Fix token injection if unlogged user

[github/Chocobozzz/PeerTube.git] / config / production.yaml.example

diff --git a/config/production.yaml.example b/config/production.yaml.example
index 209aaa56ac1a6c3b8fe5a14e31bb490643f2ed39..167d23af849311eefd3f9f8f01ede34b771eba65 100644 (file)
--- a/config/production.yaml.example
+++ b/config/production.yaml.example
@@ -8,6 +8,11 @@ webserver:
   hostname: 'example.com'
   port: 443
 
+# Secrets you need to generate the first time you run PeerTube
+secrets:
+  # Generate one using `openssl rand -hex 32`
+  peertube: ''
+
 rates_limit:
   api:
     # 50 attempts in 10 seconds
@@ -120,6 +125,7 @@ storage:
   captions: '/var/www/peertube/storage/captions/'
   cache: '/var/www/peertube/storage/cache/'
   plugins: '/var/www/peertube/storage/plugins/'
+  well_known: '/var/www/peertube/storage/well-known/'
   # Overridable client files in client/dist/assets/images:
   # - logo.svg
   # - favicon.png
@@ -140,8 +146,11 @@ object_storage:
 
   region: 'us-east-1'
 
-  # Set this ACL on each uploaded object
-  upload_acl: 'public-read'
+  upload_acl:
+    # Set this ACL on each uploaded object of public/unlisted videos
+    public: 'public-read'
+      # Set this ACL on each uploaded object of private/internal videos
+    private: 'private'
 
   credentials:
     # You can also use AWS_ACCESS_KEY_ID env variable
@@ -648,7 +657,8 @@ instance:
   robots: |
     User-agent: *
     Disallow:
-  # Security.txt rules. To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string
+  # /.well-known/security.txt rules. This endpoint is cached, so you may have to wait a few hours before viewing your changes
+  # To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string
   securitytxt:
     '# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:'