Howto install Funkwhale 0.20.1

Howto
,
41

Hi Markus,

Maybe: flusdns and history ?

Michel-André

42

one addition to funkwhale - in case u plan on updating the guide or making a module maybe?(i read the worries bout the legal issues ;)) .
postgres12 is bound to port 55434. didnt see that and ran postgres12 commands with postgres 95 port ^^ so the music importer refused to work.

Maybe: flusdns and history ?
i dont particular feel the urge to mess with working certs at the moment, but this machine never really had a clean reboot after all that configurating. so maybe its worth a try again - reboot went fine by the way - all started as expected :slight_smile:

1 Like
43

Nice job, but I seriously think it would be safer for both, the host (nethserver) and the apps, to run it inside Docker. (https://docs.funkwhale.audio/installation/docker.html)

1 Like
44

hey, i am trying to upgrade funkwhale to 1.1. pip now needs python 3.7 and 3.6.8 is installed. what pkg am i missing? thanks, phil

45

I just received an email from one of the devs from funkwhale:

Hi there!
Its Georg from the Funkwhale collective. When I was checking around for Funkwhale instances I noticed you are still running version 0.20.1, which is totally outdated. May I ask for the reason you are not updating? Are there some problems?
To avoid security and federation issues we highly recommend updating to the latest version, which right now is 1.1.4. If there is anything we can do to support you, let us know! Thanks for your efforts to run this instance.
Kind regards, Georg

@mrmarkuz Time for a module update?

46

I’m going to test the native install with rh-python3*.
If that doesn’t work, we still have the docker way.

47

also on my todo list… hope i dont have to switch to a docker solution.

48

currently looking into upgrading FW to stable 1.2. i cant seem to figure out how to backup the postgres db before breaking everything.

su - postgres -c 'scl enable rh-postgresql12 -- psql -p 55434'
pg_dump funkwhale > /local/path/on/server/funkwhale20220116.sql

is writing out a sql file with 0 bytes… tried writing it into /tmp and

pg_dump -F t funkwhale > /tmp/backup.tar

without any luck… any ideas?

49

pg_dump is an independent tool, it’s not part of the psql client. This should work:

su - postgres -c 'scl enable rh-postgresql12 -- pg_dump -p 55434 funkwhale > /tmp/funkwhale.sql'

50

very cool, thanks - that worked. ill update my FW progress as i go along.

1 Like
53

ok - all solved!
so those notes should work if you are updating from a previous FW install. the only thing i did not check is if the apache config file still needs to be customized or FW 1.2 solved everything. also i saw that postgres 1.3 is available. i am still using 1.2.

below are the update steps i did, i can clean up / post the full install process if anyone needs it.

install dependencies

yum -y install nethserver-postgresql12 nethserver-redis curl gcc python3-pip git unzip ffmpeg make curl file ffmpeg libjpeg-turbo libpqxx python-devel openldap-devel rh-postgresql12-postgresql-contrib python3-devel mod_xsendfile nethserver-rh-python38.noarch rh-postgresql12-postgresql-devel postgresql-devel rh-python38-python-devel

BACKUP DB

su - postgres -c 'scl enable rh-postgresql12 -- pg_dump -p 55434 funkwhale > /tmp/funkwhale20220116.sql'
cp /tmp/funkwhale20220116.sql /to/backup/folder/

RESTORE DB

su - postgres -c 'scl enable rh-postgresql12 -- pg_restore -p 55434 -d funkwhale > /tmp/funkwhale20220116.sql'

get service files

curl -L -o "/etc/systemd/system/funkwhale.target" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/blob/stable/deploy/funkwhale.target"
curl -L -o "/etc/systemd/system/funkwhale-server.service" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/blob/stable/deploy/funkwhale-server.service"
curl -L -o "/etc/systemd/system/funkwhale-worker.service" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/blob/stable/deploy/funkwhale-worker.service"
curl -L -o "/etc/systemd/system/funkwhale-beat.service" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/blob/stable/deploy/funkwhale-beat.service"

UPDATE FW

stop

systemctl stop  funkwhale-\*

user

sudo -u funkwhale -H bash
cd /srv/funkwhale

move

rm -rf *_bak
mv api api_bak
mv front front_bak
mv data/static data/static_bak
mv virtualenv virtualenv_bak
mkdir -p api front

get pkg

curl -L -o "build_api.zip" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/stable/download?job=build_api"
unzip "build_api.zip" -d extracted
mv extracted/api/* api/
rm -rf extracted

get frontend

curl -L -o "build_front.zip" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/stable/download?job=build_front"
unzip "build_front.zip" -d extracted
mv extracted/front/dist front/
rm -rf extracted

env

scl enable rh-python38 bash
python3.8 -m venv /srv/funkwhale/virtualenv
source /srv/funkwhale/virtualenv/bin/activate

python

pip install wheel service_identity uvloop httptools
pip install -r api/requirements.txt

python api/manage.py migrate
python api/manage.py collectstatic
exit
exit

systemd

systemctl daemon-reload
systemctl start httpd funkwhale.target
systemctl status funkwhale-\*
2 Likes
54

Yay all that sounds great!
I would be very interested in a complete installation procedure.
Could you describe one? And put it on the wiki for everyone to use?

Regards,

1 Like
55

Hi @mrmarkuz

On a LOCAL virtual machine, I installed Funkwhale 0.20.1:

  • PostgreSQL-13
  • Python36 => 3.6.12
  • uvloop & httptools
  • api/requirements.txt which installed psycopg2-binary-2.9 // cannot login
  • pip install psycopg2==2.8.6 to replace 2.9 // I can login

With Firefox, I can login to LOCAL Funkwhale at https://funkwhale.domain.tld, import/play music etc… All is working correctly.


On my main server, directly connected to the Internet, I created:

  • a DNS for the LOCAL domain pointing to the LOCAL server IP address
  • Reverse Proxy Virtual Hosts pointing to the LOCAL IP address which created Server aliases for the LOCAL domain (mail, smtp, imap, www, and server-name)
  • Opened port 5000 TCP/UDP
  • Created Firewall Object and redirected TCP/UDP 5000 to LOCAL host
  • Created a Let’s Encrypt certificate for LOCAL host on main server and on LOCAL server
  • Created an Email server pointing to LOCAL server

With TOR, when I access https://funkwhale.domain.tld, I received Bad Request (400)

In redirection, if I uncheck Forward HTTP "Host" header to target, then with TOR I receive the default NethServer web page.

So, I rechecked Forward HTTP "Host" header to target,
And in zzz_funkwhale.conf, after ProxyRequests Off I added

   RequestHeader set X-Forwarded-Proto "https"
   AllowEncodedSlashes NoDecode

Then restarted httpd => Same problem Bad Request (400).


Any suggestions?

Michel-André

56

hey lclaude, yes i can do that, just beware that my notes are all based on mrmarkuz original FW post at the very top of this page. they divert here and there somewhat based on my system.

2 Likes
57

Hi @mrmarkuz,

I followed the same procedures as before but installed:

  • PostgreSQL-13 (13.5),
  • Python-3.8 (3.8.11).
  • Funkwhale-1.2.0 to be able tp upgrade to 1.2.1.

No more error and everything is working properly with Firefox/Chrome and also with TOR.

I upgraded to Funkwhale 1.2.1 (1.2.1+git.c82f64cc ).
Everything is still working properly with Firefox/Chrome and TOR.

Next step is to use LDAP…

Michel-André

1 Like
58

hey, hope this helps, those are my sanitized notes on FW. based on mrmarkuz original notes, tweaked for FW 1.2 and python 3.8 , have not updated to postgres 13 yet. greetings, phil

LINKS

PKG

get nux repo for ffmpeg

rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm

install dependencies

yum -y install nethserver-postgresql12 nethserver-redis curl gcc python3-pip git unzip ffmpeg make curl file ffmpeg libjpeg-turbo libpqxx python-devel openldap-devel rh-postgresql12-postgresql-contrib python3-devel mod_xsendfile nethserver-rh-python38.noarch rh-postgresql12-postgresql-devel postgresql-devel rh-python38-python-devel

add funkwhale service user

useradd -r -s /usr/sbin/nologin -d /srv/funkwhale -m funkwhale
chmod 755 /srv/funkwhale

CREATE DB, user and extensions

  • edit SECRET
    su - postgres -c ‘scl enable rh-postgresql12 – psql -p 55434’
    create database funkwhale with template = template0 encoding ‘utf8’;
    create user funkwhale with encrypted password ‘SECRET’;
    grant all privileges on database funkwhale to funkwhale;
    \c funkwhale
    CREATE EXTENSION unaccent;
    CREATE EXTENSION citext;
    \q

DROP DB

su - postgres -c ‘scl enable rh-postgresql12 – psql -p 55434’
DROP DATABASE funkwhale;
DROP USER IF EXISTS funkwhale;
\du
\list

BACKUP DB

su - postgres -c ‘scl enable rh-postgresql12 – pg_dump -p 55434 funkwhale > /tmp/funkwhale20220116.sql’
cp /tmp/funkwhale20220116.sql /mnt/tank/system/backup/nethserver/FW/

RESTORE DB

su - postgres -c ‘scl enable rh-postgresql12 – pg_restore -p 55434 -d funkwhale > /tmp/funkwhale20220116.sql’

get service files

curl -L -o "/etc/systemd/system/funkwhale.target" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/blob/stable/deploy/funkwhale.target"
curl -L -o "/etc/systemd/system/funkwhale-server.service" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/blob/stable/deploy/funkwhale-server.service"
curl -L -o "/etc/systemd/system/funkwhale-worker.service" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/blob/stable/deploy/funkwhale-worker.service"
curl -L -o "/etc/systemd/system/funkwhale-beat.service" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/blob/stable/deploy/funkwhale-beat.service"

APACHE

download funkwhale apache config

curl -L -o /etc/httpd/conf.d/zzz_funkwhale.conf "https://dev.funkwhale.audio/funkwhale/funkwhale/-/blob/stable/deploy/apache.conf"

modify

# Following variables MUST be modified according to your setup
Define funkwhale-sn your.funkwhale.domain.com

# Following variables should be modified according to your setup and if you
# use different configuration than what is described in our installation guide.
Define funkwhale-api http://localhost:5000
Define funkwhale-api-ws ws://localhost:5000
Define FUNKWHALE_ROOT_PATH /srv/funkwhale
Define MUSIC_DIRECTORY_PATH ${FUNKWHALE_ROOT_PATH}/data/music
Define MEDIA_DIRECTORY_PATH ${FUNKWHALE_ROOT_PATH}/data/media

<VirtualHost *:80>
   ServerName ${funkwhale-sn}
   RedirectMatch 301 ^(?!/.well-known/acme-challenge/).* https://${funkwhale-sn}
</VirtualHost>

# HTTP requests redirected to HTTPS
<VirtualHost *:80>
   ServerName ${funkwhale-sn}

# Default is to force https
   RewriteEngine on
   RewriteCond %{SERVER_NAME} =${funkwhale-sn}
   RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

   <Location "/.well-known/acme-challenge/">
      Options None
      Require all granted
   </Location>
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>
   ServerName ${funkwhale-sn}

   # Path to ErrorLog and access log
   ErrorLog /var/log/funkwhale/error.log
   CustomLog /var/log/funkwhale/access.log combined

#Header always set Service-Worker-Allowed "/"

   # TLS
   # Feel free to use your own configuration for SSL here or simply remove the
   # lines and move the configuration to the previous server block if you
   # don't want to run funkwhale behind https (this is not recommended)
   # have a look here for let's encrypt configuration:
   # https://certbot.eff.org/lets-encrypt/debianstretch-apache.html
   SSLEngine on
   SSLProxyEngine On
#   SSLCertificateFile /etc/letsencrypt/live/${funkwhale-sn}/fullchain.pem
#   SSLCertificateKeyFile /etc/letsencrypt/live/${funkwhale-sn}/privkey.pem
#  Include /etc/letsencrypt/options-ssl-apache.conf

LOGIN AS USER FW

sudo -u funkwhale -H bash

GET FW PKG

create dir

cd /srv/funkwhale
mkdir -p config api data/static data/media data/music front

get funkwhale api (stable branch)

curl -L -o "build_api.zip" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/stable/download?job=build_api"
unzip "build_api.zip" -d extracted
mv extracted/api/* api/
rm -rf extracted

get frontend

curl -L -o "build_front.zip" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/stable/download?job=build_front"
unzip "build_front.zip" -d extracted
mv extracted/front/dist front/
rm -rf extracted

PYTHON

enable python 3.8

scl enable rh-python38 bash

create virtual environment

python3.8 -m venv /srv/funkwhale/virtualenv

USE ENV

source /srv/funkwhale/virtualenv/bin/activate

check python version

python3 -V

get python dependencies

pip install wheel service_identity uvloop httptools
pip install -r api/requirements.txt

ENV

get environment file

curl -L -o config/.env “https://dev.funkwhale.audio/funkwhale/funkwhale/raw/master/deploy/env.prod.sample

secure config file

chmod 600 /srv/funkwhale/config/.env

edit hostname

sed -i ‘s!FUNKWHALE_HOSTNAME=yourdomain.funkwhale!FUNKWHALE_HOSTNAME=your.funkwhale.domain.com!’ /srv/funkwhale/config/.env

set proxy type to apache2

sed -i ‘s!REVERSE_PROXY_TYPE=nginx!REVERSE_PROXY_TYPE=apache2!’ /srv/funkwhale/config/.env

add random django secret key

sed -i ‘s!DJANGO_SECRET_KEY=$!DJANGO_SECRET_KEY=’"$(openssl rand -base64 45)"’!’ /srv/funkwhale/config/.env

MOD for 1.0

  • uncomment CELERYD_CONCURRENCY

POSTGRES

add postgresql and redis config - the empty line is necessary

  • edit SECRET
    cat >> /srv/funkwhale/config/.env <<EOF

DATABASE_URL=postgresql://funkwhale:SECRET@localhost:55434/funkwhale
CACHE_URL=redis://127.0.0.1:6379/0
EOF

HTTP proxy test

vi /etc/httpd/conf.d/zzz_funkwhale.conf
# strip the X-Forwarded-Proto header from incoming requests
RequestHeader unset X-Forwarded-Proto
# set the header for requests using HTTPS
RequestHeader set X-Forwarded-Proto https env=HTTPS

fill DB

python api/manage.py migrate

create superuser admin

python api/manage.py createsuperuser

create static files

python api/manage.py collectstatic

exit as user funkwhale to be root again

exit

SERVICES

systemctl daemon-reload
systemctl enable funkwhale-server funkwhale-worker funkwhale-beat

systemctl restart httpd funkwhale-*
systemctl status funkwhale-* httpd

systemctl stop funkwhale-*

launch

your.funkwhale.domain.com

USER CREATION

user help

python api/manage.py fw users --help

create user

sudo -u funkwhale -H bash
cd /srv/funkwhale
source /srv/funkwhale/virtualenv/bin/activate

interactive create

python api/manage.py fw users create

make user a staff memeber

python api/manage.py fw users set --staff --superuser yourusername

Managment Commands

import help

python api/manage.py import_files --help

ENV

sudo -u funkwhale -H bash
cd /srv/funkwhale
source /srv/funkwhale/virtualenv/bin/activate

symlink audio directory

ln -s /mnt/your/audio/location /srv/funkwhale/data/music/audio_raid

IMPORT

import in place example

  • you will find the id on the page where you created the library

    export LIBRARY_ID=“b3f91384”
    python api/manage.py import_files $LIBRARY_ID “/srv/funkwhale/data/music/audio_raid/Blues” --recursive --noinput --in-place

VARIOUS MANAGE COMMANDS

  • remove obsolte files from db
    python api/manage.py check_inplace_files --no-dry-run

  • prune db entries that is not tied to a file
    python api/manage.py prune_library --tracks --albums --artists --no-dry-run

  • Associate tags that are found on all tracks to the corresponding artist or album
    python api/manage.py fw artists add-tags-from-tracks

UPDATE FW

stop

systemctl stop  funkwhale-\*

user

sudo -u funkwhale -H bash
cd /srv/funkwhale

move

rm -rf *_bak
mv api api_bak
mv front front_bak
mv data/static data/static_bak
mv virtualenv virtualenv_bak
mkdir -p api front

get pkg

curl -L -o "build_api.zip" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/stable/download?job=build_api"
unzip "build_api.zip" -d extracted
mv extracted/api/* api/
rm -rf extracted

get frontend

curl -L -o "build_front.zip" "https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/stable/download?job=build_front"
unzip "build_front.zip" -d extracted
mv extracted/front/dist front/
rm -rf extracted

env

scl enable rh-python38 bash
python3.8 -m venv /srv/funkwhale/virtualenv
source /srv/funkwhale/virtualenv/bin/activate

python

pip install wheel service_identity uvloop httptools
pip install -r api/requirements.txt

python api/manage.py migrate
python api/manage.py collectstatic
exit
exit

systemd

systemctl daemon-reload
systemctl start httpd funkwhale.target
systemctl status funkwhale-*

SYSTEM COMMANDS

journalctl -xn -u funkwhale-server
journalctl -xn -u funkwhale-worker
Reverse proxy: /var/log/httpd/*.log
python3 --version

flsuh redis cache

redis-cli FLUSHALL

django web interface

https://your.funkwhale.domain.com/api/admin

permission apache files

chmod 644 zzz_funkwhale.conf
2 Likes
59

Hi @tmp501,

Any luck with LDAP ?

Michel-André

60

hey michel,
nope sorry - mostly just me that uses that service. wanted access to my music from the office / mobile phone.
greetings, phil

1 Like
61

Hi @tmp501, @mrmarkuz

In /srv/funkwhale/config/.env:

LDAP_ENABLED=True
LDAP_SERVER_URI=ldaps://funkwhale.toto.org:636
LDAP_BIND_DN="cn=ldapservice,dc=directory,dc=nh"
LDAP_BIND_PASSWORD="1234567890ABCEF1"
LDAP_SEARCH_FILTER=(uid={0})
LDAP_START_TLS=False
LDAP_ROOT_DN="dc=directory,dc=nh"

I read somewhere in Funkwhale web site that you cannot use both ldaps and LDAP_START_TLS=True.

The command ldapsearch always works:

# ldapsearch -x -H ldaps://funkwhale.toto.org -D cn=ldapservice,dc=directory,dc=nh -w "1234567890ABCEF1" -b dc=directory,dc=nh  |  grep "titi"

# titi, People, directory.nh
dn: uid=titi,ou=People,dc=directory,dc=nh
uid: titi
homeDirectory: /var/lib/nethserver/home/titi
sn: titi
mail: titi@funkwhale.toto.org

If I create a new user, he can login only once. He can insert albums, songs, etc…
His second login gives:

 We cannot log you in
    A server error occured

In messages log:
django.request WARNING Bad Request: /api/v1/users/login


According to: https://docs.funkwhale.audio/admin/ldap.html

LDAP_SEARCH_FILTER: The LDAP user filter, using {0} as the username placeholder, e.g. (|(cn={0})(mail={0})); uses standard LDAP search syntax. Default: (uid={0}).

If you use: LDAP_SEARCH_FILTER=(|(cn={0})(mail={0})), it gives the error:

#### We cannot log you in

* Please double-check that your username and password combination is correct and make sure you verified your e-mail address.

Funkwhale admin can always login without any problem.

Any suggestion ?

Michel-André

62

sorry… i am not using ldap - but i had to swap my NS harddrive…

BACKUP

DB

su - postgres -c ‘scl enable rh-postgresql12 – pg_dump -p 55434 funkwhale > /tmp/funkwhaledate +"%Y%m%d".sql’

cp /tmp/funkwhaledate +"%Y%m%d".sql /mnt/tank/system/backup/funkwhale/

APP_DIR

tar -zcvf /mnt/tank/system/backup/funkwhale/funkwhale_date +"%Y%m%d".tar.gz /srv/funkwhale/

cp /etc/httpd/conf.d/zzz_funkwhale.conf /mnt/tank/system/backup/funkwhale/

cp /srv/funkwhale/config/.env /mnt/tank/system/backup/funkwhale/dot.env

cp /etc/systemd/system/funkwhale* /mnt/tank/system/backup/funkwhale/

RESTORE

  • install yum pkg’s

RESTORE DATA

tar -xf /mnt/tank/system/backup/funkwhale/funkwhale_20220917.tar.gz -C /root/

mv /root/srv/funkwhale /srv/funkwhale

rm -rf /root/srv

RESTORE DB

  • Do not enable the extensions unaccent and citext when setting up the database;

  • Do not initialize the database by applying the migrate command;

  • Do not create an admin account.

create db

su - postgres -c ‘scl enable rh-postgresql12 – psql -p 55434’

create database funkwhale with template = template0 encoding ‘utf8’;

create user funkwhale with encrypted password ‘KEYPASS POSTGRES PASS’;

grant all privileges on database funkwhale to funkwhale;

\q

import db

cp /mnt/tank/system/backup/funkwhale/funkwhale20220917.sql /tmp/funkwhale

su - postgres -c ‘scl enable rh-postgresql12 – psql -p 55434 -d funkwhale < /tmp/funkwhale’

start systemd service

systemctl daemon-reload

systemctl restart httpd funkwhale-*

systemctl status funkwhale-* httpd

enable

systemctl enable funkwhale-server funkwhale-worker funkwhale-beat