Install buster #1
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -5,7 +5,94 @@ peertube_version: v1.0.0-beta.3 | |
| peertube_user_path: /var/www/peertube | ||
| peertube_proxy_handle_https: no | ||
| peertube_proxy_ips: [] | ||
| peertube_dbuser_password: "{{ lookup('password', 'credentials/peertube/db-' + inventory_hostname) }}" | ||
| peertube_user_password_hashed: "{{ lookup('password', 'credentials/peertube/user-' + inventory_hostname) |password_hash('sha512') }}" | ||
| peertube_web_admin_password: "{{ lookup('password', 'credentials/peertube/web-admin-' + inventory_hostname) }}" | ||
| peertube_admin_email: '[email protected]' | ||
| peertube_dbuser: peertube | ||
| peertube_theme: default | ||
| #Version 9 from Stretch and 12 from Buster | ||
| peertube_nodejs_version: 12 | ||
| peertube_listen: | ||
| hostname: localhost | ||
| port: 9000 | ||
|
|
||
| peertube_webserver: | ||
| https: true | ||
| hostname: '{{ inventory_hostname }}' | ||
| port: 443 | ||
|
|
||
| peertube_database: | ||
| hostname: 'localhost' | ||
| port: 5432 | ||
| ssl: false | ||
| suffix: '_prod' | ||
| username: '{{ peertube_dbuser }}' | ||
| password: '{{ peertube_dbuser_password }}' | ||
| pool: | ||
| max: 5 | ||
|
|
||
| peertube_storage: | ||
| tmp: '/tmp/' | ||
| avatars: '/avatars/' | ||
| videos: '/videos/' | ||
| streaming_playlists: '/streaming_playlists/' | ||
| redundancy: '/redundancy/' | ||
| logs: '/logs/' | ||
| previews: '/previews/' | ||
| thumbnails: '/thumbnails/' | ||
| torrents: '/torrents/' | ||
| captions: '/captions/' | ||
| cache: '/cache/' | ||
| plugins: '/plugin/' | ||
| client_overrides: '/client_overrides/' | ||
|
|
||
| peertube_settings_ldap: | ||
andrespias marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| # url: "ldaps://ldap.com.yy:636" | ||
| # weight: "100" | ||
| # bind-dn: "cn=admin,ou=group,dc=ldap,dc=com,dc=yy" | ||
| # custom-ca: "" | ||
| # search-base: "ou=group,dc=ldap,dc=com,dc=yy" | ||
| # group-filter: !unsafe "(member={{dn}})" | ||
| # insecure-tls: false | ||
| # mail-property: "mail" | ||
| # search-filter: !unsafe "(cn={{username}})" | ||
| # bind-credentials: "xxxxx" | ||
| # username-property: "cn" | ||
|
|
||
| peertube_instance: | ||
| name: 'Peertube' | ||
| short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.' | ||
| description: 'Welcome to this PeerTube instance!' | ||
| terms: 'No terms for now.' | ||
| code_of_conduct: | ||
| creation_reason: '' | ||
| administrator: '' | ||
| maintenance_lifetime: '' | ||
| moderation_information: '' | ||
| business_model: '' | ||
| hardware_information: '' | ||
|
|
||
| peertube_live: | ||
| enabled: true | ||
| max_duration: -1 | ||
| max_instance_lives: 20 | ||
| max_user_lives: 3 | ||
| allow_replay: true | ||
| rtmp: | ||
| port: 1935 | ||
| transcoding: | ||
| enabled: true | ||
| threads: 2 | ||
| resolutions: | ||
| very_small: false #240p | ||
| small: false #360p | ||
| normal: false #480p | ||
| standard: false #720p | ||
| hd: false #1080p | ||
| full_hd: false #2160p | ||
|
|
||
| peertube_plugins: | ||
andrespias marked this conversation as resolved.
Show resolved
Hide resolved
There was a problem hiding this comment. The default value should be |
||
| - NODE_CONFIG_DIR={{ peertube_user_path }}/config NODE_ENV=production npm run plugin:install -- --npm-name peertube-plugin-auth-ldap | ||
| - NODE_CONFIG_DIR={{ peertube_user_path }}/config NODE_ENV=production npm run plugin:install -- --npm-name peertube-plugin-bittube-logo-favicon | ||
| - NODE_CONFIG_DIR={{ peertube_user_path }}/config NODE_ENV=production npm run plugin:install -- --npm-name peertube-theme-noussommes | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| {install_date: 'Mon May 3 18:36:23 2021', version: install_buster} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
|
|
||
| - name: Install certbot | ||
| apt: | ||
| pkg: python-certbot-nginx | ||
| state: latest | ||
| register: certbot_installed | ||
| when: peertube_proxy_handle_https != 'yes' | ||
|
|
||
| - name: Install Letsencrypt certificate | ||
| shell: | | ||
| certbot certonly -n \ | ||
| --authenticator standalone \ | ||
| --installer nginx \ | ||
| -d {{ peertube_tld }} \ | ||
| -m {{ peertube_admin_email }} \ | ||
| --agree-tos \ | ||
| --pre-hook "systemctl stop nginx" \ | ||
| --post-hook "systemctl start nginx" | ||
| when: | ||
| - certbot_installed is changed | ||
| - peertube_proxy_handle_https != 'yes' | ||
|
|
||
| - name: Insert Let's encrypt certificates in nginx | ||
| blockinfile: | ||
| dest: /etc/nginx/sites-available/peertube | ||
| marker: " # {mark} let's encrypt configuration" | ||
| block: |2- | ||
| ssl_certificate /etc/letsencrypt/live/{{ peertube_tld }}/cert.pem; | ||
|
There was a problem hiding this comment. We must to use |
||
| ssl_certificate_key /etc/letsencrypt/live/{{ peertube_tld }}/privkey.pem; | ||
| insertbefore: ".*# Security hardening.*" | ||
| state: present | ||
| when: peertube_proxy_handle_https != 'yes' | ||
| notify: reload nginx | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,119 @@ | ||
|
|
||
| - name: Add peertube user | ||
| user: | ||
| name: peertube | ||
| home: "{{ peertube_user_path }}" | ||
| shell: /bin/bash | ||
| password: "{{ peertube_user_password_hashed }}" | ||
|
|
||
| - name: Create required directories | ||
| file: | ||
| path: "{{ peertube_user_path }}/{{ item }}" | ||
| state: directory | ||
| owner: peertube | ||
| group: peertube | ||
| mode: 0755 | ||
| with_items: | ||
andrespias marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| - config | ||
| - storage | ||
| - versions | ||
|
|
||
| - stat: path={{ peertube_user_path }}/versions/peertube-{{ peertube_version }} | ||
| register: peertube_version_dir | ||
|
|
||
| - name: Download and extract Peertube | ||
| unarchive: | ||
| src: "https://github.com/Chocobozzz/PeerTube/releases/download/{{ peertube_version }}/peertube-{{ peertube_version }}.zip" | ||
| dest: "{{ peertube_user_path }}/versions" | ||
| remote_src: yes | ||
| owner: peertube | ||
| group: peertube | ||
| when: peertube_version_dir.stat.exists == False | ||
| register: fresh_install | ||
|
|
||
| - stat: path={{ peertube_user_path }}/peertube-latest | ||
| register: peertube_latest_dir | ||
|
|
||
| - name: Create symlink peertube-latest | ||
| file: | ||
| src: "{{ peertube_user_path }}/versions/peertube-{{ peertube_version }}" | ||
| dest: "{{ peertube_user_path }}/peertube-latest" | ||
| state: link | ||
| owner: peertube | ||
| group: peertube | ||
| when: peertube_latest_dir.stat.exists == False | ||
|
|
||
| - name: Change owner of all peertube directories # seems setting owner on unarchive is not enough… | ||
| file: | ||
| path: "{{ peertube_user_path }}" | ||
| owner: peertube | ||
| group: peertube | ||
| recurse: yes | ||
|
|
||
| - name: Copy configuration peertube | ||
| template: | ||
| src: "production.yaml.j2" | ||
| dest: '{{ peertube_user_path }}/config/production.yaml' | ||
| owner: peertube | ||
| group: peertube | ||
| mode: 0644 | ||
| notify: | ||
| - restart peertube daemon | ||
|
|
||
| - name: Display all variables/facts known for a host | ||
| debug: | ||
| var: peertube_plugins | ||
| verbosity: 4 | ||
|
|
||
| - name: Install Stretch backports repo | ||
| apt_repository: | ||
| repo: deb http://ftp.debian.org/debian stretch-backports main | ||
| state: present | ||
| when: | ||
| - (ansible_distribution_major_version == "9") | ||
| register: backports_installed | ||
|
|
||
| - name: Change apt_preference | ||
| copy: | ||
| content: 'APT::Default-Release "stable";' | ||
| dest: /etc/apt/apt.conf.d/99apt_default | ||
| mode: 644 | ||
| when: backports_installed is changed | ||
|
|
||
| - name: Install Peertube daemon | ||
| template: | ||
| src: peertube.service | ||
| dest: /etc/systemd/system/ | ||
| notify: | ||
| - install peertube daemon | ||
|
|
||
| - name: Update dependencies | ||
| become: true | ||
| become_user: peertube | ||
| shell: '{{ item }}' | ||
| with_items: | ||
andrespias marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| - cd "{{ peertube_user_path }}/peertube-latest" && npm install | ||
| - cd "{{ peertube_user_path }}/peertube-latest/client" && npm install | ||
| - cd "{{ peertube_user_path }}/peertube-latest" && yarn install --production --pure-lockfile | ||
| - cd "{{ peertube_user_path }}/peertube-latest/client" && yarn install --pure-lockfile | ||
|
|
||
| - name: Install plugins npm package | ||
| become: true | ||
| become_user: peertube | ||
| shell: cd {{ peertube_user_path }}/peertube-latest && {{ item }} | ||
| with_items: "{{ peertube_plugins }}" | ||
andrespias marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| - name: Copy script | ||
andrespias marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| template: | ||
| src: "enabledLDAP.sql" | ||
| dest: /tmp/enabledLDAP.sql | ||
| owner: postgres | ||
| mode: 0755 | ||
| when: peertube_ldap is defined | ||
|
|
||
| - name: Add user and Enabled LDAP | ||
andrespias marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| become: yes | ||
| become_user: postgres | ||
| command: psql -d peertube_prod -U postgres -f '/tmp/enabledLDAP.sql' | ||
| when: peertube_ldap is defined | ||
| notify: restart peertube daemon | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| --- | ||
|
|
||
| # Configure nodejs | ||
andrespias marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| - name: Install NodeJS apt key | ||
| apt_key: | ||
| url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key | ||
| state: present | ||
|
|
||
| - name: Add NodeJS apt repository | ||
| apt_repository: | ||
| repo: deb https://deb.nodesource.com/node_"{{ peertube_nodejs_version }}".x "{{ ansible_distribution_release }}" main | ||
| state: present | ||
| filename: nodesource | ||
|
|
||
| - name: Install NodeJS | ||
| apt: | ||
| update_cache: yes | ||
| pkg: nodejs | ||
| state: present | ||
|
|
||
| - name: Install Yarn apt key | ||
| apt_key: | ||
| url: https://dl.yarnpkg.com/debian/pubkey.gpg | ||
| state: present | ||
|
|
||
| - name: Add Yarn apt repo | ||
| apt_repository: | ||
| repo: deb https://dl.yarnpkg.com/debian/ stable main | ||
| state: present | ||
| filename: yarn | ||
|
|
||
| - name: Install dependencies | ||
| apt: | ||
| name: '{{ item }}' | ||
| state: latest | ||
| with_items: | ||
andrespias marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| - curl | ||
| - sudo | ||
| - unzip | ||
| - vim | ||
| - nginx | ||
| - ffmpeg | ||
| - postgresql | ||
| - openssl | ||
| - g++ | ||
| - make | ||
| - redis-server | ||
| - git | ||
| - python-psycopg2 | ||
| - build-essential | ||
| - apt-transport-https | ||
| - python-ruamel.yaml | ||
| - yarn | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unsed variable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
peertube_user_path aquí
peertube_proxy_handle_https aquí
peertube_proxy_ips now changes peertube_trust_proxy aquí with default loopback value.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is necessary the name changing?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, the name is defined like this in the configuration file here.