Music - ether42/bootable-usb GitHub Wiki
Setup
It seems cleaner to me to not share the rootfs (due to the large number of build dependencies), I'll create another LXC dedicated to Koel:
lxc-create -n koel-01 -B lvm --fssize 4G -t debian -- -r stretch
Koel
It seems there are some issues with Yarn and node-sass so a specific version of Yarn is required to properly build Koel. Here is the whole installation script (FIXME: some steps may not be required since the v3.7.0):
cd ~
apt-get install git-core curl gnupg
apt-get install php7.0-fpm
curl https://getcomposer.org/installer | php
curl https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
echo 'deb http://deb.nodesource.com/node_6.x stretch main' >> /etc/apt/sources.list
apt-get update
apt-get install nodejs
apt-get install make g++ # for node-sass
apt-get install php7.0-{curl,zip,dom,mbstring,sqlite}
npm install [email protected]
export PATH=~/node_modules/.bin:$PATH
git clone https://github.com/phanan/koel.git /srv/koel
cd "$_"
git checkout v3.6.2
~/composer.phar install
sed -i 's/DB_CONNECTION=/DB_CONNECTION=sqlite-e2e/' .env
sed -i 's/ADMIN_EMAIL=/[email protected]/;s/ADMIN_NAME=/ADMIN_NAME=admin/;s/ADMIN_PASSWORD=/ADMIN_PASSWORD=admin/' .env
sed -i 's/ALLOW_DOWNLOAD=true/ALLOW_DOWNLOAD=false/' .env
touch database/e2e.sqlite
php artisan koel:init
sed -i 's/[email protected]/ADMIN_EMAIL=/;s/ADMIN_NAME=admin/ADMIN_NAME=/;s/ADMIN_PASSWORD=admin/ADMIN_PASSWORD=/' .env
Instead of chown'ing the whole repository, the following files and directories need to be chown'd:
# need to write sqlite's journal
chown root:www-data database
chmod 775 database
# configuration access
chown www-data: database/e2e.sqlite
# logs and such
chown -R www-data: storage
# covers caching (during synchronization)
chown www-data: /srv/koel/public/img/covers/
To debug, it's possible to start koel via:
cd /srv/koel
su -s /bin/bash -c 'php artisan serve --host 0.0.0.0' www-data
You may want to disable transcoding of FLAC files (see pull request #527):
diff --git a/app/Http/Controllers/API/SongController.php b/app/Http/Controllers/API/SongController.php
index 40175b7..acf6075 100644
--- a/app/Http/Controllers/API/SongController.php
+++ b/app/Http/Controllers/API/SongController.php
@@ -38,7 +38,7 @@ class SongController extends Controller
// If `transcode` parameter isn't passed, the default is to only transcode FLAC.
if ($transcode === null && ends_with(mime_content_type($song->path), 'flac')) {
- $transcode = true;
+ $transcode = false;
}
$streamer = null;
nginx
nginx should be setup to allow minimum access to the files, see the example in Koel's repository (for example, the .env file should not be served).
apt-get install nginx-light
/etc/nginx/sites-available/default:
map $http_x_forwarded_proto $fastcgi_https {
default $https;
http '';
https on;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /srv/koel;
location / {
# defaults to 404
return 404;
}
location /public/ {
try_files $uri =404;
}
location /media/ {
internal;
alias $upstream_http_x_media_root;
}
location ~ ^/($|api/|remote) {
# rewrite application's urls so they can be handled by php
rewrite ^(.*)$ /index.php?$args last;
}
location = /index.php {
include snippets/fastcgi-php.conf;
fastcgi_param HTTPS $fastcgi_https if_not_empty;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
}
Since nginx is used, it is possible to set a more efficient streaming method for Koel:
sed -i 's/STREAMING_METHOD=php/STREAMING_METHOD=x-accel-redirect/' /srv/koel/.env
PHP-FPM
You may need to bump the memory limit:
sed -i 's/memory_limit = 128M/memory_limit = 512M/' /etc/php/7.0/fpm/php.ini
chroot
What follow is optional but is a best practice (remember that chroots are escapable).
First, avoid a php-fpm bug with chroots:
ln -s . /srv/srv
Enable the chroot:
sed -i 's#;chroot =#chroot = /srv#' /etc/php/7.0/fpm/pool.d/www.conf
Share the timezone files (required by PHP):
mkdir -p /srv/usr/share/zoneinfo
echo "/usr/share/zoneinfo $_ none bind" >> /etc/fstab
If Koel's YouTube support is enabled, you'll need to allow name resolution (see the SSH chroot setup for more details) access to urandom and CA certificates to be read:
apt-get install nscd
mkdir -p /srv/var/run/nscd
echo "/var/run/nscd $_ none bind" >> /etc/fstab
mkdir /srv/dev
cp -a {,/srv}/dev/urandom
mkdir -p /srv/etc/ssl/certs
echo "/etc/ssl/certs $_ none bind" >> /etc/fstab
Finally, ensure php-fpm's workers are correctly chroot'd by verifying their root via ls -l /proc/$pid/root:
lrwxrwxrwx 1 www-data www-data 0 Oct 14 18:02 /proc/192/root -> /srv
Note that for nginx to correctly fetch the music, you'll have to make use of an absolute path with the symlink created for php-fpm (for the same reasons) in Koel's interface.
Notes
- you can't use basic authentication on top of Koel because it already set the header for its API (see this issue for some discussion)
- edit
webpack.config.jsand commentdrop_consoleto allow debugging viaconsole.log