Translate
LibreTranslate is a free and open source machine translation API, entirely self-hosted. Unlike other APIs, it doesn’t rely on proprietary providers such as Google or Azure to perform translations. Instead, its translation engine is powered by the open source Argos Translate library.
Note
The steps below are loosly based on the LibreTranslate-init script for Ubuntu 20.04.
Prerequisites
git - fast, scalable, distributed revision control system
Add a system user for libretranslate:
$ sudo adduser --system --ingroup www-data \
--home /var/lib/libretranslate libretranslate
Setup
Update packages:
$ sudo apt update
Python Language Tools
Install the following prereqesite packages:
$ sudo apt install \
build-essential \
python3-virtualenv \
python3-pip \
python-is-python3 \
libssl-dev libffi-dev
PyICU is a Python extension which enables Python to use the ICU C++ libraries. Thus the ICU libraries need to be installed (and and pkg-config to find them).
See Pyicu fails to install on Ubuntu 20.04
Install PyICU dependencies:
$ sudo apt install libicu-dev python3-icu pkg-config
LibreTranslate Source-Code
Clone the LibreTranslate source code:
$ cd /var/lib/libretranslate
$ sudo -u libretranslate git clone https://github.com/LibreTranslate/LibreTranslate.git
Python Virtual Environment
Setup a virtual Python environment in the source directoy:
$ sudo -u libretranslate virtualenv LibreTranslate/env
Installation
Activate the Python Virtual Environment:
$ sudo -u libretranslate bash
$ source LibreTranslate/env/bin/activate
(env)$
Note
The following commands must be excuted from inside the Python virtual environment.
Install gunicorn and LibreTranslate from within the Python virtual environment:
(env)$ LibreTranslate/env/bin/pip install gunicorn
(env)$ LibreTranslate/env/bin/pip install -e LibreTranslate/
This might take a few minutes to complete. After completion you can start LibreTranslate manually for a test-drive.
Test-run on 172.27.88.28 port 5000:
(env)$ ~/LibreTranslate/env/bin/libretranslate --host 172.27.88.28
It will immediately start updating its languages models, which might take a while. Point you browser to http://172.27.88.28:5000.
Pres Ctrl+C to terminate the server.
Exit the Python virtual environment and the libretranslate user environment:
(env)$ exit
Systemd Socket and Service
Systemd Socket
/etc/systemd/system/libretranslate.socket:
[Unit]
Description=LibreTranslate Socket
[Socket]
ListenStream=/var/lib/libretranslate/LibreTranslate/libretranslate.sock
[Install]
WantedBy=sockets.target
Systemd Service
/etc/systemd/system/libretranslate.service:
[Unit]
Description=LibreTranslate WSGI with Gunicorn and Nginx
Requires=libretranslate.socket
After=network.target
[Service]
PIDFile=/run/powerdns-admin/pid
User=libretranslate
Group=www-data
WorkingDirectory=/var/lib/libretranslate/LibreTranslate
Environment="PATH=/var/lib/libretranslate/LibreTranslate/env/bin"
ExecStart=/var/lib/libretranslate/LibreTranslate/env/bin/gunicorn --workers 3 --bind unix:libretranslate.sock -m 007 wsgi:app
[Install]
WantedBy=multi-user.target
Reload Systemd configuration and activate the new service:
$ sudo systemctl daemon-reload
$ sudo systemctl start libretranslate
$ sudo systemctl enable libretranslate.service libretranslate.socket
Nginx Configuration
Web Server
1# **********************************************************************
2# translate.example.net
3# A self-hosted private alternative translation web-site.
4# **********************************************************************
5
6# ------------------------------------------------------------
7# Secured HTTPS Server
8# ------------------------------------------------------------
9server {
10
11 server_name translate.example.net;
12
13 # IPv6 public global address
14 listen [2001:db8:3414::28]:443 ssl http2;
15
16 # IPv4 private local address
17 listen 172.27.88.28:443 ssl http2;
18
19 # IPv4 private address (Port-forwarded from NAT firewall/router)
20 listen 172.27.88.30:443 ssl http2;
21
22 # TLS certificate (chained) and private key
23 ssl_certificate /etc/dehydrated/certs/translate.example.net/fullchain.pem;
24 ssl_certificate_key /etc/dehydrated/certs/translate.example.net/privkey.pem;
25
26 # Enable stapling of online certificate status protocol (OCSP) repsonse
27 include ocsp-stapling.conf;
28
29 # TLS certificate of signing CA (to validate OCSP repsonse when stapling)
30 ssl_trusted_certificate /etc/dehydrated/certs/translate.example.net/chain.pem;
31
32 # OCSP stapling repsonse file (pre-generated)
33 ssl_stapling_file /etc/dehydrated/certs/translate.example.net/ocsp.der;
34
35 # TLS session cache (type:name:size)
36 ssl_session_cache shared:translate.example.net:10m;
37
38 #
39 # Common Server Settings
40 #
41
42 # Server Security and Access Restrictions
43 include server-conf.d/10_server-security.conf;
44
45 # Certificate Transparency (CT) enforcement
46 include server-conf.d/20_permission-policy.conf;
47
48 # Strict Transport Security (HSTS) HTTP Reposnse Header
49 include server-conf.d/20_hsts-preload.conf;
50
51 # Custom HTTP Error Pages
52 include server-conf.d/50_error-pages.conf;
53
54 # Fallback favicon
55 include server-conf.d/60_favicon.conf;
56
57 # Prevent mobile network providers from modifying your site
58 include server-conf.d/70_no-transform.conf;
59
60 # Nginx locations for common shared files
61 include server-conf.d/80_nginx-shared.conf;
62
63 # Advertise our onion service to Tor-Browser clients
64 more_set_headers "Onion-Location: http://9cb2ct4rg74azty2.onion$request_uri";
65
66 # Private LAN only access allowed
67 include local-access-only.conf;
68
69 # Public Documents Root
70 #root /var/www/example.net/admin;
71
72 # LibreTranslate Web-App
73 include webapps/libretranslate.conf;
74
75 # Logging
76 #error_log /var/log/nginx/translate-error.log info;
77 #access_log /var/log/nginx/translate-access.log main;
78
79}
80
81
82# ----------------------------------------
83# Tor Onion Service
84# ----------------------------------------
85server {
86
87 # Tor Onion Service Name
88 server_name 9cb2ct4rg74azty2.onion;
89
90 # Tor Onion Service Socket
91 #listen unix:/run/tor-admin.example.net.sock;
92 listen 127.0.0.28:80;
93
94 #
95 # Common Server Settings
96 #
97
98 # Server Security and Access Restrictions
99 include server-conf.d/10_server-security.conf;
100
101 # Custom HTTP Error Pages
102 include server-conf.d/50_error-pages.conf;
103
104 # Fallback favicon
105 include server-conf.d/60_favicon.conf;
106
107 # Prevent mobile network providers from modifying your site
108 include server-conf.d/70_no-transform.conf;
109
110 # Nginx locations for common shared files
111 include server-conf.d/80_nginx-shared.conf;
112
113 # Public Documents Root
114 #root /var/www/example.net/translate;
115
116 # LibreTranslate Web-App
117 include webapps/libretranslate.conf;
118
119 # Logging
120 #error_log /var/log/nginx/translate-error.log info;
121 #access_log /var/log/nginx/translate-access.log main;
122}
123
124# ------------------------------------------------------------
125# Unsecured HTTP Server - Redirect to HTTPS Server
126# ------------------------------------------------------------
127server {
128
129 server_name translate.example.net;
130
131 # IPv6 public global address
132 listen [2001:db8:3414::28]:80 deferred;
133
134 # IPv4 private local address
135 listen 172.27.88.28:80 deferred;
136
137 # IPv4 private address (Port-forwarded from NAT firewall/router)
138 listen 172.27.88.30:80;
139
140 # Private LAN only access allowed
141 include local-access-only.conf;
142
143 # Redirect to HTTPS on proper hostname
144 return 301 https://$server_name$request_uri;
145
146 # Logging
147 #error_log /var/log/nginx/translate-error.log info;
148 #access_log /var/log/nginx/translate-access.log main;
149}
150
151# -*- mode: nginx; indent-tabs-mode: nil; tab-width: 4; -*-
Web Application
1# **********************************************************************
2# LibreTranslate
3# Nginx Web Application
4# **********************************************************************
5 location / {
6 include proxy_params;
7 proxy_pass http://unix:/home/libretranslate/LibreTranslate/libretranslate.sock;
8 }
9
10
11# -*- mode: nginx; indent-tabs-mode: nil; tab-width: 4; -*-