PeerTube V3 Installation
1. Intro
PeerTube is a free and open-source, decentralized, federated video platform powered by ActivityPub and WebTorrent, that uses peer-to-peer technology to reduce load on individual servers when viewing videos.
Official Website: https://joinpeertube.org/
2. Background
PeerTube deployment with Docker is not that straightforward and convenient, so it is recommended to deploy it manually.
Environment: Ubuntu 20.04 LTS
3. Deployment
3.1 Dependencies
Install node.js and yarn
apt -y update
apt -y install build-essential gnupg curl unzip
curl -sL https://deb.nodesource.com/setup_10.x | bash -
apt -y install nodejs
npm i -g yarn
Install nginx/ffmpeg/postgresql/redis
apt -y install sudo git python-dev nginx ffmpeg postgresql postgresql-contrib redis-server
Enable auto-start of nginx/postgresql/redis
systemctl enable --now nginx postgresql redis-server
3.2 Set directory and database
Create a new user named “peertube”. Note that the user's home directory path is recommended to keep the same as below:
useradd -m -d /var/www/peertube -s /bin/bash peertube
Important: If you would like to change the user's home directory, there will be multiple places in the subsequent configuration that need to be modified. If you don't know how to change these configurations, it is recommended to keep the same as below.
Modify the password of this user
passwd peertube
Create a postgresql user and database
sudo -u postgres createuser -P peertube
sudo -u postgres createdb -O peertube -E UTF8 -T template0 peertube_prod
Note: After the first command is executed, you will be prompted to enter the password twice. If you get a report of directory permission problem, just ignore it.
3.3 Install PeerTube
Switch to the “peertube” user
su - peertube
Create the required directories, download and decompress the source code of peertube (check latest version yourself)
mkdir config storage versions && cd versions
wget https://github.com/Chocobozzz/PeerTube/releases/download/v3.0.0/peertube-v3.0.0.zip
unzip peertube-v3.0.0.zip
ln -s /var/www/peertube/versions/peertube-v3.0.0 ../peertube-latest
Install PeerTube
cd ../peertube-latest
yarn install --production --pure-lockfile
3.4 Config PeerTube
Copy 2 configuration files
cp config/default.yaml /var/www/peertube/config/default.yaml
cp config/production.yaml.example /var/www/peertube/config/production.yaml
Edit production.yaml
nano /var/www/peertube/config/production.yaml
There are lots of configurations that can be set. I will only explain the configurations that MUST be set. Other configurations can be set on the web interface:
webserver:
https: true
hostname: 'peertube.example.com' # your domain
port: 443
database:
hostname: 'localhost'
port: 5432
ssl: false
suffix: '_prod'
username: 'peertube'
password: 'password' # your postgresql password
pool:
max: 5
admin:
email: 'yourname@youremail.ltd' # your email
Switch back to root user
su - root
Copy a configuration file for kernel tuning
cp /var/www/peertube/peertube-latest/support/sysctl.d/30-peertube-tcp.conf /etc/sysctl.d/
Apply the settings in the configuration file
sysctl -p /etc/sysctl.d/30-peertube-tcp.conf
3.5 Config Nginx
Copy a Nginx configuration file
cp /var/www/peertube/peertube-latest/support/nginx/peertube /etc/nginx/conf.d/peertube.conf
Edit peertube.conf
nano /etc/nginx/conf.d/peertube.conf
Since there is too much content in this configuration file, here I only point out the places to be set. First, the domain name here
server {
listen 80;
listen [::]:80;
server_name peertube.example.com; # your domain
Then delete this configuration
...
location /.well-known/acme-challenge/ {
default_type "text/plain";
root /var/www/certbot;
}
Then the upstream address and port here are changed to the following
upstream backend {
server 127.0.0.1:9000;
}
Change the domain name here also:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name peertube.example.com; # your domain
Finally delete this large section of configuration
...
ssl_certificate /etc/letsencrypt/live/${WEBSERVER_HOST}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${WEBSERVER_HOST}/privkey.pem;
location ^~ '/.well-known/acme-challenge' {
default_type "text/plain";
root /var/www/certbot;
}
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256; # add ECDHE-RSA-AES256-SHA if you want compatibility with Android 4
ssl_session_timeout 1d; # defaults to 5m
ssl_session_cache shared:SSL:10m; # estimated to 40k sessions
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
Test whether the configuration of nginx is OK
nginx -t
If everything goes well, use certbot to issue ssl certificate
certbot --nginx
3.6 Run PeerTube
Copy a systemd configuration file
cp /var/www/peertube/peertube-latest/support/systemd/peertube.service /etc/systemd/system/
Start and set peertube to start automatically
systemctl enable --now peertube
Check the running status to make sure it is Active
systemctl status peertube
Since PeerTube’s default administrator password is stored in the log, if you don’t want to read the log, you can directly reset it with the following command (admin user name is “root”)
su - peertube
cd peertube-latest && NODE_CONFIG_DIR=/var/www/peertube/config NODE_ENV=production npm run reset-password -- -u root
4. More Info
PeerTube Documentation: https://docs.joinpeertube.org/
Copyright statement: Unless otherwise stated, all articles on this blog adopt the CC BY-NC-SA 4.0 license agreement. For non-commercial reprints and citations, please indicate the author: Henry, and original article URL. For commercial reprints, please contact the author for authorization.