Tmp fix for https://github.com/YunoHost-Apps/peertube_ynh/issues/5,fix https://github.com/YunoHost-Apps/peertube_ynh/issues/8,upgrade file,option to change port,password check for lenght,multi_instance
This commit is contained in:
parent
666f021efb
commit
abd325042d
|
@ -18,7 +18,7 @@
|
|||
setup_public=1
|
||||
upgrade=0
|
||||
backup_restore=0
|
||||
multi_instance=0
|
||||
multi_instance=1
|
||||
incorrect_path=0
|
||||
port_already_use=1
|
||||
change_url=0
|
||||
|
@ -36,5 +36,5 @@
|
|||
Level 9=0
|
||||
Level 10=0
|
||||
;;; Options
|
||||
Email=
|
||||
Notification=none
|
||||
Email=anmol@datamol.org
|
||||
Notification=yes
|
||||
|
|
|
@ -1,18 +1,37 @@
|
|||
location / {
|
||||
location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ {
|
||||
add_header Cache-Control "public, max-age=31536000, immutable";
|
||||
|
||||
alias __FINALPATH__/client/dist/$1;
|
||||
}
|
||||
|
||||
location ~ ^/static/(thumbnails|avatars)/(.*)$ {
|
||||
add_header Cache-Control "public, max-age=31536000, immutable";
|
||||
|
||||
alias /home/yunohost.app/__NAME__/storage/$1/$2;
|
||||
}
|
||||
|
||||
location / {
|
||||
if ($scheme = http) {
|
||||
rewrite ^ https://$server_name$request_uri? permanent;
|
||||
}
|
||||
proxy_pass http://localhost:9000;
|
||||
proxy_pass http://localhost:__PORT__;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
# For the video upload
|
||||
# Hard limit, PeerTube does not support videos > 4GB
|
||||
client_max_body_size 4G;
|
||||
proxy_connect_timeout 600;
|
||||
proxy_send_timeout 600;
|
||||
proxy_read_timeout 600;
|
||||
send_timeout 600;
|
||||
}
|
||||
|
||||
# Bypass PeerTube webseed route for better performances
|
||||
location /static/webseed {
|
||||
# Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
|
||||
limit_rate 800k;
|
||||
|
||||
if ($request_method = 'OPTIONS') {
|
||||
add_header 'Access-Control-Allow-Origin' '*';
|
||||
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
|
||||
|
@ -27,9 +46,12 @@ location / {
|
|||
add_header 'Access-Control-Allow-Origin' '*';
|
||||
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
|
||||
add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
|
||||
|
||||
# Don't spam access log file with byte range requests
|
||||
access_log off;
|
||||
}
|
||||
|
||||
alias __FINALPATH__/videos;
|
||||
alias /home/yunohost.app/__NAME__/storage/videos;
|
||||
}
|
||||
|
||||
# Websocket tracker
|
||||
|
@ -42,5 +64,5 @@ location / {
|
|||
proxy_http_version 1.1;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $host;
|
||||
proxy_pass http://localhost:9000;
|
||||
proxy_pass http://localhost:__PORT__;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
listen:
|
||||
port: 9000
|
||||
port: __PORT__
|
||||
|
||||
# Correspond to your reverse proxy "listen" configuration
|
||||
webserver:
|
||||
|
@ -11,8 +11,8 @@ webserver:
|
|||
database:
|
||||
hostname: 'localhost'
|
||||
port: 5432
|
||||
suffix: '_prod'
|
||||
username: 'peertube'
|
||||
suffix: '___db_name__'
|
||||
username: '__db_name__'
|
||||
password: '__db_pwd__'
|
||||
|
||||
# Your object store
|
||||
|
@ -21,22 +21,45 @@ redis:
|
|||
port: 6379
|
||||
auth: null
|
||||
|
||||
# SMTP server to send emails
|
||||
smtp:
|
||||
hostname: null
|
||||
port: 465
|
||||
username: null
|
||||
password: null
|
||||
tls: true
|
||||
disable_starttls: false
|
||||
ca_file: null # Used for self signed certificates
|
||||
from_address: 'admin@__domain__'
|
||||
|
||||
# From the project root directory
|
||||
storage:
|
||||
avatars: 'avatars/'
|
||||
videos: 'videos/'
|
||||
logs: 'logs/'
|
||||
previews: 'previews/'
|
||||
thumbnails: 'thumbnails/'
|
||||
torrents: 'torrents/'
|
||||
cache: 'cache/'
|
||||
avatars: '/home/yunohost.app/__app__/storage/avatars/'
|
||||
videos: '/home/yunohost.app/__app__/storage/videos/'
|
||||
logs: '/home/yunohost.app/__app__/storage/logs/'
|
||||
previews: '/home/yunohost.app/__app__/storage/previews/'
|
||||
thumbnails: '/home/yunohost.app/__app__/storage/thumbnails/'
|
||||
torrents: '/home/yunohost.app/__app__/storage/torrents/'
|
||||
cache: '/home/yunohost.app/__app__/storage/cache/'
|
||||
|
||||
log:
|
||||
level: 'info' # debug/info/warning/error
|
||||
|
||||
###############################################################################
|
||||
#
|
||||
# From this point, all the following keys can be overriden by the web interface
|
||||
# (local-production.json file). If you need to change some values, prefer to
|
||||
# use the web interface because the configuration will be automatically
|
||||
# reloaded without any need to restart PeerTube.
|
||||
#
|
||||
# /!\ If you already have a local-production.json file, the modification of the
|
||||
# following keys will have no effect /!\.
|
||||
#
|
||||
###############################################################################
|
||||
|
||||
cache:
|
||||
previews:
|
||||
size: 1 # Max number of previews you want to cache
|
||||
size: 100 # Max number of previews you want to cache
|
||||
|
||||
admin:
|
||||
email: '__email__'
|
||||
|
@ -62,10 +85,13 @@ transcoding:
|
|||
720p: true
|
||||
1080p: true
|
||||
|
||||
# Instance settings
|
||||
instance:
|
||||
name: 'PeerTube'
|
||||
description: 'Welcome to this PeerTube instance!' # Support markdown
|
||||
terms: 'No terms for now.' # Support markdown
|
||||
short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.'
|
||||
description: '' # Support markdown
|
||||
terms: '' # Support markdown
|
||||
default_client_route: '/videos/trending'
|
||||
customizations:
|
||||
javascript: '' # Directly your JavaScript code (without <script> tags). Will be eval at runtime
|
||||
css: '' # Directly your CSS code (without <style> tags). Will be injected at runtime
|
||||
|
|
|
@ -4,13 +4,14 @@ Description=PeerTube daemon
|
|||
[Service]
|
||||
Type=simple
|
||||
Environment=NODE_ENV=production
|
||||
Environment=NODE_CONFIG_DIR=__FINALPATH__/config
|
||||
User=__APP__
|
||||
Group=__APP__
|
||||
ExecStart=/bin/sh -c 'PATH=/opt/node_n/bin:$PATH exec npm start'
|
||||
WorkingDirectory=__FINALPATH__/
|
||||
StandardOutput=syslog
|
||||
StandardError=syslog
|
||||
SyslogIdentifier=peertube
|
||||
SyslogIdentifier=__APP__
|
||||
Restart=always
|
||||
|
||||
[Install]
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
"requirements": {
|
||||
"yunohost": ">= 2.7.2"
|
||||
},
|
||||
"multi_instance": false,
|
||||
"multi_instance": true,
|
||||
"services": [
|
||||
"nginx"
|
||||
],
|
||||
|
@ -32,7 +32,7 @@
|
|||
{
|
||||
"name": "email",
|
||||
"ask": {
|
||||
"en": "Choose an admin(root) email(Can be other then LDAP emails and can't be changed after installation)"
|
||||
"en": "Choose an admin email(Can be other then the LDAP emails and can be changed after installation)"
|
||||
},
|
||||
"example": "johndoe@example.com"
|
||||
},
|
||||
|
@ -40,11 +40,18 @@
|
|||
"name": "pass",
|
||||
"type": "password",
|
||||
"ask": {
|
||||
"en": "Enter password of this administrator ≥ 6 character",
|
||||
"en": "Enter password of this administrator(username:root).Should be greater then 6 character",
|
||||
"fr": "Ajouter le mot de passe pour cette administrateur ≥ 6 charactères"
|
||||
},
|
||||
"example": "battery horse staple nenuphar"
|
||||
},
|
||||
{
|
||||
"name": "port",
|
||||
"ask": {
|
||||
"en": "Enter a port(default:9000).If the port is occupied by other app change it to any other value."
|
||||
},
|
||||
"default": "9000"
|
||||
},
|
||||
{
|
||||
"name": "is_public",
|
||||
"type": "boolean",
|
||||
|
|
|
@ -29,8 +29,10 @@ domain=$YNH_APP_ARG_DOMAIN
|
|||
path_url="/"
|
||||
admin_email=$YNH_APP_ARG_EMAIL
|
||||
admin_pass=$YNH_APP_ARG_PASS
|
||||
port=$YNH_APP_ARG_PORT
|
||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||
|
||||
|
||||
# This is a multi-instance app, meaning it can be installed several times independently
|
||||
# The id of the app as stated in the manifest is available as $YNH_APP_ID
|
||||
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
|
||||
|
@ -55,6 +57,11 @@ ynh_webpath_available $domain $path_url
|
|||
# Register (book) web path
|
||||
ynh_webpath_register $app $domain $path_url
|
||||
|
||||
# Check password strength
|
||||
[[ ${#admin_pass} -gt 6 ]] || ynh_die \
|
||||
"The password is too weak, it must be longer than 6 characters"
|
||||
|
||||
|
||||
#=================================================
|
||||
# STORE SETTINGS FROM MANIFEST
|
||||
#=================================================
|
||||
|
@ -71,11 +78,20 @@ ynh_app_setting_set $app is_public $is_public
|
|||
#=================================================
|
||||
|
||||
# Find a free port
|
||||
port=$(ynh_find_port 9000)
|
||||
ynh_find_port $port
|
||||
# Open this port
|
||||
yunohost firewall allow Both $port 2>&1
|
||||
ynh_app_setting_set $app port $port
|
||||
|
||||
#=================================================
|
||||
# CREATE THE DATA DIRECTORY
|
||||
#=================================================
|
||||
|
||||
# Define app's data directory
|
||||
datadir="/home/yunohost.app/${app}/storage"
|
||||
# Create app folders
|
||||
mkdir -p "$datadir"
|
||||
|
||||
#=================================================
|
||||
# INSTALL DEPENDENCIES
|
||||
#=================================================
|
||||
|
@ -100,7 +116,7 @@ ynh_install_nodejs 8
|
|||
#=================================================
|
||||
|
||||
# Create postgresql database
|
||||
db_name="peertube_prod"
|
||||
db_name="peertube_${app}"
|
||||
db_pwd=$(ynh_string_random 30)
|
||||
ynh_app_setting_set $app psql_db $db_name
|
||||
ynh_app_setting_set $app psqlpwd $db_pwd
|
||||
|
@ -139,7 +155,7 @@ ynh_add_nginx_config
|
|||
#=================================================
|
||||
|
||||
# Set right permissions for curl install
|
||||
chown -R $app:$app $final_path
|
||||
chown -R $app:$app "$final_path" "$datadir"
|
||||
|
||||
# Reload Nginx
|
||||
systemctl reload nginx
|
||||
|
@ -150,8 +166,11 @@ systemctl reload nginx
|
|||
|
||||
ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml"
|
||||
ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml"
|
||||
ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml"
|
||||
ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml"
|
||||
ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml"
|
||||
ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml"
|
||||
|
||||
|
||||
#=================================================
|
||||
# STORE THE CHECKSUM OF THE CONFIG FILE
|
||||
|
@ -191,14 +210,14 @@ fi
|
|||
|
||||
# Create a dedicated systemd config
|
||||
ynh_add_systemd_config
|
||||
sudo systemctl start peertube
|
||||
sudo systemctl start $app
|
||||
|
||||
#=================================================
|
||||
# CHANGE PEERTUBE ADMIN PASSWORD AFTER INITIAL GEN
|
||||
#=================================================
|
||||
|
||||
# we need to wait for the service to init peertube's database
|
||||
(cd /var/www/peertube && sleep 5 && exec /bin/sh -c "echo $admin_pass | NODE_CONFIG_DIR=/var/www/peertube/config NODE_ENV=production PATH=/opt/node_n/bin:$PATH npm run reset-password -- -u root")
|
||||
(cd /var/www/$app && sleep 15 && exec /bin/sh -c "echo $admin_pass | NODE_CONFIG_DIR=/var/www/$app/config NODE_ENV=production PATH=/opt/node_n/bin:$PATH npm run reset-password -- -u root")
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
|
|
|
@ -62,6 +62,7 @@ ynh_psql_drop_user $app
|
|||
|
||||
# Remove the app directory securely
|
||||
ynh_secure_remove "$final_path"
|
||||
ynh_secure_remove /home/yunohost.app/"$app"
|
||||
|
||||
#=================================================
|
||||
# REMOVE NGINX CONFIGURATION
|
||||
|
@ -77,6 +78,7 @@ ynh_remove_nginx_config
|
|||
# Remove the app-specific logrotate config
|
||||
ynh_remove_logrotate
|
||||
ynh_secure_remove /var/log/"$app"
|
||||
|
||||
#=================================================
|
||||
# CLOSE A PORT
|
||||
#=================================================
|
||||
|
@ -84,7 +86,7 @@ ynh_secure_remove /var/log/"$app"
|
|||
if yunohost firewall list | grep -q "\- $port$"
|
||||
then
|
||||
echo "Close port $port"
|
||||
yunohost firewall disallow TCP $port 2>&1
|
||||
yunohost firewall disallow Both $port 2>&1
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
|
|
145
scripts/upgrade
Normal file
145
scripts/upgrade
Normal file
|
@ -0,0 +1,145 @@
|
|||
#!/bin/bash
|
||||
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
source _common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
domain=$(ynh_app_setting_get $app domain)
|
||||
path_url="/"
|
||||
is_public=$(ynh_app_setting_get $app is_public)
|
||||
admin_email=$(ynh_app_setting_get $app admin_email)
|
||||
admin_pass=$(ynh_app_setting_get $app admin_pass)
|
||||
final_path=$(ynh_app_setting_get $app final_path)
|
||||
port=$(ynh_app_setting_get $app port)
|
||||
db_name=$(ynh_app_setting_get $app db_name)
|
||||
db_pwd=$(ynh_app_setting_get $app psqlpwd)
|
||||
|
||||
#=================================================
|
||||
# ENSURE DOWNWARD COMPATIBILITY
|
||||
#=================================================
|
||||
|
||||
# Fix is_public as a boolean value
|
||||
if [ "$is_public" = "Yes" ]; then
|
||||
ynh_app_setting_set $app is_public 1
|
||||
is_public=1
|
||||
elif [ "$is_public" = "No" ]; then
|
||||
ynh_app_setting_set $app is_public 0
|
||||
is_public=0
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# REMOVE APP MAIN DIR
|
||||
#=================================================
|
||||
|
||||
# Remove the app directory securely
|
||||
ynh_secure_remove "$final_path"
|
||||
|
||||
# Define app's data directory
|
||||
datadir="/home/yunohost.app/${app}/storage"
|
||||
# Create app folders
|
||||
mkdir -p "$datadir"
|
||||
|
||||
# Open this port
|
||||
yunohost firewall allow Both $port 2>&1
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
|
||||
# Create a system user
|
||||
ynh_system_user_create $app
|
||||
|
||||
#=================================================
|
||||
# CHECK THE PATH
|
||||
#=================================================
|
||||
|
||||
# Normalize the URL path syntax
|
||||
path_url=$(ynh_normalize_url_path $path_url)
|
||||
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source "$final_path"
|
||||
cp ../conf/production.yaml $final_path/config/production.yaml
|
||||
(cd $final_path && yarn install --production --pure-lockfile)
|
||||
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
# Create a dedicated nginx config
|
||||
ynh_add_nginx_config
|
||||
|
||||
|
||||
chown -R $app:$app "$final_path" "$datadir"
|
||||
|
||||
# Reload Nginx
|
||||
systemctl reload nginx
|
||||
|
||||
#=================================================
|
||||
# MODIFY A CONFIG FILE
|
||||
#=================================================
|
||||
|
||||
ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml"
|
||||
ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml"
|
||||
ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml"
|
||||
ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml"
|
||||
ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml"
|
||||
ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml"
|
||||
|
||||
|
||||
# Recalculate and store the config file checksum into the app settings
|
||||
ynh_store_file_checksum "$final_path/config/production.yaml"
|
||||
|
||||
#=================================================
|
||||
# SETUP LOGROTATE
|
||||
#=================================================
|
||||
|
||||
# Use logrotate to manage app-specific logfile(s)
|
||||
ynh_use_logrotate --non-append
|
||||
|
||||
#=================================================
|
||||
# SETUP SYSTEMD
|
||||
#=================================================
|
||||
|
||||
# Create a dedicated systemd config
|
||||
ynh_add_systemd_config
|
||||
|
||||
|
||||
# Set right permissions for curl installation
|
||||
chown -R $app:$app "$final_path" "$datadir"
|
||||
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
|
||||
if [ $is_public -eq 0 ]
|
||||
then # Remove the public access
|
||||
ynh_app_setting_delete $app skipped_uris
|
||||
fi
|
||||
# Make app public if necessary
|
||||
if [ $is_public -eq 1 ]
|
||||
then
|
||||
# unprotected_uris allows SSO credentials to be passed anyway
|
||||
ynh_app_setting_set $app unprotected_uris "/"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
|
||||
systemctl reload nginx
|
||||
|
||||
|
||||
|
Loading…
Reference in a new issue