From 10293080558a3ac97df2d31f46b9a3e3ffb43504 Mon Sep 17 00:00:00 2001 From: Christian Heller <c.heller@plomlompom.de> Date: Mon, 10 Feb 2020 20:08:32 +0100 Subject: [PATCH] Add PeerTube setup script. --- buster/setup_scripts/setup_peertube.sh | 72 ++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 buster/setup_scripts/setup_peertube.sh diff --git a/buster/setup_scripts/setup_peertube.sh b/buster/setup_scripts/setup_peertube.sh new file mode 100644 index 0000000..77c9302 --- /dev/null +++ b/buster/setup_scripts/setup_peertube.sh @@ -0,0 +1,72 @@ +#!/bin/sh +set -e +set -x +# Heavily inspired by +# <https://github.com/Chocobozzz/PeerTube/blob/develop/support/doc/production.md> +# and +# <https://github.com/Chocobozzz/PeerTube/blob/develop/support/doc/dependencies.md> + +if [ "$#" -ne 2 ]; then + echo 'Need domain name, mail_address as arguments.' + false +fi +domain="$1" +mail="$2" + +# Install dependencies, set up firewall. +config_tree_prefix="${HOME}/config/buster" +./install_for_target.sh peertube +./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web +nft -f /etc/nftables.conf + +# Set up letsencrypt certificate. TODO: Is it auto-renewed? +ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default +certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}" +rm /etc/nginx/sites-enabled/default + +# Get NodeJS. See +# <https://github.com/nodesource/distributions/blob/master/README.md> +curl -sL https://deb.nodesource.com/setup_10.x | bash - +apt-get install -y nodejs + +# Get Yarn. See +# <https://classic.yarnpkg.com/en/docs/install#debian-stable> +curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - +echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list +apt update && apt install yarn + +systemctl start redis postgresql + +# Prepare user and DB. +useradd -m -d /var/www/peertube -s /bin/bash -p peertube peertube +db_pw=$(pwgen -s 100 1) +su postgres -lc "psql -c \"CREATE USER peertube WITH PASSWORD '${db_pw}';\"" +su -l postgres -c 'createdb -O peertube -E UTF8 -T template0 peertube_prod' +su -l postgres -c 'psql -c "CREATE EXTENSION pg_trgm;" peertube_prod' +su -l postgres -c 'psql -c "CREATE EXTENSION unaccent;" peertube_prod' + +# Install and configure PeerTube from latest version. +VERSION=$(curl -s https://api.github.com/repos/chocobozzz/peertube/releases/latest | grep tag_name | cut -d '"' -f 4) && echo "Latest Peertube version is $VERSION" +cd /var/www/peertube && su -l peertube -c "mkdir config storage versions && cd versions" +su -l peertube -c "wget -q 'https://github.com/Chocobozzz/PeerTube/releases/download/${VERSION}/peertube-${VERSION}.zip'" +su -l peertube -c "unzip peertube-${VERSION}.zip && rm peertube-${VERSION}.zip" +su -l peertube -c "ln -s peertube-${VERSION} ./peertube-latest" +su -l peertube -c "cd peertube-latest && yarn install --production --pure-lockfile" + +# Configure PeerTube. +cd /var/www/peertube && su -l peertube -c "cp peertube-latest/config/production.yaml.example config/production.yaml" +sed -i "s/admin\@example\.com/${mail}/g" config/production.yaml +sed -i "s/example\.com/${domain}/g" config/production.yaml +sed -i "s/password: 'peertube'/password: '${db_pw}'/g" config/production.yaml + +# Configure NGINX. +cp /var/www/peertube/peertube-latest/support/nginx/peertube /etc/nginx/sites-available/peertube +sed -i "s/peertube.example.com/${domain}/g" /etc/nginx/sites-available/peertube +ln -s /etc/nginx/sites-available/peertube /etc/nginx/sites-enabled/peertube +service nginx restart + +# Configure systemd and start PeerTube through it. +cp /var/www/peertube/peertube-latest/support/systemd/peertube.service /etc/systemd/system/ +systemctl daemon-reload +systemctl enable peertube +systemctl start peertube -- 2.30.2