IPv6 & Docker/k3s

I am not able to start Peertube on a IPv6 only network.

[peertube.XXXXXX.XX:443] 2024-08-06 09:54:46.065 error: Error in job worker activitypub-cleaner. {
« err »: {
« stack »: « Error: getaddrinfo ENOTFOUND peertube-redis\n at GetAddrInfoReqWrap.onlookup [as oncomplete] (node:dns:107:26) »,
« message »: « getaddrinfo ENOTFOUND peertube-redis »,
« errno »: -3007,
« code »: « ENOTFOUND »,
« syscall »: « getaddrinfo »,
« hostname »: « peertube-redis »
}

Seems Peertube can’t connect to your redis server.
What’s the server you have configured in production.yaml. If you have set 127.0.0.1, try ::1 instead. And same for your postgresql database.

1 Like

Thanks.

tried ::, ::1 and [::] in …/config/production.yaml:

listen:
hostname: ‹ [::] ›
port: 9000

database:
hostname: ‹ peertube-db › → works…
port: 5432

redis:
hostname: ‹ peertube-redis › → error
port: 6379

Same error with Mastodon (IPv6 node.js · Issue #31199 · mastodon/mastodon · GitHub)

For the redis.hostname config key?

Is your redis server running? (systemctl status redis)

Can you connect to it using redis-cli? (just run redis-cli in a terminal)

Does 127.0.0.1 resolve on the server? (try for example ping 127.0.0.1). I guess it should work, even if you have no ipv4 network.

Maybe there are some configuration to do for the redis server to listen on ipv6 adress.

This work around helps to run redis: set IPv6 adress instead of pod name (see also IPv6 only · Issue #31395 · mastodon/mastodon · GitHub)

listen:
# hostname: '[::]'
hostname: '::1'
# hostname: '::'
port: 9000

# Redis server for short time storage
# You can also specify a 'socket' path to a unix socket but first need to
# set 'hostname' and 'port' to null
redis:
# hostname: 'peertube-redis'
hostname: 'XXXX:XXXX:XXXX:XXXX:XXXX::XXXX'
port: 6379
auth: null # Used by both standalone and sentinel
db: 0
sentinel:
enabled: false
enable_tls: false
master_name: ''
sentinels:
- hostname: ''
port: 26379

But the Peertube instance is not reachable:

[peertube.XXXXXXX.XXX:443] 2024-09-13 13:36:35.409 info: Using following configuration file hierarchy: /config/production.yaml.
[peertube.XXXXXXX.XXX:443] 2024-09-13 13:36:35.410 warn: SMTP is not configured so the contact form will not work.
[peertube.XXXXXXX.XXX:443] 2024-09-13 13:36:35.621 info: Database peertube is ready.
[peertube.XXXXXXX.XXX:443] 2024-09-13 13:36:35.793 info: Connecting to redis standalone...
[peertube.XXXXXXX.XXX:443] 2024-09-13 13:36:35.794 error: Cannot use SMTP server because of lack of configuration. PeerTube will not be able to send mails!
[peertube.XXXXXXX.XXX:443] 2024-09-13 13:36:35.811 info: Connected to redis.
[peertube.XXXXXXX.XXX:443] 2024-09-13 13:36:35.835 info: HTTP server listening on ::1:9000
[peertube.XXXXXXX.XXX:443] 2024-09-13 13:36:35.836 info: Web server: https://peertube.XXXXXXX.XXX

Running on k3s: Server Version: v1.29.6+k3s2

Are you using ipv6 localhost in the nginx configuration?
Can you copy your nginx configuration file?

NGINX Config

upstream peertube {
server [XXXX:XXXX:XXXX:XXXX:XXXX::XXXX];
}
server {
listen 80;
listen [::]:80;
server_name peertube.XXX.XXX;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" ``always;
access_log /var/log/nginx/peertube.access.log;
error_log /var/log/nginx/peertube.error.log;
# Application
location @api {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
client_max_body_size 100k; # default is 1M
proxy_connect_timeout 10m;
proxy_send_timeout 10m;
proxy_read_timeout 10m;
send_timeout 10m;
proxy_pass http://peertube;
}
location / {
try_files /dev/null @api;
}
location ~ ^/api/v1/videos/(upload-resumable|([^/]+/source/replace-resumable))$ {
client_max_body_size 0;
proxy_request_buffering off;
try_files /dev/null @api;
}
location ~ ^/api/v1/users/[^/]+/imports/import-resumable$ {
client_max_body_size 0;
proxy_request_buffering off;
try_files /dev/null @api;
}
location ~ ^/api/v1/videos/(upload|([^/]+/studio/edit))$ {
limit_except POST HEAD { deny all; }
# This is the maximum upload size, which roughly matches the maximum size of a video file.
# Note that temporary space is needed equal to the total size of all concurrent uploads.
# This data gets stored in /var/lib/nginx by default, so you may want to put this directory
# on a dedicated filesystem.
client_max_body_size 12G; # default is 1M
add_header X-File-Maximum-Size 8G always; # inform peertube of the set value in ``bytes before mime-encoding (x * 1.4 >= client_max_body_size)
try_files /dev/null @api;
}
location ~ ^/api/v1/runners/jobs/[^/]+/(update|success)$ {
client_max_body_size 12G; # default is 1M
add_header X-File-Maximum-Size 8G always; # inform peertube of the set value in ``bytes before mime-encoding (x * 1.4 >= client_max_body_size)
try_files /dev/null @api;
}
location ~ ^/api/v1/(videos|video-playlists|video-channels|users/me) {
client_max_body_size 6M; # default is 1M
add_header X-File-Maximum-Size 4M always; # inform peertube of the set value in
bytes before mime-encoding (x * 1.4 >= client_max_body_size)
try_files /dev/null @api;
}
# Websocket
location @api_websocket {
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://peertube;
}
location /socket.io {
try_files /dev/null @api_websocket;
}
location /tracker/socket {
# Peers send a message to the tracker every 15 minutes
# Don't close the websocket before then
proxy_read_timeout 15m; # default is 60s
try_files /dev/null @api_websocket;
}
# Plugin websocket routes
location ~ ^/plugins/[^/]+(/[^/]+)?/ws/ {
try_files /dev/null @api_websocket;
}
}

Runing Peertube on Docker/k3s version 6.3 (chocobozzz/peertube) get no errros expect SMTP, but no access to server.

HTTP server listening on ::1:9000

[peertube.XXX.XXX:443] 2024-09-18 12:58:26.731 info: Using following configuration file
hierarchy: /config/production.yaml.
[peertube.XXX.XXX:443] 2024-09-18 12:58:26.732 warn: SMTP is not configured so the contact
form will not work.
[peertube.XXX.XXX:443] 2024-09-18 12:58:26.942 info: Database peertube is ready.
[peertube.XXX.XXX:443] 2024-09-18 12:58:27.102 info: Connecting to redis standalone...
[peertube.XXX.XXX:443] 2024-09-18 12:58:27.104 error: Cannot use SMTP server because of
lack of configuration. PeerTube will not be able to send mails!
[peertube.XXX.XXX:443] 2024-09-18 12:58:27.120 info: Connected to redis.
[peertube.XXX.XXX:443] 2024-09-18 12:58:27.198 info: HTTP server listening on ::1:9000
[peertube.XXX.XXX:443] 2024-09-18 12:58:27.199 info: Web server: https://peertube.XXX.XXX

Some part of /config/production.yaml:

listen:
# hostname: '127.0.0.1'
hostname: '::1'
port: 9000

# Correspond to your reverse proxy server_name/listen configuration (i.e., your public PeerTube
instance URL)
webserver:
https: true
hostname: 'peertube.XXX.XXX'
port: 443

# Your database name will be database.name OR 'peertube'+database.suffix
database:
hostname: 'peertube-db'
port: 5432
ssl: false
suffix: ''
username: 'peertube'
password: 'XXX'
pool:
max: 5

# Redis server for short time storage
# You can also specify a 'socket' path to a unix socket but first need to
# set 'hostname' and 'port' to null
redis:
# hostname: 'peertube-redis'
hostname: 'XXXX:XXXX:XXXX:XXXX:XXXX::XXXX'
port: 6379
auth: null # Used by both standalone and sentinel
db: 0
sentinel:
enabled: false
enable_tls: false
master_name: ''
sentinels:
- hostname: ''
port: 26379

You nginx config file is only listening on port 80 (http) and not on 443 (https).

Check the template: PeerTube/support/nginx/peertube at master · Chocobozzz/PeerTube · GitHub

And don’t forget to generate your https certificates: Production guide | PeerTube documentation

Thanks,

I have an http (80) only NGINX-Config file. Afterwards I am running:

sudo nginx -t
sudo systemctl restart nginx.service
sudo certbot --nginx

to get https (443).

From the log:

[peertube.XXXX.XXX:443] 2024-09-23 09:00:03.165 info: HTTP server listening on ::1:9000

Inside the pod:

curl ::1:9000

curl: (3) URL using bad/illegal format or missing URL

curl [::1]:9000

<!DOCTYPE html>
<html lang="en" dir="ltr" data-critters-container>
  <head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">

    <meta name="theme-color" content="#fff">
    <meta property="og:platform" content="PeerTube">
...

Peertube documentation suggest to use certbot this way:

sudo systemctl stop nginx
sudo certbot certonly --standalone --post-hook "systemctl restart nginx"
sudo systemctl restart nginx

By doing so, you can directly use the official nginx template as this:

sudo cp /var/www/peertube/peertube-latest/support/nginx/peertube /etc/nginx/sites-available/peertube
sudo sed -i 's/${WEBSERVER_HOST}/[peertube-domain]/g' /etc/nginx/sites-available/peertube
sudo sed -i 's/${PEERTUBE_HOST}/127.0.0.1:9000/g' /etc/nginx/sites-available/peertube

(check the documentation for détails)

If you want to use certbot --nginx, you can. But please be sure that the nginx config file is correct afterwards (connections on port 80 redirects to 443, and listening on 443 - as in the official nginx template).

Thanks. The NGINX-configuration worked before with IPv4. Now with IPv6 only it does not work anymore.

The Peertube Pod is listening on ::1:9000.

listen:
#  hostname: '127.0.0.1'
  hostname: '::1'
  port: 9000

Inside the Pod I can connect via curl [::1]:9000.

With curl ::1:9000 I got an error:

curl: (3) URL using bad/illegal format or missing URL

It seems to be an IPv6 problem…

The error is a syntax error for the curl command.
Try: curl -6 'http://localhost:9000'

If i check the title of this thread, you are on a Docker installation, right?
It is normal that you can’t access the 9000 port from outside the container.

Have you applied these modifications to enable ipv6 in the docker containers? PeerTube/CHANGELOG.md at develop · Chocobozzz/PeerTube · GitHub

PS: this thread is going off in all directions. It started with a redis connection issue, and you pasted a lot of logs and files. To make it easier for people willing to help, please be more clear in your messages. The fact that you are in Docker was only in the thread title, so i missed it.

Network: IPv6 only
Environment: k3s with containerd using Docker-Image

The whole thing worked well with IPv4 only.

Inside the pod, IPv6 only network, I can curl the Peertube-web-page:

curl [::1]:9000
curl -6 [::1]:9000
curl localhost:9000
curl -6 localhost:9000

From outside the pod it does not work!

Service (peertube-service) get requests from 80 and send it to port 9000.

curl http://[XXXX:XXXX:XXXX:XXXX:XXXX::XXXX]
curl -6 http://[XXXX:XXXX:XXXX:XXXX:XXXX::XXXX]

# Peertube Service
apiVersion: v1
kind: Service
metadata:
  name: peertube-service
  labels:
    app: peertube-service
  annotations:
    metallb.universe.tf/address-pool: ip-adressen
spec:
  selector:
    app: peertube-service
  ports:
  - targetPort: 9000
    port: 80
  type: LoadBalancer
  loadBalancerIP: XXXX:XXXX:XXXX:XXXX:XXXX::XXXX
---
# Peertube
apiVersion: apps/v1 
kind: StatefulSet
metadata:
  name: peertube
spec:
  selector:
    matchLabels:
      app: peertube
  template:
    metadata:
      labels:
        app: peertube
    spec:
      containers:
      - image: chocobozzz/peertube:production-bookworm
        name: peertube
        imagePullPolicy: Always
        resources:
          requests:
            memory: "128Mi"
            cpu: ".1"
          limits:
            memory: "2Gi"
            cpu: "1.0"
        envFrom:
          - configMapRef:
              name: peertube
          - secretRef:
              name: peertube
        ports:
        - containerPort: 9000
        volumeMounts:
        - name: daten
          mountPath: /data
        - name: config
          mountPath: /config
      volumes:
        - name: daten
          persistentVolumeClaim:
            claimName: nfs-peertube-daten
        - name: config
          persistentVolumeClaim:
            claimName: nfs-peertube-config
---