From 2052a1084a1f7e2372e21ca68339a612ad2bb696 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 29 Dec 2023 18:15:15 +0100 Subject: [PATCH 01/22] fix path --- conf/nginx.conf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index e894736..ba159c8 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -96,7 +96,7 @@ location ~ ^/plugins/[^/]+(/[^/]+)?/ws/ { # For extra performance please refer to https://github.com/denji/nginx-tuning ## -root __DATA_DIR__storage/; +root __DATA_DIR__/storage/; # Enable compression for JS/CSS/HTML, for improved client load times. # It might be nice to compress JSON/XML as returned by the API, but # leaving that out to protect against potential BREACH attack. @@ -134,7 +134,7 @@ tcp_nodelay on; # don't buffer data sent, good for small data burs location ~ ^/client/(assets/images/(icons/icon-36x36\.png|icons/icon-48x48\.png|icons/icon-72x72\.png|icons/icon-96x96\.png|icons/icon-144x144\.png|icons/icon-192x192\.png|icons/icon-512x512\.png|logo\.svg|favicon\.png|default-playlist\.jpg|default-avatar-account\.png|default-avatar-account-48x48\.png|default-avatar-video-channel\.png|default-avatar-video-channel-48x48\.png))$ { more_set_headers "Cache-Control : public, max-age=31536000, immutable"; # Cache 1 year - try_files __DATA_DIR__storage/client-overrides/$1 __INSTALL_DIR__/client/dist/$1 @api; + try_files __DATA_DIR__/storage/client-overrides/$1 __INSTALL_DIR__/client/dist/$1 @api; } # Bypass PeerTube for performance reasons. Optional. @@ -163,7 +163,7 @@ location ~ ^/static/(thumbnails|avatars)/ { rewrite ^/static/(.*)$ /$1 break; - root __DATA_DIR__storage/; + root __DATA_DIR__/storage/; try_files $uri @api; } @@ -220,7 +220,7 @@ location ~ ^/static/(webseed|web-videos|redundancy|streaming-playlists)/ { rewrite ^/static/webseed/(.*)$ /web-videos/$1 break; rewrite ^/static/(.*)$ /$1 break; - root __DATA_DIR__storage/; + root __DATA_DIR__/storage/; try_files $uri @api; } From 8ec1f3fe07d6c2b46cf884e42d4741c0bca07006 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 29 Dec 2023 18:15:51 +0100 Subject: [PATCH 02/22] Update production.yaml --- conf/production.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/conf/production.yaml b/conf/production.yaml index dd6bee1..74ab8ce 100644 --- a/conf/production.yaml +++ b/conf/production.yaml @@ -138,7 +138,7 @@ defaults: # From the project root directory storage: tmp: '__DATA_DIR__/storage/tmp/' # Use to download data (imports etc), store uploaded files before processing... - tmp_persistent: '__DATA_DIR__//storage/tmp-persistent/' # As tmp but the directory is not cleaned up between PeerTube restarts + tmp_persistent: '__DATA_DIR__/storage/tmp-persistent/' # As tmp but the directory is not cleaned up between PeerTube restarts bin: '__DATA_DIR__/storage/bin/' avatars: '__DATA_DIR__/storage/avatars/' web_videos: '__DATA_DIR__/storage/videos/' @@ -212,7 +212,7 @@ object_storage: # Same settings but for web videos web_videos: - bucket_name: 'web-videos' + bucket_name: 'videos' prefix: '' base_url: '' From c0832ccd5f30370268f0a61a83bf1c8976611ab5 Mon Sep 17 00:00:00 2001 From: Tagada <36127788+Tagadda@users.noreply.github.com> Date: Fri, 29 Dec 2023 18:18:09 +0100 Subject: [PATCH 03/22] Reapply "Merge pull request #390 from YunoHost-Apps/testing" This reverts commit d5d2f8bd3b39db5853f091bba4a772d5641aeeed. --- .github/workflows/updater.sh | 133 ------------- .github/workflows/updater.yml | 50 ----- README.md | 29 +-- README_fr.md | 30 +-- check_process | 66 ------- conf/app.src | 6 - conf/local-production.json | 2 - conf/msg_install | 17 -- conf/msg_remove | 15 -- conf/nginx.conf | 20 +- conf/production.yaml | 177 ++++++++++++++---- conf/systemd.service | 10 +- doc/ADMIN.md | 1 + doc/ADMIN_fr.md | 1 + doc/DESCRIPTION.md | 2 +- doc/DESCRIPTION_fr.md | 2 +- doc/DISCLAIMER.md | 22 --- doc/DISCLAIMER_fr.md | 23 --- doc/POST_INSTALL.md | 12 ++ doc/POST_INSTALL_fr.md | 12 ++ manifest.json | 46 ----- manifest.toml | 78 ++++++++ scripts/_common.sh | 46 ++++- scripts/backup | 26 +-- scripts/install | 249 ++++--------------------- scripts/remove | 122 +----------- scripts/restore | 116 ++---------- scripts/upgrade | 279 ++++++---------------------- scripts/ynh_apps | 110 ----------- scripts/ynh_redis | 39 ---- scripts/ynh_send_readme_to_admin__2 | 129 ------------- tests.toml | 15 ++ 32 files changed, 426 insertions(+), 1459 deletions(-) delete mode 100644 .github/workflows/updater.sh delete mode 100644 .github/workflows/updater.yml delete mode 100644 check_process delete mode 100644 conf/app.src delete mode 100644 conf/local-production.json delete mode 100644 conf/msg_install delete mode 100644 conf/msg_remove create mode 100644 doc/ADMIN.md create mode 100644 doc/ADMIN_fr.md delete mode 100644 doc/DISCLAIMER.md delete mode 100644 doc/DISCLAIMER_fr.md create mode 100644 doc/POST_INSTALL.md create mode 100644 doc/POST_INSTALL_fr.md delete mode 100644 manifest.json create mode 100644 manifest.toml delete mode 100644 scripts/ynh_apps delete mode 100644 scripts/ynh_redis delete mode 100644 scripts/ynh_send_readme_to_admin__2 create mode 100644 tests.toml diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh deleted file mode 100644 index 3df60ca..0000000 --- a/.github/workflows/updater.sh +++ /dev/null @@ -1,133 +0,0 @@ -#!/bin/bash - -#================================================= -# PACKAGE UPDATING HELPER -#================================================= - -# This script is meant to be run by GitHub Actions -# The YunoHost-Apps organisation offers a template Action to run this script periodically -# Since each app is different, maintainers can adapt its contents so as to perform -# automatic actions when a new upstream release is detected. - -# Remove this exit command when you are ready to run this Action -#exit 1 - -#================================================= -# FETCHING LATEST RELEASE AND ITS ASSETS -#================================================= - -# Fetching information -current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') -repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') -# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) -version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) -assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) - -# Later down the script, we assume the version has only digits and dots -# Sometimes the release name starts with a "v", so let's filter it out. -# You may need more tweaks here if the upstream repository has different naming conventions. -if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then - version=${version:1} -fi - -# Setting up the environment variables -echo "Current version: $current_version" -echo "Latest release from upstream: $version" -echo "VERSION=$version" >> $GITHUB_ENV -# For the time being, let's assume the script will fail -echo "PROCEED=false" >> $GITHUB_ENV - -# Proceed only if the retrieved version is greater than the current one -if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then - echo "::warning ::No new version available" - exit 0 -# Proceed only if a PR for this new version does not already exist -elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then - echo "::warning ::A branch already exists for this update" - exit 0 -fi - -# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) -echo "${#assets[@]} available asset(s)" - -#================================================= -# UPDATE SOURCE FILES -#================================================= - -# Here we use the $assets variable to get the resources published in the upstream release. -# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. - -# Let's loop over the array of assets URLs -for asset_url in ${assets[@]}; do - -echo "Handling asset at $asset_url" - -# Assign the asset to a source file in conf/ directory -# Here we base the source file name upon a unique keyword in the assets url (admin vs. update) -# Leave $src empty to ignore the asset -case $asset_url in - *".tar.xz") - src="app" - ;; - *) - src="" - ;; -esac - -# If $src is not empty, let's process the asset -if [ ! -z "$src" ]; then - -# Create the temporary directory -tempdir="$(mktemp -d)" - -# Download sources and calculate checksum -filename=${asset_url##*/} -curl --silent -4 -L $asset_url -o "$tempdir/$filename" -checksum=$(sha256sum "$tempdir/$filename" | head -c 64) - -# Delete temporary directory -rm -rf $tempdir - -# Get extension -if [[ $filename == *.tar.xz ]]; then - extension=tar.xz -else - extension=${filename##*.} -fi - -# Rewrite source file -cat < conf/$src.src -SOURCE_URL=$asset_url -SOURCE_SUM=$checksum -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=$extension -SOURCE_IN_SUBDIR=true -SOURCE_EXTRACT=true -EOT -echo "... conf/$src.src updated" - -else -echo "... asset ignored" -fi - -done - -#================================================= -# SPECIFIC UPDATE STEPS -#================================================= - -# Any action on the app's source code can be done. -# The GitHub Action workflow takes care of committing all changes after this script ends. - -#================================================= -# GENERIC FINALIZATION -#================================================= - -# Replace new version in manifest -echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json - -# No need to update the README, yunohost-bot takes care of it - -# The Action will proceed only if the PROCEED environment variable is set to true -echo "PROCEED=true" >> $GITHUB_ENV -exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml deleted file mode 100644 index 08ec1b3..0000000 --- a/.github/workflows/updater.yml +++ /dev/null @@ -1,50 +0,0 @@ -# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. -# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. -# This file should be enough by itself, but feel free to tune it to your needs. -# It calls updater.sh, which is where you should put the app-specific update steps. -name: Check for new upstream releases -on: - # Allow to manually trigger the workflow - workflow_dispatch: - # Run it every day at 6:00 UTC - schedule: - - cron: '0 6 * * *' -jobs: - updater: - runs-on: ubuntu-latest - steps: - - name: Fetch the source code - uses: actions/checkout@v3 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Run the updater script - id: run_updater - run: | - # Setting up Git user - git config --global user.name 'yunohost-bot' - git config --global user.email 'yunohost-bot@users.noreply.github.com' - # Run the updater script - /bin/bash .github/workflows/updater.sh - - name: Commit changes - id: commit - if: ${{ env.PROCEED == 'true' }} - run: | - git commit -am "Upgrade to v$VERSION" - - name: Create Pull Request - id: cpr - if: ${{ env.PROCEED == 'true' }} - uses: peter-evans/create-pull-request@v4 - with: - token: ${{ secrets.GITHUB_TOKEN }} - commit-message: Update to version ${{ env.VERSION }} - committer: 'yunohost-bot ' - author: 'yunohost-bot ' - signoff: false - base: testing - branch: ci-auto-update-v${{ env.VERSION }} - delete-branch: true - title: 'Upgrade to version ${{ env.VERSION }}' - body: | - Upgrade to v${{ env.VERSION }} - draft: false - diff --git a/README.md b/README.md index f755607..c76b7dc 100644 --- a/README.md +++ b/README.md @@ -16,10 +16,10 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in ## Overview -Federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser, using WebTorrent. +PeerTube is a decentralized and federated video hosting software. To publish videos, the user must register with a host (called an instance). Each host has its own conditions of use (storage space per user, moderation rules, themes, etc.). Thanks to WebTorrent, if several people view the same video, fragments of it are exchanged between people so as not to overload the instance. Decentralized: Each instance can follow one or more other PeerTube instances in order to allow its users to view their videos. Federated: Via the ActivityPub protocol, Peertube can interact with other software that is part of the Fediverse, such as Mastodon for example. -**Shipped version:** 5.2.1~ynh1 +**Shipped version:** 6.0.2~ynh1 **Demo:** http://peertube.cpy.re @@ -27,31 +27,6 @@ Federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly ![Screenshot of PeerTube](./doc/screenshots/screenshot1.jpg) -## Disclaimers / important information - -### IMPORTANT POINT TO READ BEFORE INSTALLING -* Require **dedicated domain** like **peertube.domain.tld**. -* Admin username is: **root**. -* **Admin password and LDAP configuration** will be sent to the email address given at the time of the installation. -* URL can not be changed once selected. Choose the domain wisely. -* You need more then **1 GB** of RAM. If you don't have it, please create a **swap memory**. - - $ dd if=/dev/zero of=/swapfile bs=1024 count=1048576 - $ mkswap /swapfile - $ swapon /swapfile - $ echo "/swapfile swap swap defaults 0 0" >> /etc/fstab - -* This app is **multi-instance** (you can have more then one PeerTube instance running on a YunoHost server) -* **If you are hosted on OVH virtual machine or experiencing `gyp ERR! configure error`, please switch to [ovh_fix](https://github.com/YunoHost-Apps/peertube_ynh/tree/ovh_fix)** -* HTTP auth is not supported -* Do not modify the `/var/www//conf/production.yaml` file, because it will be overridden in the next upgrade. Please instead either change them though the web interface or create a `/var/www//conf/local.yaml` file, assign it the same owner, group and rights than for `conf/production.yaml` and fill there your specific settings. - * Note: when the same option have different values in `production.yaml` and `local.yaml` files, only the value in `local.yaml` is taken into account. - -### PLUGINS -* LDAP auth is supported, LDAP configuration will be sent to the email address given at the time of the installation. -* PeerTube plugin livechat is installed with Prosody. To enable, just select «Prosody server controlled by Peertube» as chat mode in the plugin configutation of the PeerTube admin page -* During install, because of Prosody, Metronome is disabled - ## Documentation and resources * Official app website: diff --git a/README_fr.md b/README_fr.md index 393c49a..294dcb1 100644 --- a/README_fr.md +++ b/README_fr.md @@ -16,10 +16,10 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po ## Vue d’ensemble -Plateforme de streaming vidéo fédérée (ActivityPub) utilisant P2P (BitTorrent) directement dans le navigateur Web, en utilisant WebTorrent +PeerTube est un logiciel décentralisé et fédéré d’hébergement de vidéos. Pour publier des vidéos, l’utilisateur doit s’inscrire chez un hébergeur (nommé instance). Chaque hébergeur possède ses conditions d’utilisation (espace de stockage par utilisateur, règles de modération, thématiques, etc.). Grâce à WebTorrent, si plusieurs personnes consultent une même vidéo, des fragments de celle-ci sont échangés entre les personnes afin de ne pas surcharger l’instance. Décentralisé : Chaque instance peut suivre une ou plusieurs autres instances PeerTube afin de permettre à ses utilisateurs de visionner les vidéos de celles-ci. Fédéré : Via le protocole ActivityPub, Peertube peut interagir avec d’autres logiciels qui font partie du Fediverse, comme Mastodon par exemple. -**Version incluse :** 5.2.1~ynh1 +**Version incluse :** 6.0.2~ynh1 **Démo :** http://peertube.cpy.re @@ -27,32 +27,6 @@ Plateforme de streaming vidéo fédérée (ActivityPub) utilisant P2P (BitTorren ![Capture d’écran de PeerTube](./doc/screenshots/screenshot1.jpg) -## Avertissements / informations importantes - -### Points importants à lire avant l'installation -* Nécessite un **domaine dédié** comme **peertube.domain.tld**. -* Le nom d'utilisateur de l'administrateur est: **root**. -* **Le mot de passe administrateur et la configuration LDAP** seront envoyés à l'adresse email indiquée au moment de l'installation. -* L'URL ne peut pas être modifiée une fois sélectionnée. Choisissez judicieusement le domaine. -* Vous avez besoin de plus de **1 Go** de RAM. Si vous ne l'avez pas, veuillez créer une **mémoire swap**. - - $ dd if=/dev/zero of=/swapfile bs=1024 count=1048576 - $ mkswap /swapfile - $ swapon /swapfile - $ echo "/swapfile swap swap defaults 0 0" >> /etc/fstab - -* Cette application est **multi-instance** (vous pouvez avoir plus d'une instance PeerTube en cours d'exécution sur un serveur YunoHost) -* **Si vous êtes hébergé sur une machine virtuelle OVH ou rencontrez `gyp ERR! configure error`, veuillez passer à [ovh_fix](https://github.com/YunoHost-Apps/peertube_ynh/tree/ovh_fix)** -* L'authentification HTTP n'est pas supportée -* Ne modifiez pas le fichier `/var/www//conf/production.yaml`, car il sera remplacé à la prochaine mise à jour. À la place, veuillez modifier la configuration via l'interface web ou créer et remplir le fichier `/var/www//conf/local.yaml`, assignez-lui les mêmes propriétaire, groupe et droits que pour `conf/production.yaml` et y remplir vos options spécifiques. - * Note: si la même option contient différentes valeurs dans les fichiers `conf/production.yaml` et `conf/local.yaml`, seule la valeur dans `conf/local.yaml` sera prise en compte. - -#### PLUGINS - -* L'authentification LDAP est prise en charge, les instructions de configuration sont envoyées à l'adresse email indiquée au moment de l'installation -* Le plugin PeerTube livechat est installé ainsi que Prosody. pour l'activer, sélectionner «Prosody server controlled by Peertube» dans le paramétre chat mode du plugin dans la page d'administration de PeerTube. -* Pendant l'installation, à cause de Prosody, Metronome est désactivé. - ## Documentations et ressources * Site officiel de l’app : diff --git a/check_process b/check_process deleted file mode 100644 index 4bbb0f3..0000000 --- a/check_process +++ /dev/null @@ -1,66 +0,0 @@ -;; Test complet - ; Manifest - domain="domain.tld" - is_public=1 - admin="john" - ; Checks - pkg_linter=1 - setup_sub_dir=0 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - # 3.2.1~ynh1 - # upgrade=1 from_commit=f4b43fd85ad3a169d27c53865a13548e44f17ebf - # 3.2.1~ynh3 - #upgrade=1 from_commit=7a621c48f6bdd10334f2d0c06f787fe468788f62 - # 3.2.1~ynh4 - upgrade=1 from_commit=08bf3fce3ad99e27e7f7d251838a9f9c63243e44 - # 3.3.0~ynh1 - #upgrade=1 from_commit=c43548f6e0a0e5d172360945f6941255537ec18c - # 3.3.0~ynh2 - #upgrade=1 from_commit=6010986d58ef0caa8428e3d6e3ff3fd512401a53 - # 3.3.0~ynh2 - #upgrade=1 from_commit=f3bb02002c8fa28748744302475139b6fcf7c651 - # 3.3.0~ynh3 - #upgrade=1 from_commit=ed59a268e93910f8b35b0f87399f91b8cad9ede0 - # 3.3.0~ynh4 - #upgrade=1 from_commit=509ba9051facf65329dde20919a3254dcaf3f910 - # 3.4.0~ynh1 - #upgrade=1 from_commit=83a06ca4c96ccd941b49647b3698db2c6b771b79 - # 3.4.1~ynh1 - #upgrade=1 from_commit=96f010a9f72fed48660b3f962124b553397b283b - # 3.4.1~ynh2 - #upgrade=1 from_commit=0b6823def8230b3af7f9b484c526a49c3a640c4d - # 3.4.1~ynh3 - upgrade=1 from_commit=0f77bb6e7441698b762bde38698c510dc0a4438e - # 4.0.0~ynh1 - #upgrade=1 from_commit=602bf56af8582a38c7ee055f60e782e2da0efddc - # 4.0.0~ynh1 - #upgrade=1 from_commit=7c2bb0bb6a91b6b957b734f684aa3d64da892f4c - # 4.0.0~ynh1 - #upgrade=1 from_commit=9bdfda10d83519064adeb275f6aed1660bf24b88 - # 4.0.0~ynh2 - #upgrade=1 from_commit=16bc11e945c2b1a962a5deace7c0f27b8d5a5112 - # 4.0.0~ynh2 - #upgrade=1 from_commit=6995b27972e27c6cf8ee3e1f23a2de5cc8c8e8ee - # 4.1.0~ynh1 - #upgrade=1 from_commit=d5aa8c2194297b332d26e68b5e9e8ada17377742 - # 4.1.1~ynh1 - #upgrade=1 from_commit=24c8333d70312e9dcf8d278e64787ca561a10b2e - # 4.2.0~ynh1 - #upgrade=1 from_commit=ddb937ecab9454e8dd0b07627a02bad27c9f6556 - # 4.2.1~ynh1 - #upgrade=1 from_commit=5a488aebc53dafa5c431580ca4437eed0ad7da1e - # 4.2.2~ynh1 - upgrade=1 from_commit=9bf92ff65db0dcb188834738f180dbfa34ebef09 - # 5.2.0~ynh1 - upgrade=1 from_commit=fbf90aa8845edfb8bc1f75e335ea706203fe77e7 - backup_restore=1 - multi_instance=0 - port_already_use=0 - change_url=0 -;;; Options -Email= -Notification=none diff --git a/conf/app.src b/conf/app.src deleted file mode 100644 index 8a4a060..0000000 --- a/conf/app.src +++ /dev/null @@ -1,6 +0,0 @@ -SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v5.2.1/peertube-v5.2.1.tar.xz -SOURCE_SUM=27d577ab63d29be865934088d1831373a71433c78443a4441fb3ac416995817c -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.xz -SOURCE_IN_SUBDIR=true -SOURCE_EXTRACT=true diff --git a/conf/local-production.json b/conf/local-production.json deleted file mode 100644 index 2c63c08..0000000 --- a/conf/local-production.json +++ /dev/null @@ -1,2 +0,0 @@ -{ -} diff --git a/conf/msg_install b/conf/msg_install deleted file mode 100644 index 1243f11..0000000 --- a/conf/msg_install +++ /dev/null @@ -1,17 +0,0 @@ -__APP__ was successfully installed :) - -Please open your __APP__ domain: https://__DOMAIN____PATH_URL__ - -The admin username is: root -The admin password is: __ADMIN_PASS__ - -To make PeerTube Live available, you also need to make the TCP port __RTMP_PORT__ available from internet (For example, opening the port on your ISP box if it's not automatically done). - -To enable LDAP authentication open https://__DOMAIN____PATH_URL__admin/plugins/show/peertube-plugin-auth-ldap -Complete with the following informations : -- URL: ldap://127.0.0.1 -- Insecure TLS : checked -- Search base : ou=users,dc=yunohost,dc=org -All YunoHost users will be allowed to login as peertube user. - -If you are facing any problem or want to improve this app, please open a new issue here: https://github.com/YunoHost-Apps/peertube_ynh diff --git a/conf/msg_remove b/conf/msg_remove deleted file mode 100644 index c21fde9..0000000 --- a/conf/msg_remove +++ /dev/null @@ -1,15 +0,0 @@ -__APP__ was successfully removed :) - -The domain https://__DOMAIN____PATH_URL__ is free for other apps to be installed on it. - -You should close the PeerTube Live TCP port __RTMP_PORT__ available from internet (For example, closing the port on your ISP box if it's not automatically done). - -But a futher action is required from your side to completely remove the __APP__ data folder. If you have backup and plan to restore this app in the future DON'T RUN THIS COMMAND. -And if you are going to migrate to othe server you will have to move __DATADIR__ to your new server. - - -You need to run this command to remove the data (warning all your videos will be removed): - -rm -R __DATADIR__ -f - -If you facing any problem or want to improve this app, please open a new issue here: https://github.com/YunoHost-Apps/peertube_ynh diff --git a/conf/nginx.conf b/conf/nginx.conf index b52eea0..e894736 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -46,14 +46,14 @@ location ~ ^/api/v1/videos/(upload|([^/]+/studio/edit))$ { } location ~ ^/api/v1/runners/jobs/[^/]+/(update|success)$ { - client_max_body_size 12G; # default is 1M + client_max_body_size 12G; # default is 1M more_set_headers "X-File-Maximum-Size : 8G always"; # inform backend of the set value in bytes before mime-encoding (x * 1.4 >= client_max_body_size) try_files /dev/null @api; } location ~ ^/api/v1/(videos|video-playlists|video-channels|users/me) { - client_max_body_size 6M; # default is 1M + client_max_body_size 6M; # default is 1M more_set_headers "X-File-Maximum-Size : 4M always"; # inform backend of the set value in bytes before mime-encoding (x * 1.4 >= client_max_body_size) try_files /dev/null @api; @@ -96,11 +96,11 @@ location ~ ^/plugins/[^/]+(/[^/]+)?/ws/ { # For extra performance please refer to https://github.com/denji/nginx-tuning ## -root __DATADIR__; +root __DATA_DIR__storage/; + # Enable compression for JS/CSS/HTML, for improved client load times. + # It might be nice to compress JSON/XML as returned by the API, but + # leaving that out to protect against potential BREACH attack. -# Enable compression for JS/CSS/HTML, for improved client load times. -# It might be nice to compress JSON/XML as returned by the API, but -# leaving that out to protect against potential BREACH attack. # gzip on; gzip_vary on; gzip_types # text/html is always compressed by HttpGzipModule @@ -134,14 +134,14 @@ tcp_nodelay on; # don't buffer data sent, good for small data burs location ~ ^/client/(assets/images/(icons/icon-36x36\.png|icons/icon-48x48\.png|icons/icon-72x72\.png|icons/icon-96x96\.png|icons/icon-144x144\.png|icons/icon-192x192\.png|icons/icon-512x512\.png|logo\.svg|favicon\.png|default-playlist\.jpg|default-avatar-account\.png|default-avatar-account-48x48\.png|default-avatar-video-channel\.png|default-avatar-video-channel-48x48\.png))$ { more_set_headers "Cache-Control : public, max-age=31536000, immutable"; # Cache 1 year - try_files __DATADIR__/client-overrides/$1 __FINALPATH__/client/dist/$1 @api; + try_files __DATA_DIR__storage/client-overrides/$1 __INSTALL_DIR__/client/dist/$1 @api; } # Bypass PeerTube for performance reasons. Optional. location ~ ^/client/(.*\.(js|css|png|svg|woff2|otf|ttf|woff|eot))$ { more_set_headers "Cache-Control : public, max-age=31536000, immutable"; # Cache 1 year - alias __FINALPATH__/client/dist/$1; + alias __INSTALL_DIR__/client/dist/$1; } # Bypass PeerTube for performance reasons. Optional. @@ -163,7 +163,7 @@ location ~ ^/static/(thumbnails|avatars)/ { rewrite ^/static/(.*)$ /$1 break; - root __DATADIR__; + root __DATA_DIR__storage/; try_files $uri @api; } @@ -220,7 +220,7 @@ location ~ ^/static/(webseed|web-videos|redundancy|streaming-playlists)/ { rewrite ^/static/webseed/(.*)$ /web-videos/$1 break; rewrite ^/static/(.*)$ /$1 break; - root __DATADIR__; + root __DATA_DIR__storage/; try_files $uri @api; } diff --git a/conf/production.yaml b/conf/production.yaml index 28731b5..dd6bee1 100644 --- a/conf/production.yaml +++ b/conf/production.yaml @@ -1,5 +1,5 @@ listen: - hostname: 'localhost' + hostname: '127.0.0.1' port: __PORT__ # Correspond to your reverse proxy server_name/listen configuration (i.e., your public PeerTube instance URL) @@ -13,7 +13,6 @@ secrets: # Generate one using `openssl rand -hex 32` peertube: '__SECRETS_PEERTUBE__' - rates_limit: api: # 50 attempts in 10 seconds @@ -35,6 +34,31 @@ rates_limit: # 10 attempts in 10 min window: 10 minutes max: 10 + plugins: + # 500 attempts in 10 seconds (we also serve plugin static files) + window: 10 seconds + max: 500 + well_known: + # 200 attempts in 10 seconds + window: 10 seconds + max: 200 + feeds: + # 50 attempts in 10 seconds + window: 10 seconds + max: 50 + activity_pub: + # 500 attempts in 10 seconds (we can have many AP requests) + window: 10 seconds + max: 500 + client: # HTML files generated by PeerTube + # 500 attempts in 10 seconds (to not break crawlers) + window: 10 seconds + max: 500 + +oauth2: + token_lifetime: + access_token: '1 day' + refresh_token: '2 weeks' # Proxies to trust to get real client IP # If you run PeerTube just behind a local proxy (nginx), keep 'loopback' @@ -47,7 +71,7 @@ database: hostname: 'localhost' port: 5432 ssl: false - suffix: '___APP__' + suffix: '__DB_SUFFIX__' username: '__DB_USER__' password: '__DB_PWD__' pool: @@ -70,8 +94,8 @@ smtp: sendmail: null hostname: 'localhost' port: 25 # If you use StartTLS: 587 - username: null - password: null + username: __APP__ + password: __MAIL_PWD__ tls: false # If you use StartTLS: false disable_starttls: true ca_file: null # Used for self signed certificates @@ -113,20 +137,22 @@ defaults: # From the project root directory storage: - tmp: '__DATADIR__/tmp/' # Use to download data (imports etc), store uploaded files before processing... - bin: '__DATADIR__/bin/' - avatars: '__DATADIR__/avatars/' - videos: '__DATADIR__/videos/' - streaming_playlists: '__DATADIR__/streaming-playlists/' - redundancy: '__DATADIR__/redundancy/' + tmp: '__DATA_DIR__/storage/tmp/' # Use to download data (imports etc), store uploaded files before processing... + tmp_persistent: '__DATA_DIR__//storage/tmp-persistent/' # As tmp but the directory is not cleaned up between PeerTube restarts + bin: '__DATA_DIR__/storage/bin/' + avatars: '__DATA_DIR__/storage/avatars/' + web_videos: '__DATA_DIR__/storage/videos/' + streaming_playlists: '__DATA_DIR__/storage/streaming-playlists/' + redundancy: '__DATA_DIR__/storage/redundancy/' logs: '/var/log/__APP__/' - previews: '__DATADIR__/previews/' - thumbnails: '__DATADIR__/thumbnails/' - torrents: '__DATADIR__/torrents/' - captions: '__DATADIR__/captions/' - cache: '__DATADIR__/cache/' - plugins: '__DATADIR__/plugins/' - well_known: '__DATADIR__/well-known/' + previews: '__DATA_DIR__/storage/previews/' + thumbnails: '__DATA_DIR__/storage/thumbnails/' + storyboards: '__DATA_DIR__/storage/storyboards/' + torrents: '__DATA_DIR__/storage/torrents/' + captions: '__DATA_DIR__/storage/captions/' + cache: '__DATA_DIR__/storage/cache/' + plugins: '__DATA_DIR__/storage/plugins/' + well_known: '__DATA_DIR__/storage/well-known/' # Overridable client files in client/dist/assets/images: # - logo.svg # - favicon.png @@ -137,7 +163,7 @@ storage: # Could contain for example assets/images/favicon.png # If the file exists, peertube will serve it # If not, peertube will fallback to the default file - client_overrides: '__DATADIR__/client-overrides/' + client_overrides: '__DATA_DIR__/storage/client-overrides/' static_files: # Require and check user authentication when accessing private files (internal/private video files) @@ -184,9 +210,9 @@ object_storage: # Useful when you want to use a CDN/external proxy base_url: '' # Example: 'https://mirror.example.com' - # Same settings but for webtorrent videos - videos: - bucket_name: 'videos' + # Same settings but for web videos + web_videos: + bucket_name: 'web-videos' prefix: '' base_url: '' @@ -203,23 +229,31 @@ log: log_ping_requests: true log_tracker_unknown_infohash: true + # If you have many concurrent requests, you can disable HTTP requests logging to reduce PeerTube CPU load + log_http_requests: true + prettify_sql: false # Accept warn/error logs coming from the client accept_client_log: true # Support of Open Telemetry metrics and tracing -# For more information: https://docs.joinpeertube.org/maintain-observability +# For more information: https://docs.joinpeertube.org/maintain/observability open_telemetry: metrics: enabled: false + http_request_duration: + # You can disable HTTP request duration metric that can have a high tag cardinality + enabled: true + # Create a prometheus exporter server on this port so prometheus server can scrape PeerTube metrics prometheus_exporter: hostname: '127.0.0.1' port: 9091 tracing: + # If tracing is enabled, you must provide --experimental-loader=@opentelemetry/instrumentation/hook.mjs flag to the node binary enabled: false # Send traces to a Jaeger compatible endpoint @@ -228,12 +262,14 @@ open_telemetry: trending: videos: - interval_days: 7 # Compute trending videos for the last x days + interval_days: 7 # Compute trending videos for the last x days for 'most-viewed' algorithm + algorithms: enabled: - - 'hot' # adaptation of Reddit's 'Hot' algorithm - - 'most-viewed' # default, used initially by PeerTube as the trending page - - 'most-liked' + - 'hot' # Adaptation of Reddit's 'Hot' algorithm + - 'most-viewed' # Number of views in the last x days + - 'most-liked' # Global views since the upload of the video + default: 'most-viewed' # Cache remote videos on your server, to help other instances to broadcast the video @@ -278,6 +314,11 @@ security: frameguard: enabled: true + # Set x-powered-by HTTP header to "PeerTube" + # Can help remote software to know this is a PeerTube instance + powered_by_header: + enabled: true + tracker: # If you disable the tracker, you disable the P2P on your PeerTube instance enabled: true @@ -326,6 +367,9 @@ plugins: url: 'https://packages.joinpeertube.org' federation: + # Some federated software such as Mastodon may require an HTTP signature to access content + sign_federated_fetches: true + videos: federate_unlisted: false @@ -356,6 +400,20 @@ feeds: # Default number of comments displayed in feeds count: 20 +remote_runners: + # Consider jobs that are processed by a remote runner as stalled after this period of time without any update + stalled_jobs: + live: '30 seconds' + vod: '2 minutes' + +thumbnails: + # When automatically generating a thumbnail from the video + generation_from_video: + # How many frames to analyze at the middle of the video to select the most appropriate one + # Increasing this value will increase CPU and memory usage when generating the thumbnail, especially for high video resolution + # Minimum value is 2 + frames_to_analyze: 50 + ############################################################################### # # From this point, almost all following keys can be overridden by the web interface @@ -375,6 +433,8 @@ cache: size: 500 # Max number of video captions/subtitles you want to cache torrents: size: 500 # Max number of video torrents you want to cache + storyboards: + size: 500 # Max number of video storyboards you want to cache admin: # Used to generate the root user at first startup @@ -386,20 +446,31 @@ contact_form: signup: enabled: false + limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited + minimum_age: 16 # Used to configure the signup form + + # Users fill a form to register so moderators can accept/reject the registration + requires_approval: true requires_email_verification: false + filters: cidr: # You can specify CIDR ranges to whitelist (empty = no filtering) or blacklist whitelist: [] blacklist: [] user: + history: + videos: + # Enable or disable video history by default for new users. + enabled: true # Default value of maximum video bytes the user can upload (does not take into account transcoded files) # Byte format is supported ("1GB" etc) # -1 == unlimited video_quota: -1 video_quota_daily: -1 + default_channel_name: 'Main $1 channel' # The placeholder $1 is used to represent the user's username video_channels: max_per_user: 20 # Allows each user to create up to 20 video channels. @@ -416,12 +487,18 @@ transcoding: # If a user uploads an audio file, PeerTube will create a video by merging the preview file and the audio file allow_audio_files: true - # Amount of threads used by ffmpeg for 1 transcoding job + # Enable remote runners to transcode your videos + # If enabled, your instance won't transcode the videos itself + # At least 1 remote runner must be configured to transcode your videos + remote_runners: + enabled: false + + # Amount of threads used by ffmpeg for 1 local transcoding job threads: 1 - # Amount of transcoding jobs to execute in parallel + # Amount of local transcoding jobs to execute in parallel concurrency: 1 - # Choose the transcoding profile + # Choose the local transcoding profile # New profiles can be added by plugins # Available in core PeerTube: 'default' profile: 'default' @@ -440,18 +517,18 @@ transcoding: # Transcode and keep original resolution, even if it's above your maximum enabled resolution always_transcode_original_resolution: true - # Generate videos in a WebTorrent format (what we do since the first PeerTube release) + # Generate videos in a web compatible format # If you also enabled the hls format, it will multiply videos storage by 2 # If disabled, breaks federation with PeerTube instances < 2.1 - webtorrent: + web_videos: enabled: false # /!\ Requires ffmpeg >= 4.1 - # Generate HLS playlists and fragmented MP4 files. Better playback than with WebTorrent: + # Generate HLS playlists and fragmented MP4 files. Better playback than with Web Videos: # * Resolution change is smoother # * Faster playback in particular with long videos # * More stable playback (less bugs/infinite loading) - # If you also enabled the webtorrent format, it will multiply videos storage by 2 + # If you also enabled the web videos format, it will multiply videos storage by 2 hls: enabled: true @@ -516,9 +593,17 @@ live: # Allow to transcode the live streaming in multiple live resolutions transcoding: enabled: true + + # Enable remote runners to transcode your videos + # If enabled, your instance won't transcode the videos itself + # At least 1 remote runner must be configured to transcode your videos + remote_runners: + enabled: false + + # Amount of threads used by ffmpeg per live when using local transcoding threads: 2 - # Choose the transcoding profile + # Choose the local transcoding profile # New profiles can be added by plugins # Available in core PeerTube: 'default' profile: 'default' @@ -541,6 +626,17 @@ video_studio: # If enabled, users can create transcoding tasks as they wish enabled: false + # Enable remote runners to transcode studio tasks + # If enabled, your instance won't transcode the videos itself + # At least 1 remote runner must be configured to transcode your videos + remote_runners: + enabled: false + +video_file: + update: + # Add ability for users to replace the video file of an existing video + enabled: false + import: # Add ability for your users to import remote videos (from YouTube, torrent...) videos: @@ -553,7 +649,7 @@ import: # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html http: # We recommend to use a HTTP proxy if you enable HTTP import to prevent private URL access from this server - # See https://docs.joinpeertube.org/maintain-configuration?id=security for more information + # See https://docs.joinpeertube.org/maintain/configuration#security for more information enabled: false youtube_dl_release: @@ -577,10 +673,10 @@ import: # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file) torrent: # We recommend to only enable magnet URI/torrent import if you trust your users - # See https://docs.joinpeertube.org/maintain-configuration?id=security for more information + # See https://docs.joinpeertube.org/maintain/configuration#security for more information enabled: false - # Add ability for your users to synchronize their channels with external channels, playlists, etc. + # Add ability for your users to synchronize their channels with external channels, playlists, etc video_channel_synchronization: enabled: false @@ -677,8 +773,9 @@ instance: Disallow: # /.well-known/security.txt rules. This endpoint is cached, so you may have to wait a few hours before viewing your changes # To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string - securitytxt: - '# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:' + securitytxt: | + Contact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md + Expires: 2025-12-31T11:00:00.000Z' services: # Cards configuration to format video in Twitter diff --git a/conf/systemd.service b/conf/systemd.service index 026ad03..7e87245 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -4,13 +4,13 @@ After=network.target postgresql.service redis-server.service [Service] Type=simple -Environment=NODE_ENV=production -Environment=NODE_CONFIG_DIR=__FINALPATH__/config -Environment="__YNH_NODE_LOAD_PATH__" User=__APP__ Group=__APP__ -ExecStart=__YNH_NODE__ __FINALPATH__/dist/server -WorkingDirectory=__FINALPATH__/ +Environment=NODE_ENV=production +Environment=NODE_CONFIG_DIR=__INSTALL_DIR__/config +Environment="__YNH_NODE_LOAD_PATH__" +ExecStart=__YNH_NODE__ __INSTALL_DIR__/dist/server +WorkingDirectory=__INSTALL_DIR__/ StandardOutput=syslog StandardError=syslog SyslogIdentifier=__APP__ diff --git a/doc/ADMIN.md b/doc/ADMIN.md new file mode 100644 index 0000000..6fda198 --- /dev/null +++ b/doc/ADMIN.md @@ -0,0 +1 @@ +* Do not modify the `__INSTALL_DIR__/conf/production.yaml` file, because it will be overridden in the next upgrade. Please instead either change them though the web interface, which stores specific local settings in a separate configuration file. diff --git a/doc/ADMIN_fr.md b/doc/ADMIN_fr.md new file mode 100644 index 0000000..953aefb --- /dev/null +++ b/doc/ADMIN_fr.md @@ -0,0 +1 @@ +* Ne modifiez pas les paramètres dans le fichier `__INSTALL_DIR__/conf/production.yaml`, car il sera remplacé lors de la prochaine mise à niveau. Veuillez plutôt modifier la configuration via l'interface Web, qui stocke les paramètres locaux spécifiques dans un fichier de configuration distinct. \ No newline at end of file diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md index 70f7a24..66dde64 100644 --- a/doc/DESCRIPTION.md +++ b/doc/DESCRIPTION.md @@ -1 +1 @@ -Federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser, using WebTorrent. +PeerTube is a decentralized and federated video hosting software. To publish videos, the user must register with a host (called an instance). Each host has its own conditions of use (storage space per user, moderation rules, themes, etc.). Thanks to WebTorrent, if several people view the same video, fragments of it are exchanged between people so as not to overload the instance. Decentralized: Each instance can follow one or more other PeerTube instances in order to allow its users to view their videos. Federated: Via the ActivityPub protocol, Peertube can interact with other software that is part of the Fediverse, such as Mastodon for example. diff --git a/doc/DESCRIPTION_fr.md b/doc/DESCRIPTION_fr.md index 6ec737f..14aa61d 100644 --- a/doc/DESCRIPTION_fr.md +++ b/doc/DESCRIPTION_fr.md @@ -1 +1 @@ -Plateforme de streaming vidéo fédérée (ActivityPub) utilisant P2P (BitTorrent) directement dans le navigateur Web, en utilisant WebTorrent +PeerTube est un logiciel décentralisé et fédéré d’hébergement de vidéos. Pour publier des vidéos, l’utilisateur doit s’inscrire chez un hébergeur (nommé instance). Chaque hébergeur possède ses conditions d’utilisation (espace de stockage par utilisateur, règles de modération, thématiques, etc.). Grâce à WebTorrent, si plusieurs personnes consultent une même vidéo, des fragments de celle-ci sont échangés entre les personnes afin de ne pas surcharger l’instance. Décentralisé : Chaque instance peut suivre une ou plusieurs autres instances PeerTube afin de permettre à ses utilisateurs de visionner les vidéos de celles-ci. Fédéré : Via le protocole ActivityPub, Peertube peut interagir avec d’autres logiciels qui font partie du Fediverse, comme Mastodon par exemple. diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md deleted file mode 100644 index 3afed93..0000000 --- a/doc/DISCLAIMER.md +++ /dev/null @@ -1,22 +0,0 @@ -### IMPORTANT POINT TO READ BEFORE INSTALLING -* Require **dedicated domain** like **peertube.domain.tld**. -* Admin username is: **root**. -* **Admin password and LDAP configuration** will be sent to the email address given at the time of the installation. -* URL can not be changed once selected. Choose the domain wisely. -* You need more then **1 GB** of RAM. If you don't have it, please create a **swap memory**. - - $ dd if=/dev/zero of=/swapfile bs=1024 count=1048576 - $ mkswap /swapfile - $ swapon /swapfile - $ echo "/swapfile swap swap defaults 0 0" >> /etc/fstab - -* This app is **multi-instance** (you can have more then one PeerTube instance running on a YunoHost server) -* **If you are hosted on OVH virtual machine or experiencing `gyp ERR! configure error`, please switch to [ovh_fix](https://github.com/YunoHost-Apps/peertube_ynh/tree/ovh_fix)** -* HTTP auth is not supported -* Do not modify the `/var/www//conf/production.yaml` file, because it will be overridden in the next upgrade. Please instead either change them though the web interface or create a `/var/www//conf/local.yaml` file, assign it the same owner, group and rights than for `conf/production.yaml` and fill there your specific settings. - * Note: when the same option have different values in `production.yaml` and `local.yaml` files, only the value in `local.yaml` is taken into account. - -### PLUGINS -* LDAP auth is supported, LDAP configuration will be sent to the email address given at the time of the installation. -* PeerTube plugin livechat is installed with Prosody. To enable, just select «Prosody server controlled by Peertube» as chat mode in the plugin configutation of the PeerTube admin page -* During install, because of Prosody, Metronome is disabled diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md deleted file mode 100644 index 3bf129e..0000000 --- a/doc/DISCLAIMER_fr.md +++ /dev/null @@ -1,23 +0,0 @@ -### Points importants à lire avant l'installation -* Nécessite un **domaine dédié** comme **peertube.domain.tld**. -* Le nom d'utilisateur de l'administrateur est: **root**. -* **Le mot de passe administrateur et la configuration LDAP** seront envoyés à l'adresse email indiquée au moment de l'installation. -* L'URL ne peut pas être modifiée une fois sélectionnée. Choisissez judicieusement le domaine. -* Vous avez besoin de plus de **1 Go** de RAM. Si vous ne l'avez pas, veuillez créer une **mémoire swap**. - - $ dd if=/dev/zero of=/swapfile bs=1024 count=1048576 - $ mkswap /swapfile - $ swapon /swapfile - $ echo "/swapfile swap swap defaults 0 0" >> /etc/fstab - -* Cette application est **multi-instance** (vous pouvez avoir plus d'une instance PeerTube en cours d'exécution sur un serveur YunoHost) -* **Si vous êtes hébergé sur une machine virtuelle OVH ou rencontrez `gyp ERR! configure error`, veuillez passer à [ovh_fix](https://github.com/YunoHost-Apps/peertube_ynh/tree/ovh_fix)** -* L'authentification HTTP n'est pas supportée -* Ne modifiez pas le fichier `/var/www//conf/production.yaml`, car il sera remplacé à la prochaine mise à jour. À la place, veuillez modifier la configuration via l'interface web ou créer et remplir le fichier `/var/www//conf/local.yaml`, assignez-lui les mêmes propriétaire, groupe et droits que pour `conf/production.yaml` et y remplir vos options spécifiques. - * Note: si la même option contient différentes valeurs dans les fichiers `conf/production.yaml` et `conf/local.yaml`, seule la valeur dans `conf/local.yaml` sera prise en compte. - -#### PLUGINS - -* L'authentification LDAP est prise en charge, les instructions de configuration sont envoyées à l'adresse email indiquée au moment de l'installation -* Le plugin PeerTube livechat est installé ainsi que Prosody. pour l'activer, sélectionner «Prosody server controlled by Peertube» dans le paramétre chat mode du plugin dans la page d'administration de PeerTube. -* Pendant l'installation, à cause de Prosody, Metronome est désactivé. diff --git a/doc/POST_INSTALL.md b/doc/POST_INSTALL.md new file mode 100644 index 0000000..312a2bf --- /dev/null +++ b/doc/POST_INSTALL.md @@ -0,0 +1,12 @@ +- __APP__ can now be accessed at [https://__DOMAIN____PATH__](https://__DOMAIN____PATH__) +- The admin username is: root +- The admin password is: __ADMIN_PASS__ + +To make PeerTube Live available, you also need to make the TCP port __PORT_RTMP__ available from internet (For example, opening the port on your ISP box if it's not automatically done). + +To enable LDAP authentication, you should open [https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap](https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap) and complete with the following informations : +- URL: `ldap://127.0.0.1` +- Insecure TLS: `checked` +- Search base: `ou=users,dc=yunohost,dc=org` + +All YunoHost users will be allowed to login as PeerTube user. diff --git a/doc/POST_INSTALL_fr.md b/doc/POST_INSTALL_fr.md new file mode 100644 index 0000000..3d3ecec --- /dev/null +++ b/doc/POST_INSTALL_fr.md @@ -0,0 +1,12 @@ +- __APP__ est désormais accessible sur [https://__DOMAIN____PATH__](https://__DOMAIN____PATH__) +- Le nom d'utilisateur administrateur est : root +- Le mot de passe administrateur est : __ADMIN_PASS__ + +Pour rendre PeerTube Live disponible, vous devez également rendre le port TCP __PORT_RTMP__ disponible depuis internet (par exemple, ouvrir le port sur votre box FAI si ce n'est pas fait automatiquement). + +Pour activer l'authentification LDAP, vous devez ouvrir [https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap](https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap) et compléter avec le informations suivantes : +-URL : `ldap://127.0.0.1` +- TLS non sécurisé : "vérifié" +- Base de recherche : `ou=users,dc=yunohost,dc=org` + +Tous les utilisateurs de YunoHost seront autorisés à se connecter en tant qu'utilisateur PeerTube. \ No newline at end of file diff --git a/manifest.json b/manifest.json deleted file mode 100644 index 06001dc..0000000 --- a/manifest.json +++ /dev/null @@ -1,46 +0,0 @@ -{ - "name": "PeerTube", - "id": "peertube", - "packaging_format": 1, - "description": { - "en": "Federated video streaming platform using P2P directly in the web browser", - "fr": "Plateforme fédéralisé de diffusion vidéo par P2P directement dans le navigateur" - }, - "version": "5.2.1~ynh1", - "url": "https://github.com/Chocobozzz/PeerTube", - "upstream": { - "license": "AGPL-3.0-only", - "website": "https://joinpeertube.org/fr", - "demo": "http://peertube.cpy.re", - "admindoc": "https://docs.joinpeertube.org", - "code": "https://github.com/Chocobozzz/PeerTube" - }, - "license": "AGPL-3.0-only", - "maintainer": { - "name": "yalh76" - }, - "requirements": { - "yunohost": ">= 11.0.0" - }, - "multi_instance": false, - "services": [ - "nginx" - ], - "arguments": { - "install": [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "is_public", - "type": "boolean", - "default": true - }, - { - "name": "admin", - "type": "user" - } - ] - } -} diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..ef1b8a9 --- /dev/null +++ b/manifest.toml @@ -0,0 +1,78 @@ +packaging_format = 2 + +id = "peertube" +name = "PeerTube" +description.en = "Federated video streaming platform using P2P directly in the web browser" +description.fr = "Plateforme fédéralisé de diffusion vidéo par P2P directement dans le navigateur" + +version = "6.0.2~ynh1" + +maintainers = ["yalh76"] + +[upstream] +license = "AGPL-3.0-only" +website = "https://joinpeertube.org/fr" +demo = "http://peertube.cpy.re" +admindoc = "https://docs.joinpeertube.org" +code = "https://github.com/Chocobozzz/PeerTube" + +[integration] +yunohost = ">= 11.2" +architectures = "all" +multi_instance = false + +ldap = true + +sso = false + +disk = "50M" +ram.build = "1G" +ram.runtime = "1G" + +[install] + [install.domain] + type = "domain" + + [install.init_main_permission] + type = "group" + default = "visitors" + + [install.admin] + type = "user" + +[resources] + [resources.sources.main] + url = "https://github.com/Chocobozzz/PeerTube/releases/download/v6.0.2/peertube-v6.0.2.tar.xz" + sha256 = "9313591f911f3951ec15a9d1102b8aa4158d4cf5af74e9f0e71c0ee4e4dca2a2" + autoupdate.strategy = "latest_github_tag" + + [resources.ports] + main.default = 8095 + rtmp.default = 1935 + rtmp.exposed = "TCP" + + [resources.system_user] + allow_email = true + + [resources.install_dir] + + [resources.data_dir] + subdirs = ["storage"] + + [resources.permissions] + main.url = "/" + api.url = "/api" + api.allowed = "visitors" + api.auth_header = false + api.show_tile = false + api.protected = true + + [resources.apt] + packages = "ffmpeg, postgresql, postgresql-contrib, openssl, g++, mailutils, apt-transport-https" + + extras.yarn.repo = "deb https://dl.yarnpkg.com/debian/ stable main" + extras.yarn.key = "https://dl.yarnpkg.com/debian/pubkey.gpg" + extras.yarn.packages = "yarn" + + [resources.database] + type = "postgresql" diff --git a/scripts/_common.sh b/scripts/_common.sh index 6ee012b..f3cd2a7 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,10 +4,9 @@ # COMMON VARIABLES #================================================= -# dependencies used by the app -pkg_dependencies="ffmpeg postgresql postgresql-contrib openssl g++ mailutils apt-transport-https" - -nodejs_version=16 +nodejs_version=20 +# Obtain the (empty string), __2, __3, cf the DB suffix in production.yaml... +db_suffix="$(echo $app | sed 's/peertube//g')" #================================================= # PERSONAL HELPERS @@ -17,6 +16,45 @@ nodejs_version=16 # EXPERIMENTAL HELPERS #================================================= +# get the first available redis database +# +# usage: ynh_redis_get_free_db +# | returns: the database number to use +ynh_redis_get_free_db() { + local result max db + result=$(redis-cli INFO keyspace) + + # get the num + max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+") + + db=0 + # default Debian setting is 15 databases + for i in $(seq 0 "$max") + do + if ! echo "$result" | grep -q "db$i" + then + db=$i + break 1 + fi + db=-1 + done + + test "$db" -eq -1 && ynh_die --message="No available Redis databases..." + + echo "$db" +} + +# Create a master password and set up global settings +# Please always call this script in install and restore scripts +# +# usage: ynh_redis_remove_db database +# | arg: database - the database to erase +ynh_redis_remove_db() { + local db=$1 + redis-cli -n "$db" flushall +} + + #================================================= # FUTURE OFFICIAL HELPERS #================================================= diff --git a/scripts/backup b/scripts/backup index 6ce4cc3..475a542 100644 --- a/scripts/backup +++ b/scripts/backup @@ -10,28 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -41,13 +19,13 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE DATA DIR #================================================= -ynh_backup --src_path="$datadir" --is_big +ynh_backup --src_path="$data_dir" --is_big #================================================= # BACKUP THE NGINX CONFIGURATION diff --git a/scripts/install b/scripts/install index 6e63636..bdb6a11 100644 --- a/scripts/install +++ b/scripts/install @@ -7,250 +7,91 @@ #================================================= source _common.sh -source ynh_redis -source ynh_send_readme_to_admin__2 -source ynh_apps source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ynh_clean_check_starting -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= -domain=$YNH_APP_ARG_DOMAIN -path_url="/" -is_public=$YNH_APP_ARG_IS_PUBLIC -admin=$YNH_APP_ARG_ADMIN - -app=$YNH_APP_INSTANCE_NAME - admin_mail=$(ynh_user_get_info --username=$admin --key="mail") admin_pass=$(ynh_string_random --length=24) +ynh_app_setting_set --app=$app --key=admin_pass --value=$admin_pass secrets_peertube=$(ynh_string_random --length=24) - -# Define app's data directory -datadir="/home/yunohost.app/${app}/storage" - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -ynh_script_progression --message="Validating installation parameters..." - -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -ynh_script_progression --message="Storing installation settings..." - -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=secrets_peertube --value=$secrets_peertube -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -ynh_script_progression --message="Finding an available port..." - -# Find an available port -port=$(ynh_find_port --port=8095) -ynh_app_setting_set --app=$app --key=port --value=$port - -# PeerTube Live port -rtmp_port=1935 -ynh_port_available --port=$rtmp_port || ynh_die --message="Port $rtmp_port is needs to be available for this app" -ynh_app_setting_set --app=$app --key=rtmp_port --value=$rtmp_port - -# Open the port -ynh_script_progression --message="Configuring firewall..." -ynh_exec_warn_less yunohost firewall allow TCP $rtmp_port +redis_db=$(ynh_redis_get_free_db) +ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db" #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." +ynh_script_progression --message="Installing nodejs..." -ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version -ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # CREATE A POSTGRESQL DATABASE #================================================= -ynh_script_progression --message="Creating a PostgreSQL database..." - -db_name="peertube_${app}" -db_user=$(ynh_sanitize_dbid --db_name=$app) -ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_app_setting_set --app=$app --key=db_user --value=$db_user -ynh_psql_test_if_first_run -ynh_psql_setup_db --db_user=$db_user --db_name=$db_name -db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) +ynh_script_progression --message="Initializing postgresql modules..." ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS unaccent;" --database=$db_name ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS pg_trgm;" --database=$db_name -#================================================= -# CONFIGURE REDIS -#================================================= - -redis_db=$(ynh_redis_get_free_db) -ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." -ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" +ynh_setup_source --dest_dir="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# SPECIFIC SETUP -#================================================= -# CREATE DATA DIRECTORY -#================================================= -ynh_script_progression --message="Creating a data directory..." - -ynh_app_setting_set --app=$app --key=datadir --value=$datadir - -mkdir -p $datadir - -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:www-data "$datadir" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # BUILD YARN DEPENDENCIES #================================================= ynh_script_progression --message="Building Yarn dependencies..." -pushd "$final_path" +pushd "$install_dir" ynh_use_nodejs + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn config set network-timeout 300000 ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn install --production --pure-lockfile ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn cache clean popd #================================================= -# ADD A CONFIGURATION +# NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Adding a configuration file..." +ynh_script_progression --message="Adding system configurations..." -ynh_add_config --template="../conf/production.yaml" --destination="$final_path/config/production.yaml" - -chmod 400 "$final_path/config/production.yaml" -chown $app:$app "$final_path/config/production.yaml" - -ynh_add_config --template="../conf/local-production.json" --destination="$final_path/config/local-production.json" - -chmod 600 "$final_path/config/local-production.json" -chown $app:$app "$final_path/config/local-production.json" - -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Configuring a systemd service..." +# Create a dedicated NGINX config +ynh_add_nginx_config # Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# START SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Starting a systemd service..." - mkdir -p "/var/log/$app" chown -R $app:$app "/var/log/$app" -# Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on localhost" - -#================================================= -# INSTALL LDAP PLUGIN -#================================================= -ynh_script_progression --message="Installing LDAP plugin..." - -pushd "$final_path" - ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-auth-ldap -popd - -#================================================= -# INSTALL PEERTUBE LIVECHAT PLUGIN -#================================================= -ynh_script_progression --message="Installing PeerTube livechat plugin..." - -pushd "$final_path" - ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-livechat -popd - -#================================================= -# CHANGE PEERTUBE ADMIN PASSWORD -#================================================= -ynh_script_progression --message="Changing PeerTube admin password..." - -pushd "$final_path" - echo $admin_pass | ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_npm run reset-password -- -u root -popd - -#================================================= -# STOP SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Stopping a systemd service..." - -# Stop a systemd service -ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Configuring log rotation..." # Use logrotate to manage application logfile(s) ynh_use_logrotate -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." +yunohost service add $app --description="Federated video streaming platform" --log="/var/log/$app/$app.log" --needs_exposed_ports $port_rtmp -yunohost service add $app --description="$app daemon for Peertube" --log="/var/log/$app/$app.log" --needs_exposed_ports $rtmp_port +#================================================= +# ADD A CONFIGURATION +#================================================= +ynh_script_progression --message="Adding peertube configuration file..." + +ynh_add_config --template="production.yaml" --destination="$install_dir/config/production.yaml" +chmod 400 "$install_dir/config/production.yaml" +chown $app:$app "$install_dir/config/production.yaml" + +# Initialize local setting conf file +echo '{}' > "$install_dir/config/local-production.json" +chmod 600 "$install_dir/config/local-production.json" +chown $app:$app "$install_dir/config/local-production.json" #================================================= # START SYSTEMD SERVICE @@ -258,36 +99,18 @@ yunohost service add $app --description="$app daemon for Peertube" --log="/var/l ynh_script_progression --message="Starting a systemd service..." # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1" #================================================= -# SETUP SSOWAT +# INSTALL LDAP PLUGIN #================================================= -ynh_script_progression --message="Configuring permissions..." +ynh_script_progression --message="Installing $app plugin and password..." -# Make app public if necessary -if [ $is_public -eq 1 ] -then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. - ynh_permission_update --permission="main" --add="visitors" -fi - -ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name=nginx --action=reload - -#================================================= -# SEND A README FOR THE ADMIN -#================================================= -ynh_script_progression --message="Sending a readme for the admin..." - -ynh_send_readme_to_admin --app_message="../conf/msg_install" --recipients=$admin_mail --type='install' +pushd "$install_dir" + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-auth-ldap + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-livechat + echo "$admin_pass" | ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_npm run reset-password -- -u root +popd #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index 8f662e9..d6a8c41 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,43 +1,8 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh -source ynh_redis -source ynh_send_readme_to_admin__2 -source ynh_apps source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -port=$(ynh_app_setting_get --app=$app --key=port) -rtmp_port=$(ynh_app_setting_get --app=$app --key=rtmp_port) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$(ynh_app_setting_get --app=$app --key=db_user) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -admin=$(ynh_app_setting_get --app=$app --key=admin) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) -path_url=$(ynh_app_setting_get --app=$app --key=path) -redis_db=$(ynh_app_setting_get --app=$app --key=redis_db) - -admin_mail=$(ynh_user_get_info --username=$admin --key="mail") - -#================================================= -# STANDARD REMOVE -#================================================= -# REMOVE SERVICE INTEGRATION IN YUNOHOST -#================================================= - # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app >/dev/null then @@ -45,110 +10,25 @@ then yunohost service remove $app fi -#================================================= -# STOP AND REMOVE SERVICE -#================================================= -ynh_script_progression --message="Stopping and removing the systemd service..." +ynh_script_progression --message="Removing system configurations related to $app..." # Remove the dedicated systemd config ynh_remove_systemd_config -#================================================= -# REMOVE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Removing logrotate configuration..." - # Remove the app-specific logrotate config ynh_remove_logrotate -#================================================= -# REMOVE THE POSTGRESQL DATABASE -#================================================= -ynh_script_progression --message="Removing the PostgreSQL database..." - -# Remove a database if it exists, along with the associated user -ynh_psql_remove_db --db_user=$db_user --db_name=$db_name - -#================================================= -# REMOVE THE REDIS DATABASE -#================================================= -ynh_script_progression --message="Removing the redis database..." - ynh_redis_remove_db "$redis_db" -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE DATA DIR -#================================================= - -# Remove the data directory if --purge option is used -if [ "${YNH_APP_PURGE:-0}" -eq 1 ] -then - ynh_script_progression --message="Removing app data directory..." - ynh_secure_remove --file="$datadir" -fi - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." - # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." - # Remove metapackage and its dependencies ynh_remove_nodejs -ynh_remove_app_dependencies - -#================================================= -# CLOSE A PORT -#================================================= - -if yunohost firewall list | grep -q "\- $rtmp_port$" -then - ynh_script_progression --message="Closing port $rtmp_port..." - ynh_exec_warn_less yunohost firewall disallow TCP $rtmp_port -fi - -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE VARIOUS FILES -#================================================= -ynh_script_progression --message="Removing various files..." # Remove the log files ynh_secure_remove --file="/var/log/$app" -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." - -# Delete a system user -ynh_system_user_delete --username=$app - -#================================================= -# SEND A README FOR THE ADMIN -#================================================= -ynh_script_progression --message="Sending a readme for the admin..." - -ynh_send_readme_to_admin --app_message="../conf/msg_remove" --recipients=$admin_mail --type='remove' - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 775df02..0e06b86 100644 --- a/scripts/restore +++ b/scripts/restore @@ -8,76 +8,33 @@ # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh -source ../settings/scripts/ynh_apps source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ynh_clean_check_starting -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -port=$(ynh_app_setting_get --app=$app --key=port) -rtmp_port=$(ynh_app_setting_get --app=$app --key=rtmp_port) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$(ynh_app_setting_get --app=$app --key=db_user) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." - -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # RESTORE THE DATA DIRECTORY #================================================= ynh_script_progression --message="Restoring the data directory..." -ynh_restore_file --origin_path="$datadir" --not_mandatory +ynh_restore_file --origin_path="$data_dir" --not_mandatory -mkdir -p $datadir +chown -R $app:www-data "$data_dir" -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:www-data "$datadir" +#================================================= +# RESTORE THE POSTGRESQL DATABASE +#================================================= +ynh_script_progression --message="Restoring the PostgreSQL database..." + +ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql #================================================= # SPECIFIC RESTORATION @@ -86,72 +43,27 @@ chown -R $app:www-data "$datadir" #================================================= ynh_script_progression --message="Reinstalling dependencies..." -ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version -ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." +ynh_script_progression --message="Reinstalling system configurations..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE THE POSTGRESQL DATABASE -#================================================= -ynh_script_progression --message="Restoring the PostgreSQL database..." - -ynh_psql_test_if_first_run -db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) -ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd -ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name - -#================================================= -# OPEN A PORT -#================================================= -ynh_script_progression --message="Configuring firewall..." - -# Open the port -ynh_exec_warn_less yunohost firewall allow TCP $rtmp_port - -#================================================= -# RESTORE SYSTEMD -#================================================= -ynh_script_progression --message="Restoring the systemd configuration..." - ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." - mkdir -p "/var/log/$app" chown -R $app:$app "/var/log/$app" ynh_restore_file --origin_path="/etc/logrotate.d/$app" -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." - -yunohost service add $app --description="$app daemon for Peertube" --log="/var/log/$app/$app.log" --needs_exposed_ports $rtmp_port +yunohost service add $app --description="Federated video streaming platform" --log="/var/log/$app/$app.log" --needs_exposed_ports $port_rtmp #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1" ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index 86deeeb..5be713f 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,62 +7,15 @@ #================================================= source _common.sh -source ynh_redis -source ynh_apps source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=admin) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -port=$(ynh_app_setting_get --app=$app --key=port) -rtmp_port=$(ynh_app_setting_get --app=$app --key=rtmp_port) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$(ynh_app_setting_get --app=$app --key=db_user) -db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) admin_mail=$(ynh_user_get_info --username=$admin --key="mail") -redis_db=$(ynh_app_setting_get --app=$app --key=redis_db) -secrets_peertube=$(ynh_app_setting_get --app=$app --key=secrets_peertube) - -#================================================= -# CHECK VERSION -#================================================= -ynh_script_progression --message="Checking version..." - upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - ynh_clean_check_starting - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# STOP SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Stopping a systemd service..." - -ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped" - #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -71,95 +24,50 @@ ynh_script_progression --message="Ensuring downward compatibility..." ynh_app_setting_delete --app=$app --key=admin_pass ynh_app_setting_delete --app=$app --key=admin_mail -# If db_name doesn't exist, create it -if [ -z "$db_name" ]; then - db_name="peertube_${app}" - ynh_app_setting_set --app=$app --key=db_name --value=$db_name -fi - -# If db_user doesn't exist, create it -if [ -z "$db_user" ]; then - db_user=$app - ynh_app_setting_set --app=$app --key=db_user --value=$db_user -fi - -# If db_pwd doesn't exist, create it -if [ -z "$db_pwd" ]; then - db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) - ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd -fi - # If redis_db doesn't exist, create it -if [ -z "$redis_db" ]; then +if [ -z "${redis_db:-}" ]; then redis_db=$(ynh_redis_get_free_db) ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db" fi -if [ -z "$datadir" ]; -then - datadir="/home/yunohost.app/${app}/storage" - ynh_app_setting_set --app=$app --key=datadir --value=$datadir -fi - -# Close a port -if yunohost firewall list | grep -q "\- $port$" -then - ynh_script_progression --message="Closing port $port" - ynh_exec_warn_less yunohost firewall disallow TCP $port +if [ -z "${secrets_peertube:-}" ]; then + ynh_print_info --message="Generating and storing PeerTube secrets..." + secrets_peertube=$(ynh_string_random --length=24) + ynh_app_setting_set --app=$app --key=secrets_peertube --value=$secrets_peertube fi # Add PostgreSQL extension for v1.0.0-beta.10.pre.1 -ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS unaccent;" --database=$db_name -ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS pg_trgm;" --database=$db_name +ynh_exec_warn_less ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS unaccent;" --database=$db_name +ynh_exec_warn_less ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS pg_trgm;" --database=$db_name # Remove repository ynh_secure_remove --file="/etc/apt/sources.list.d/yarn.list" -# Remove not needed checksum -ynh_delete_file_checksum --file="../conf/msg_install" - -if [ -z "$rtmp_port" ]; -then - rtmp_port=1935 - ynh_port_available --port=$rtmp_port || ynh_die --message="Port $rtmp_port is needs to be available for this app" - ynh_app_setting_set --app=$app --key=rtmp_port --value=$rtmp_port - - # Open the port - ynh_script_progression --message="Configuring firewall..." - ynh_exec_warn_less yunohost firewall allow TCP $rtmp_port -fi - -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - -# Create a permission if needed -if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" -fi - # Remove hook -ynh_secure_remove --file="/usr/share/yunohost/hooks/conf_regen/15-nginx_$app" -yunohost tools regen-conf nginx +if [[ -e "/usr/share/yunohost/hooks/conf_regen/15-nginx_$app" ]] +then + ynh_secure_remove --file="/usr/share/yunohost/hooks/conf_regen/15-nginx_$app" + yunohost tools regen-conf nginx +fi # Remove old log file -ynh_secure_remove --file="$datadir/logs" -mkdir -p "/var/log/$app" -chown -R $app:$app "/var/log/$app" - -# Remove Prosody -ynh_remove_apps +ynh_secure_remove --file="$data_dir/logs" #================================================= -# CREATE DEDICATED USER +# STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." +ynh_script_progression --message="Stopping a systemd service..." -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" +ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped" + +# In the past, the db was called peertube_peertube >_> +if [[ "${db_name:-}" == "peertube_peertube" ]] +then + ynh_print_info --message="Renaming database..." + ynh_psql_execute_as_root --sql="ALTER DATABASE $db_name RENAME TO $app;" + db_name="$app" + ynh_app_setting_set --app="$app" --key=db_name --value="$db_name" +fi #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -170,61 +78,44 @@ then ynh_script_progression --message="Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --full_replace=1 --dest_dir="$final_path" \ + ynh_setup_source --full_replace=1 --dest_dir="$install_dir" \ --keep="config/production.yaml config/local-production.json config/local.yaml" fi -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." -ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version -ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." +ynh_script_progression --message="Upgrading system configurations..." # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# SPECIFIC UPGRADE -#================================================= -# CREATE DATA DIRECTORY -#================================================= -ynh_script_progression --message="Creating a data directory..." +# Create a dedicated systemd config +ynh_add_systemd_config -mkdir -p $datadir +mkdir -p "/var/log/$app" +chown -R $app:$app "/var/log/$app" -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:www-data "$datadir" +# Use logrotate to manage app-specific logfile(s) +ynh_use_logrotate --non-append -#================================================= -# Generate secrets if they don't exist -#================================================= - -if [ -z "$secrets_peertube" ]; then - ynh_print_info --message="Generating and storing PeerTube secrets..." - secrets_peertube=$(ynh_string_random --length=24) - ynh_app_setting_set --app=$app --key=secrets_peertube --value=$secrets_peertube -fi +yunohost service add $app --description="Federated video streaming platform" --log="/var/log/$app/$app.log" --needs_exposed_ports $port_rtmp #================================================= # BUILD YARN DEPENDENCIES #================================================= ynh_script_progression --message="Building Yarn dependencies..." -pushd "$final_path" +pushd "$install_dir" ynh_use_nodejs + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn config set network-timeout 300000 ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn install --production --pure-lockfile ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn cache clean popd @@ -232,52 +123,23 @@ popd #================================================= # UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Updating a config file..." +ynh_script_progression --message="Updating configuration file..." -ynh_add_config --template="../conf/production.yaml" --destination="$final_path/config/production.yaml" +ynh_add_config --template="production.yaml" --destination="$install_dir/config/production.yaml" +chmod 400 "$install_dir/config/production.yaml" +chown $app:$app "$install_dir/config/production.yaml" -chmod 400 "$final_path/config/production.yaml" -chown $app:$app "$final_path/config/production.yaml" - -ynh_backup_if_checksum_is_different --file="$final_path/config/local-production.json" - -chmod 600 "$final_path/config/local-production.json" -chown $app:$app "$final_path/config/local-production.json" - -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Upgrading systemd configuration..." - -# Create a dedicated systemd config -ynh_add_systemd_config - -#================================================= -# START SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Starting a systemd service..." - -mkdir -p "/var/log/$app" -chown -R $app:$app "/var/log/$app" -# Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started" +chmod 600 "$install_dir/config/local-production.json" +chown $app:$app "$install_dir/config/local-production.json" #================================================= # INSTALL LDAP PLUGIN #================================================= -ynh_script_progression --message="Installing LDAP plugin..." +ynh_script_progression --message="Installing $app plugin..." -pushd "$final_path" - ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-auth-ldap -popd - -#================================================= -# INSTALL PEERTUBE LIVECHAT PLUGIN -#================================================= -ynh_script_progression --message="Installing PeerTube livechat plugin..." - -pushd "$final_path" - ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-livechat +pushd "$install_dir" + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-auth-ldap + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-livechat popd #================================================= @@ -286,57 +148,24 @@ popd if ynh_compare_current_package_version --comparison lt --version 4.0.0~ynh1; then ynh_script_progression --message="Running Peertube 4.0.0 migration script..." - pushd "$final_path" - ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_node dist/scripts/migrations/peertube-4.0.js + pushd "$install_dir" + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_node dist/scripts/migrations/peertube-4.0.js popd fi if ynh_compare_current_package_version --comparison lt --version 4.2.0~ynh1; then ynh_script_progression --message="Running Peertube 4.2.0 migration script..." - pushd "$final_path" - ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_node dist/scripts/migrations/peertube-4.2.js + pushd "$install_dir" + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_node dist/scripts/migrations/peertube-4.2.js popd fi - -#================================================= -# STOP SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Stopping a systemd service..." - -# Stop a systemd service -ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." - -# Use logrotate to manage app-specific logfile(s) -ynh_use_logrotate --non-append - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." - -yunohost service add $app --description="$app daemon for Peertube" --log="/var/log/$app/$app.log" --needs_exposed_ports $rtmp_port - #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." +ynh_script_progression --message="Starting systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1" #================================================= # END OF SCRIPT diff --git a/scripts/ynh_apps b/scripts/ynh_apps deleted file mode 100644 index 0faad86..0000000 --- a/scripts/ynh_apps +++ /dev/null @@ -1,110 +0,0 @@ -#!/bin/bash - -# Install others YunoHost apps -# -# usage: ynh_install_apps --apps="appfoo?domain=domain.foo&path=/foo appbar?domain=domain.bar&path=/bar&admin=USER&language=fr&is_public=1&pass?word=pass&port=666" -# | arg: -a, --apps= - apps to install -# -# Requires YunoHost version *.*.* or higher. -ynh_install_apps() { - # Declare an array to define the options of this helper. - local legacy_args=a - local -A args_array=([a]=apps=) - local apps - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - - # Split the list of apps in an array - local apps_list=($(echo $apps | tr " " "\n")) - local apps_dependencies="" - - # For each app - for one_app_and_its_args in "${apps_list[@]}" - do - # Retrieve the name of the app (part before ?) - local one_app=$(cut -d "?" -f1 <<< "$one_app_and_its_args") - [ -z "$one_app" ] && ynh_die --message="You didn't provided a YunoHost app to install" - - yunohost tools update apps - - # Installing or upgrading the app depending if it's installed or not - if ! yunohost app list --output-as json --quiet | jq -e --arg id $one_app '.apps[] | select(.id == $id)' >/dev/null - then - # Retrieve the arguments of the app (part after ?) - local one_argument=$(cut -d "?" -f2- <<< "$one_app_and_its_args") - [ ! -z "$one_argument" ] && one_argument="--args $one_argument" - - # Install the app with its arguments - yunohost app install $one_app $one_argument - else - # Upgrade the app - yunohost app upgrade $one_app - fi - - if [ ! -z "$apps_dependencies" ] - then - apps_dependencies="$apps_dependencies, $one_app" - else - apps_dependencies="$one_app" - fi - done - - ynh_app_setting_set --app=$app --key=apps_dependencies --value="$apps_dependencies" -} - -# Remove other YunoHost apps -# -# Other YunoHost apps will be removed only if no other apps need them. -# -# usage: ynh_remove_apps -# -# Requires YunoHost version *.*.* or higher. -ynh_remove_apps() { - # Retrieve the apps dependencies of the app - local apps_dependencies=$(ynh_app_setting_get --app=$app --key=apps_dependencies) - ynh_app_setting_delete --app=$app --key=apps_dependencies - - if [ ! -z "$apps_dependencies" ] - then - # Split the list of apps dependencies in an array - local apps_dependencies_list=($(echo $apps_dependencies | tr ", " "\n")) - - # For each apps dependencies - for one_app in "${apps_dependencies_list[@]}" - do - # Retrieve the list of installed apps - local installed_apps_list=$(yunohost app list --output-as json --quiet | jq -r .apps[].id) - local required_by="" - local installed_app_required_by="" - - # For each other installed app - for one_installed_app in $installed_apps_list - do - # Retrieve the other apps dependencies - one_installed_apps_dependencies=$(ynh_app_setting_get --app=$one_installed_app --key=apps_dependencies) - if [ ! -z "$one_installed_apps_dependencies" ] - then - one_installed_apps_dependencies_list=($(echo $one_installed_apps_dependencies | tr ", " "\n")) - - # For each dependency of the other apps - for one_installed_app_dependency in "${one_installed_apps_dependencies_list[@]}" - do - if [[ $one_installed_app_dependency == $one_app ]]; then - required_by="$required_by $one_installed_app" - fi - done - fi - done - - # If $one_app is no more required - if [[ -z "$required_by" ]] - then - # Remove $one_app - ynh_print_info --message="Removing of $one_app" - yunohost app remove $one_app --purge - else - ynh_print_info --message="$one_app was not removed because it's still required by${required_by}" - fi - done - fi -} diff --git a/scripts/ynh_redis b/scripts/ynh_redis deleted file mode 100644 index 9d6257d..0000000 --- a/scripts/ynh_redis +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash - -# get the first available redis database -# -# usage: ynh_redis_get_free_db -# | returns: the database number to use -ynh_redis_get_free_db() { - local result max db - result=$(redis-cli INFO keyspace) - - # get the num - max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+") - - db=0 - # default Debian setting is 15 databases - for i in $(seq 0 "$max") - do - if ! echo "$result" | grep -q "db$i" - then - db=$i - break 1 - fi - db=-1 - done - - test "$db" -eq -1 && ynh_die --message="No available Redis databases..." - - echo "$db" -} - -# Create a master password and set up global settings -# Please always call this script in install and restore scripts -# -# usage: ynh_redis_remove_db database -# | arg: database - the database to erase -ynh_redis_remove_db() { - local db=$1 - redis-cli -n "$db" flushall -} diff --git a/scripts/ynh_send_readme_to_admin__2 b/scripts/ynh_send_readme_to_admin__2 deleted file mode 100644 index ee571cc..0000000 --- a/scripts/ynh_send_readme_to_admin__2 +++ /dev/null @@ -1,129 +0,0 @@ -#!/bin/bash - -# Send an email to inform the administrator -# -# usage: ynh_send_readme_to_admin --app_message=app_message [--recipients=recipients] [--type=type] -# | arg: -m --app_message= - The file with the content to send to the administrator. -# | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root -# example: "root admin@domain" -# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you -# example: "root admin@domain user1 user2" -# | arg: -t, --type= - Type of mail, could be 'backup', 'change_url', 'install', 'remove', 'restore', 'upgrade' -# -# Requires YunoHost version 4.1.0 or higher. -ynh_send_readme_to_admin() { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [m]=app_message= [r]=recipients= [t]=type= ) - local app_message - local recipients - local type - # Manage arguments with getopts - - ynh_handle_getopts_args "$@" - app_message="${app_message:-}" - recipients="${recipients:-root}" - type="${type:-install}" - - # Get the value of admin_mail_html - admin_mail_html=$(ynh_app_setting_get $app admin_mail_html) - admin_mail_html="${admin_mail_html:-0}" - - # Retrieve the email of users - find_mails () { - local list_mails="$1" - local mail - local recipients=" " - # Read each mail in argument - for mail in $list_mails - do - # Keep root or a real email address as it is - if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@" - then - recipients="$recipients $mail" - else - # But replace an user name without a domain after by its email - if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null) - then - recipients="$recipients $mail" - fi - fi - done - echo "$recipients" - } - recipients=$(find_mails "$recipients") - - # Subject base - local mail_subject="☁️🆈🅽🅷☁️: \`$app\`" - - # Adapt the subject according to the type of mail required. - if [ "$type" = "backup" ]; then - mail_subject="$mail_subject has just been backup." - elif [ "$type" = "change_url" ]; then - mail_subject="$mail_subject has just been moved to a new URL!" - elif [ "$type" = "remove" ]; then - mail_subject="$mail_subject has just been removed!" - elif [ "$type" = "restore" ]; then - mail_subject="$mail_subject has just been restored!" - elif [ "$type" = "upgrade" ]; then - mail_subject="$mail_subject has just been upgraded!" - else # install - mail_subject="$mail_subject has just been installed!" - fi - - ynh_add_config --template="$app_message" --destination="../conf/msg__to_send" - - ynh_delete_file_checksum --file="../conf/msg__to_send" - - local mail_message="This is an automated message from your beloved YunoHost server. - -Specific information for the application $app. - -$(cat "../conf/msg__to_send")" - - # Store the message into a file for further modifications. - echo "$mail_message" > mail_to_send - - # If a html email is required. Apply html tags to the message. - if [ "$admin_mail_html" -eq 1 ] - then - # Insert 'br' tags at each ending of lines. - ynh_replace_string "$" "
" mail_to_send - - # Insert starting HTML tags - sed --in-place '1s@^@\n\n\n\n@' mail_to_send - - # Keep tabulations - ynh_replace_string " " "\ \ " mail_to_send - ynh_replace_string "\t" "\ \ " mail_to_send - - # Insert url links tags - ynh_replace_string "__URL_TAG1__\(.*\)__URL_TAG2__\(.*\)__URL_TAG3__" "\1" mail_to_send - - # Insert finishing HTML tags - echo -e "\n\n" >> mail_to_send - - # Otherwise, remove tags to keep a plain text. - else - # Remove URL tags - ynh_replace_string "__URL_TAG[1,3]__" "" mail_to_send - ynh_replace_string "__URL_TAG2__" ": " mail_to_send - fi - - # Define binary to use for mail command - if [ -e /usr/bin/bsd-mailx ] - then - local mail_bin=/usr/bin/bsd-mailx - else - local mail_bin=/usr/bin/mail.mailutils - fi - - if [ "$admin_mail_html" -eq 1 ] - then - content_type="text/html" - else - content_type="text/plain" - fi - - # Send the email to the recipients - cat mail_to_send | $mail_bin -a "Content-Type: $content_type; charset=UTF-8" -s "$mail_subject" "$recipients" -} diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..4fbe1fb --- /dev/null +++ b/tests.toml @@ -0,0 +1,15 @@ +test_format = 1.0 + +[default] + + # ------------ + # Tests to run + # ------------ + + exclude = ["change_url"] + + # ------------------------------- + # Commits to test upgrade from + # ------------------------------- + + test_upgrade_from.8a8d9be.name = "5.2.1" From f0c3056f780278c81b39158a99985ffee9084788 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 29 Dec 2023 18:51:24 +0100 Subject: [PATCH 04/22] Update nginx.conf --- conf/nginx.conf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index ba159c8..91631da 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -39,7 +39,7 @@ location ~ ^/api/v1/videos/(upload|([^/]+/studio/edit))$ { # Note that temporary space is needed equal to the total size of all concurrent uploads. # This data gets stored in /var/lib/nginx by default, so you may want to put this directory # on a dedicated filesystem. - client_max_body_size 24G; # default is 1M + client_max_body_size 24G; # default is 1M more_set_headers "X-File-Maximum-Size : 16G always"; # inform backend of the set value in bytes before mime-encoding (x * 1.4 >= client_max_body_size) try_files /dev/null @api; @@ -168,7 +168,7 @@ location ~ ^/static/(thumbnails|avatars)/ { try_files $uri @api; } -location ~ ^(/static/(webseed|web-videos|streaming-playlists)/private/)|^/download { +location ~ ^(/static/(webseed|videos|streaming-playlists)/private/)|^/download { # We can't rate limit a try_files directive, so we need to duplicate @api proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; @@ -181,7 +181,7 @@ location ~ ^(/static/(webseed|web-videos|streaming-playlists)/private/)|^/downlo } # Bypass PeerTube for performance reasons. Optional. -location ~ ^/static/(webseed|web-videos|redundancy|streaming-playlists)/ { +location ~ ^/static/(webseed|videos|redundancy|streaming-playlists)/ { limit_rate_after 5M; set $peertube_limit_rate 5M; @@ -217,7 +217,7 @@ location ~ ^/static/(webseed|web-videos|redundancy|streaming-playlists)/ { aio threads; # web-videos is the name of the directory mapped to the `storage.web_videos` key in your PeerTube configuration - rewrite ^/static/webseed/(.*)$ /web-videos/$1 break; + rewrite ^/static/webseed/(.*)$ /videos/$1 break; rewrite ^/static/(.*)$ /$1 break; root __DATA_DIR__/storage/; From 1192f6cc03eb8ad678c8abcce270086a55cfc5bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 29 Dec 2023 20:04:31 +0100 Subject: [PATCH 05/22] cleaning --- scripts/install | 2 +- scripts/restore | 2 +- scripts/upgrade | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/install b/scripts/install index bdb6a11..91d2a50 100644 --- a/scripts/install +++ b/scripts/install @@ -99,7 +99,7 @@ chown $app:$app "$install_dir/config/local-production.json" ynh_script_progression --message="Starting a systemd service..." # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" #--line_match="HTTP server listening on 127.0.0.1" #================================================= # INSTALL LDAP PLUGIN diff --git a/scripts/restore b/scripts/restore index 0e06b86..6d59a76 100644 --- a/scripts/restore +++ b/scripts/restore @@ -63,7 +63,7 @@ yunohost service add $app --description="Federated video streaming platform" --l #================================================= ynh_script_progression --message="Starting a systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" #--line_match="HTTP server listening on 127.0.0.1" ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index 5be713f..b0804a4 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -165,7 +165,7 @@ fi #================================================= ynh_script_progression --message="Starting systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" #--line_match="HTTP server listening on 127.0.0.1" #================================================= # END OF SCRIPT From 451b8fb75b0e841dced3db56d49550f90e378483 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 29 Dec 2023 21:02:13 +0100 Subject: [PATCH 06/22] cleaning --- scripts/install | 2 +- scripts/restore | 2 +- scripts/upgrade | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/install b/scripts/install index 91d2a50..bdb6a11 100644 --- a/scripts/install +++ b/scripts/install @@ -99,7 +99,7 @@ chown $app:$app "$install_dir/config/local-production.json" ynh_script_progression --message="Starting a systemd service..." # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" #--line_match="HTTP server listening on 127.0.0.1" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1" #================================================= # INSTALL LDAP PLUGIN diff --git a/scripts/restore b/scripts/restore index 6d59a76..0e06b86 100644 --- a/scripts/restore +++ b/scripts/restore @@ -63,7 +63,7 @@ yunohost service add $app --description="Federated video streaming platform" --l #================================================= ynh_script_progression --message="Starting a systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" #--line_match="HTTP server listening on 127.0.0.1" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1" ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index b0804a4..5be713f 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -165,7 +165,7 @@ fi #================================================= ynh_script_progression --message="Starting systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" #--line_match="HTTP server listening on 127.0.0.1" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1" #================================================= # END OF SCRIPT From 3e4bbc78478f0babcd70b98a2e56a580407b9d74 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sat, 30 Dec 2023 16:58:25 +0100 Subject: [PATCH 07/22] Update nginx.conf --- conf/nginx.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/conf/nginx.conf b/conf/nginx.conf index 91631da..5a13dec 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -97,6 +97,7 @@ location ~ ^/plugins/[^/]+(/[^/]+)?/ws/ { ## root __DATA_DIR__/storage/; + # Enable compression for JS/CSS/HTML, for improved client load times. # It might be nice to compress JSON/XML as returned by the API, but # leaving that out to protect against potential BREACH attack. From bc35222632197a2835899e0a66f2afac59d8d2cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sat, 30 Dec 2023 20:14:56 +0100 Subject: [PATCH 08/22] Update manifest.toml --- manifest.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/manifest.toml b/manifest.toml index ef1b8a9..2202dc4 100644 --- a/manifest.toml +++ b/manifest.toml @@ -58,6 +58,7 @@ ram.runtime = "1G" [resources.data_dir] subdirs = ["storage"] + group = "www-data:rx" [resources.permissions] main.url = "/" From b55497bbb5b0c57775db055ec4ceb52646d3c4b2 Mon Sep 17 00:00:00 2001 From: lapineige Date: Sat, 30 Dec 2023 21:52:59 +0100 Subject: [PATCH 09/22] bump version to update the buggy v6.02 --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 2202dc4..17815ba 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "PeerTube" description.en = "Federated video streaming platform using P2P directly in the web browser" description.fr = "Plateforme fédéralisé de diffusion vidéo par P2P directement dans le navigateur" -version = "6.0.2~ynh1" +version = "6.0.2~ynh2" maintainers = ["yalh76"] From 6a599a3699210652d588017b554fb60556799d87 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Sat, 30 Dec 2023 20:53:04 +0000 Subject: [PATCH 10/22] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c76b7dc..530efc8 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in PeerTube is a decentralized and federated video hosting software. To publish videos, the user must register with a host (called an instance). Each host has its own conditions of use (storage space per user, moderation rules, themes, etc.). Thanks to WebTorrent, if several people view the same video, fragments of it are exchanged between people so as not to overload the instance. Decentralized: Each instance can follow one or more other PeerTube instances in order to allow its users to view their videos. Federated: Via the ActivityPub protocol, Peertube can interact with other software that is part of the Fediverse, such as Mastodon for example. -**Shipped version:** 6.0.2~ynh1 +**Shipped version:** 6.0.2~ynh2 **Demo:** http://peertube.cpy.re diff --git a/README_fr.md b/README_fr.md index 294dcb1..f51ec39 100644 --- a/README_fr.md +++ b/README_fr.md @@ -19,7 +19,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po PeerTube est un logiciel décentralisé et fédéré d’hébergement de vidéos. Pour publier des vidéos, l’utilisateur doit s’inscrire chez un hébergeur (nommé instance). Chaque hébergeur possède ses conditions d’utilisation (espace de stockage par utilisateur, règles de modération, thématiques, etc.). Grâce à WebTorrent, si plusieurs personnes consultent une même vidéo, des fragments de celle-ci sont échangés entre les personnes afin de ne pas surcharger l’instance. Décentralisé : Chaque instance peut suivre une ou plusieurs autres instances PeerTube afin de permettre à ses utilisateurs de visionner les vidéos de celles-ci. Fédéré : Via le protocole ActivityPub, Peertube peut interagir avec d’autres logiciels qui font partie du Fediverse, comme Mastodon par exemple. -**Version incluse :** 6.0.2~ynh1 +**Version incluse :** 6.0.2~ynh2 **Démo :** http://peertube.cpy.re From 4922b8e30bf20f6a1c36ed8b4bf9a03077f9c5fc Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 31 Dec 2023 09:07:55 +0100 Subject: [PATCH 11/22] Update _common.sh --- scripts/_common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index f3cd2a7..92a1565 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,7 +4,7 @@ # COMMON VARIABLES #================================================= -nodejs_version=20 +nodejs_version=18 # Obtain the (empty string), __2, __3, cf the DB suffix in production.yaml... db_suffix="$(echo $app | sed 's/peertube//g')" From f377bdbd7391faeb1bfc7ebfb2085dc37ccc0d9a Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 31 Dec 2023 09:19:27 +0100 Subject: [PATCH 12/22] fix path --- conf/nginx.conf | 6 +++--- conf/production.yaml | 4 ++-- scripts/upgrade | 5 +++++ 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 5a13dec..9b320b1 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -169,7 +169,7 @@ location ~ ^/static/(thumbnails|avatars)/ { try_files $uri @api; } -location ~ ^(/static/(webseed|videos|streaming-playlists)/private/)|^/download { +location ~ ^(/static/(webseed|web-videos|streaming-playlists)/private/)|^/download { # We can't rate limit a try_files directive, so we need to duplicate @api proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; @@ -182,7 +182,7 @@ location ~ ^(/static/(webseed|videos|streaming-playlists)/private/)|^/download { } # Bypass PeerTube for performance reasons. Optional. -location ~ ^/static/(webseed|videos|redundancy|streaming-playlists)/ { +location ~ ^/static/(webseed|web-videos|redundancy|streaming-playlists)/ { limit_rate_after 5M; set $peertube_limit_rate 5M; @@ -218,7 +218,7 @@ location ~ ^/static/(webseed|videos|redundancy|streaming-playlists)/ { aio threads; # web-videos is the name of the directory mapped to the `storage.web_videos` key in your PeerTube configuration - rewrite ^/static/webseed/(.*)$ /videos/$1 break; + rewrite ^/static/webseed/(.*)$ /web-videos/$1 break; rewrite ^/static/(.*)$ /$1 break; root __DATA_DIR__/storage/; diff --git a/conf/production.yaml b/conf/production.yaml index 74ab8ce..c9109bf 100644 --- a/conf/production.yaml +++ b/conf/production.yaml @@ -141,7 +141,7 @@ storage: tmp_persistent: '__DATA_DIR__/storage/tmp-persistent/' # As tmp but the directory is not cleaned up between PeerTube restarts bin: '__DATA_DIR__/storage/bin/' avatars: '__DATA_DIR__/storage/avatars/' - web_videos: '__DATA_DIR__/storage/videos/' + web_videos: '__DATA_DIR__/storage/web-videos/' streaming_playlists: '__DATA_DIR__/storage/streaming-playlists/' redundancy: '__DATA_DIR__/storage/redundancy/' logs: '/var/log/__APP__/' @@ -212,7 +212,7 @@ object_storage: # Same settings but for web videos web_videos: - bucket_name: 'videos' + bucket_name: 'web-videos' prefix: '' base_url: '' diff --git a/scripts/upgrade b/scripts/upgrade index 5be713f..977e570 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -53,6 +53,11 @@ fi # Remove old log file ynh_secure_remove --file="$data_dir/logs" +# directory on filesystem must be renamed from videos/ to web-videos/ to represent the value of storage.web_videos +if [ -d "$data_dir/storage/videos" ]; then + mv $data_dir/storage/videos $data_dir/storage/web-videos +fi + #================================================= # STOP SYSTEMD SERVICE #================================================= From 60ee1934e67b1e6959b60c740a6b01fe9e6da284 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 31 Dec 2023 10:07:16 +0100 Subject: [PATCH 13/22] Update POST_INSTALL.md --- doc/POST_INSTALL.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/POST_INSTALL.md b/doc/POST_INSTALL.md index 312a2bf..064af63 100644 --- a/doc/POST_INSTALL.md +++ b/doc/POST_INSTALL.md @@ -4,7 +4,7 @@ To make PeerTube Live available, you also need to make the TCP port __PORT_RTMP__ available from internet (For example, opening the port on your ISP box if it's not automatically done). -To enable LDAP authentication, you should open [https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap](https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap) and complete with the following informations : +To enable LDAP authentication, you should open [https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap](https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap) and complete with the following informations: - URL: `ldap://127.0.0.1` - Insecure TLS: `checked` - Search base: `ou=users,dc=yunohost,dc=org` From b232aef49a2e40072a346b58b11b834e62279749 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 31 Dec 2023 10:13:48 +0100 Subject: [PATCH 14/22] Update install --- scripts/install | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/scripts/install b/scripts/install index bdb6a11..0a7678d 100644 --- a/scripts/install +++ b/scripts/install @@ -15,11 +15,15 @@ source /usr/share/yunohost/helpers admin_mail=$(ynh_user_get_info --username=$admin --key="mail") admin_pass=$(ynh_string_random --length=24) -ynh_app_setting_set --app=$app --key=admin_pass --value=$admin_pass secrets_peertube=$(ynh_string_random --length=24) -ynh_app_setting_set --app=$app --key=secrets_peertube --value=$secrets_peertube - redis_db=$(ynh_redis_get_free_db) + +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= + +ynh_app_setting_set --app=$app --key=admin_pass --value=$admin_pass +ynh_app_setting_set --app=$app --key=secrets_peertube --value=$secrets_peertube ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db" #================================================= From 158bd8a1fb393ad820028b360db0a6a533cdeb96 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 31 Dec 2023 10:20:32 +0100 Subject: [PATCH 15/22] cleaning --- scripts/remove | 8 +++++++- scripts/restore | 9 ++++++--- scripts/upgrade | 5 ++++- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/scripts/remove b/scripts/remove index d6a8c41..427536a 100644 --- a/scripts/remove +++ b/scripts/remove @@ -3,7 +3,13 @@ source _common.sh source /usr/share/yunohost/helpers -# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +#================================================= +# REMOVE SYSTEM CONFIGURATIONS +#================================================= +# REMOVE SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 + if ynh_exec_warn_less yunohost service status $app >/dev/null then ynh_script_progression --message="Removing $app service integration..." diff --git a/scripts/restore b/scripts/restore index 0e06b86..d3010c5 100644 --- a/scripts/restore +++ b/scripts/restore @@ -36,15 +36,18 @@ ynh_script_progression --message="Restoring the PostgreSQL database..." ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql -#================================================= -# SPECIFIC RESTORATION #================================================= # REINSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Reinstalling dependencies..." +ynh_script_progression --message="Reinstalling dependencies..." --weight=5 ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version +#================================================= +# RESTORE SYSTEM CONFIGURATIONS +#================================================= +ynh_script_progression --message="Restoring system configurations related to $app..." --weight=10 + ynh_script_progression --message="Reinstalling system configurations..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" diff --git a/scripts/upgrade b/scripts/upgrade index 5be713f..fe2ddc7 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -92,7 +92,10 @@ ynh_script_progression --message="Upgrading dependencies..." ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version -ynh_script_progression --message="Upgrading system configurations..." +#================================================= +# REAPPLY SYSTEM CONFIGURATIONS +#================================================= +ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config From bfbd6f96147e48ce5e57d8b20328b33fac710077 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 31 Dec 2023 10:25:46 +0100 Subject: [PATCH 16/22] remove not used packages --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 17815ba..7c2744a 100644 --- a/manifest.toml +++ b/manifest.toml @@ -69,7 +69,7 @@ ram.runtime = "1G" api.protected = true [resources.apt] - packages = "ffmpeg, postgresql, postgresql-contrib, openssl, g++, mailutils, apt-transport-https" + packages = "ffmpeg, postgresql, postgresql-contrib" extras.yarn.repo = "deb https://dl.yarnpkg.com/debian/ stable main" extras.yarn.key = "https://dl.yarnpkg.com/debian/pubkey.gpg" From 18ddea592de2dfc5dc56aee4917ea4e9e594a67e Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 31 Dec 2023 10:28:13 +0100 Subject: [PATCH 17/22] cleaning --- doc/ADMIN.md | 2 +- doc/ADMIN_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/ADMIN.md b/doc/ADMIN.md index 6fda198..855a896 100644 --- a/doc/ADMIN.md +++ b/doc/ADMIN.md @@ -1 +1 @@ -* Do not modify the `__INSTALL_DIR__/conf/production.yaml` file, because it will be overridden in the next upgrade. Please instead either change them though the web interface, which stores specific local settings in a separate configuration file. +Do not modify the `__INSTALL_DIR__/conf/production.yaml` file, because it will be overridden in the next upgrade. Please instead either change them though the web interface, which stores specific local settings in a separate configuration file. diff --git a/doc/ADMIN_fr.md b/doc/ADMIN_fr.md index 953aefb..43f96eb 100644 --- a/doc/ADMIN_fr.md +++ b/doc/ADMIN_fr.md @@ -1 +1 @@ -* Ne modifiez pas les paramètres dans le fichier `__INSTALL_DIR__/conf/production.yaml`, car il sera remplacé lors de la prochaine mise à niveau. Veuillez plutôt modifier la configuration via l'interface Web, qui stocke les paramètres locaux spécifiques dans un fichier de configuration distinct. \ No newline at end of file +Ne modifiez pas les paramètres dans le fichier `__INSTALL_DIR__/conf/production.yaml`, car il sera remplacé lors de la prochaine mise à niveau. Veuillez plutôt modifier la configuration via l'interface Web, qui stocke les paramètres locaux spécifiques dans un fichier de configuration distinct. \ No newline at end of file From 019ed06cbdb661cba5d6c320867d28980e2d0aff Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 31 Dec 2023 10:35:13 +0100 Subject: [PATCH 18/22] Update nginx.conf --- conf/nginx.conf | 45 ++++++++++----------------------------------- 1 file changed, 10 insertions(+), 35 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 9b320b1..af5d78f 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -19,19 +19,19 @@ location @api { proxy_pass http://127.0.0.1:__PORT__; } -location = /api/v1/videos/upload-resumable { - client_max_body_size 0; - proxy_request_buffering off; - - try_files /dev/null @api; -} - location / { try_files /dev/null @api; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; } +location ~ ^/api/v1/videos/(upload-resumable|([^/]+/source/replace-resumable))$ { + client_max_body_size 0; + proxy_request_buffering off; + + try_files /dev/null @api; +} + location ~ ^/api/v1/videos/(upload|([^/]+/studio/edit))$ { limit_except POST HEAD { deny all; } @@ -98,10 +98,9 @@ location ~ ^/plugins/[^/]+(/[^/]+)?/ws/ { root __DATA_DIR__/storage/; - # Enable compression for JS/CSS/HTML, for improved client load times. - # It might be nice to compress JSON/XML as returned by the API, but - # leaving that out to protect against potential BREACH attack. - +# Enable compression for JS/CSS/HTML, for improved client load times. +# It might be nice to compress JSON/XML as returned by the API, but +# leaving that out to protect against potential BREACH attack. # gzip on; gzip_vary on; gzip_types # text/html is always compressed by HttpGzipModule @@ -145,30 +144,6 @@ location ~ ^/client/(.*\.(js|css|png|svg|woff2|otf|ttf|woff|eot))$ { alias __INSTALL_DIR__/client/dist/$1; } -# Bypass PeerTube for performance reasons. Optional. -location ~ ^/static/(thumbnails|avatars)/ { - if ($request_method = 'OPTIONS') { - more_set_headers "Access-Control-Allow-Origin : *"; - more_set_headers "Access-Control-Allow-Methods : GET, OPTIONS"; - more_set_headers "Access-Control-Allow-Headers : Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type"; - more_set_headers "Access-Control-Max-Age : 1728000"; # Preflight request can be cached 20 days - more_set_headers "Content-Type : text/plain charset=UTF-8"; - more_set_headers "Content-Length : 0"; - return 204; - } - - more_set_headers "Access-Control-Allow-Origin : *"; - more_set_headers "Access-Control-Allow-Methods : GET, OPTIONS"; - more_set_headers "Access-Control-Allow-Headers : Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type"; - more_set_headers "Cache-Control : public, max-age=7200"; # Cache response 2 hours - - rewrite ^/static/(.*)$ /$1 break; - - root __DATA_DIR__/storage/; - - try_files $uri @api; -} - location ~ ^(/static/(webseed|web-videos|streaming-playlists)/private/)|^/download { # We can't rate limit a try_files directive, so we need to duplicate @api From c0dcccaaf6d40fde27b01bcef94016f94dec18f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 31 Dec 2023 12:23:25 +0100 Subject: [PATCH 19/22] Update upgrade --- scripts/upgrade | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/upgrade b/scripts/upgrade index 522c6c8..acddc60 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -89,6 +89,7 @@ fi chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" +chown -R $app:www-data "$data_dir" #================================================= # UPGRADE DEPENDENCIES From 806a4087e699d5cf3b9cb7f293a73975f26ca9db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 31 Dec 2023 12:24:56 +0100 Subject: [PATCH 20/22] Update upgrade --- scripts/upgrade | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/scripts/upgrade b/scripts/upgrade index acddc60..6516df3 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -169,6 +169,13 @@ if ynh_compare_current_package_version --comparison lt --version 4.2.0~ynh1; the popd fi +if ynh_compare_current_package_version --comparison lt --version 5.0.0~ynh1; then + ynh_script_progression --message="Running Peertube 5.0.0 migration script..." + pushd "$install_dir" + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_node dist/scripts/migrations/peertube-5.0.js + popd +fi + #================================================= # START SYSTEMD SERVICE #================================================= From ddccb1c559324ebcbf35fe7255ab01de745c8a37 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 31 Dec 2023 12:26:48 +0100 Subject: [PATCH 21/22] Update remove --- scripts/remove | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/remove b/scripts/remove index 427536a..72a9966 100644 --- a/scripts/remove +++ b/scripts/remove @@ -16,8 +16,6 @@ then yunohost service remove $app fi -ynh_script_progression --message="Removing system configurations related to $app..." - # Remove the dedicated systemd config ynh_remove_systemd_config From 5add4d41cbca541f4d36db4bd37c37c400985cb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 2 Jan 2024 20:45:57 +0100 Subject: [PATCH 22/22] Update upgrade --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index 6516df3..fe1e409 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -63,7 +63,7 @@ fi #================================================= ynh_script_progression --message="Stopping a systemd service..." -ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped" +ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" # In the past, the db was called peertube_peertube >_> if [[ "${db_name:-}" == "peertube_peertube" ]]