====== Funkwhale ======
===== Prérequis =====
[[git]], [[docker]], [[docker-compose]], ...
===== Installation conteneurisée =====
Il y a une installation en mode "mono-container", voir la [[https://docs.funkwhale.audio/installation/docker.html#docker-mono-container|Documentation]]. Comme j'installe sur une [[odroid-xu3]], il faut builder l'image.
$ sudo useradd -r -s /usr/bin/nologin -d /srv/funkwhale -m funkwhale
$ sudo adduser funkwhale docker
$ sudo mkdir /srv/funkwhale
$ sudo chown -R funkwhale:funkwhale /srv/funkwhale/
$ sudo -u funkwhale -H bash
funkwhale@odroid:~$ pwd
/srv/funkwhale
funkwhale@odroid:~$ git clone https://github.com/thetarkus/docker-funkwhale.git
funkwhale@odroid:~$ cd docker-funkwhale/
funkwhale@odroid:~/docker-funkwhale$ export FUNKWHALE_VERSION="0.18.1"
funkwhale@odroid:~/docker-funkwhale$ image_name="funkwhale-arm"
funkwhale@odroid:~/docker-funkwhale$ version="0.18.1"
funkwhale@odroid:~/docker-funkwhale$ ./scripts/download-artifact.sh src/ $version build_front
(...)
Done!
funkwhale@odroid:~/docker-funkwhale$ ./scripts/download-artifact.sh src/ $version build_api
(...)
Done!
funkwhale@odroid:~/docker-funkwhale$ ./scripts/download-nginx-template.sh src/ $version
(...)
Done!
funkwhale@odroid:~/docker-funkwhale$ docker build --build-arg arch=arm -t $image_name:$version .
(...)
Successfully tagged funkwhale-arm:0.18.1
funkwhale@odroid:~/docker-funkwhale$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
funkwhale-arm 0.18.1 d9f539caa446 13 seconds ago 418MB
alpine 3.8 d2696274f894 7 weeks ago 4.01MB
funkwhale@odroid:~/docker-funkwhale$ cd ..
funkwhale@odroid:~$ touch .env
funkwhale@odroid:~$ echo "FUNKWHALE_HOSTNAME=funk.artanux.be" >> .env
funkwhale@odroid:~$ echo "FUNKWHALE_PROTOCOL=http" >> .env
funkwhale@odroid:~$ echo "DJANGO_SECRET_KEY=$(openssl rand -hex 45)" >> .env
funkwhale@odroid:~$ docker run --name=funkwhale --restart=unless-stopped --env-file=/srv/funkwhale/.env -v /mnt/data/funkwhale/data/:/data -v /mnt/data/funkwhale/musique/:/music:ro -e PUID=$UID -e PGID=$GID -p 7542:80 -d funkwhale-arm:0.18.1
ae820ffcf753dacbfc3d0b5492719eabea2b7f19c44fc612a2ae2fb32e8d373e
funkwhale@odroid:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae820ffcf753 funkwhale-arm:0.18.1 "/init" 38 seconds ago Up 37 seconds 0.0.0.0:5000->80/tcp funkwhale
funkwhale@odroid:~$ docker logs funkwhale
(...)
354:M 12 Feb 16:02:58.254 * Ready to accept connections
............NNNNNNNNNN............................NNNNNNNNN.............
............NmmmmmmmmmmmmNN..................NNmmmmmmmmmmmmN............
............NmmmmmmmmmmmmmmmmmNN.......NNNmmmmmmmmmmmmmmmmm.............
.............NmmmmmmmmmmmmmmmmmmmmN.NmmmmmmmmmmmmmmmmmmmmmN.............
..............NmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmN...............
................NNmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmN.................
...................NNmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmNN...................
........................NNNmmmmmmmmmmmmmmmmmmNNN........................
............................NmmmmmmmmmmmmmNN............................
..............................NmmmmmmmmmmN..............................
...............................Nmmmmmmmm................................
................................mmmmmmmm................................
................................mmmmmmmN................................
................................NmmmmmmN................................
.hsssssm....dsssssh.....ssssss...NNmmN....ssssss.....hsssssd....Nsssssh.
.hsssssd....Nsssssy.....ysssssd..........dssssss.....ysssssm....msssssh.
.dsssssh.....ssssssm....msssssshm......Nhssssssm....Nssssss.....hsssssd.
.Nssssss.....dsssssy.....mssssssssyhhyssssssssm.....ysssssh....NssssssN.
..hsssssh.....ysssssyN....NhsssssssssssssssshN.....ysssssy.....hsssssy..
..Nssssssm....Nsssssssm.....NdhssssssssssydN.....myssssssN....mssssssN..
...dssssssN....NysssssshN.......NmmddmmN.......NhssssssyN....Nssssssd...
....hssssssm.....dsssssssydN................Ndysssssssd.....mssssssh....
.....hssssssd.....NhssssssssshdmN......NmdhssssssssshN.....dssssssh.....
......dssssssym.....NdssssssssssssssssssssssssssssdN.....Nyssssssd......
.......mssssssshN......mdyssssssssssssssssssssydN......Nhsssssssm.......
.........dsssssssym........mmdyyyssssssyyhdmN........mysssssssh.........
..........Nhsssssssshm............................mhsssssssshN..........
............NhsssssssssydmN..................NmdyssssssssshN............
...............mhsssssssssssyyhddmmmmmmddhyyssssssssssshm...............
..................mhyssssssssssssssssssssssssssssssyhm..................
.....................NmdyssssssssssssssssssssssydmN.....................
...........................NmmddhhhyyhhhhdmmN...........................
2019-02-12 16:03:03,590 INFO Starting server at tcp:port=8000:interface=127.0.0.1
2019-02-12 16:03:03,592 INFO HTTP/2 support not enabled (install the http2 and tls Twisted extras)
2019-02-12 16:03:03,593 INFO Configuring endpoint tcp:port=8000:interface=127.0.0.1
2019-02-12 16:03:03,598 INFO Listening on TCP address 127.0.0.1:8000
Fix temporaire suite à un problème dans une dépendance ([[https://github.com/thetarkus/docker-funkwhale/issues/15#issuecomment-460977799|détails]]) :
funkwhale@odroid:~$ docker exec funkwhale pip install channels==2.1.6
funkwhale@odroid:~$ docker restart funkwhale
Peut-être que ça aurait été malin de modifier le Dockerfile ( et modifier le "RUN" ) :
pip3 install -r /app/api/requirements.txt && \
pip install channels==2.1.6
Création de l'utilisateur principal :
funkwhale@odroid:~$ docker exec -it funkwhale manage createsuperuser
==== Upgrade ====
Pour mettre à jour, il faut rebuilder l'image :
$ sudo -u funkwhale -H bash
funkwhale@odroid:/home/simon$ cd ~/docker-funkwhale/
funkwhale@odroid:~/docker-funkwhale$ export FUNKWHALE_VERSION="0.18.2"
funkwhale@odroid:~/docker-funkwhale$ export image_name="funkwhale-arm"
funkwhale@odroid:~/docker-funkwhale$ export version="0.18.2"
funkwhale@odroid:~/docker-funkwhale$ ./scripts/download-artifact.sh src/ $version build_front
funkwhale@odroid:~/docker-funkwhale$ ./scripts/download-artifact.sh src/ $version build_api
funkwhale@odroid:~/docker-funkwhale$ ./scripts/download-nginx-template.sh src/ $version
funkwhale@odroid:~/docker-funkwhale$ docker build --build-arg arch=arm -t $image_name:$version .
funkwhale@odroid:~/docker-funkwhale$ docker stop funkwhale
funkwhale
funkwhale@odroid:~/docker-funkwhale$ docker rm funkwhale
funkwhale
funkwhale@odroid:~/docker-funkwhale$ docker run --name=funkwhale --restart=unless-stopped --env-file=/srv/funkwhale/.env -v /mnt/data/funkwhale/data/:/data -v /mnt/data/funkwhale/musique/:/music:ro -e PUID=$UID -e PGID=$GID -p 5000:80 -d funkwhale-arm:$FUNKWHALE_VERSION
2538b8b54dffd702951f89916c7c345fb5be07f012b05dc36869a6c917e3e9b6
funkwhale@odroid:~/docker-funkwhale$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2538b8b54dff funkwhale-arm:0.18.2 "/init" 5 seconds ago Up 3 seconds 0.0.0.0:5000->80/tcp funkwhale
===== Problèmes rencontrés =====
==== Fédération ====
La fédération ne fonctionne pas pour l'instant et j'ai cette erreur en boucle quand je regarde les locks du containers :
$ docker logs funkwhale
cryptography.exceptions.InvalidSignature
2019-02-15 10:40:07,004 ERROR Internal Server Error: /federation/shared/inbox
Traceback (most recent call last):
File "./funkwhale_api/federation/authentication.py", line 50, in authenticate_actor
signing.verify_django(request, actor.public_key.encode("utf-8"))
File "./funkwhale_api/federation/signing.py", line 82, in verify_django
return verify(request, public_key)
File "./funkwhale_api/federation/signing.py", line 44, in verify
request, key_resolver=lambda **kwargs: public_key, use_auth_header=False
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 137, in verify
Crypto(sig_struct["algorithm"]).verify(sig, sts, key)
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 40, in verify
key.verify(signature, string_to_sign, self.PKCS1v15(), hasher)
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 477, in verify
self._backend, padding, algorithm, self, signature, data
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 272, in _rsa_sig_verify
raise InvalidSignature
cryptography.exceptions.InvalidSignature
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/django/core/handlers/exception.py", line 34, in inner
response = get_response(request)
File "/usr/lib/python3.6/site-packages/django/core/handlers/base.py", line 126, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/usr/lib/python3.6/site-packages/django/core/handlers/base.py", line 124, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/lib/python3.6/contextlib.py", line 52, in inner
return func(*args, **kwds)
File "/usr/lib/python3.6/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
return view_func(*args, **kwargs)
File "/usr/lib/python3.6/site-packages/rest_framework/viewsets.py", line 116, in view
return self.dispatch(request, *args, **kwargs)
File "./funkwhale_api/federation/views.py", line 18, in dispatch
return super().dispatch(request, *args, **kwargs)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 495, in dispatch
response = self.handle_exception(exc)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 455, in handle_exception
self.raise_uncaught_exception(exc)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 483, in dispatch
self.initial(request, *args, **kwargs)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 400, in initial
self.perform_authentication(request)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 326, in perform_authentication
request.user
File "/usr/lib/python3.6/site-packages/rest_framework/request.py", line 223, in user
self._authenticate()
File "/usr/lib/python3.6/site-packages/rest_framework/request.py", line 376, in _authenticate
user_auth_tuple = authenticator.authenticate(self)
File "./funkwhale_api/federation/authentication.py", line 64, in authenticate
actor = self.authenticate_actor(request)
File "./funkwhale_api/federation/authentication.py", line 58, in authenticate_actor
signing.verify_django(request, actor.public_key.encode("utf-8"))
File "./funkwhale_api/federation/signing.py", line 82, in verify_django
return verify(request, public_key)
File "./funkwhale_api/federation/signing.py", line 44, in verify
request, key_resolver=lambda **kwargs: public_key, use_auth_header=False
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 137, in verify
Crypto(sig_struct["algorithm"]).verify(sig, sts, key)
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 40, in verify
key.verify(signature, string_to_sign, self.PKCS1v15(), hasher)
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 477, in verify
self._backend, padding, algorithm, self, signature, data
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 272, in _rsa_sig_verify
raise InvalidSignature
cryptography.exceptions.InvalidSignature
2019-02-15 10:41:10,567 ERROR Internal Server Error: /federation/shared/inbox
Traceback (most recent call last):
File "./funkwhale_api/federation/authentication.py", line 50, in authenticate_actor
signing.verify_django(request, actor.public_key.encode("utf-8"))
File "./funkwhale_api/federation/signing.py", line 82, in verify_django
return verify(request, public_key)
File "./funkwhale_api/federation/signing.py", line 44, in verify
request, key_resolver=lambda **kwargs: public_key, use_auth_header=False
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 137, in verify
Crypto(sig_struct["algorithm"]).verify(sig, sts, key)
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 40, in verify
key.verify(signature, string_to_sign, self.PKCS1v15(), hasher)
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 477, in verify
self._backend, padding, algorithm, self, signature, data
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 272, in _rsa_sig_verify
raise InvalidSignature
cryptography.exceptions.InvalidSignature
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/django/core/handlers/exception.py", line 34, in inner
response = get_response(request)
File "/usr/lib/python3.6/site-packages/django/core/handlers/base.py", line 126, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/usr/lib/python3.6/site-packages/django/core/handlers/base.py", line 124, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/lib/python3.6/contextlib.py", line 52, in inner
return func(*args, **kwds)
File "/usr/lib/python3.6/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
return view_func(*args, **kwargs)
File "/usr/lib/python3.6/site-packages/rest_framework/viewsets.py", line 116, in view
return self.dispatch(request, *args, **kwargs)
File "./funkwhale_api/federation/views.py", line 18, in dispatch
return super().dispatch(request, *args, **kwargs)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 495, in dispatch
response = self.handle_exception(exc)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 455, in handle_exception
self.raise_uncaught_exception(exc)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 483, in dispatch
self.initial(request, *args, **kwargs)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 400, in initial
self.perform_authentication(request)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 326, in perform_authentication
request.user
File "/usr/lib/python3.6/site-packages/rest_framework/request.py", line 223, in user
self._authenticate()
File "/usr/lib/python3.6/site-packages/rest_framework/request.py", line 376, in _authenticate
user_auth_tuple = authenticator.authenticate(self)
File "./funkwhale_api/federation/authentication.py", line 64, in authenticate
actor = self.authenticate_actor(request)
File "./funkwhale_api/federation/authentication.py", line 58, in authenticate_actor
signing.verify_django(request, actor.public_key.encode("utf-8"))
File "./funkwhale_api/federation/signing.py", line 82, in verify_django
return verify(request, public_key)
File "./funkwhale_api/federation/signing.py", line 44, in verify
request, key_resolver=lambda **kwargs: public_key, use_auth_header=False
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 137, in verify
Crypto(sig_struct["algorithm"]).verify(sig, sts, key)
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 40, in verify
key.verify(signature, string_to_sign, self.PKCS1v15(), hasher)
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 477, in verify
self._backend, padding, algorithm, self, signature, data
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 272, in _rsa_sig_verify
raise InvalidSignature
cryptography.exceptions.InvalidSignature
2019-02-15 10:41:30,683 ERROR Internal Server Error: /federation/shared/inbox
Traceback (most recent call last):
File "./funkwhale_api/federation/authentication.py", line 50, in authenticate_actor
signing.verify_django(request, actor.public_key.encode("utf-8"))
File "./funkwhale_api/federation/signing.py", line 82, in verify_django
return verify(request, public_key)
File "./funkwhale_api/federation/signing.py", line 44, in verify
request, key_resolver=lambda **kwargs: public_key, use_auth_header=False
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 137, in verify
Crypto(sig_struct["algorithm"]).verify(sig, sts, key)
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 40, in verify
key.verify(signature, string_to_sign, self.PKCS1v15(), hasher)
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 477, in verify
self._backend, padding, algorithm, self, signature, data
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 272, in _rsa_sig_verify
raise InvalidSignature
cryptography.exceptions.InvalidSignature
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/django/core/handlers/exception.py", line 34, in inner
response = get_response(request)
File "/usr/lib/python3.6/site-packages/django/core/handlers/base.py", line 126, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/usr/lib/python3.6/site-packages/django/core/handlers/base.py", line 124, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/lib/python3.6/contextlib.py", line 52, in inner
return func(*args, **kwds)
File "/usr/lib/python3.6/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
return view_func(*args, **kwargs)
File "/usr/lib/python3.6/site-packages/rest_framework/viewsets.py", line 116, in view
return self.dispatch(request, *args, **kwargs)
File "./funkwhale_api/federation/views.py", line 18, in dispatch
return super().dispatch(request, *args, **kwargs)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 495, in dispatch
response = self.handle_exception(exc)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 455, in handle_exception
self.raise_uncaught_exception(exc)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 483, in dispatch
self.initial(request, *args, **kwargs)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 400, in initial
self.perform_authentication(request)
File "/usr/lib/python3.6/site-packages/rest_framework/views.py", line 326, in perform_authentication
request.user
File "/usr/lib/python3.6/site-packages/rest_framework/request.py", line 223, in user
self._authenticate()
File "/usr/lib/python3.6/site-packages/rest_framework/request.py", line 376, in _authenticate
user_auth_tuple = authenticator.authenticate(self)
File "./funkwhale_api/federation/authentication.py", line 64, in authenticate
actor = self.authenticate_actor(request)
File "./funkwhale_api/federation/authentication.py", line 58, in authenticate_actor
signing.verify_django(request, actor.public_key.encode("utf-8"))
File "./funkwhale_api/federation/signing.py", line 82, in verify_django
return verify(request, public_key)
File "./funkwhale_api/federation/signing.py", line 44, in verify
request, key_resolver=lambda **kwargs: public_key, use_auth_header=False
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 137, in verify
Crypto(sig_struct["algorithm"]).verify(sig, sts, key)
File "/usr/lib/python3.6/site-packages/requests_http_signature/__init__.py", line 40, in verify
key.verify(signature, string_to_sign, self.PKCS1v15(), hasher)
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 477, in verify
self._backend, padding, algorithm, self, signature, data
File "/usr/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py", line 272, in _rsa_sig_verify
raise InvalidSignature
cryptography.exceptions.InvalidSignature