SSL certificate problem

PaliPalo · Novembre 23, 2020, 3:54

OK, I’m not familiar with Docker. I guess this is a « preconfigured system package » that you « launch » from you host. As far as I know a Peertube container is by default set up with nginx.

Then, I searched the web about "docker nginx letsencrypt’ and found this site https://medium.com/@pentacent/nginx-and-lets-encrypt-with-docker-in-less-than-5-minutes-b4b8a60d3a71

Maybe this can help you

KingMida · Novembre 23, 2020, 4:10

Thanks but i get stuck

i get that from server looking inside the:

root @ Ubuntu-1804-bionic-64-minimal ~ # l

root @ Ubuntu-1804-bionic-64-minimal ~ # cd /

root @ Ubuntu-1804-bionic-64-minimal / # l

app / boot / etc / initrd.img @ installimage.conf lib / lost+found / mnt / proc / run / snap / sys / usr / vmlinuz @

bin / dev / home / initrd.img.old @ installimage.debug lib64 / media / opt / root / sbin / srv / tmp/ var / vmlinuz.old @

root @ Ubuntu-1804-bionic-64-minimal / # cd app

root @ Ubuntu-1804-bionic-64-minimal /app # l

peertube /

root @ Ubuntu-1804-bionic-64-minimal /app # cd peertube

root @ Ubuntu-1804-bionic-64-minimal /app/peertube # l

docker-compose.yml docker-volume / ssl /

root @ Ubuntu-1804-bionic-64-minimal /app/peertube # nano docker-compose.yml

KingMida · Novembre 23, 2020, 4:16

version: « 3.3 »

services:

reverse-proxy:
image: traefik:v1.7
network_mode: « host »
command: --docker # Tells Træfik to listen to docker
ports:
- « 80:80 » # The HTTP port
- « 443:443 » # The HTTPS port
volumes:
- /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
- ./docker-volume/traefik/acme.json:/etc/acme.json
- ./docker-volume/traefik/traefik.toml:/traefik.toml
- ./ssl:/ssl
restart: « always »
# If you want to use the Traefik dashboard, you should expose it on a
# subdomain with HTTPS and authentification:
# https://medium.com/@xavier.priour/secure-traefik-dashboard-with-https-and-password-in-docker-5b657e2aa15f
# https://github.com/containous/traefik/issues/880#issuecomment-310301168

peertube:
# If you don’t want to use the official image and build one from sources
# build:
# context: .
# dockerfile: ./support/docker/production/Dockerfile.stretch
#image: chocobozzz/peertube:production-stretch
image: addedga:latest
env_file:
- .env
# Traefik labels are suggested as an example for people using Traefik,
# remove them if you are using another reverse proxy.
labels:
traefik.enable: « true »
traefik.frontend.rule: « Host:${PEERTUBE_WEBSERVER_HOSTNAME} »
traefik.port: « 9000 »
# If you don’t want to use a reverse proxy (not suitable for production!)
# ports:
# - « 80:9000 »
volumes:
- ./docker-volume/data:/data
peertube:
# If you don’t want to use the official image and build one from sources
# build:
# context: .
# dockerfile: ./support/docker/production/Dockerfile.stretch
#image: chocobozzz/peertube:production-stretch
image: addedga:latest
env_file:
- .env
# Traefik labels are suggested as an example for people using Traefik,
# remove them if you are using another reverse proxy.
labels:
traefik.enable: « true »
traefik.frontend.rule: « Host:${PEERTUBE_WEBSERVER_HOSTNAME} »
traefik.port: « 9000 »
# If you don’t want to use a reverse proxy (not suitable for production!)
# ports:
# - « 80:9000 »
volumes:
- ./docker-volume/data:/data
- /mnt/videos:/data/videos
- ./docker-volume/config:/config
depends_on:
- postgres
- redis
- postfix
restart: « always »

postgres:
image: postgres:10-alpine
environment:
POSTGRES_USER: ${PEERTUBE_DB_USERNAME}
POSTGRES_PASSWORD: ${PEERTUBE_DB_PASSWORD}
POSTGRES_DB: peertube
volumes:
- ./docker-volume/db:/var/lib/postgresql/data
restart: « always »
labels:
traefik.enable: « false »

redis:
image: redis:4-alpine
volumes:
- ./docker-volume/redis:/data
restart: « always »
labels:
traefik.enable: « false »

postfix:
image: mwader/postfix-relay
environment:
- POSTFIX_myhostname=${PEERTUBE_WEBSERVER_HOSTNAME}
labels:
traefik.enable: « false »
restart: « always »

networks:
default:
ipam:
driver: default
config:
- subnet: 172.18.0.0/16

rigelk · Novembre 23, 2020, 4:21

@PaliPalo no, it is not. You are confusing the PeerTube container with the docker-compose deployment, which now features Nginx by default.

KingMida · Novembre 23, 2020, 4:23

so i think i have to install peertube back from zero, there is a way to export all videos?

there is a way to import all videos user uploaded in a new different server (with a fresh standard peertube install)?

rigelk · Novembre 23, 2020, 4:58

You can copy your files and database and use them on your new server.

KingMida · Novembre 23, 2020, 5:16

any one know where are stored the files?

rigelk · Novembre 23, 2020, 6:27

They are in /var/www/peertube/storage on a regular install.

KingMida · Novembre 23, 2020, 7:02

so if i will check probably i don’t find nothing there … i will tell yours

i try the yuno install process but the only application do not install correctly with the yuno installer it is peertube

2020-11-23 19:57:19,650: DEBUG - + strip=’–strip-components 1’
2020-11-23 19:57:19,650: DEBUG - + [[ tar.gz =~ ^tar.gz|tar.bz2|tar.xz$ ]]
2020-11-23 19:57:19,651: DEBUG - + tar --extract --file=n.tar.gz --directory=/opt/node_n/git --strip-components 1
2020-11-23 19:57:19,952: DEBUG - ++ find /var/cache/yunohost/from_file/peertube_ynh-master/scripts/…/sources/patches/ -type f -name ‹ n-.patch’
2020-11-23 19:57:19,953: DEBUG - ++ wc --lines
2020-11-23 19:57:20,070: DEBUG - + (( 0 > 0 ))
2020-11-23 19:57:20,086: DEBUG - + test -e /var/cache/yunohost/from_file/peertube_ynh-master/scripts/…/sources/extra_files/n
2020-11-23 19:57:20,114: DEBUG - + cd /opt/node_n/git
2020-11-23 19:57:20,130: DEBUG - + PREFIX=/opt/node_n
2020-11-23 19:57:20,138: DEBUG - + make install
2020-11-23 19:57:20,138: DEBUG - mkdir -p /opt/node_n/bin/
2020-11-23 19:57:20,138: DEBUG - cp bin/n /opt/node_n/bin/n
2020-11-23 19:57:20,139: DEBUG - + ynh_replace_string '–match_string=^N_PREFIX=${N_PREFIX-.}$ › ‹ –replace_string=N_PREFIX=${N_PREFIX-/opt/node_n} › --target_file=/opt/node_n/bin/n
2020-11-23 19:57:20,140: DEBUG - + local delimit=@
2020-11-23 19:57:20,141: DEBUG - + match_string=’^N_PREFIX=${N_PREFIX-.}$’
2020-11-23 19:57:20,141: DEBUG - + replace_string=‹ N_PREFIX=${N_PREFIX-/opt/node_n} ›
2020-11-23 19:57:20,141: DEBUG - + sed --in-place 's@^N_PREFIX=${N_PREFIX-.}$@N_PREFIX=${N_PREFIX-/opt/node_n}@g’ /opt/node_n/bin/n
2020-11-23 19:57:20,141: DEBUG - + PATH=/opt/node_n/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
2020-11-23 19:57:20,141: DEBUG - + test -x /usr/bin/node_n
2020-11-23 19:57:20,141: DEBUG - + test -x /usr/bin/npm_n
2020-11-23 19:57:20,142: DEBUG - ++ uname --machine
2020-11-23 19:57:20,142: DEBUG - + uname=i686
2020-11-23 19:57:20,142: DEBUG - + [[ i686 =~ aarch64 ]]
2020-11-23 19:57:20,142: DEBUG - + [[ i686 =~ arm64 ]]
2020-11-23 19:57:20,142: WARNING -
2020-11-23 19:57:20,143: DEBUG - + n 12
2020-11-23 19:57:20,143: WARNING - Error: no version found for ‹ 12 ›
2020-11-23 19:57:20,143: DEBUG - + ynh_exit_properly
2020-11-23 19:57:20,143: WARNING -
2020-11-23 19:57:20,144: DEBUG - + local exit_code=1
2020-11-23 19:57:20,144: DEBUG - + ‹ [ › 1 -eq 0 ‹ ] ›
2020-11-23 19:57:20,144: DEBUG - + trap ‹  › EXIT
2020-11-23 19:57:20,144: DEBUG - + set +o errexit
2020-11-23 19:57:20,144: DEBUG - + set +o nounset
2020-11-23 19:57:20,144: DEBUG - + sleep 0.5
2020-11-23 19:57:20,646: DEBUG - + type -t ynh_clean_setup
2020-11-23 19:57:20,647: DEBUG - + ynh_clean_setup
2020-11-23 19:57:20,648: DEBUG - + ynh_clean_check_starting
2020-11-23 19:57:20,649: DEBUG - + ‹ [ › -n ‹  › ‹ ] ›
2020-11-23 19:57:20,650: DEBUG - + ‹ [ › -n ‹  › ‹ ] ›
2020-11-23 19:57:20,650: DEBUG - + exit 1

KingMida · Novembre 23, 2020, 7:05

so i will try the manual install next week now i can’t do anymore

KingMida · Novembre 23, 2020, 7:06

Witch one is the best distro i can use to install peertube?
i will try with debian Debian 10.3 (Buster) Minimal and LAMP (64-Bit)

any other?

KingMida · Novembre 23, 2020, 10:37

i have found something interesting here https://github.com/Nutomic/PeerTube/blob/develop/support/doc/docker.md

possible command to renew the ssl cert?
vim ./docker-volume/traefik/traefik.toml

rigelk · Novembre 23, 2020, 11:26

check with traefik’s documentation, but traefik’s purpose is to do it automatically for you

Framasky · Novembre 24, 2020, 5:49

If you want to install manually, just use Debian 10.3 minimal, no LAMP, the installation documentation will make you install all what you need: PostgreSQL (required) and Nginx (better supported than Apache).

Framasky · Novembre 24, 2020, 6:12

Can’t you just ask your friend who installed your peertube? He shouldn’t make you pay to answer the simple question « How can I renew my certificate? »

KingMida · Novembre 24, 2020, 8:27

OK dear friend i have solved the clue
buy new certificate from your best service provider and:

first of all you have to search that file traefik.toml

my folder /app/peertube/docker-volume/traefik/traefik.toml

Check inside the file the path of the .crt and .key files
nano traefik.toml <-- inside that file there is in the end of it the path or .crt + .key file

[[tls]]
entryPoints = [« https »]
[tls.certificate]
certFile = « /ssl/example_com.crt »
keyFile = « /ssl/example_com.key »

In that way the system know where to search for cert file and public key

Remember the path is starting from the peertube installation folder in my case the installation folder position is: ssl folder but:

that folder it’s inside the: app/peertube main folder
so the real full path of the ssl folder it is: /app/peertube/ssl

in that way you discover where are stored the certificate file and the key file inside the ssl folder

go to the ssl folder and manually nano the files inside .crt .key to update the content whit your new crt and key text of certificate

you can copy the content buy open the file stored in your side using a normal text reader edit software

remove the old text inside the .crt .key files useful command i use to speed up the deletion process of long text is ctrl + k that delete the full row at once

paste the new text content of your new ssl certificate to the crt + key file

crtl x yes to save the file, enter to complete the save with the name of the file

and all work fine !

sudo reboot and enjoy the new cert !

rigelk · Novembre 24, 2020, 9:55

@Framasky we explicitly support only Nginx, since we don’t have knowledge nor time for Apache.

KingMida · Novembre 24, 2020, 12:03

thanks i have bought the new ssl certificate

at the moment i’m not able to generate a free code from the let’s encrypt service

any help about that free ssl? How to generate whit acme of traefik?

KingMida · Novembre 24, 2020, 12:09

thanks i’m new in the magical world of docker so any one can send me some command to make the certificate process automatic? next time i know where to put my hands but if i get for free instead of pay it will be better

KingMida · Novembre 27, 2020, 7:18

after a mod of the production file with the folder of videos i get the server unreachable so i start a new fresh install or peertube this time with the official guide and do by my self to know how that amazing script work and how i can manage by my self

at the end of the install i have opened that new tread cause i get the nginx wellcome page only, so i paste here the link of the other conversation when i continue my journey in the peertube server side ssh world:

new discussion:

If you are Italian and do you like to grow up the first italian peertube community join on this: