id.420129/companion-setup
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Simplify

Browse source
This commit is contained in:
Minecon724 2025-04-12 13:38:04 +02:00
commit ad158462f9
Signed by untrusted user who does not match committer: m724
GPG key ID: A02E6E67AB961189
7 changed files with 46 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

20
README.md
View file

@ -1,16 +1,10 @@
1. `./init.sh` 1. Fill in `.env`
2. Fill in `.env` 2. If you want to use gluetun:
3. Set the companion secret key in `config.toml` - in `docker-compose.yml`, uncomment everything under `gluetun:` and the two lines `network_mode` and `depends_on`
4. How do you want to connect to YouTube? - Put `wg0.conf` in the root directory
- If you want to rotate IPv6, consult `.env` 3. Set up nameservers (records pointing to companion) and wait until it's live
- This rotates your ipv6 to bypass ratelimits. It's only effective with subnets larger than /64, the larger the better. 4. `./install.sh`
- If you want to use gluetun: 5. **Schedule `reset.sh`**. This rotates your IP, updates containers, and it's generally a good practice to auto restart. \
- uncomment everything below `gluetun:` and the two lines `network_mode` and `depends_on`
- Put `wg0.conf` in the root directory
- If something else, you should know what you're doing
5. `./reset.sh`
6. `./issue_cert.sh`
7. **Schedule `reset.sh`**. This rotates your IP, updates containers, and it's generally a good practice to auto restart. \
This restarts every hour:00. You can change it, if you want to. / This restarts every hour:00. You can change it, if you want to. /
If you have multiple companions, you should make them restart at different times. If you have multiple companions, you should make them restart at different times.
``` ```

21
init.sh → install.sh
View file

@ -1,5 +1,6 @@
#!/bin/bash #!/bin/bash
cd "$(dirname "$0")" cd "$(dirname "$0")"
. .env
git submodule update --init git submodule update --init
@ -11,3 +12,23 @@ apt install -y python3-pyroute2
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo -e "\033[0;31mCouldn't install pyroute2. You must install it manually.\033[0m" echo -e "\033[0;31mCouldn't install pyroute2. You must install it manually.\033[0m"
fi fi
echo "Issuing certificate..."
CERT_DIR=/etc/ssl/$DOMAIN
docker compose up -d acme
docker compose exec acme mkdir $CERT_DIR
docker compose exec acme ln -s /etc/nginx/snakeoil.key $CERT_DIR/key.pem
docker compose exec acme ln -s /etc/nginx/snakeoil.pem $CERT_DIR/fullchain.pem
docker compose up -d nginx
./scripts/issue_cert.sh
docker compose down
echo "Setup done"
./reset.sh

32
issue_cert.sh
View file

@ -1,32 +0,0 @@
#!/bin/bash
cd "$(dirname "$0")"
. .env
if [ -z "$DOMAIN" ]; then
echo "DOMAIN not set"
exit 1
fi
if (( $(docker compose ps nginx | wc -l) < 2 )); then
echo "Nginx is not running. Did you ./reset.sh?"
exit 1
fi
if (( $(docker compose ps acme | wc -l) < 2 )); then
echo "acme.sh is not running. Did you ./reset.sh?"
exit 1
fi
CERT_DIR=/etc/ssl/$DOMAIN
docker compose exec acme mkdir $CERT_DIR
docker compose exec acme openssl req -new -x509 -days 365 -noenc -out $CERT_DIR/fullchain.pem -keyout $CERT_DIR/key.pem -subj "/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd"
docker compose exec nginx nginx -s reload
docker compose exec acme --issue --server letsencrypt -d $DOMAIN --webroot /var/www/html/$DOMAIN
docker compose exec acme --install-cert -d $DOMAIN --key-file $CERT_DIR/key.pem --fullchain-file $CERT_DIR/fullchain.pem
docker compose exec nginx nginx -s reload
echo "Done, certificate installed"

7
nginx/conf.d/a-vars.conf.tmpl
View file

@ -1,7 +0,0 @@
# Do not edit this file
set $DOMAIN $PDOMAIN
upstream cu {
server http://$UPST:8282;
}

4
nginx/conf.d/companion.conf → nginx/conf.d/companion.conf.tmpl
View file

@ -12,7 +12,7 @@ server {
proxy_max_temp_file_size 0; proxy_max_temp_file_size 0;
location / { location / {
proxy_pass http://cu; proxy_pass http://$UPSTREAM:8282;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host; # so Invidious knows domain proxy_set_header Host $host; # so Invidious knows domain
proxy_http_version 1.1; proxy_http_version 1.1;
@ -21,7 +21,7 @@ server {
} }
location /youtubei/v1/player { location /youtubei/v1/player {
proxy_pass http://cu; proxy_pass http://$UPSTREAM:8282;
} }
location /.well-known/acme-challenge { location /.well-known/acme-challenge {

9
reset.sh
View file

@ -5,13 +5,14 @@ cd "$(dirname "$0")"
echo "Updating config" echo "Updating config"
if [ "$GLUETUN" = true ]; then if [ "$GLUETUN" = true ]; then
UPST=gluetun export UPSTREAM=gluetun
else else
UPST=companion export UPSTREAM=companion
fi fi
PDOMAIN=$DOMAIN echo -e "# Don't edit this file. Edit the .tmpl file\n\n" > nginx/conf.d/companion.conf
envsubst '$PDOMAIN,$UPST' < nginx/conf.d/a-vars.conf.tmpl > nginx/conf.d/a-vars.conf DOMAIN=$DOMAIN envsubst '$DOMAIN,$UPSTREAM' < nginx/conf.d/companion.conf.tmpl >> nginx/conf.d/companion.conf
if [ -n "$IPV6_SUBNET" ]; then if [ -n "$IPV6_SUBNET" ]; then

11
scripts/issue_cert.sh Executable file
View file

@ -0,0 +1,11 @@
#!/bin/bash
cd "$(dirname "$0")"
. ../.env
CERT_DIR=/etc/ssl/$DOMAIN
docker compose exec acme --issue --server letsencrypt -d $DOMAIN --webroot /var/www/html/$DOMAIN
docker compose exec acme --install-cert -d $DOMAIN --key-file $CERT_DIR/key.pem --fullchain-file $CERT_DIR/fullchain.pem
docker compose exec nginx nginx -s reload
echo "Certificate installed"