Chocobozzz/PeerTube/blob/master/support/docker/production/config/traefik.toml) - -#### Create Let's Encrypt ACME certificates as JSON file - -```shell -touch ./docker-volume/traefik/acme.json -``` -Needs to have file mode 600: ```shell -chmod 600 ./docker-volume/traefik/acme.json +cd /your/peertube/directory ``` #### Get the latest Compose file @@ -51,7 +24,6 @@ curl https://raw.githubusercontent.com/chocobozzz/PeerTube/master/support/docker View the source of the file you're about to download: [docker-compose.yml](https://github.com/Chocobozzz/PeerTube/blob/master/support/docker/production/docker-compose.yml) - #### Get the latest env_file ```shell @@ -60,27 +32,18 @@ curl https://raw.githubusercontent.com/Chocobozzz/PeerTube/master/support/docker View the source of the file you're about to download: [.env](https://github.com/Chocobozzz/PeerTube/blob/master/support/docker/production/.env) -#### Update the reverse proxy configuration - -```shell -vim ./docker-volume/traefik/traefik.toml -``` - -~~You must replace `` and `` to enable Let's Encrypt SSL Certificates creation.~~ Now included in `.env` file with `TRAEFIK_ACME_EMAIL` and `TRAEFIK_ACME_DOMAINS` variables used through traefik service command value of `docker-compose.yml` file. - -More at: https://docs.traefik.io/v1.7 - #### Tweak the `docker-compose.yml` file there according to your needs ```shell -vim ./docker-compose.yml +$EDITOR ./docker-compose.yml ``` #### Then tweak the `.env` file to change the environment variables ```shell -vim ./.env +$EDITOR ./.env ``` + In the downloaded example [.env](https://github.com/Chocobozzz/PeerTube/blob/master/support/docker/production/.env), you must replace: - `` - `` @@ -103,10 +66,12 @@ To test locally your Docker setup, you must add your domain (``) in ` ```shell docker-compose up ``` -### Obtaining Your Automatically Generated Admin Credentials -Now that you've installed your PeerTube instance you'll want to grep your peertube container's logs for the `root` password. -You're going to want to run `docker-compose logs peertube | grep -A1 root` to search the log output for your new PeerTube's instance admin credentials which will look something like this. -```BASH + +### Obtaining your automatically-generated admin credentials + +Now that you've installed your PeerTube instance you'll want to grep your peertube container's logs for the `root` password. You're going to want to run `docker-compose logs peertube | grep -A1 root` to search the log output for your new PeerTube's instance admin credentials which will look something like this. + +```bash user@s:~/peertube|master⚡ ⇒ docker-compose logs peertube | grep -A1 root peertube_1 | [example.com:443] 2019-11-16 04:26:06.082 info: Username: root @@ -114,9 +79,12 @@ peertube_1 | [example.com:443] 2019-11-16 04:26:06.083 info: User password: abc ``` ### Obtaining Your Automatically Generated DKIM DNS TXT Record + [DKIM](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail) signature sending and RSA keys generation are enabled by the default Postfix image `mwader/postfix-relay` with [OpenDKIM](http://www.opendkim.org/). -Run `cat ./docker-volume/opendkim/keys/*/*.txt` to display your DKIM DNS TXT Record containing the public key to configure to your domain : -```BASH + +Run `cat ./docker-volume/opendkim/keys/*/*.txt` to display your DKIM DNS TXT Record containing the public key to configure to your domain : + +```bash user@s:~/peertube|master⚡ ⇒ cat ./docker-volume/opendkim/keys/*/*.txt peertube._domainkey.mydomain.tld. IN TXT ( "v=DKIM1; h=sha256; k=rsa; " @@ -154,5 +122,4 @@ $ docker build . -f ./support/docker/production/Dockerfile.buster ## Development -We don't have a Docker image for development. See [the CONTRIBUTING guide](https://github.com/Chocobozzz/PeerTube/blob/master/.github/CONTRIBUTING.md#develop) -for more information on how you can hack PeerTube! +We don't have a Docker image for development. See [the CONTRIBUTING guide](https://github.com/Chocobozzz/PeerTube/blob/master/.github/CONTRIBUTING.md#develop) for more information on how you can hack PeerTube! -- cgit v1.2.3