well it wasnt painless but i got it working.
for anyone else going through the same scenario as i am. the key is that, the docker compose file must be using the container name of the db in the env file. as such:
ALSO the webhost port must be DISABLED in the env file. the port redirection is handled by nginx. so going to domain.name already goes to 9000 (or whatever you have set in the compose file and nginx)
this is my compose file:
services:
# You can comment this webserver section if you want to use another webserver/proxy or test PeerTube in local
# webserver:
# image: chocobozzz/peertube-webserver:latest
# # If you don't want to use the official image and build one from sources:
# # build:
# # context: .
# # dockerfile: ./support/docker/production/Dockerfile.nginx
# env_file:
# - .env
# ports:
# - "800:80"
# - "4433:443"
# volumes:
# - type: bind
# # Switch sources if you downloaded the whole repository
# #source: ../../nginx/peertube
# source: ./docker-volume/nginx/peertube.file
# target: /etc/nginx/conf.d/peertube.template
# - assets:/var/www/peertube/peertube-latest/client/dist:ro
# - ./docker-volume/data:/var/www/peertube/storage
# - certbot-www:/var/www/certbot
# - ./docker-volume/certbot/conf:/etc/letsencrypt
# depends_on:
# - peertube
# restart: "always"
# You can comment this certbot section if you want to use another webserver/proxy or test PeerTube in local
# certbot:
# container_name: certbot
# image: certbot/certbot
# volumes:
# - ./docker-volume/certbot/conf:/etc/letsencrypt
# - certbot-www:/var/www/certbot
# restart: unless-stopped
# entrypoint: /bin/sh -c "trap exit TERM; while :; do certbot renew --webroot -w /var/www/certbot; sleep 12h & wait $${!}; done;"
# depends_on:
# - webserver
peertube:
# If you don't want to use the official image and build one from sources:
# build:
# context: .
# dockerfile: ./support/docker/production/Dockerfile.bookworm
image: chocobozzz/peertube:production-bookworm
# Use a static IP for this container because nginx does not handle proxy host change without reload
# This container could be restarted on crash or until the postgresql database is ready for connection
#networks:
#default:
#ipv4_address: 172.26.0.20
#ipv6_address: fdab:e4b3:21a2:ef1b::42
env_file:
- stack.env
#ports:
#- "1935:1935" # Comment if you don't want to use the live feature
#- "9000:9000" # Uncomment if you use another webserver/proxy or test PeerTube in local, otherwise not suitable for production
volumes:
# Remove the following line if you want to use another webserver/proxy or test PeerTube in local
# - assets:/app/client/dist
- /home/kireek/docker/feditubo/docker-volume/data:/data
- /home/kireek/docker/feditubo/docker-volume/config:/config
depends_on:
- postgres
- redis
- postfix
restart: "always"
postgres:
image: postgres:13-alpine
env_file:
- stack.env
volumes:
- /home/kireek/docker/feditubo/docker-volume/db:/var/lib/postgresql/data
restart: "always"
redis:
image: redis:6-alpine
volumes:
- /home/kireek/docker/feditubo/docker-volume/redis:/data
restart: "always"
postfix:
image: mwader/postfix-relay
env_file:
- stack.env
volumes:
- /home/kireek/docker/feditubo/docker-volume/opendkim/keys:/etc/opendkim/keys
restart: "always"
networks:
default:
external: true
name: ext
enable_ipv6: false
#ipam:
#driver: default
#config:
#- subnet: 172.26.0.0/16
#- subnet: fdab:e4b3:21a2:ef1b::/64
and my env file:
POSTGRES_USER=safeusername
POSTGRES_PASSWORD=safepassword
POSTGRES_DB=peertube
PEERTUBE_DB_NAME=peertube
PEERTUBE_DB_USERNAME=safeusername
PEERTUBE_DB_PASSWORD=safepassword
PEERTUBE_DB_SSL=false
PEERTUBE_DB_HOSTNAME=feditubo-postgres-1
PEERTUBE_WEBSERVER_HOSTNAME=domain.name
PEERTUBE_WEBSERVER_HTTPS=true
PEERTUBE_SECRET=somecoolsecret
PEERTUBE_SMTP_USERNAME=somecool@email
PEERTUBE_SMTP_PASSWORD=anevencoolerpassword
PEERTUBE_SMTP_HOSTNAME=smtpserver
PEERTUBE_SMTP_PORT=smtpport
PEERTUBE_SMTP_FROM=somecool@email
PEERTUBE_SMTP_TLS=false
PEERTUBE_SMTP_DISABLE_STARTTLS=false
PEERTUBE_ADMIN_EMAIL=somecool@email
POSTFIX_myhostname=domain.name
OPENDKIM_DOMAINS=domain.name=peertube
OPENDKIM_RequireSafeKeys=no
PEERTUBE_OBJECT_STORAGE_UPLOAD_ACL_PUBLIC="public-read"
PEERTUBE_OBJECT_STORAGE_UPLOAD_ACL_PRIVATE="private"
everythin on the same docker network, nginx and peertube. no need for port exposure. my nginx looks like this:
and the application works. I can login, no error messages either on the UI on the docker logs.