Skip to content

Add Compose config for Stremio with Traefik + optional VPN support #88

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 9 commits into
base: main
Choose a base branch
from

Conversation

th3w1zard1
Copy link
Contributor

@th3w1zard1 th3w1zard1 commented May 8, 2025

This is a more streamlined rewrite of the monstrosity that became #82

Now that I've had time to experiment I believe I now finally know what I'm doing :)

This PR has been working for me for the better part of two weeks now.

Here's what we've done:

  • Introduced a new docker-compose.traefik.yml file to deploy Stremio and a streaming server behind a VPN using Gluetun, with Traefik as a reverse proxy.
  • Configured environment variables for Traefik and Stremio, including ACME certificate resolver settings and DNS challenge provider.
  • Set up health checks, logging, and resource limits for the Stremio service.
  • Implemented Traefik routing rules for both HTTP and HTTPS streaming services.

What's actually been changed within stremio-web-service-run.sh

  • Enhanced stremio-web-service-run.sh script for improved server management, including automatic public IP detection, domain resolution, and optional hosts file modification.
  • Added detailed logging and error handling for server startup and configuration processes.

What you need to know:

  • All of the new features are optional. Merging this PR will keep original functionality intact and maintain existing defaults.

th3w1zard1 added 4 commits May 7, 2025 21:43
…PN support

- Introduced a new `docker-compose.traefik.yml` file to deploy Stremio and a streaming server behind a VPN using Gluetun, with Traefik as a reverse proxy.
- Configured environment variables for Traefik and Stremio, including ACME certificate resolver settings and DNS challenge provider.
- Set up health checks, logging, and resource limits for the Stremio service.
- Implemented Traefik routing rules for both HTTP and HTTPS streaming services.
- Enhanced `stremio-web-service-run.sh` script for improved server management, including automatic public IP detection, domain resolution, and HTTPS certificate generation.
- Added detailed logging and error handling for server startup and configuration processes.
- Updated server.js patching logic to ensure proper configuration for proxy streams and disk space checks.
@th3w1zard1
Copy link
Contributor Author

interestingly the tests for the docker build+push release action are failing. I'll investigate why and report back when I've had time to do so. My guess is it's trying to parse IPADDRESS environment variable even when it's not specified.

@th3w1zard1
Copy link
Contributor Author

this is completely ready.

@tsaridas
Copy link
Owner

hey,

Thank you for the PR! I'll need some time to look at it.

@tsaridas
Copy link
Owner

tsaridas commented Jun 7, 2025

@th3w1zard1 I'm a bit reluctant to add something which I cannot test myself and support users with it.

@tsaridas
Copy link
Owner

tsaridas commented Jun 8, 2025

saying that, I like the log changes you did on the startup script but that will change in the future so I'm not sure if it wise to make any changes to it now. I'm happy to leave the PR open in case someone else wants to reuse the code.
in general maybe try to open an issue about the changes you want to do first so we can discuss and split the changes in smaller PRs .
really appreciate you trying to contribute so thank you !

@th3w1zard1
Copy link
Contributor Author

th3w1zard1 commented Jun 12, 2025

Is there a reason you can't test yourself? How can I split the changes? Traefik will work with most ddns providers like duckdns

@tsaridas
Copy link
Owner

Is there a reason you can't test yourself? How can I split the changes? Traefik will work with most ddns providers like duckdns

not only test but also support. doesn't include only traefik but also the gluten. I know I can use traefik myself but I don't and I don't have time to go figure out something new right now that doesn't fit my requirements. I'm afraid that if users see those config files they will ask questions specific questions about those app which I believe should be out of the scope of this repo.

I thought about having another folder for examples but I don't think that would help much getting users to ask questions.

What changes do you require for your setup to work correctly ? I'm planning to change that startup script and I don't want to have to migrate a lot. I have PR #75 which I want to finish. Maybe some of your requirements fit those changes ?

@th3w1zard1
Copy link
Contributor Author

th3w1zard1 commented Jun 19, 2025

not only test but also support. doesn't include only traefik but also the gluten.

Yeah the gluetun stuff was just example of how one could deploy over VPN.

I know I can use traefik myself but I don't and I don't have time to go figure out something new right now that doesn't fit my requirements.

Totally understandable, thank you for conveying that, it looks like from the other PR and dev branch that you're primarily focused on nginx routing actually.

I'm afraid that if users see those config files they will ask questions specific questions about those app which I believe should be out of the scope of this repo.

Yeah perhaps they should be in the example folder or something. This is common across projects like this, where something isn't part of the maintainable code the repo was designed for but show examples of how one may deploy in another configuration.

I thought about having another folder for examples but I don't think that would help much getting users to ask questions.

Actually this is what many do but i agree it's not a good solution because it requires someone (you) to keep them up to date but it shouldn't be your responsibility (nor should it ever be expected) that you'd maintain them.

What changes do you require for your setup to work correctly ? I'm planning to change that startup script and I don't want to have to migrate a lot. I have PR #75 which I want to finish. Maybe some of your requirements fit those changes ?

Just one change was made. A feature addition to resolve $IPADDRESS automatically, necessary when deploying over VPN/warp. You set $IPADDRESS to 0.0.0.0 and it auto-resolves it from ifconfig.me (and a few other fallbacks). It does the same with stuff like https://0-0-0-0.ngrok-stremio-domain-thing.com

Besides the auto-resolving zero'd ips, the logging was significantly improved in the shell script.


tldr: Getting this repo and project to work for me in any meaningful way was an extremely overly difficult thing to do. I realize you have documentation, and a 'preferred' method you came up with, and a few wiki examples but all of them are extremely involved. The documentation and project basically expects one to understand all the configurable options before one can do anything. Having a lot of intuitive defaults (like auto-resolving of $IPADDRESS) and basic examples folder is how i would alleviate my problems for the next guy that might be in my shoes.

Regardless thank you for creating this, I absolutely love it and gotta say the test workflows in .github/workflow are extremely well crafted and granular. How long did it take you to write all of those?

@tsaridas
Copy link
Owner

Just one change was made. A feature addition to resolve $IPADDRESS automatically, necessary when deploying over VPN/warp. You set $IPADDRESS to 0.0.0.0 and it auto-resolves it from ifconfig.me (and a few other fallbacks). It does the same with stuff like https://0-0-0-0.ngrok-stremio-domain-thing.com

so if I understood correctly, you want to set IPADDRESS to a public ip automatically and let stremio generate certificates for that so that you can have https for your WebUI and Server. In the new PR which should be merged the certificate is generated by certificate.js. I made some changes to the PR fit your requirements.

Besides the auto-resolving zero'd ips, the logging was significantly improved in the shell script.

yes I did like the logging as well.

tldr: Getting this repo and project to work for me in any meaningful way was an extremely overly difficult thing to do. I realize you have documentation, and a 'preferred' method you came up with, and a few wiki examples but all of them are extremely involved. The documentation and project basically expects one to understand all the configurable options before one can do anything. Having a lot of intuitive defaults (like auto-resolving of $IPADDRESS) and basic examples folder is how i would alleviate my problems for the next guy that might be in my shoes.

I'm sorry to hear that it was difficult. Happy to have the documentation updated if you think something needs to be specified.

Regardless thank you for creating this, I absolutely love it and gotta say the test workflows in .github/workflow are extremely well crafted and granular. How long did it take you to write all of those?

I don't really know how much time I have spent on this project or workflows. It was just something I needed and enjoying playing with it.

@th3w1zard1
Copy link
Contributor Author

th3w1zard1 commented Jul 3, 2025

Happy to have the documentation updated if you think something needs to be specified.

I'm a bit biased now that I understand it, but I remember at the time it was a lot of information. Didn't understand the ngrok-style urls and what they were used for, didn't understand why i needed a 'streaming server', a frontend, and the massive webpack js that's downloaded. And I didn't understand the purpose of the certificate generation and the role $IPADDRESS played into that.

I mean it's well documented how to configure it but not why or what they do, really. I'm guessing much of that is a failure on Stremio to provide actual documentation on the modular parts of their projects.

Anyway it should now be updated to support your new commits.

Key changes in this resolution:

  1. Prioritized add-traefik: All the enhanced functionality from add-traefik is preserved as the primary method
  2. Backwards compatibility: Added fallback mechanisms to support main branch functionality
  3. Dual server support: Both http-server (add-traefik) and nginx (main) are supported with automatic detection
  4. Enhanced error handling: Multiple fallback paths for certificate generation and server startup
  5. Environment variable support: All environment variables from both branches are supported
  6. Authentication: HTTP basic auth from main is preserved
  7. Certificate handling: Both certificate methods are supported with add-traefik as primary and main as fallback

The script now provides maximum compatibility while prioritizing the enhanced features from the add-traefik branch as requested.

@th3w1zard1
Copy link
Contributor Author

th3w1zard1 commented Jul 3, 2025

The example now uses cloudflare warp proxying which makes more sense than the vpn/gluetun configuration.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants