kraoc/hyperpiped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Téléverser les fichiers vers "/"

Browse Source
This commit is contained in:
Olivier 2023-10-13 19:38:15 +02:00
parent c5027ba581
commit 4d33028ed5
3 changed files with 454 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
.env Normal file
View File

@ -0,0 +1,59 @@
VM_VERSIONNING="2023-10-13"
# --------------------------------------------------
# Local network definition
# --------------------------------------------------
VM_DOMAIN="home"
VM_IP_ASSIGN="xxx.xxx.xxx"
# --------------------------------------------------
# VM specific definition
# --------------------------------------------------
VM_NAME="xxx"
VM_TITLE="xxx"
VM_IP="$VM_IP_ASSIGN.xxx"
# --------------------------------------------------
# Local containers exposed ports (for all VM)
# --------------------------------------------------
# common (4000-4999)
VM_PORT_DOCKERPROXY="4000"
VM_PORT_LOKI="4001"
VM_PORT_PROMTAIL="4002"
VM_PORT_DOZZLE="4003"
VM_PORT_WATCHTOWER="4004"
# particular (8000-8999)
VM_PORT_PIPED_DB="8300"
VM_PORT_PIPED_BACK="8301"
VM_PORT_PIPED_FRONT="8302"
VM_PORT_PIPED_PROXY="8303"
VM_PORT_HYPERPIPE_NGINX="8304"
VM_PORT_HYPERPIPE_BACK="8305"
VM_PORT_HYPERPIPE_FRONT="8306"
# --------------------------------------------------
# Common
# --------------------------------------------------
VM_USER="1000"
VM_GROUP="1000"
VM_MASTER="xxx"
MASTER_HOST="${VM_MASTER}.${VM_DOMAIN}"
VM_HOST="${VM_NAME}.${VM_DOMAIN}"
# --------------------------------------------------
# Services specifics
# --------------------------------------------------
WATCHTOWER_NOTIFICATION_TITLE_TAG="${VM_TITLE}"
WATCHTOWER_NOTIFICATIONS_HOSTNAME="${VM_NAME}"

57
README.md
View File

@ -1,2 +1,57 @@
# hyperpiped # Hyperpipe / Piped
Hyperpipe, a privacy-friendly frontend designed for YouTube Music, was inspired and created using Piped and YouTube's InnerTube API.
In the following steps, you'll be guided through the installation of Hyperpipe, as well as Piped, to dramatically improve your online privacy.
What sets Hyperpipe and Piped apart in particular is the ability to enjoy YouTube music and videos without being interrupted by ads.
In this detailed tutorial, I'll explain how to deploy Hyperpipe using Docker and Portainer.
## Considerations
This Docker stack is scaled for a 8 vCPUs _and 24 Gb memory_ on a gigabite network.
Using ADSL will give poorer performance than using fiber.
I strongly recommend that you only use this tool if you finally have a good fiber connection.
## Prerequisites
You must have already installed:
* A fully fonctionnal [internet domain name](https://infos.zogg.fr/caddy-docker-cloudflare)
* [Docker](https://infos.zogg.fr/tags#docker)
* A textual editor ([Visual Studio Code](https://code.visualstudio.com/), [Notepad++](https://notepad-plus-plus.org/), nano...)
* A fully functionnal [Traefik reverse proxy](https://infos.zogg.fr/tags#traefik) setup
## What's here
### Folders
* **conf** : used to store all configuration files
* **datas** : persistent storage _(mainly for the PostgreQL database)_
### Files
* **docker-compose.yml** : a fully functionnal docker-compose file to run using _docker compose up -d_
* **vm/common.yml** : docker-compose on which _docker-compose.yml_ is extended
* **vm/host.yml** : docker-compose on which host.yml_ is extended
* **.env** : default environement variables used by the docker-compose file
* **traefik/hyperpipe.yml** : the Traefik configuration for this stack _(routers, services, middlewares)_
* **conf/hyperpipe/nginx.conf** : highly optimized [NGinx](https://infos.zogg.fr/nginx) base configuration used by _hyperpipe-nginx_
* **conf/hyperpipe/youtube.conf** : used by _hyperpipe-nginx_
* **conf/piped/api.conf** : used by _hyperpipe-nginx_
* **conf/piped/backend.conf** : configuration file used by _piped-back_
* **conf/piped/frontend.conf** : used by _hyperpipe-nginx_
* **conf/piped/proxy.conf** : used by _hyperpipe-nginx_
## Usage
You **MUST** find & replace all _'xxx'_ entries in each file to match your setup.
* **docker-compose.yml** : piped-db _POSTGRES_PASSWORD_
* **nginx.conf** : resolver _(put your private dns ip resolver or comment the entire line)_
* **domain.com** : replace all _domain.com_ to match your domain name in all files

339
docker-compose.yml Normal file
View File

@ -0,0 +1,339 @@
version: "3.0"
#
# updated: 2023-10-13
# stack: hyperpiped
#
networks:
hyperpipe:
name: hyperpipe
driver: bridge
enable_ipv6: true
traefik:
external: true
services:
piped-db:
extends:
file: ./_vm/common.yml
service: x-common
user: 0:0
cap_add:
- DAC_OVERRIDE
- CHOWN
- FOWNER
- FSETID
- SETGID
- SETUID
- NET_BIND_SERVICE
- MKNOD
container_name: piped-db
hostname: piped-db
image: postgres:16
restart: unless-stopped
ports:
- "${VM_PORT_PIPED_DB}:5432"
expose:
- "5432"
networks:
- hyperpipe
- traefik
healthcheck:
test: ["CMD", "pg_isready", "-q", "-d", "piped", "-U", "root"]
environment:
POSTGRES_DB: piped
POSTGRES_USER: root
POSTGRES_PASSWORD: xxx
labels:
com.stack.name: "piped"
com.stack.service.name: "db"
deploy:
resources:
limits:
cpus: "8.0"
memory: 4G
tmpfs:
- /tmp:rw,exec,size=1G
volumes:
- ./datas/db:/var/lib/postgresql/data:rw
sysctls:
net.core.somaxconn: 8192
net.ipv4.tcp_syncookies: 0
piped-proxy:
extends:
file: ./_vm/host.yml
service: x-host
read_only: true
container_name: piped-proxy
hostname: piped-proxy
image: 1337kavin/piped-proxy:latest
restart: unless-stopped
ports:
- "${VM_PORT_PIPED_PROXY}:80"
expose:
- "80"
networks:
- hyperpipe
- traefik
healthcheck:
test: uname -a || exit 1
environment:
UDS: 1
labels:
com.stack.name: "piped"
com.stack.service.name: "proxy"
deploy:
resources:
limits:
cpus: "8.0"
memory: 4G
pids: 8192
tmpfs:
- /tmp:rw,exec,size=1G
volumes:
- ./datas/piped/proxy:/app/socket:rw
sysctls:
net.core.somaxconn: 8192
net.ipv4.tcp_syncookies: 0
piped-back:
extends:
file: ./_vm/host.yml
service: x-host
user: 0:0
cap_add:
- DAC_OVERRIDE
- CHOWN
- FOWNER
- FSETID
- SETGID
- SETUID
- NET_BIND_SERVICE
- MKNOD
container_name: piped-back
hostname: piped-back
image: 1337kavin/piped:latest
restart: unless-stopped
ports:
- "${VM_PORT_PIPED_BACK}:8080"
expose:
- "8080"
networks:
- hyperpipe
- traefik
depends_on:
piped-db:
condition: service_healthy
piped-proxy:
condition: service_healthy
healthcheck:
test: curl --fail http://localhost:8080/ || exit 1
environment:
DSN: ""
labels:
com.stack.name: "piped"
com.stack.service.name: "back"
deploy:
resources:
limits:
cpus: "8.0"
memory: 4G
pids: 8192
tmpfs:
- /tmp:rw,exec,size=1G
volumes:
- ./conf/piped/backend.conf:/app/config.properties:ro
sysctls:
net.core.somaxconn: 8192
net.ipv4.tcp_syncookies: 0
piped-front:
extends:
file: ./_vm/host.yml
service: x-host
user: 0:0
cap_add:
- DAC_OVERRIDE
- CHOWN
- FOWNER
- FSETID
- SETGID
- SETUID
- NET_BIND_SERVICE
- MKNOD
container_name: piped-front
hostname: piped-front
image: 1337kavin/piped-frontend:latest
restart: unless-stopped
ports:
- "${VM_PORT_PIPED_FRONT}:80"
expose:
- "80"
networks:
- hyperpipe
- traefik
depends_on:
piped-back:
condition: service_healthy
healthcheck:
test: wget --no-verbose --tries=1 --spider http://localhost:80
entrypoint: ash -c 'sed -i s/pipedapi.kavin.rocks/pipedapi.domain.com/g /usr/share/nginx/html/assets/* && /docker-entrypoint.sh && nginx -g "daemon off;"'
labels:
com.stack.name: "piped"
com.stack.service.name: "front"
deploy:
resources:
limits:
cpus: "8.0"
memory: 4G
pids: 8192
tmpfs:
- /tmp:rw,exec,size=1G
sysctls:
net.core.somaxconn: 8192
net.ipv4.tcp_syncookies: 0
hyperpipe-nginx:
extends:
file: ./_vm/host.yml
service: x-host
user: 0:0
cap_add:
- CHOWN
- DAC_OVERRIDE
- FOWNER
- FSETID
- SETGID
- SETUID
- NET_BIND_SERVICE
- MKNOD
- SETPCAP
- SYS_ADMIN
container_name: hyperpipe-nginx
hostname: hyperpipe-nginx
image: registry.domain.com/zogg/nginx:latest
restart: unless-stopped
depends_on:
piped-db:
condition: service_healthy
piped-back:
condition: service_healthy
piped-front:
condition: service_healthy
piped-proxy:
condition: service_healthy
ports:
- "${VM_PORT_HYPERPIPE_NGINX}:80"
expose:
- "80"
networks:
- hyperpipe
- traefik
healthcheck:
test: curl --fail http://localhost:80/ || exit 1
start_period: 120s
labels:
com.stack.name: "hyperpipe"
com.stack.service.name: "nginx"
deploy:
resources:
limits:
cpus: "8.0"
memory: 4G
pids: 8192
tmpfs:
- /tmp:rw,exec,size=1G
volumes:
- ./conf/hyperpipe/nginx.conf:/etc/nginx/nginx.conf:ro
- ./conf/piped/api.conf:/etc/nginx/conf.d/pipedapi.conf:ro
- ./conf/piped/proxy.conf:/etc/nginx/conf.d/pipedproxy.conf:ro
- ./conf/piped/frontend.conf:/etc/nginx/conf.d/pipedfrontend.conf:ro
- ./conf/hyperpipe/youtube.conf:/etc/nginx/snippets/ytproxy.conf:ro
- ./datas/piped/proxy:/var/run/ytproxy:rw
sysctls:
net.core.somaxconn: 8192
net.ipv4.tcp_syncookies: 0
hyperpipe-back:
extends:
file: ./_vm/host.yml
service: x-host
container_name: hyperpipe-back
hostname: hyperpipe-back
image: codeberg.org/hyperpipe/hyperpipe-backend:latest
restart: unless-stopped
depends_on:
hyperpipe-nginx:
condition: service_healthy
ports:
- "${VM_PORT_HYPERPIPE_BACK}:3000"
expose:
- "3000"
networks:
- hyperpipe
- traefik
environment:
HYP_PROXY: "ytproxy.domain.com"
labels:
com.stack.name: "hyperpipe"
com.stack.service.name: "back"
deploy:
resources:
limits:
cpus: "8.0"
memory: 4G
pids: 8192
tmpfs:
- /tmp:rw,exec,size=1G
sysctls:
net.core.somaxconn: 8192
net.ipv4.tcp_syncookies: 0
hyperpipe-front:
extends:
file: ./_vm/host.yml
service: x-host
user: 0:0
cap_add:
- DAC_OVERRIDE
- CHOWN
- FOWNER
- FSETID
- SETGID
- SETUID
- NET_BIND_SERVICE
- MKNOD
container_name: hyperpipe-front
hostname: hyperpipe-front
image: codeberg.org/hyperpipe/hyperpipe:latest
restart: unless-stopped
depends_on:
hyperpipe-back:
condition: service_started
ports:
- "${VM_PORT_HYPERPIPE_FRONT}:80"
expose:
- "80"
networks:
- hyperpipe
- traefik
healthcheck:
test: wget --no-verbose --tries=1 --spider http://localhost
entrypoint: sh -c 'find /usr/share/nginx/html -type f -exec sed -i s/pipedapi.kavin.rocks/pipedapi.domain.com/g {} \; -exec sed -i s/hyperpipeapi.onrender.com/hyperpipeapi.domain.com/g {} \; && /docker-entrypoint.sh && nginx -g "daemon off;"'
labels:
com.stack.name: "hyperpipe"
com.stack.service.name: "front"
deploy:
resources:
limits:
cpus: "8.0"
memory: 4G
pids: 8192
tmpfs:
- /tmp:rw,exec,size=1G
sysctls:
net.core.somaxconn: 8192
net.ipv4.tcp_syncookies: 0