X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=config%2Fdefault.yaml;h=db014cc87e54f2a39ecb0d7b109875cdba65b1e1;hb=7b97127e8ba718d673b8a43afa964d136723e6a2;hp=c0d17decfbcd1cedb752c7143cc093a3b3eb4633;hpb=ab623c0e0b4815bd69a94887241a69aaa857ed26;p=github%2FChocobozzz%2FPeerTube.git diff --git a/config/default.yaml b/config/default.yaml index c0d17decf..db014cc87 100644 --- a/config/default.yaml +++ b/config/default.yaml @@ -10,6 +10,11 @@ webserver: hostname: 'localhost' port: 9000 +# Secrets you need to generate the first time you run PeerTube +secrets: + # Generate one using `openssl rand -hex 32` + peertube: '' + rates_limit: api: # 50 attempts in 10 seconds @@ -27,6 +32,15 @@ rates_limit: # 3 attempts in 5 min window: 5 minutes max: 3 + receive_client_log: + # 10 attempts in 10 min + window: 10 minutes + max: 10 + +oauth2: + token_lifetime: + access_token: '1 day' + refresh_token: '2 weeks' # Proxies to trust to get real client IP # If you run PeerTube just behind a local proxy (nginx), keep 'loopback' @@ -118,6 +132,7 @@ storage: captions: 'storage/captions/' cache: 'storage/cache/' plugins: 'storage/plugins/' + well_known: 'storage/well-known/' # Overridable client files in client/dist/assets/images: # - logo.svg # - favicon.png @@ -130,6 +145,10 @@ storage: # If not, peertube will fallback to the default file client_overrides: 'storage/client-overrides/' +static_files: + # Require and check user authentication when accessing private files (internal/private video files) + private_files_require_auth: true + object_storage: enabled: false @@ -138,8 +157,21 @@ object_storage: region: 'us-east-1' - # Set this ACL on each uploaded object - upload_acl: 'public-read' + upload_acl: + # Set this ACL on each uploaded object of public/unlisted videos + # Use null if your S3 provider does not support object ACL + public: 'public-read' + # Set this ACL on each uploaded object of private/internal videos + # PeerTube can proxify requests to private objects so your users can access them + # Use null if your S3 provider does not support object ACL + private: 'private' + + proxy: + # If private files (private/internal video files) have a private ACL, users can't access directly the ressource + # PeerTube can proxify requests between your object storage service and your users + # If you disable PeerTube proxy, ensure you use your own proxy that is able to access the private files + # Or you can also set a public ACL for private files in object storage if you don't want to use a proxy + proxify_private_files: true credentials: # You can also use AWS_ACCESS_KEY_ID env variable @@ -148,7 +180,7 @@ object_storage: secret_access_key: '' # Maximum amount to upload in one request to object storage - max_upload_part: 2GB + max_upload_part: 100MB streaming_playlists: bucket_name: 'streaming-playlists' @@ -168,23 +200,54 @@ object_storage: log: level: 'info' # 'debug' | 'info' | 'warn' | 'error' + rotation: enabled : true # Enabled by default, if disabled make sure that 'storage.logs' is pointing to a folder handled by logrotate max_file_size: 12MB max_files: 20 + anonymize_ip: false + log_ping_requests: true + log_tracker_unknown_infohash: true + prettify_sql: false + # Accept warn/error logs coming from the client + accept_client_log: true + +# Support of Open Telemetry metrics and tracing +# For more information: https://docs.joinpeertube.org/maintain/observability +open_telemetry: + metrics: + enabled: false + + http_request_duration: + # You can disable HTTP request duration metric that can have a high tag cardinality + enabled: true + + # Create a prometheus exporter server on this port so prometheus server can scrape PeerTube metrics + prometheus_exporter: + hostname: '127.0.0.1' + port: 9091 + + tracing: + enabled: false + + # Send traces to a Jaeger compatible endpoint + jaeger_exporter: + endpoint: '' + trending: videos: - interval_days: 7 # Compute trending videos for the last x days + interval_days: 7 # Compute trending videos for the last x days for 'most-viewed' algorithm + algorithms: enabled: - - 'best' # adaptation of Reddit's 'Best' algorithm (Hot minus History) - - 'hot' # adaptation of Reddit's 'Hot' algorithm - - 'most-viewed' # default, used initially by PeerTube as the trending page - - 'most-liked' + - 'hot' # Adaptation of Reddit's 'Hot' algorithm + - 'most-viewed' # Number of views in the last x days + - 'most-liked' # Global views since the upload of the video + default: 'most-viewed' # Cache remote videos on your server, to help other instances to broadcast the video @@ -229,6 +292,11 @@ security: frameguard: enabled: true + # Set x-powered-by HTTP header to "PeerTube" + # Can help remote software to know this is a PeerTube instance + powered_by_header: + enabled: true + tracker: # If you disable the tracker, you disable the P2P on your PeerTube instance enabled: true @@ -325,9 +393,15 @@ contact_form: signup: enabled: false + limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited + minimum_age: 16 # Used to configure the signup form + + # Users fill a form to register so moderators can accept/reject the registration + requires_approval: true requires_email_verification: false + filters: cidr: # You can specify CIDR ranges to whitelist (empty = no filtering) or blacklist whitelist: [] @@ -376,6 +450,9 @@ transcoding: 1440p: false 2160p: false + # Transcode and keep original resolution, even if it's above your maximum enabled resolution + always_transcode_original_resolution: true + # Generate videos in a WebTorrent format (what we do since the first PeerTube release) # If you also enabled the hls format, it will multiply videos storage by 2 # If disabled, breaks federation with PeerTube instances < 2.1 @@ -469,6 +546,9 @@ live: 1440p: false 2160p: false + # Also transcode original resolution, even if it's above your maximum enabled resolution + always_transcode_original_resolution: true + video_studio: # Enable video edition by users (cut, add intro/outro, add watermark etc) # If enabled, users can create transcoding tasks as they wish @@ -486,7 +566,7 @@ import: # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html http: # We recommend to use a HTTP proxy if you enable HTTP import to prevent private URL access from this server - # See https://docs.joinpeertube.org/maintain-configuration?id=security for more information + # See https://docs.joinpeertube.org/maintain/configuration#security for more information enabled: false youtube_dl_release: @@ -495,11 +575,11 @@ import: # Examples: # * https://api.github.com/repos/ytdl-org/youtube-dl/releases # * https://api.github.com/repos/yt-dlp/yt-dlp/releases - url: 'https://yt-dl.org/downloads/latest/youtube-dl' + # * https://yt-dl.org/downloads/latest/youtube-dl + url: 'https://api.github.com/repos/yt-dlp/yt-dlp/releases' - # youtube-dl binary name - # yt-dlp is also supported - name: 'youtube-dl' + # Release binary name: 'yt-dlp' or 'youtube-dl' + name: 'yt-dlp' # Path to the python binary to execute for youtube-dl or yt-dlp python_path: '/usr/bin/python3' @@ -510,9 +590,23 @@ import: # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file) torrent: # We recommend to only enable magnet URI/torrent import if you trust your users - # See https://docs.joinpeertube.org/maintain-configuration?id=security for more information + # See https://docs.joinpeertube.org/maintain/configuration#security for more information enabled: false + # Add ability for your users to synchronize their channels with external channels, playlists, etc + video_channel_synchronization: + enabled: false + + max_per_user: 10 + + check_interval: 1 hour + + # Number of latest published videos to check and to potentially import when syncing a channel + videos_limit_per_synchronization: 10 + + # Max number of videos to import when the user asks for full sync + full_sync_videos_limit: 1000 + auto_blacklist: # New videos automatically blacklisted so moderators can review before publishing videos: @@ -594,7 +688,8 @@ instance: robots: | User-agent: * Disallow: - # Security.txt rules. To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string + # /.well-known/security.txt rules. This endpoint is cached, so you may have to wait a few hours before viewing your changes + # To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string securitytxt: '# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:' @@ -655,13 +750,13 @@ search: search_index: enabled: false # URL of the search index, that should use the same search API and routes - # than PeerTube: https://docs.joinpeertube.org/api-rest-reference.html + # than PeerTube: https://docs.joinpeertube.org/api/rest-reference.html # You should deploy your own with https://framagit.org/framasoft/peertube/search-index, # and can use https://search.joinpeertube.org/ for tests, but keep in mind the latter is an unmoderated search index url: '' - # You can disable local search, so users only use the search index + # You can disable local search in the client, so users only use the search index disable_local_search: false - # If you did not disable local search, you can decide to use the search index by default + # If you did not disable local search in the client, you can decide to use the search index by default is_default_search: false # PeerTube client/interface configuration