Add local PeerTube config.

[config] / buster / setup_scripts / setup_peertube.sh

#!/bin/sh
set -e

# Heavily inspired by
# <https://github.com/Chocobozzz/PeerTube/blob/develop/support/doc/production.md>
# and
# <https://github.com/Chocobozzz/PeerTube/blob/develop/support/doc/dependencies.md>

if [ "$#" -ne 2 ]; then
    echo 'Need domain name, mail_address as arguments.'
    false
fi
domain="$1"
mail="$2"

# Install dependencies, set up firewall.
config_tree_prefix="${HOME}/config/buster"
./install_for_target.sh peertube
./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web
nft -f /etc/nftables.conf

# Set up letsencrypt certificate. TODO: Is it auto-renewed?
ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
rm /etc/nginx/sites-enabled/default

# Get NodeJS. See
# <https://github.com/nodesource/distributions/blob/master/README.md>
curl -sL https://deb.nodesource.com/setup_10.x | bash -
apt-get install -y nodejs

# Get Yarn. See
# <https://classic.yarnpkg.com/en/docs/install#debian-stable>
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
apt update && apt install yarn

systemctl start redis postgresql

# Prepare user and DB.
useradd -m -d /var/www/peertube -s /bin/bash -p peertube peertube
db_pw=$(pwgen -s 100 1)
su postgres -lc "psql -c \"CREATE USER peertube WITH PASSWORD '${db_pw}';\""
su -l postgres -c 'createdb -O peertube -E UTF8 -T template0 peertube_prod'
su -l postgres -c 'psql -c "CREATE EXTENSION pg_trgm;" peertube_prod'
su -l postgres -c 'psql -c "CREATE EXTENSION unaccent;" peertube_prod'

# Install and configure PeerTube from latest version.
VERSION=$(curl -s https://api.github.com/repos/chocobozzz/peertube/releases/latest | grep tag_name | cut -d '"' -f 4) && echo "Latest Peertube version is $VERSION"
cd /var/www/peertube && su -l peertube -c "mkdir config storage versions && cd versions"
su -l peertube -c "wget -q 'https://github.com/Chocobozzz/PeerTube/releases/download/${VERSION}/peertube-${VERSION}.zip'"
su -l peertube -c "unzip peertube-${VERSION}.zip && rm peertube-${VERSION}.zip"
su -l peertube -c "ln -s peertube-${VERSION} ./peertube-latest"
su -l peertube -c "cd peertube-latest && yarn install --production --pure-lockfile"

# Configure PeerTube.
cp "${config_tree_prefix}/other_files/peertube_production.yaml" /var/www/peertube/config/production.yaml
cp "${config_tree_prefix}/other_files/peertube_db_password.yaml" /var/www/peertube/config/db_password.yaml
chown peertube:peertube /var/www/peertube/config/production.yaml
chown peertube:peertube /var/www/peertube/config/db_password.yaml
sed -i "s/admin\@example\.com/${mail}/g" config/production.yaml
sed -i "s/example\.com/${domain}/g" config/production.yaml
sed -i "s/password: 'REPLACE_ME'/password: '${db_pw}'/g" config/db_password.yaml

# Configure NGINX.
cp /var/www/peertube/peertube-latest/support/nginx/peertube /etc/nginx/sites-available/peertube
sed -i "s/peertube.example.com/${domain}/g" /etc/nginx/sites-available/peertube
ln -s /etc/nginx/sites-available/peertube /etc/nginx/sites-enabled/peertube

# Configure systemd and start PeerTube through it.
cp /var/www/peertube/peertube-latest/support/systemd/peertube.service /etc/systemd/system/
systemctl daemon-reload
systemctl enable peertube
systemctl start peertube

# Restart NGINX.
service nginx restart