From 84ed2c5f00b2af4026994f13029ad14e27979042 Mon Sep 17 00:00:00 2001 From: VergilGao <8655163+VergilGao@users.noreply.github.com> Date: Thu, 29 Aug 2024 14:54:36 +0800 Subject: [PATCH] Add the ability to be configured as an HTTPS service --- README.md | 25 +++++++++++++++++++++++++ app/main.py | 12 +++++++++++- 2 files changed, 36 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 54e4451..4a3b420 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,8 @@ docker run -d -p 8081:8081 -v /path/to/downloads:/downloads ghcr.io/alexta69/met ## Run using docker-compose +serve a http host: + ```yaml services: metube: @@ -29,6 +31,26 @@ services: - /path/to/downloads:/downloads ``` +serve a https host: + +```yaml +services: + metube: + image: ghcr.io/alexta69/metube + container_name: metube + restart: unless-stopped + ports: + - "8081:8081" + volumes: + - /path/to/downloads:/downloads + - /path/to/ssl/crt:/ssl/crt.pem + - /path/to/ssl/key:/ssl/key.pem + environment: + - HTTPS=true + - CERTFILE=/ssl/crt.pem + - KEYFILE=/ssl/key.pem +``` + ## Configuration via environment variables Certain values can be set via environment variables, using the `-e` parameter on the docker command line, or the `environment:` section in docker-compose. @@ -49,6 +71,9 @@ Certain values can be set via environment variables, using the `-e` parameter on * __DELETE_FILE_ON_TRASHCAN__: if `true`, downloaded files are deleted on the server, when they are trashed from the "Completed" section of the UI. Defaults to `false`. * __URL_PREFIX__: base path for the web server (for use when hosting behind a reverse proxy). Defaults to `/`. * __PUBLIC_HOST_URL__: base URL for the download links shown in the UI for completed files. By default MeTube serves them under its own URL. If your download directory is accessible on another URL and you want the download links to be based there, use this variable to set it. +* __HTTPS__: use `https` instead of `http`(__CERTFILE__ and __KEYFILE__ required). Defaults to `false`. +* __CERTFILE__: HTTPS certificate file path. Defaults to ` `. +* __KEYFILE__: HTTPS key file path. Defaults to ` `. * __PUBLIC_HOST_AUDIO_URL__: same as PUBLIC_HOST_URL but for audio downloads. * __OUTPUT_TEMPLATE__: the template for the filenames of the downloaded videos, formatted according to [this spec](https://github.com/yt-dlp/yt-dlp/blob/master/README.md#output-template). Defaults to `%(title)s.%(ext)s`. * __OUTPUT_TEMPLATE_CHAPTER__: the template for the filenames of the downloaded videos, when split into chapters via postprocessors. Defaults to `%(title)s - %(section_number)s %(section_title)s.%(ext)s`. diff --git a/app/main.py b/app/main.py index 4bad876..351fdad 100644 --- a/app/main.py +++ b/app/main.py @@ -4,6 +4,7 @@ import os import sys from aiohttp import web +import ssl import socket import socketio import logging @@ -36,6 +37,9 @@ class Config: 'YTDL_OPTIONS_FILE': '', 'HOST': '0.0.0.0', 'PORT': '8081', + 'HTTPS': 'false', + 'CERTFILE': '', + 'KEYFILE': '', 'BASE_DIR': '', 'DEFAULT_THEME': 'auto' } @@ -260,4 +264,10 @@ def supports_reuse_port(): if __name__ == '__main__': logging.basicConfig(level=logging.DEBUG) log.info(f"Listening on {config.HOST}:{config.PORT}") - web.run_app(app, host=config.HOST, port=int(config.PORT), reuse_port=supports_reuse_port()) + + if config.HTTPS: + ssl_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) + ssl_context.load_cert_chain(certfile=config.CERTFILE, keyfile=config.KEYFILE) + web.run_app(app, host=config.HOST, port=int(config.PORT), reuse_port=supports_reuse_port(), ssl_context=ssl_context) + else: + web.run_app(app, host=config.HOST, port=int(config.PORT), reuse_port=supports_reuse_port())