Shotit-media scaffold

.env.example

@@ -0,0 +1,12 @@
+VIDEO_PATH=/mnt/data/anilist/
+SERVER_PORT=8024
+SERVER_ADDR=127.0.0.1
+TRACE_MEDIA_SALT=TRACE_MEDIA_SALT
+TRACE_API_SECRET=TRACE_API_SECRET
+IP_WHITELIST=192.168.1.100
+AWS_BUCKET=
+AWS_ENDPOINT_URL=
+AWS_HLS_URL=
+AWS_REGION=
+AWS_ACCESS_KEY=
+AWS_SECRET_KEY=

.github/dependabot.yml

@@ -0,0 +1,8 @@
+version: 2
+updates:
+- package-ecosystem: npm
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "21:00"
+  open-pull-requests-limit: 99

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,67 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '44 4 * * 1'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/docker-image.yml

@@ -0,0 +1,63 @@
+name: Docker Image CI
+
+on:
+  push:
+    branches: [master]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check Out Repo
+        uses: actions/checkout@v2
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Set lowercase GitHub owner name
+        run: |
+          echo "OWNER_LC=${OWNER,,}" >> ${GITHUB_ENV}
+        env:
+          OWNER: '${{ github.repository_owner }}'
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ env.OWNER_LC }}
+          password: ${{ secrets.GH_TOKEN }}
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Set lowercase GitHub repository name
+        run: |
+          echo "REPOSITORY_LC=${REPOSITORY,,}" >> ${GITHUB_ENV}
+        env:
+          REPOSITORY: '${{ github.repository }}'
+
+      - name: Set correct DockerHub repository name
+        run: |
+          echo "DOCKERHUB_REPOSITORY_LC=${DOCKERHUB_USERNAME,,}/${REPOSITORY#*/}" >> ${GITHUB_ENV}
+        env:
+          DOCKERHUB_USERNAME: '${{ secrets.DOCKER_HUB_USERNAME}}'
+          REPOSITORY: '${{ github.repository }}'
+
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: ./
+          file: ./Dockerfile
+          push: true
+          tags: |
+            ${{ env.DOCKERHUB_REPOSITORY_LC }}:latest
+            ghcr.io/${{ env.REPOSITORY_LC }}:latest
+
+      - name: Image digest
+        run: echo ${{ steps.docker_build.outputs.digest }}

.github/workflows/node.js.yml

@@ -0,0 +1,30 @@
+# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
+# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
+
+name: Node.js CI
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [14.x, 16.x, 18.x]
+        # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v1
+      with:
+        node-version: ${{ matrix.node-version }}
+    - run: npm ci
+    - run: npm run build --if-present
+    - run: npm test

.prettierrc.json

@@ -0,0 +1,3 @@
+{
+  "printWidth": 100
+}

CODE_OF_CONDUCT.md

@@ -0,0 +1,46 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+- Using welcoming and inclusive language
+- Being respectful of differing viewpoints and experiences
+- Gracefully accepting constructive criticism
+- Focusing on what is best for the community
+- Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+- The use of sexualized language or imagery and unwelcome sexual attention or advances
+- Trolling, insulting/derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or electronic address, without explicit permission
+- Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at contact@polarbeaver.tech. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

Dockerfile

@@ -0,0 +1,16 @@
+# syntax=docker/dockerfile:1
+
+FROM node:16-bullseye-slim
+ENV TINI_VERSION v0.19.0
+ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
+RUN chmod +x /tini
+ENTRYPOINT ["/tini", "--"]
+RUN apt-get update && apt-get install -y ffmpeg python3
+ENV NODE_ENV=production
+WORKDIR /app
+COPY ["package.json", "package-lock.json*", "./"]
+RUN npm install --production
+COPY src/ ./src/
+COPY public/ ./public/
+COPY server.js ./
+CMD [ "node", "server.js" ]

README.md

@@ -1,2 +1,120 @@
-# shotit-media
-Media broker of shotit
+# Shotit-media
+
+[![License](https://img.shields.io/github/license/shotit/shotit-media.svg?style=flat-square)](https://github.com/shotit/shotit-media/blob/master/LICENSE)
+[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/shotit/shotit-media/Docker%20Image%20CI?style=flat-square)](https://github.com/shotit/shotit-media/actions)
+[![Docker](https://img.shields.io/docker/pulls/lesliewong007/shotit-media?style=flat-square)](https://hub.docker.com/r/lesliewong007/shotit-media)
+[![Docker Image Size](https://img.shields.io/docker/image-size/lesliewong007/shotit-media/latest?style=flat-square)](https://hub.docker.com/r/lesliewong007/shotit-media)
+
+### Media broker for serving video preview for shotit
+
+This server uses a "video scene cutter" which automatically detect timestamp boundaries of a shot, and then trim the shot out without leaking / exposing other frames that belongs to previous / next scenes.
+
+#### Background of this project
+
+When search result from shotit returns an anime, episode and a timecode, it can generate a video preview for the scene at that time code.
+
+Query image:
+
+![](https://images.plurk.com/3F4Mg666qw78rImF7DR2SG.jpg)
+
+Search result: `Shelter, episode 1, timecode: 00:00:51.83`
+
+Video Preview at time `00:00:51.83`
+
+|            Fixed offset without shotit-media             |              Auto detect with shotit-media               |
+| :------------------------------------------------------: | :------------------------------------------------------: |
+| ![](https://images.plurk.com/7lURadxyYVrvPl52M7mm3G.gif) | ![](https://images.plurk.com/2mcJxwtMJFSVhLQ8XDUYI3.gif) |
+|            00:50.93 (-0.9) to 00:53.93 (+2.1)            |              00:49.22 to 00:51.30 (dynamic)              |
+
+By using first / last frames from the fixed offset preview, user may be able to use that to search again and reveal previous/next scene of the original video. By repeating this process, users may eventually read the whole video until the rate limit/search quota used up.
+
+With the video preview generated by auto detect method, searching any frame form the preview would only results the same video preview. This prevents leaking the previous/next scene.
+
+### How does it work
+
+To be completed
+![](https://images.plurk.com/2NDcHsv4PFLWX5q64zHts7.jpg)
+
+### Getting Started
+
+```bash
+docker run -it --rm -v /path/to/video/=/mnt/ -p 3000:3000 ghcr.io/shotit/shotit-media:latest
+```
+
+#### List files
+
+```
+http://127.0.0.1:3000/list/
+```
+
+#### Video URL
+
+```
+http://127.0.0.1:3000/file/foo/bar.mp4
+```
+
+For this URL endpoint, use HTTP Method PUT, DELETE to upload and delete files.
+
+To secure this endpoint, define the `TRACE_API_SECRET` environment variable, and put `x-trace-secret` in HTTP header when sending requests.
+
+#### Video Preview URL
+
+```
+http://127.0.0.1:3000/video/foo/bar.mp4?t=87
+```
+
+You can use the `&size=` param to specify preview size (l: 640, m: 320, s: 160)
+
+```
+http://127.0.0.1:3000/video/foo/bar.mp4?t=87&size=l
+```
+
+You can use the `&mute` param to generate a muted video (like GIF)
+
+```
+http://127.0.0.1:3000/video/foo/bar.mp4?t=87&size=l&mute
+```
+
+#### Image Preview URL
+
+```
+http://127.0.0.1:3000/image/foo/bar.mp4?t=87
+```
+
+You can use the `&size=` param to specify preview size (l: 640, m: 320, s: 160)
+
+```
+http://127.0.0.1:3000/image/foo/bar.mp4?t=87&size=l
+```
+
+### Environment variables
+
+```
+VIDEO_PATH=         # e.g. /mnt/data/anilist/
+SERVER_PORT=        # e.g. 3001
+SERVER_ADDR=        # e.g. 127.0.0.1 or 0.0.0.0
+TRACE_MEDIA_SALT=   # define any random string, or leave blank to disable secure token
+TRACE_API_SECRET=   # same as TRACE_API_SECRET in shotit api's .env, or leave blank to disable auth
+```
+
+### Local Development
+
+Git clone this repository, npm install, copy `.env.example` to `.env`, Edit `.env` as you need, then start server
+
+```
+node server.js
+```
+
+You also can use pm2 to run this in background in cluster mode.
+
+Use below commands to start / restart / stop server.
+
+```
+npm run start
+npm run stop
+npm run reload
+npm run restart
+npm run delete
+```
+
+To change the number of nodejs instances, edit ecosystem.config.json

ecosystem.config.json

@@ -0,0 +1,11 @@
+{
+  "apps": [
+    {
+      "name": "shotit-media",
+      "script": "server.js",
+      "instances": 4,
+      "autorestart": true,
+      "exec_mode": "cluster"
+    }
+  ]
+}