Create a `peertube` user with `/home/peertube` home:
```
-sudo useradd -m -d /home/peertube -s /bin/bash -p peertube peertube
-sudo passwd peertube
+$ sudo useradd -m -d /home/peertube -s /bin/bash -p peertube peertube
+$ sudo passwd peertube
```
### Database
Create production database and peertube user:
```
-sudo -u postgres createuser -P peertube
-sudo -u postgres createdb -O peertube peertube_prod
+$ sudo -u postgres createuser -P peertube
+$ sudo -u postgres createdb -O peertube peertube_prod
```
-### Sources
+### Prepare PeerTube directory
-Clone, install node dependencies and build application:
+Check the latest release: https://github.com/Chocobozzz/PeerTube/releases or the release version you want.
+We assume in the following commands the version is 0.42.42:
```
-$ cd /home/peertube
-$ sudo -u peertube git clone -b master https://github.com/Chocobozzz/PeerTube
-$ cd PeerTube
-$ sudo -u peertube yarn install --pure-lockfile
-$ sudo -u peertube npm run build
+$ VERSION="0.42.42" && \
+ cd /home/peertube && \
+ sudo -u peertube mkdir config storage versions && \
+ cd versions && \
+ sudo -u peertube wget "https://github.com/Chocobozzz/PeerTube/releases/download/v${VERSION}/peertube-v${VERSION}.zip" && \
+ sudo -u peertube unzip peertube-v${VERSION}.zip && sudo -u peertube rm peertube-v${VERSION}.zip && \
+ cd ../ && sudo -u peertube ln -s versions/peertube-v${VERSION} ./peertube-latest && \
+ cd ./peertube-latest && sudo -u peertube yarn install --production --pure-lockfile
```
### PeerTube configuration
Copy example configuration:
```
-$ sudo -u peertube cp config/production.yaml.example config/production.yaml
+$ cd /home/peertube && sudo -u peertube cp peertube-latest/config/production.yaml.example config/production.yaml
```
Then edit the `config/production.yaml` file according to your webserver
-configuration. Keys set in this file will override those of
-`config/default.yml`.
+configuration.
### Webserver
Copy the nginx configuration template:
```
-$ sudo cp /home/peertube/PeerTube/support/nginx/peertube-https /etc/nginx/sites-available/peertube
+$ sudo cp /home/peertube/PeerTube/support/nginx/peertube /etc/nginx/sites-available/peertube
```
Then modify the webserver configuration file. Please pay attention to the `alias` key of `/static/webseed` location.
add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
- alias /var/www/PeerTube/videos;
+ alias /home/peertube/storage/videos;
}
# Websocket tracker
Copy the nginx configuration template:
```
-sudo cp /home/peertube/PeerTube/support/systemd/peertube.service /etc/systemd/system/
+$ sudo cp /home/peertube/PeerTube/support/systemd/peertube.service /etc/systemd/system/
```
Update the service file:
```
-sudo vim /etc/systemd/system/peertube.service
+$ sudo vim /etc/systemd/system/peertube.service
```
It should look like this:
[Service]
Type=simple
Environment=NODE_ENV=production
+Environment=NODE_CONFIG_DIR=/home/peertube/config
User=peertube
Group=peertube
ExecStart=/usr/bin/npm start
-WorkingDirectory=/home/peertube/PeerTube
+WorkingDirectory=/home/peertube/peertube-latest
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=peertube
Tell systemd to reload its config:
```
-sudo systemctl daemon-reload
+$ sudo systemctl daemon-reload
```
If you want to start PeerTube on boot:
```
-sudo systemctl enabled peertube
+$ sudo systemctl enabled peertube
```
### Run
```
-sudo systemctl start peertube
-sudo journalctl -feu peertube
+$ sudo systemctl start peertube
+$ sudo journalctl -feu peertube
```
### Administrator
--- /dev/null
+server {
+ listen 80;
+ # listen [::]:80;
+ server_name domain.tld;
+
+ location /.well-known/acme-challenge/ { allow all; }
+ location / { return 301 https://$host$request_uri; }
+}
+
+server {
+ listen 443 ssl http2;
+ # listen [::]:443 ssl http2;
+ server_name domain.tld;
+
+ # For example with Let's Encrypt
+ ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem;
+ ssl_trusted_certificate /etc/letsencrypt/live/domain.tld/chain.pem;
+
+ location / {
+ proxy_pass http://localhost:9000;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+ # For the video upload
+ client_max_body_size 2G;
+ proxy_connect_timeout 600;
+ proxy_send_timeout 600;
+ proxy_read_timeout 600;
+ }
+
+ # Bypass PeerTube webseed route for better performances
+ location /static/webseed {
+ # Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
+ limit_rate 800k;
+
+ if ($request_method = 'OPTIONS') {
+ add_header 'Access-Control-Allow-Origin' '*';
+ add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
+ add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
+ add_header 'Access-Control-Max-Age' 1728000;
+ add_header 'Content-Type' 'text/plain charset=UTF-8';
+ add_header 'Content-Length' 0;
+ return 204;
+ }
+
+ if ($request_method = 'GET') {
+ add_header 'Access-Control-Allow-Origin' '*';
+ add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
+ add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
+ }
+
+ alias /home/peertube/storage/videos;
+ }
+
+ # Websocket tracker
+ location /tracker/socket {
+ # Peers send a message to the tracker every 15 minutes
+ # Don't close the websocket before this time
+ proxy_read_timeout 1200s;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_http_version 1.1;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header Host $host;
+ proxy_pass http://localhost:9000;
+ }
+}
+++ /dev/null
-server {
- listen 80;
- # listen [::]:80;
- server_name domain.tld;
- rewrite ^ https://$server_name$request_uri? permanent;
-}
-
-server {
- listen 443 ssl http2;
- # listen [::]:443 ssl http2;
- server_name domain.tld;
-
- # For example with Let's Encrypt
- ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem;
- ssl_trusted_certificate /etc/letsencrypt/live/domain.tld/chain.pem;
-
- location / {
- proxy_pass http://localhost:9000;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header Host $host;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-
- # For the video upload
- client_max_body_size 2G;
- proxy_connect_timeout 600;
- proxy_send_timeout 600;
- proxy_read_timeout 600;
- }
-
- # Bypass PeerTube webseed route for better performances
- location /static/webseed {
- # Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
- limit_rate 800k;
-
- if ($request_method = 'OPTIONS') {
- add_header 'Access-Control-Allow-Origin' '*';
- add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
- add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
- add_header 'Access-Control-Max-Age' 1728000;
- add_header 'Content-Type' 'text/plain charset=UTF-8';
- add_header 'Content-Length' 0;
- return 204;
- }
-
- if ($request_method = 'GET') {
- add_header 'Access-Control-Allow-Origin' '*';
- add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
- add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
- }
-
- alias /your/installation/PeerTube/videos;
- }
-
- # Websocket tracker
- location /tracker/socket {
- # Peers send a message to the tracker every 15 minutes
- # Don't close the websocket before this time
- proxy_read_timeout 1200s;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_http_version 1.1;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header Host $host;
- proxy_pass http://localhost:9000;
- }
-}
[Service]
Type=simple
Environment=NODE_ENV=production
-User=myuser
-Group=myuser
+Environment=NODE_CONFIG_DIR=/home/peertube/config
+User=peertube
+Group=peertube
ExecStart=/usr/bin/npm start
-WorkingDirectory=/path/to/peertube
+WorkingDirectory=/home/peertube/peertube-latest
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=peertube
projects / oweals / peertube.git / commitdiff