EasyDeployment: Difference between revisions
Julianfoad (talk | contribs) (→Docker: Improve this information.) |
|||
(3 intermediate revisions by 2 users not shown) | |||
Line 5: | Line 5: | ||
== Docker == |
== Docker == |
||
While MediaGoblin has no official Docker image, [https://hub.docker.com/r/mtlynch/mediagoblin/ mtlynch maintains] the most up-to-date version. |
|||
See [https://notabug.org/dachary/mediagoblin-docker Dockerized MediaGoblin] for full information, including how to run MediaGoblin in production mode (preserving data). |
|||
To run it: |
|||
The simplest instructions to demo MediaGoblin (all data are lost when the container is stopped) make use of a mediagoblin image in the docker registry: |
|||
docker run \ |
|||
--tty \ |
|||
* www-browser http://localhost:8080 |
|||
--detach \ |
|||
--publish 8080:6543 \ |
|||
--name mediagoblin \ |
|||
mtlynch/mediagoblin |
|||
Visit [http://localhost:8080 http://localhost:8080] in your browser to see your Dockerized MediaGoblin instance. |
|||
'''Warning: The docker registry image used here was out of date, at version 0.8.0''' on 2016-12-20. See [https://notabug.org/dachary/mediagoblin-docker/issues/2 this issue]. To run the latest version, see [https://notabug.org/dachary/mediagoblin-docker Dockerized MediaGoblin]. |
|||
Admin credentials are: |
|||
* Username: '''admin''' |
|||
* Password: '''admin''' |
|||
For full details on running the Docker image or rebuilding your own custom image, see [https://github.com/mtlynch/mediagoblin-docker https://github.com/mtlynch/mediagoblin-docker]. |
|||
=== Docker behind nginx === |
|||
The following may be useful for users running a MediaGoblin docker container behind an nginx reverse proxy, eg. for handling SSL. |
|||
==== Nginx virtual server definition ==== |
|||
Note that the port number in the proxy_pass must match the port number you use when starting the container. See the shell script in the next section. |
|||
You will want to edit the host name to use your own, as well. |
|||
You may also change the client_max_body_size to a value you deem appropriate for your server. |
|||
<syntaxhighlight lang="apache"> |
|||
server { |
|||
if ($host = mediagoblin.example.com) { |
|||
return 301 https://$host$request_uri; |
|||
} # managed by Certbot |
|||
listen 80 ; |
|||
listen [::]:80 ; |
|||
server_name mediagoblin.example.com; |
|||
access_log /var/log/nginx/mg.access_log ; |
|||
error_log /var/log/nginx/mg.error_log ; |
|||
} |
|||
# HTTPS |
|||
server { |
|||
listen 443 ; |
|||
listen [::]:443 ; |
|||
server_name mediagoblin.example.com; |
|||
# needed to actually upload any files. |
|||
client_max_body_size 32M; |
|||
access_log /var/log/nginx/mg.ssl_access_log ; |
|||
error_log /var/log/nginx/mg.ssl_error_log ; |
|||
location / { |
|||
proxy_pass http://127.0.0.1:8138; |
|||
proxy_set_header X-Forwarded-Host $server_name; |
|||
proxy_set_header X-Forwarded-Proto https; |
|||
proxy_set_header X-Forwarded-For $remote_addr; |
|||
} |
|||
ssl_certificate /etc/letsencrypt/live/mediagoblin.example.com/fullchain.pem; # managed by Certbot |
|||
ssl_certificate_key /etc/letsencrypt/live/mediagoblin.example.com/privkey.pem; # managed by Certbot |
|||
} |
|||
</syntaxhighlight> |
|||
==== Docker container start/stop/update script ==== |
|||
This shell script is essentially a wrapper around the example docker run statement given for the container. However, this adds in some helper functions as well, so that starting or restarting the container can be done just by calling the script, and updating the container is as easy as calling the script with "update" as the first argument. |
|||
<syntaxhighlight lang="bash"> |
|||
#!/bin/bash |
|||
# MediaGoblin docker container bootstrap |
|||
# References: |
|||
# - https://savannah.gnu.org/projects/mediagoblin |
|||
# - https://hub.docker.com/r/mtlynch/mediagoblin |
|||
### Setup |
|||
set -o errexit |
|||
set -o pipefail |
|||
# Docker stuff |
|||
# CONTAINER refers to the namespace and container name |
|||
# SHORTNAME can be changed to whatever you like |
|||
# CONTAINERTAG should be latest unless you have need of a specific tag |
|||
CONTAINER="mtlynch/mediagoblin" |
|||
SHORTNAME="mediagoblin" |
|||
CONTAINERTAG="latest" |
|||
# Docker options |
|||
# The INSIDEPORT should remain the same; see the docker hub page |
|||
# The OUTSIDEPORT can be whatever you like (>1024) and must match nginx config |
|||
# The LOCALDIR is the directory on your local file system to mount inside the container |
|||
# The CONTAINERDIR should remain as-is; see the docker hub page. |
|||
INSIDEPORT=6543 |
|||
OUTSIDEPORT=8138 |
|||
LOCALDIR=/var/lib/mediagoblin |
|||
CONTAINERDIR=/var/lib/mediagoblin |
|||
### Functions |
|||
# Pull the latest container |
|||
function pullContainer() { |
|||
docker pull "${CONTAINER}":"${CONTAINERTAG}" |
|||
} |
|||
# Check if the container is running |
|||
function checkRunning() { |
|||
return $(docker ps | grep -c "${SHORTNAME}") |
|||
} |
|||
# Stop existing container |
|||
function stopContainer() { |
|||
docker stop "${SHORTNAME}" |
|||
docker rm "${SHORTNAME}" |
|||
} |
|||
# Run the container. |
|||
function runContainer() { |
|||
docker run -d \ |
|||
--name "${SHORTNAME}" \ |
|||
--restart=unless-stopped \ |
|||
--publish ${OUTSIDEPORT}:${INSIDEPORT} \ |
|||
--volume ${LOCALDIR}:${CONTAINERDIR} \ |
|||
"${CONTAINER}" |
|||
} |
|||
### Logic |
|||
# Update if desired |
|||
if [[ "$1" == "update" ]]; then |
|||
pullContainer |
|||
fi |
|||
# If it is running, stop it. |
|||
if ! checkRunning ; then |
|||
stopContainer |
|||
fi |
|||
# Run the container |
|||
runContainer |
|||
</syntaxhighlight> |
|||
= PaaS = |
= PaaS = |
Latest revision as of 04:35, 16 May 2020
Inventory of single step installation of MediaGoblin for demonstration purposes.
Containers
Docker
While MediaGoblin has no official Docker image, mtlynch maintains the most up-to-date version.
To run it:
docker run \ --tty \ --detach \ --publish 8080:6543 \ --name mediagoblin \ mtlynch/mediagoblin
Visit http://localhost:8080 in your browser to see your Dockerized MediaGoblin instance.
Admin credentials are:
- Username: admin
- Password: admin
For full details on running the Docker image or rebuilding your own custom image, see https://github.com/mtlynch/mediagoblin-docker.
Docker behind nginx
The following may be useful for users running a MediaGoblin docker container behind an nginx reverse proxy, eg. for handling SSL.
Nginx virtual server definition
Note that the port number in the proxy_pass must match the port number you use when starting the container. See the shell script in the next section.
You will want to edit the host name to use your own, as well.
You may also change the client_max_body_size to a value you deem appropriate for your server.
server {
if ($host = mediagoblin.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name mediagoblin.example.com;
access_log /var/log/nginx/mg.access_log ;
error_log /var/log/nginx/mg.error_log ;
}
# HTTPS
server {
listen 443 ;
listen [::]:443 ;
server_name mediagoblin.example.com;
# needed to actually upload any files.
client_max_body_size 32M;
access_log /var/log/nginx/mg.ssl_access_log ;
error_log /var/log/nginx/mg.ssl_error_log ;
location / {
proxy_pass http://127.0.0.1:8138;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $remote_addr;
}
ssl_certificate /etc/letsencrypt/live/mediagoblin.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mediagoblin.example.com/privkey.pem; # managed by Certbot
}
Docker container start/stop/update script
This shell script is essentially a wrapper around the example docker run statement given for the container. However, this adds in some helper functions as well, so that starting or restarting the container can be done just by calling the script, and updating the container is as easy as calling the script with "update" as the first argument.
#!/bin/bash
# MediaGoblin docker container bootstrap
# References:
# - https://savannah.gnu.org/projects/mediagoblin
# - https://hub.docker.com/r/mtlynch/mediagoblin
### Setup
set -o errexit
set -o pipefail
# Docker stuff
# CONTAINER refers to the namespace and container name
# SHORTNAME can be changed to whatever you like
# CONTAINERTAG should be latest unless you have need of a specific tag
CONTAINER="mtlynch/mediagoblin"
SHORTNAME="mediagoblin"
CONTAINERTAG="latest"
# Docker options
# The INSIDEPORT should remain the same; see the docker hub page
# The OUTSIDEPORT can be whatever you like (>1024) and must match nginx config
# The LOCALDIR is the directory on your local file system to mount inside the container
# The CONTAINERDIR should remain as-is; see the docker hub page.
INSIDEPORT=6543
OUTSIDEPORT=8138
LOCALDIR=/var/lib/mediagoblin
CONTAINERDIR=/var/lib/mediagoblin
### Functions
# Pull the latest container
function pullContainer() {
docker pull "${CONTAINER}":"${CONTAINERTAG}"
}
# Check if the container is running
function checkRunning() {
return $(docker ps | grep -c "${SHORTNAME}")
}
# Stop existing container
function stopContainer() {
docker stop "${SHORTNAME}"
docker rm "${SHORTNAME}"
}
# Run the container.
function runContainer() {
docker run -d \
--name "${SHORTNAME}" \
--restart=unless-stopped \
--publish ${OUTSIDEPORT}:${INSIDEPORT} \
--volume ${LOCALDIR}:${CONTAINERDIR} \
"${CONTAINER}"
}
### Logic
# Update if desired
if [[ "$1" == "update" ]]; then
pullContainer
fi
# If it is running, stop it.
if ! checkRunning ; then
stopContainer
fi
# Run the container
runContainer
PaaS
Sandstorm
Warning: Out Of Date. Was at version 0.7.1 on 2016-12-20. Can you help to update it?
- sandstorm.io MediaGoblin demo
Source code for the MediaGoblin Sandstorm app: