deblan/peertube_ynh
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Tmp fix for https://github.com/YunoHost-Apps/peertube_ynh/issues/5,fix https://github.com/YunoHost-Apps/peertube_ynh/issues/8,upgrade file,option to change port,password check for lenght,multi_instance

Browse source
This commit is contained in:
root 2018-03-26 09:20:46 +05:30
parent 666f021efb
commit abd325042d
8 changed files with 255 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
check_process
View file

@ -18,7 +18,7 @@
setup_public=1 setup_public=1
upgrade=0 upgrade=0
backup_restore=0 backup_restore=0
multi_instance=0 multi_instance=1
incorrect_path=0 incorrect_path=0
port_already_use=1 port_already_use=1
change_url=0 change_url=0
@ -36,5 +36,5 @@
Level 9=0 Level 9=0
Level 10=0 Level 10=0
;;; Options ;;; Options
Email= Email=anmol@datamol.org
Notification=none Notification=yes

36
conf/nginx.conf
View file

@ -1,18 +1,37 @@
location / { location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ {
add_header Cache-Control "public, max-age=31536000, immutable";
alias __FINALPATH__/client/dist/$1;
}
location ~ ^/static/(thumbnails|avatars)/(.*)$ {
add_header Cache-Control "public, max-age=31536000, immutable";
alias /home/yunohost.app/__NAME__/storage/$1/$2;
}
location / {
if ($scheme = http) { if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent; rewrite ^ https://$server_name$request_uri? permanent;
} }
proxy_pass http://localhost:9000; proxy_pass http://localhost:__PORT__;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# For the video upload # Hard limit, PeerTube does not support videos > 4GB
client_max_body_size 4G; client_max_body_size 4G;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
} }
# Bypass PeerTube webseed route for better performances # Bypass PeerTube webseed route for better performances
location /static/webseed { location /static/webseed {
# Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
limit_rate 800k;
if ($request_method = 'OPTIONS') { if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
@ -27,9 +46,12 @@ location / {
add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
# Don't spam access log file with byte range requests
access_log off;
} }
alias __FINALPATH__/videos; alias /home/yunohost.app/__NAME__/storage/videos;
} }
# Websocket tracker # Websocket tracker
@ -42,5 +64,5 @@ location / {
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_pass http://localhost:9000; proxy_pass http://localhost:__PORT__;
} }

52
conf/production.yaml
View file

@ -1,5 +1,5 @@
listen: listen:
port: 9000 port: __PORT__
# Correspond to your reverse proxy "listen" configuration # Correspond to your reverse proxy "listen" configuration
webserver: webserver:
@ -11,8 +11,8 @@ webserver:
database: database:
hostname: 'localhost' hostname: 'localhost'
port: 5432 port: 5432
suffix: '_prod' suffix: '___db_name__'
username: 'peertube' username: '__db_name__'
password: '__db_pwd__' password: '__db_pwd__'
# Your object store # Your object store
@ -21,22 +21,45 @@ redis:
port: 6379 port: 6379
auth: null auth: null
# SMTP server to send emails
smtp:
hostname: null
port: 465
username: null
password: null
tls: true
disable_starttls: false
ca_file: null # Used for self signed certificates
from_address: 'admin@__domain__'
# From the project root directory # From the project root directory
storage: storage:
avatars: 'avatars/' avatars: '/home/yunohost.app/__app__/storage/avatars/'
videos: 'videos/' videos: '/home/yunohost.app/__app__/storage/videos/'
logs: 'logs/' logs: '/home/yunohost.app/__app__/storage/logs/'
previews: 'previews/' previews: '/home/yunohost.app/__app__/storage/previews/'
thumbnails: 'thumbnails/' thumbnails: '/home/yunohost.app/__app__/storage/thumbnails/'
torrents: 'torrents/' torrents: '/home/yunohost.app/__app__/storage/torrents/'
cache: 'cache/' cache: '/home/yunohost.app/__app__/storage/cache/'
log: log:
level: 'info' # debug/info/warning/error level: 'info' # debug/info/warning/error
###############################################################################
#
# From this point, all the following keys can be overriden by the web interface
# (local-production.json file). If you need to change some values, prefer to
# use the web interface because the configuration will be automatically
# reloaded without any need to restart PeerTube.
#
# /!\ If you already have a local-production.json file, the modification of the
# following keys will have no effect /!\.
#
###############################################################################
cache: cache:
previews: previews:
size: 1 # Max number of previews you want to cache size: 100 # Max number of previews you want to cache
admin: admin:
email: '__email__' email: '__email__'
@ -62,10 +85,13 @@ transcoding:
720p: true 720p: true
1080p: true 1080p: true
# Instance settings
instance: instance:
name: 'PeerTube' name: 'PeerTube'
description: 'Welcome to this PeerTube instance!' # Support markdown short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.'
terms: 'No terms for now.' # Support markdown description: '' # Support markdown
terms: '' # Support markdown
default_client_route: '/videos/trending'
customizations: customizations:
javascript: '' # Directly your JavaScript code (without <script> tags). Will be eval at runtime javascript: '' # Directly your JavaScript code (without <script> tags). Will be eval at runtime
css: '' # Directly your CSS code (without <style> tags). Will be injected at runtime css: '' # Directly your CSS code (without <style> tags). Will be injected at runtime

3
conf/systemd.service
View file

@ -4,13 +4,14 @@ Description=PeerTube daemon
[Service] [Service]
Type=simple Type=simple
Environment=NODE_ENV=production Environment=NODE_ENV=production
Environment=NODE_CONFIG_DIR=__FINALPATH__/config
User=__APP__ User=__APP__
Group=__APP__ Group=__APP__
ExecStart=/bin/sh -c 'PATH=/opt/node_n/bin:$PATH exec npm start' ExecStart=/bin/sh -c 'PATH=/opt/node_n/bin:$PATH exec npm start'
WorkingDirectory=__FINALPATH__/ WorkingDirectory=__FINALPATH__/
StandardOutput=syslog StandardOutput=syslog
StandardError=syslog StandardError=syslog
SyslogIdentifier=peertube SyslogIdentifier=__APP__
Restart=always Restart=always
[Install] [Install]

13
manifest.json
View file

@ -15,7 +15,7 @@
"requirements": { "requirements": {
"yunohost": ">= 2.7.2" "yunohost": ">= 2.7.2"
}, },
"multi_instance": false, "multi_instance": true,
"services": [ "services": [
"nginx" "nginx"
], ],
@ -32,7 +32,7 @@
{ {
"name": "email", "name": "email",
"ask": { "ask": {
"en": "Choose an admin(root) email(Can be other then LDAP emails and can't be changed after installation)" "en": "Choose an admin email(Can be other then the LDAP emails and can be changed after installation)"
}, },
"example": "johndoe@example.com" "example": "johndoe@example.com"
}, },
@ -40,11 +40,18 @@
"name": "pass", "name": "pass",
"type": "password", "type": "password",
"ask": { "ask": {
"en": "Enter password of this administrator 6 character", "en": "Enter password of this administrator(username:root).Should be greater then 6 character",
"fr": "Ajouter le mot de passe pour cette administrateur ≥ 6 charactères" "fr": "Ajouter le mot de passe pour cette administrateur ≥ 6 charactères"
}, },
"example": "battery horse staple nenuphar" "example": "battery horse staple nenuphar"
}, },
{
"name": "port",
"ask": {
"en": "Enter a port(default:9000).If the port is occupied by other app change it to any other value."
},
"default": "9000"
},
{ {
"name": "is_public", "name": "is_public",
"type": "boolean", "type": "boolean",

29
scripts/install
View file

@ -29,8 +29,10 @@ domain=$YNH_APP_ARG_DOMAIN
path_url="/" path_url="/"
admin_email=$YNH_APP_ARG_EMAIL admin_email=$YNH_APP_ARG_EMAIL
admin_pass=$YNH_APP_ARG_PASS admin_pass=$YNH_APP_ARG_PASS
port=$YNH_APP_ARG_PORT
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$YNH_APP_ARG_IS_PUBLIC
# This is a multi-instance app, meaning it can be installed several times independently # This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID # The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) # The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
@ -55,6 +57,11 @@ ynh_webpath_available $domain $path_url
# Register (book) web path # Register (book) web path
ynh_webpath_register $app $domain $path_url ynh_webpath_register $app $domain $path_url
# Check password strength
[[ ${#admin_pass} -gt 6 ]] || ynh_die \
"The password is too weak, it must be longer than 6 characters"
#================================================= #=================================================
# STORE SETTINGS FROM MANIFEST # STORE SETTINGS FROM MANIFEST
#================================================= #=================================================
@ -71,11 +78,20 @@ ynh_app_setting_set $app is_public $is_public
#================================================= #=================================================
# Find a free port # Find a free port
port=$(ynh_find_port 9000) ynh_find_port $port
# Open this port # Open this port
yunohost firewall allow Both $port 2>&1 yunohost firewall allow Both $port 2>&1
ynh_app_setting_set $app port $port ynh_app_setting_set $app port $port
#=================================================
# CREATE THE DATA DIRECTORY
#=================================================
# Define app's data directory
datadir="/home/yunohost.app/${app}/storage"
# Create app folders
mkdir -p "$datadir"
#================================================= #=================================================
# INSTALL DEPENDENCIES # INSTALL DEPENDENCIES
#================================================= #=================================================
@ -100,7 +116,7 @@ ynh_install_nodejs 8
#================================================= #=================================================
# Create postgresql database # Create postgresql database
db_name="peertube_prod" db_name="peertube_${app}"
db_pwd=$(ynh_string_random 30) db_pwd=$(ynh_string_random 30)
ynh_app_setting_set $app psql_db $db_name ynh_app_setting_set $app psql_db $db_name
ynh_app_setting_set $app psqlpwd $db_pwd ynh_app_setting_set $app psqlpwd $db_pwd
@ -139,7 +155,7 @@ ynh_add_nginx_config
#================================================= #=================================================
# Set right permissions for curl install # Set right permissions for curl install
chown -R $app:$app $final_path chown -R $app:$app "$final_path" "$datadir"
# Reload Nginx # Reload Nginx
systemctl reload nginx systemctl reload nginx
@ -150,8 +166,11 @@ systemctl reload nginx
ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml" ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml"
ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml" ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml"
ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml"
ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml" ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml"
ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml" ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml"
ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml"
#================================================= #=================================================
# STORE THE CHECKSUM OF THE CONFIG FILE # STORE THE CHECKSUM OF THE CONFIG FILE
@ -191,14 +210,14 @@ fi
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config ynh_add_systemd_config
sudo systemctl start peertube sudo systemctl start $app
#================================================= #=================================================
# CHANGE PEERTUBE ADMIN PASSWORD AFTER INITIAL GEN # CHANGE PEERTUBE ADMIN PASSWORD AFTER INITIAL GEN
#================================================= #=================================================
# we need to wait for the service to init peertube's database # we need to wait for the service to init peertube's database
(cd /var/www/peertube && sleep 5 && exec /bin/sh -c "echo $admin_pass | NODE_CONFIG_DIR=/var/www/peertube/config NODE_ENV=production PATH=/opt/node_n/bin:$PATH npm run reset-password -- -u root") (cd /var/www/$app && sleep 15 && exec /bin/sh -c "echo $admin_pass | NODE_CONFIG_DIR=/var/www/$app/config NODE_ENV=production PATH=/opt/node_n/bin:$PATH npm run reset-password -- -u root")
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX

4
scripts/remove
View file

@ -62,6 +62,7 @@ ynh_psql_drop_user $app
# Remove the app directory securely # Remove the app directory securely
ynh_secure_remove "$final_path" ynh_secure_remove "$final_path"
ynh_secure_remove /home/yunohost.app/"$app"
#================================================= #=================================================
# REMOVE NGINX CONFIGURATION # REMOVE NGINX CONFIGURATION
@ -77,6 +78,7 @@ ynh_remove_nginx_config
# Remove the app-specific logrotate config # Remove the app-specific logrotate config
ynh_remove_logrotate ynh_remove_logrotate
ynh_secure_remove /var/log/"$app" ynh_secure_remove /var/log/"$app"
#================================================= #=================================================
# CLOSE A PORT # CLOSE A PORT
#================================================= #=================================================
@ -84,7 +86,7 @@ ynh_secure_remove /var/log/"$app"
if yunohost firewall list | grep -q "\- $port$" if yunohost firewall list | grep -q "\- $port$"
then then
echo "Close port $port" echo "Close port $port"
yunohost firewall disallow TCP $port 2>&1 yunohost firewall disallow Both $port 2>&1
fi fi
#================================================= #=================================================

145
scripts/upgrade Normal file
View file

@ -0,0 +1,145 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
path_url="/"
is_public=$(ynh_app_setting_get $app is_public)
admin_email=$(ynh_app_setting_get $app admin_email)
admin_pass=$(ynh_app_setting_get $app admin_pass)
final_path=$(ynh_app_setting_get $app final_path)
port=$(ynh_app_setting_get $app port)
db_name=$(ynh_app_setting_get $app db_name)
db_pwd=$(ynh_app_setting_get $app psqlpwd)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set $app is_public 1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set $app is_public 0
is_public=0
fi
#=================================================
# REMOVE APP MAIN DIR
#=================================================
# Remove the app directory securely
ynh_secure_remove "$final_path"
# Define app's data directory
datadir="/home/yunohost.app/${app}/storage"
# Create app folders
mkdir -p "$datadir"
# Open this port
yunohost firewall allow Both $port 2>&1
#=================================================
# CREATE DEDICATED USER
#=================================================
# Create a system user
ynh_system_user_create $app
#=================================================
# CHECK THE PATH
#=================================================
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path $path_url)
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
cp ../conf/production.yaml $final_path/config/production.yaml
(cd $final_path && yarn install --production --pure-lockfile)
#=================================================
# NGINX CONFIGURATION
#=================================================
# Create a dedicated nginx config
ynh_add_nginx_config
chown -R $app:$app "$final_path" "$datadir"
# Reload Nginx
systemctl reload nginx
#=================================================
# MODIFY A CONFIG FILE
#=================================================
ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml"
ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml"
ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml"
ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml"
ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml"
ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml"
# Recalculate and store the config file checksum into the app settings
ynh_store_file_checksum "$final_path/config/production.yaml"
#=================================================
# SETUP LOGROTATE
#=================================================
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append
#=================================================
# SETUP SYSTEMD
#=================================================
# Create a dedicated systemd config
ynh_add_systemd_config
# Set right permissions for curl installation
chown -R $app:$app "$final_path" "$datadir"
#=================================================
# SETUP SSOWAT
#=================================================
if [ $is_public -eq 0 ]
then # Remove the public access
ynh_app_setting_delete $app skipped_uris
fi
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway
ynh_app_setting_set $app unprotected_uris "/"
fi
#=================================================
# RELOAD NGINX
#=================================================
systemctl reload nginx