From e8395f027b6c3e3f757c740e35b20e76c51b03bd Mon Sep 17 00:00:00 2001 From: kaiyou Date: Mon, 29 Jan 2018 08:52:20 +0100 Subject: Add production Alpine and Debian Stretch Docker images (#225) * First pass at a (swarm-compatible) docker image Uses an existing traefik server as a https reverse proxy. * Add example config for a Docker swarm deployment * Point to traefik config for docker compose setup * Clarify that traefik is needed for the example config * Use node:8-stretch base image and don't install yarn (The base image already contains yarn.) * Initial commit for an Alpine Docker image * Fix docker volume path * Merge #213 and #225 and move files around * Remove unnecessary dependencies from the alpine build * Update Dockerfiles to match install path, config path, etc. * Update the configuration in the example compose file * Update the configuration in the example swarm file * Remove the declared networks and volumes from the compose example, which are not strictly required * Update attachment path in the documentation * Display traefik as a suggestion and not a required dependency * Update the Docker ignored files * Fix typos reported in #225 * Move production Dockerfiles to a production directory * Add the redis configuration settings * Add Docker files to the dockerignore * Make the signup limit configurable --- support/docker/production/Dockerfile.alpine | 24 ++++++++ support/docker/production/Dockerfile.stretch | 25 +++++++++ .../config/custom-environment-variables.yaml | 40 ++++++++++++++ support/docker/production/config/production.yaml | 64 ++++++++++++++++++++++ support/docker/production/docker-compose.yml | 35 ++++++++++++ support/docker/production/swarm-stack.sample.yml | 52 ++++++++++++++++++ 6 files changed, 240 insertions(+) create mode 100644 support/docker/production/Dockerfile.alpine create mode 100644 support/docker/production/Dockerfile.stretch create mode 100644 support/docker/production/config/custom-environment-variables.yaml create mode 100644 support/docker/production/config/production.yaml create mode 100644 support/docker/production/docker-compose.yml create mode 100644 support/docker/production/swarm-stack.sample.yml (limited to 'support/docker/production') diff --git a/support/docker/production/Dockerfile.alpine b/support/docker/production/Dockerfile.alpine new file mode 100644 index 000000000..939b2d23b --- /dev/null +++ b/support/docker/production/Dockerfile.alpine @@ -0,0 +1,24 @@ +FROM node:8-alpine + +# Install dependencies +RUN apk add --no-cache ffmpeg openssl bash make g++ git \ + && apk add --no-cache --repository https://dl-3.alpinelinux.org/alpine/edge/testing/ vips-dev fftw-dev + +# Install the application +WORKDIR /app + +COPY . ./ +RUN bash -c 'yarn install --pure-lockfile && npm run build' + +# Configure the application +RUN addgroup -g 991 peertube \ + && adduser -D -u 991 -G peertube -h /data peertube +USER peertube + +ENV NODE_ENV production +ENV NODE_CONFIG_DIR /app/support/docker/production/config/ + +# Run the application +CMD ["npm", "start"] +VOLUME ["/data"] +EXPOSE 9000 diff --git a/support/docker/production/Dockerfile.stretch b/support/docker/production/Dockerfile.stretch new file mode 100644 index 000000000..c739247a6 --- /dev/null +++ b/support/docker/production/Dockerfile.stretch @@ -0,0 +1,25 @@ +FROM node:8-stretch + +# Install dependencies +RUN apt-get update \ + && apt-get -y install ffmpeg \ + && rm /var/lib/apt/lists/* -fR + +# Install the application +WORKDIR /app + +COPY . ./ +RUN yarn install --pure-lockfile && npm run build + +# Configure the application +RUN groupadd -g 991 peertube \ + && useradd -u 991 -g peertube -d /data -m peertube +USER peertube + +ENV NODE_ENV production +ENV NODE_CONFIG_DIR /app/support/docker/production/config + +# Run the application +CMD ["npm", "start"] +VOLUME ["/data"] +EXPOSE 9000 diff --git a/support/docker/production/config/custom-environment-variables.yaml b/support/docker/production/config/custom-environment-variables.yaml new file mode 100644 index 000000000..5226e1742 --- /dev/null +++ b/support/docker/production/config/custom-environment-variables.yaml @@ -0,0 +1,40 @@ +webserver: + hostname: "PEERTUBE_HOSTNAME" + port: + __name: "PEERTUBE_PORT" + __format: "json" + https: + __name: "PEERTUBE_HTTPS" + __format: "json" + +database: + hostname: "PEERTUBE_DB_HOSTNAME" + port: + __name: "PEERTUBE_DB_PORT" + __format: "json" + suffix: "PEERTUBE_DB_SUFFIX" + username: "PEERTUBE_DB_USERNAME" + password: "PEERTUBE_DB_PASSWORD" + +redis: + hostname: "PEERTUBE_REDIS_HOSTNAME" + port: + __name: "PEERTUBE_REDIS_PORT" + __format: "json" + auth: "PEERTUBE_REDIS_AUTH" + +admin: + email: "PEERTUBE_ADMIN_EMAIL" + +signup: + enabled: + __name: "PEERTUBE_SIGNUP_ENABLED" + __format: "json" + limit: + __name: "PEETUBE_SIGNUP_LIMIT" + __format: "json" + +transcoding: + enabled: + __name: "PEERTUBE_TRANSCODING_ENABLED" + __format: "json" diff --git a/support/docker/production/config/production.yaml b/support/docker/production/config/production.yaml new file mode 100644 index 000000000..4666ea2ed --- /dev/null +++ b/support/docker/production/config/production.yaml @@ -0,0 +1,64 @@ +listen: + port: 9000 + +# Correspond to your reverse proxy "listen" configuration +webserver: + https: true + hostname: undefined + port: 443 + +# Your database name will be "peertube"+database.suffix +database: + hostname: 'db' + port: 5432 + suffix: '' + username: 'postgres' + password: 'postgres' + +# Redis server for short time storage +redis: + hostname: 'redis' + port: 6379 + auth: null + +# From the project root directory +storage: + avatars: '../data/avatars/' + certs: '../data/certs/' + videos: '../data/videos/' + logs: '../data/logs/' + previews: '../data/previews/' + thumbnails: '../data/thumbnails/' + torrents: '../data/torrents/' + cache: '../data/cache/' + +log: + level: 'info' # debug/info/warning/error + +cache: + previews: + size: 100 # Max number of previews you want to cache + +admin: + email: undefined + +signup: + enabled: false + limit: -1 + +user: + # Default value of maximum video BYTES the user can upload (does not take into account transcoded files). + # -1 == unlimited + video_quota: -1 + +# If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag +# Uses a lot of CPU! +transcoding: + enabled: false + threads: 2 + resolutions: # Only created if the original video has a higher resolution + 240p: true + 360p: true + 480p: true + 720p: true + 1080p: true diff --git a/support/docker/production/docker-compose.yml b/support/docker/production/docker-compose.yml new file mode 100644 index 000000000..db1c7d587 --- /dev/null +++ b/support/docker/production/docker-compose.yml @@ -0,0 +1,35 @@ +version: "3.3" + +services: + peertube: + + build: . + image: peertube:stretch + environment: + PEERTUBE_HOSTNAME: my.domain.tld + PEERTUBE_PORT: 443 + PEERTUBE_HTTPS: true + PEERTUBE_ADMIN_EMAIL: admin@domain.tld + PEERTUBE_DB_USERNAME: user + PEERTUBE_DB_PASSWORD: password + PEERTUBE_SIGNUP_ENABLED: true + PEERTUBE_TRANSCODING_ENABLED: true + # Traefik labels are suggested as an example for people using Traefik, + # remove them if you are using another reverse proxy. + labels: + traefik.enable: "true" + traefik.frontend.rule: "Host:${PEERTUBE_HOSTNAME}" + traefik.port: "9000" + volumes: + - ./data:/usr/src/app/data + depends_on: + - db + + db: + image: postgres:10 + environment: + POSTGRES_USERNAME: user + POSTGRES_PASSWORD: password + POSTGRES_DB: peertube_prod + volumes: + - ./db:/var/lib/postgresql/data diff --git a/support/docker/production/swarm-stack.sample.yml b/support/docker/production/swarm-stack.sample.yml new file mode 100644 index 000000000..794f44753 --- /dev/null +++ b/support/docker/production/swarm-stack.sample.yml @@ -0,0 +1,52 @@ +version: "3.3" + +services: + app: + image: peertube:stretch + environment: + PEERTUBE_HOSTNAME: my.domain.tld + PEERTUBE_PORT: 443 + PEERTUBE_HTTPS: true + PEERTUBE_ADMIN_EMAIL: admin@domain.tld + PEERTUBE_DB_USERNAME: user + PEERTUBE_DB_PASSWORD: password + PEERTUBE_SIGNUP_ENABLED: true + PEERTUBE_TRANSCODING_ENABLED: true + labels: &labels + traefik.frontend.rule: "Host:my.domain.tld" + traefik.docker.network: traefik + traefik.port: "9000" + volumes: + - app_data:/usr/src/app/data + networks: + - traefik + - backend + depends_on: + - db + deploy: + labels: *labels + placement: + constraints: + - node.labels.peertube == 1 + + db: + image: postgres:10 + environment: + POSTGRES_DB: peertube_prod + volumes: + - db_data:/var/lib/postgresql/data + networks: + - backend + deploy: + placement: + constraints: + - node.labels.peertube == 1 + +volumes: + app_data: + db_data: + +networks: + backend: + traefik: + external: true -- cgit v1.2.3