diff --git a/bin/secretGen.sh b/bin/secretGen.sh index 084c050..b5f0252 100755 --- a/bin/secretGen.sh +++ b/bin/secretGen.sh @@ -30,12 +30,12 @@ while read line ; do sed "s%\(.*\)--clean_val--\(.*\)%\1${JIRAFEAU_DIR}\2%" <<< ${line} continue ;; - *DATABASE*) + *DATABASE*|*DB_NAME*) dbName="$(sed "s/\([^_]*\)_.*/\1/" <<< ${line})_$(apg -n 1 -m 2 -M NCL | cut -c 1-2)" sed "s/\(.*\)--clean_val--\(.*\)/\1${dbName}\2/" <<< ${line} continue ;; - *ROOT_PASSWORD*|*PASSWORD*) + *ROOT_PASSWORD*|*PASSWORD*|*SECRET*) pass="$(apg -n 1 -m 16 -M NCL)" sed "s/\(.*\)--clean_val--\(.*\)/\1${pass}\2/" <<< ${line} continue diff --git a/bin/updateDockerPassword.sh b/bin/updateDockerPassword.sh index b5130c4..32e0769 100755 --- a/bin/updateDockerPassword.sh +++ b/bin/updateDockerPassword.sh @@ -114,6 +114,8 @@ updateEnv "mobilizon" "${KAZ_KEY_DIR}/env-${mobilizonDBName}" updateEnv "vaultwarden" "${KAZ_KEY_DIR}/env-${vaultwardenServName}" updateEnv "castopod" "${KAZ_KEY_DIR}/env-${castopodServName}" updateEnv "ldap" "${KAZ_KEY_DIR}/env-${ldapUIName}" +updateEnv "peertube" "${KAZ_KEY_DIR}/env-${peertubeServName}" +updateEnv "peertube" "${KAZ_KEY_DIR}/env-${peertubeDBName}" "${peertubeDBName}" framadateUpdate diff --git a/dockers/peertube/docker-compose.yml b/dockers/peertube/docker-compose.yml new file mode 100644 index 0000000..644ccd2 --- /dev/null +++ b/dockers/peertube/docker-compose.yml @@ -0,0 +1,84 @@ +services: + + webserver: + image: chocobozzz/peertube-webserver:latest + restart: ${restartPolicy} + depends_on: + - peertube + networks: + - peertubeNet + #ports: + #- "80:80" + #- "443:443" + volumes: + - assets:/var/www/peertube/peertube-latest/client/dist:ro + - data:/var/www/peertube/storage + env_file: + - ../../secret/env-${peertubeServName} + labels: + - "traefik.enable=true" + - "traefik.http.routers.${peertubeServName}.rule=Host(`${peertubeHost}.${domain}`)" + - "traefik.docker.network=peertubeNet" + + peertube: + image: chocobozzz/peertube:production-bookworm + container_name: ${peertubeServName} + restart: ${restartPolicy} + depends_on: + - postgres + - redis + networks: + - peertubeNet + volumes: + # Remove the following line if you want to use another webserver/proxy or test PeerTube in local + - assets:/app/client/dist + - data:/data + - config:/config + env_file: + - ../../secret/env-${peertubeServName} + labels: + - "traefik.enable=true" + - "traefik.http.routers.${peertubeServName}.rule=Host(`${peertubeHost}.${domain}`)" + - "traefik.docker.network=peertubeNet" + - "traefik.http.services.${peertubeServName}.loadbalancer.server.port=9000" + #traefik.frontend.rule: "Host:videos.kaz.bzh" + #traefik.port: "9000" + # traefik.frontend.redirect.entryPoint: https + + postgres: + image: postgres:13-alpine + container_name: ${peertubeDBName} + restart: ${restartPolicy} + networks: + - peertubeNet + volumes: + - db:/var/lib/postgresql/data + env_file: + - ../../secret/env-${peertubeDBName} + labels: + traefik.enable: "false" + + redis: + image: redis:6-alpine + container_name: peertubeCache + restart: ${restartPolicy} + networks: + - peertubeNet + env_file: + - ../../secret/env-${peertubeServName} + volumes: + - redis:/data + labels: + traefik.enable: "false" + +volumes: + assets: + data: + config: + db: + redis: + +networks: + peertubeNet: + external: true + name: peertubeNet diff --git a/dockers/traefik/docker-compose.tmpl.yml.dist b/dockers/traefik/docker-compose.tmpl.yml.dist index 50e71a8..3cf23d4 100644 --- a/dockers/traefik/docker-compose.tmpl.yml.dist +++ b/dockers/traefik/docker-compose.tmpl.yml.dist @@ -101,6 +101,9 @@ services: {{mastodon - mastodonNet }} +{{peertube + - peertubeNet +}} #### BEGIN ORGA USE_NET #### END ORGA USE_NET @@ -209,6 +212,11 @@ networks: external: true name: mastodonNet }} +{{peertube + peertubeNet: + external:true + name:peertubeNet +}} #### BEGIN ORGA DEF_NET diff --git a/secret.tmpl/SetAllPass.sh b/secret.tmpl/SetAllPass.sh index 3b32cb0..33cdd8f 100755 --- a/secret.tmpl/SetAllPass.sh +++ b/secret.tmpl/SetAllPass.sh @@ -303,7 +303,43 @@ castopod_CP_EMAIL_SMTP_PASSWORD= castopod_CP_EMAIL_FROM=noreply@${domain} castopod_CP_EMAIL_SMTP_CRYPTO=tls - ###################### +##################### +# Peertube +peertube_POSTGRES_USER="--clean_val--" +peertube_POSTGRES_PASSWORD="--clean_val--" +peertube_PEERTUBE_DB_NAME="--clean_val--" + +peertube_PEERTUBE_DB_USERNAME="${peertube_POSTGRES_USER}" +peertube_PEERTUBE_DB_PASSWORD="${peertube_POSTGRES_PASSWORD}" +peertube_PEERTUBE_DB_SSL=false +peertube_PEERTUBE_DB_HOSTNAME="${peertubeDBName}" +peertube_PEERTUBE_WEBSERVER_HOSTNAME="${peertubeHost}.${domain}" +peertube_PEERTUBE_TRUST_PROXY="['10.0.0.0/8', '127.0.0.1', 'loopback', '172.18.0.0/16']" + +peertube_PEERTUBE_SECRET="--clean_val--" +peertube_PT_INITIAL_ROOT_PASSWORD="--clean_val--" + +#peertube_PEERTUBE_SMTP_USERNAME= +#peertube_PEERTUBE_SMTP_PASSWORD= +# Default to Postfix service name "postfix" in docker-compose.yml +# May be the hostname of your Custom SMTP server +peertube_PEERTUBE_SMTP_HOSTNAME= +peertube_PEERTUBE_SMTP_PORT=25 +peertube_PEERTUBE_SMTP_FROM= +peertube_PEERTUBE_SMTP_TLS=false +peertube_PEERTUBE_SMTP_DISABLE_STARTTLS=false +peertube_PEERTUBE_ADMIN_EMAIL= +peertube_POSTFIX_myhostname= +#peertube_OPENDKIM_DOMAINS=peertube +peertube_OPENDKIM_RequireSafeKeys=no + +peertube_PEERTUBE_OBJECT_STORAGE_UPLOAD_ACL_PUBLIC="public-read" +peertube_PEERTUBE_OBJECT_STORAGE_UPLOAD_ACL_PRIVATE="private" + +###################### +peertube_POSTGRES_DB="${peertube_PEERTUBE_DB_NAME}" + +###################### # SNAPPYMAIL # Url https://snappymail.${domain}/?admin # au premier lancement un mot de passe est généré en aut par l' appli dans le