]>
Commit | Line | Data |
---|---|---|
1 | { env, fetchedGithub, fetchurl, fetchzip, stdenv, writeText, pkgs, cacert }: | |
2 | let | |
3 | varDir = "/var/lib/peertube"; | |
4 | listenPort = env.listenPort; | |
5 | # Doesn't seem to work | |
6 | # patchedPackages = stdenv.mkDerivation (fetchedGithub ./peertube.json // rec { | |
7 | # patches = [ ./ldap.patch ]; | |
8 | # installPhase = '' | |
9 | # mkdir $out | |
10 | # cp package.json yarn.lock $out/ | |
11 | # ''; | |
12 | # }); | |
13 | # yarnModules = pkgs.yarn2nix.mkYarnModules { | |
14 | # name = "peertube-yarn-modules"; | |
15 | # packageJSON = "${patchedPackages}/package.json"; | |
16 | # yarnLock = "${patchedPackages}/yarn.lock"; | |
17 | # yarnNix = ./yarn-packages.nix; | |
18 | # }; | |
19 | patchedServer = stdenv.mkDerivation (fetchedGithub ./peertube.json // rec { | |
20 | __noChroot = true; | |
21 | patches = [ | |
22 | ./ldap.patch | |
23 | ./sendmail.patch | |
24 | ]; | |
25 | buildPhase = '' | |
26 | export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt | |
27 | export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt | |
28 | export HOME=$PWD | |
29 | yarn install --pure-lockfile | |
30 | npm run build:server | |
31 | ''; | |
32 | installPhase = '' | |
33 | mkdir $out | |
34 | cp -a dist/server $out | |
35 | ''; | |
36 | buildInputs = [ pkgs.python pkgs.git pkgs.yarn pkgs.nodejs ]; | |
37 | }); | |
38 | webappDir = stdenv.mkDerivation rec { | |
39 | __noChroot = true; | |
40 | version = "v1.2.0"; | |
41 | name = "peertube-${version}"; | |
42 | src = fetchzip { | |
43 | url = "https://github.com/Chocobozzz/PeerTube/releases/download/${version}/${name}.zip"; | |
44 | sha256 = "18fp3fy1crw67gdpc29nr38b5zy2f68l70w47zwp7dzhd8bbbipp"; | |
45 | }; | |
46 | patches = [ ./ldap_yarn.patch ]; | |
47 | buildPhase = '' | |
48 | export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt | |
49 | export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt | |
50 | export HOME=$PWD | |
51 | yarn install --production --pure-lockfile | |
52 | rm -rf dist/server && cp -a ${patchedServer}/server dist | |
53 | ''; | |
54 | installPhase = '' | |
55 | mkdir $out | |
56 | cp -a * $out | |
57 | ''; | |
58 | buildInputs = [ pkgs.yarn pkgs.git pkgs.python ]; | |
59 | }; | |
60 | config = '' | |
61 | listen: | |
62 | hostname: 'localhost' | |
63 | port: ${env.listenPort} | |
64 | webserver: | |
65 | https: true | |
66 | hostname: 'peertube.immae.eu' | |
67 | port: 443 | |
68 | trust_proxy: | |
69 | - 'loopback' | |
70 | database: | |
71 | hostname: '${env.postgresql.socket}' | |
72 | port: 5432 | |
73 | suffix: '_prod' | |
74 | username: '${env.postgresql.user}' | |
75 | password: '${env.postgresql.password}' | |
76 | pool: | |
77 | max: 5 | |
78 | redis: | |
79 | socket: '${env.redis.socket}' | |
80 | auth: null | |
81 | db: ${env.redis.db_index} | |
82 | ldap: | |
83 | enable: true | |
84 | ldap_only: false | |
85 | url: ldaps://${env.ldap.host}/${env.ldap.base} | |
86 | bind_dn: ${env.ldap.dn} | |
87 | bind_password: ${env.ldap.password} | |
88 | base: ${env.ldap.base} | |
89 | mail_entry: "mail" | |
90 | user_filter: "${env.ldap.filter}" | |
91 | smtp: | |
92 | transport: sendmail | |
93 | sendmail: '/run/wrappers/bin/sendmail' | |
94 | hostname: null | |
95 | port: 465 # If you use StartTLS: 587 | |
96 | username: null | |
97 | password: null | |
98 | tls: true # If you use StartTLS: false | |
99 | disable_starttls: false | |
100 | ca_file: null # Used for self signed certificates | |
101 | from_address: 'peertube@tools.immae.eu' | |
102 | storage: | |
103 | tmp: '${varDir}/storage/tmp/' | |
104 | avatars: '${varDir}/storage/avatars/' | |
105 | videos: '${varDir}/storage/videos/' | |
106 | redundancy: '${varDir}/storage/videos/' | |
107 | logs: '${varDir}/storage/logs/' | |
108 | previews: '${varDir}/storage/previews/' | |
109 | thumbnails: '${varDir}/storage/thumbnails/' | |
110 | torrents: '${varDir}/storage/torrents/' | |
111 | captions: '${varDir}/storage/captions/' | |
112 | cache: '${varDir}/storage/cache/' | |
113 | log: | |
114 | level: 'info' | |
115 | search: | |
116 | remote_uri: | |
117 | users: true | |
118 | anonymous: false | |
119 | trending: | |
120 | videos: | |
121 | interval_days: 7 | |
122 | redundancy: | |
123 | videos: | |
124 | check_interval: '1 hour' # How often you want to check new videos to cache | |
125 | strategies: # Just uncomment strategies you want | |
126 | # Following are saved in local-production.json | |
127 | cache: | |
128 | previews: | |
129 | size: 500 # Max number of previews you want to cache | |
130 | captions: | |
131 | size: 500 # Max number of video captions/subtitles you want to cache | |
132 | admin: | |
133 | email: 'peertube@tools.immae.eu' | |
134 | contact_form: | |
135 | enabled: true | |
136 | signup: | |
137 | enabled: false | |
138 | limit: 10 | |
139 | requires_email_verification: false | |
140 | filters: | |
141 | cidr: | |
142 | whitelist: [] | |
143 | blacklist: [] | |
144 | user: | |
145 | video_quota: -1 | |
146 | video_quota_daily: -1 | |
147 | transcoding: | |
148 | enabled: false | |
149 | allow_additional_extensions: true | |
150 | threads: 1 | |
151 | resolutions: | |
152 | 240p: false | |
153 | 360p: false | |
154 | 480p: true | |
155 | 720p: true | |
156 | 1080p: true | |
157 | hls: | |
158 | enabled: false | |
159 | import: | |
160 | videos: | |
161 | http: | |
162 | enabled: true | |
163 | torrent: | |
164 | enabled: false | |
165 | instance: | |
166 | name: 'Immae’s PeerTube' | |
167 | short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.' | |
168 | description: ''' | |
169 | terms: ''' | |
170 | default_client_route: '/videos/trending' | |
171 | default_nsfw_policy: 'blur' | |
172 | customizations: | |
173 | javascript: ''' | |
174 | css: ''' | |
175 | robots: | | |
176 | User-agent: * | |
177 | Disallow: | |
178 | securitytxt: | |
179 | "# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:" | |
180 | services: | |
181 | # You can provide a reporting endpoint for Content Security Policy violations | |
182 | csp-logger: | |
183 | twitter: | |
184 | username: '@_immae' | |
185 | whitelisted: false | |
186 | ''; | |
187 | in | |
188 | { | |
189 | inherit varDir webappDir config listenPort; | |
190 | } |