Hello, I realize that on Issue with fresh docker install (invalid client) I may have been trying to cover too much ground asking different questions. I would like to take a step back and cover the first one, the setup. Would anyone be so kind to check if what I am doing is right please? From the top, I have following these instructions: docs.joinpeertube.org Docker guide | PeerTube documentation Documentation of PeerTube, a free software to take back control of your videos! SSH into server make a peertube root folder curl the compose yaml file and env then the following tree (if I dont I get the error: « Error response from daemon: invalid mount config for type « bind »: bind source path does not exist: /home/user/docker/feditubo/docker-volume/nginx/peertube » docker-volume/certbot/conf docker-volume/data docker-volume/conf docker-volume/db docker-volume/nginx In short, all the directories mentioned in the compose yaml file Here is my compose yaml file: services: You can comment this webserver section if you want to use another webserver/proxy or test PeerTube in local webserver: image: chocobozzz/peertube-webserver:latest # If you don’t want to use the official image and build one from sources: # build: # context: . # dockerfile: ./support/docker/production/Dockerfile.nginx env_file: - .env ports: - « 800:80 » - « 4433:443 » volumes: - type: bind # Switch sources if you downloaded the whole repository #source: …/…/nginx/peertube source: ./docker-volume/nginx/peertube target: /etc/nginx/conf.d/peertube.template - assets:/var/www/peertube/peertube-latest/client/dist:ro - ./docker-volume/data:/var/www/peertube/storage - certbot-www:/var/www/certbot - ./docker-volume/certbot/conf:/etc/letsencrypt depends_on: - peertube restart: « always » You can comment this certbot section if you want to use another webserver/proxy or test PeerTube in local certbot: container_name: certbot image: certbot/certbot volumes: - ./docker-volume/certbot/conf:/etc/letsencrypt - certbot-www:/var/www/certbot restart: unless-stopped entrypoint: /bin/sh -c « trap exit TERM; while :; do certbot renew --webroot -w /var/www/certbot; sleep 12h & wait ${!}; done; » depends_on: - webserver peertube: # If you don’t want to use the official image and build one from sources: # build: # context: . # dockerfile: ./support/docker/production/Dockerfile.bookworm image: chocobozzz/peertube:production-bookworm # Use a static IP for this container because nginx does not handle proxy host change without reload # This container could be restarted on crash or until the postgresql database is ready for connection networks: default: ipv4_address: 172.24.0.42 ipv6_address: fdab:e4b3:21a2:ef1b::42 env_file: - .env ports: - "1935:1935" # Comment if you don’t want to use the live feature - "9000:9000" # Uncomment if you use another webserver/proxy or test PeerTube in local, otherwise not suitable for production volumes: # Remove the following line if you want to use another webserver/proxy or test PeerTube in local # - assets:/app/client/dist - ./docker-volume/data:/data - ./docker-volume/config:/config depends_on: - postgres - redis - postfix restart: "always" postgres: image: postgres:13-alpine env_file: - .env volumes: - ./docker-volume/db:/var/lib/postgresql/data restart: « always » redis: image: redis:6-alpine volumes: - ./docker-volume/redis:/data restart: « always » postfix: image: mwader/postfix-relay env_file: - .env volumes: - ./docker-volume/opendkim/keys:/etc/opendkim/keys restart: « always » networks: default: enable_ipv6: true ipam: driver: default config: - subnet: 172.24.0.0/16 - subnet: fdab:e4b3:21a2:ef1b::/64 volumes: assets: certbot-www: what did I change? Port 80 to 800 because its taken already Port 443 to 4433 because its taken already Commented the cerbot section since I am planning to use Nginx Proxy Manager with letsencrypt (already done) I changed the IPV4 address from 172.18.0.42 to 172.24.0.42 because its taken (probably a stupid question but… Do I need to change the IPV6 too?) Uncommented 9000 since I am planning to use it Commented - assets:/app/client/dist Changed 172.18.0.0/16 to 172.24.0.0/16 because its taken already my .env: Database / Postgres service configuration POSTGRES_USER=somecoolusername POSTGRES_PASSWORD=somecoolpassword Postgres database name « peertube » POSTGRES_DB=peertube The database name used by PeerTube will be PEERTUBE_DB_NAME (only if set) OR ‹ peertube ›+PEERTUBE_DB_SUFFIX #PEERTUBE_DB_NAME= #PEERTUBE_DB_SUFFIX=_prod Database username and password used by PeerTube must match Postgres’, so they are copied: PEERTUBE_DB_USERNAME=$POSTGRES_USER PEERTUBE_DB_PASSWORD=$POSTGRES_PASSWORD PEERTUBE_DB_SSL=false Default to Postgres service name « postgres » in docker-compose.yml PEERTUBE_DB_HOSTNAME=postgres PeerTube server configuration If you test PeerTube in local: use « peertube.localhost » and add this domain to your host file resolving on 127.0.0.1 PEERTUBE_WEBSERVER_HOSTNAME=mywanip If you just want to test PeerTube on local PEERTUBE_WEBSERVER_PORT=9000 PEERTUBE_WEBSERVER_HTTPS=true If you need more than one IP as trust_proxy pass them as a comma separated array: PEERTUBE_TRUST_PROXY=[« 127.0.0.1 », « loopback », « 172.24.0.0/16 »] Generate one using openssl rand -hex 32 PEERTUBE_SECRET=somecoolsecret E-mail configuration If you use a Custom SMTP server #PEERTUBE_SMTP_USERNAME= #PEERTUBE_SMTP_PASSWORD= Default to Postfix service name « postfix » in docker-compose.yml May be the hostname of your Custom SMTP server PEERTUBE_SMTP_HOSTNAME=postfix PEERTUBE_SMTP_PORT=25 PEERTUBE_SMTP_FROM=noreply@mydomain PEERTUBE_SMTP_TLS=false PEERTUBE_SMTP_DISABLE_STARTTLS=false PEERTUBE_ADMIN_EMAIL=admin@mydomain Postfix service configuration POSTFIX_myhostname=mydomain If you need to generate a list of sub/DOMAIN keys pass them as a whitespace separated string = OPENDKIM_DOMAINS=mydomain=peertube see Add OPENDKIM env config support by wader · Pull Request #18 · wader/postfix-relay · GitHub OPENDKIM_RequireSafeKeys=no PEERTUBE_OBJECT_STORAGE_UPLOAD_ACL_PUBLIC=« public-read » PEERTUBE_OBJECT_STORAGE_UPLOAD_ACL_PRIVATE=« private » #PEERTUBE_LOG_LEVEL=info /! Prefer to use the PeerTube admin interface to set the following configurations /! #PEERTUBE_SIGNUP_ENABLED=true #PEERTUBE_TRANSCODING_ENABLED=true #PEERTUBE_CONTACT_FORM_ENABLED=true I save both file, docker compose up, go to mydomain (which is npm pointing to mywanip:9000) extract the root password: docker compose logs peertube | grep -A1 root peertube-1 | [95.216.202.44:9000] 2025-01-14 20:16:28.210 info: Username: root peertube-1 | [95.216.202.44:9000] 2025-01-14 20:16:28.211 info: User password: supercooldefaultpassword And I get the errors I have described in Issue with fresh docker install (invalid client) First error: peertube-1 | [mydomain:9000] 2025-01-04 21:17:59.148 error: Client log: Backend returned code 400, errorMessage is: Invalid client: client is invalid { peertube-1 | "userAgent": "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0", peertube-1 | "meta": "{"url":"http://ip:9000/api/v1/users/token"}", peertube-1 | "url": "http://ip:9000/login" peertube-1 | } Second error: peertube-1 | [mydomain:9000] 2025-01-04 21:14:17.715 error: Client log: Error: Cannot retrieve OAuth Client credentials: Getting client tokens for host myip:9000 is forbidden. peertube-1 | Ensure you have correctly configured PeerTube (config/ directory), in particular the « webserver » section. { peertube-1 | « userAgent »: « Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 », peertube-1 | « url »: « http://myip:9000/login » peertube-1 | } Am I following correctly the official docker setup instructions? I honestly ask; and I am just started to get familiar with docker. I learn every day… I use to use a Peertube installed via YunoHost. Regarding the possible fix of the login error, I have absolutely no idea how to apply a patch / commit to a docker installation Issue with fresh docker install (invalid client) PeerTube Not sure if patches are applied to docker installation? I have followed these steps: Tried with PEERTUBE_WEBSERVER_HOSTNAME=IP and domain http / https on nginx proxy manager. Same results as before. Invalid client, the error « Cannot retrieve OAuth Client credentials: Getting client tokens for host feditubo.yt is forbidden. Ensure you have correctly configured PeerTube (config/ directory), in particular the « webserver » section. », and e502 if https on nginx proxy manager. I have no clue how to apply this Use $http_host instead of $host · Chocobozzz/PeerTube@6a03b50 · GitHub to my setup Thank you very much for your time and help. 1 message - 1 participant(e) Lire le sujet en entier