X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=support%2Fnginx%2Fpeertube;h=05a59c0720ab45636e3015194bc1b597015cb4c6;hb=HEAD;hp=827a57e9359ab534c7ceafb87fda631bd16b4851;hpb=cf21b2cbef61929177b9c09b5e017c3b7eb8535d;p=github%2FChocobozzz%2FPeerTube.git diff --git a/support/nginx/peertube b/support/nginx/peertube index 827a57e93..05a59c072 100644 --- a/support/nginx/peertube +++ b/support/nginx/peertube @@ -85,7 +85,7 @@ server { try_files /dev/null @api; } - location = /api/v1/videos/upload { + location ~ ^/api/v1/videos/(upload|([^/]+/studio/edit))$ { limit_except POST HEAD { deny all; } # This is the maximum upload size, which roughly matches the maximum size of a video file. @@ -98,6 +98,13 @@ server { try_files /dev/null @api; } + location ~ ^/api/v1/runners/jobs/[^/]+/(update|success)$ { + client_max_body_size 12G; # default is 1M + add_header X-File-Maximum-Size 8G always; # inform backend of the set value in bytes before mime-encoding (x * 1.4 >= client_max_body_size) + + try_files /dev/null @api; + } + location ~ ^/api/v1/(videos|video-playlists|video-channels|users/me) { client_max_body_size 6M; # default is 1M add_header X-File-Maximum-Size 4M always; # inform backend of the set value in bytes before mime-encoding (x * 1.4 >= client_max_body_size) @@ -132,6 +139,11 @@ server { try_files /dev/null @api_websocket; } + # Plugin websocket routes + location ~ ^/plugins/[^/]+(/[^/]+)?/ws/ { + try_files /dev/null @api_websocket; + } + ## # Performance optimizations # For extra performance please refer to https://github.com/denji/nginx-tuning @@ -172,7 +184,7 @@ server { # Bypass PeerTube for performance reasons. Optional. # Should be consistent with client-overrides assets list in /server/controllers/client.ts - location ~ ^/client/(assets/images/(icons/icon-36x36\.png|icons/icon-48x48\.png|icons/icon-72x72\.png|icons/icon-96x96\.png|icons/icon-144x144\.png|icons/icon-192x192\.png|icons/icon-512x512\.png|logo\.svg|favicon\.png))$ { + location ~ ^/client/(assets/images/(icons/icon-36x36\.png|icons/icon-48x48\.png|icons/icon-72x72\.png|icons/icon-96x96\.png|icons/icon-144x144\.png|icons/icon-192x192\.png|icons/icon-512x512\.png|logo\.svg|favicon\.png|default-playlist\.jpg|default-avatar-account\.png|default-avatar-account-48x48\.png|default-avatar-video-channel\.png|default-avatar-video-channel-48x48\.png))$ { add_header Cache-Control "public, max-age=31536000, immutable"; # Cache 1 year root /var/www/peertube; @@ -209,6 +221,18 @@ server { try_files $uri @api; } + location ~ ^(/static/(webseed|streaming-playlists)/private/)|^/download { + # We can't rate limit a try_files directive, so we need to duplicate @api + + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + + proxy_limit_rate 5M; + + proxy_pass http://backend; + } + # Bypass PeerTube for performance reasons. Optional. location ~ ^/static/(webseed|redundancy|streaming-playlists)/ { limit_rate_after 5M; @@ -222,9 +246,9 @@ server { } # Use this line with nginx >= 1.17.0 - #limit_rate $peertube_limit_rate; - # Or this line if your nginx < 1.17.0 - set $limit_rate $peertube_limit_rate; + limit_rate $peertube_limit_rate; + # Or this line with nginx < 1.17.0 + # set $limit_rate $peertube_limit_rate; if ($request_method = 'OPTIONS') { add_header Access-Control-Allow-Origin '*'; @@ -251,12 +275,6 @@ server { sendfile_max_chunk 1M; # prevent one fast connection from entirely occupying the worker process. should be > 800k. aio threads; - # Use this in tandem with fuse-mounting i.e. https://docs.joinpeertube.org/admin-remote-storage - # to serve files directly from a public bucket without proxying. - # Assumes you have buckets named after the storage subdirectories, i.e. 'videos', 'redundancy', etc. - #set $cdn ; - #rewrite ^/static/webseed/(.*)$ $cdn/videos/$1 redirect; - #rewrite ^/static/(.*)$ $cdn/$1 redirect; rewrite ^/static/webseed/(.*)$ /videos/$1 break; rewrite ^/static/(.*)$ /$1 break;