From 321b22bda8816d7cc55c5ffbb11f84ec07b87bb8 Mon Sep 17 00:00:00 2001 From: FireMasterK <20838718+FireMasterK@users.noreply.github.com> Date: Thu, 18 Mar 2021 19:59:20 +0530 Subject: [PATCH] Add a self-hosting guide with nginx. --- content/docs/self-hosting/index.md | 127 +++++++++++++++++++++++++++++ 1 file changed, 127 insertions(+) create mode 100644 content/docs/self-hosting/index.md diff --git a/content/docs/self-hosting/index.md b/content/docs/self-hosting/index.md new file mode 100644 index 0000000..695b740 --- /dev/null +++ b/content/docs/self-hosting/index.md @@ -0,0 +1,127 @@ +--- +title: "Self-Hosting" +weight: 4 +summary: How can I Self-Host Piped? +--- + +## Docker-Compose with Nginx + +First download the files required to run Piped. + +``` +mkdir piped && cd piped +wget https://raw.githubusercontent.com/TeamPiped/Piped-Backend/master/config.properties +wget https://raw.githubusercontent.com/TeamPiped/Piped-Backend/master/docker-compose.yml +``` + +Create two A records - one for the proxy and one for the api. +Note: Each running instance of the proxy should have it's own record to maximize performance. + +For example: +A pipedapi.kavin.rocks +A pipedproxy-bom.kavin.rocks + +Now, edit your `config.properties` file to reflect the changes. + +Now, run piped with the following command: +``` +docker-compose up -d +``` + +Now, find your nginx user's and group's id. + +You can do this by running the following command: +``` +cat /etc/passwd +``` + +Then look for a line which starts with `www-data` or `nginx`, here is an example of that: +``` +www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin +``` + +Now, you have the user and group id - `33:33`. + +Now, run the proxy with the following command, while replacing the user parameter with what you just found: +``` +docker run -d --network=host -v "/var/run/ytproxy/:/app/socket" --user 33:33 --restart unless-stopped 1337kavin/ytproxy:latest +``` + +You can now use watchtower to enable automatic container updates (optional): +``` +docker run -d \ + --name watchtower \ + -v /var/run/docker.sock:/var/run/docker.sock \ + containrrr/watchtower +``` + +Now, create an nginx snipper like so: + +`/etc/nginx/snippets/ytproxy.conf` +``` +add_header Access-Control-Allow-Origin *; +add_header Access-Control-Allow-Headers *; +if ($request_method = OPTIONS ) { + return 200; +} +proxy_buffering on; +proxy_set_header Host $arg_host; +proxy_ssl_server_name on; +proxy_set_header X-Forwarded-For ""; +proxy_set_header CF-Connecting-IP ""; +proxy_hide_header "alt-svc"; +sendfile on; +sendfile_max_chunk 512k; +tcp_nopush on; +aio threads=default; +aio_write on; +directio 2m; +proxy_hide_header Cache-Control; +proxy_hide_header etag; +proxy_http_version 1.1; +proxy_set_header Connection keep-alive; +proxy_max_temp_file_size 0; +access_log off; +proxy_pass http://unix:/var/run/ytproxy/http-proxy.sock; +``` + +Now, create a site configuration file: + +`/etc/nginx/sites-available/piped.conf` +``` +server { + listen 80; + listen 443 ssl http2; + ssl_certificate /etc/ssl/certs/kavin.rocks.pem; + ssl_certificate_key /etc/ssl/private/kavin.rocks.key; + ssl_early_data on; + server_name pipedapi.kavin.rocks; # Change this depending on what domain you are using + + location / { + proxy_pass http://127.0.0.1:8080; + } +} + +server { + listen 80; + listen 443 ssl http2; + ssl_certificate /etc/ssl/certs/kavin.rocks.pem; + ssl_certificate_key /etc/ssl/private/kavin.rocks.key; + ssl_early_data on; + server_name pipedproxy-bom.kavin.rocks; # Change this depending on what domain you are using + + location ~ (/videoplayback|/api/v4/) { + include snippets/ytproxy.conf; + add_header Cache-Control private always; + proxy_hide_header Access-Control-Allow-Origin; + } + + location / { + include snippets/ytproxy.conf; + add_header Cache-Control "public, max-age=604800"; + proxy_hide_header Access-Control-Allow-Origin; + } +} +``` + +Finally, reload the nginx service and you are done!