1 { lib, pkgs, config, ... }:
3 env = config.myEnv.tools.peertube;
4 cfg = config.myServices.websites.tools.peertube;
5 pcfg = config.services.peertube;
7 options.myServices.websites.tools.peertube = {
8 enable = lib.mkEnableOption "enable Peertube's website";
11 config = lib.mkIf cfg.enable {
12 services.duplyBackup.profiles.peertube = {
13 rootDir = pcfg.dataDir;
17 configFile = config.secrets.fullPaths."webapps/tools-peertube";
19 users.users.peertube.extraGroups = [ "keys" ];
21 secrets.keys."webapps/tools-peertube" = {
28 port: ${toString config.myEnv.ports.peertube}
31 hostname: 'peertube.immae.eu'
34 hostname: '${env.postgresql.socket}'
37 username: '${env.postgresql.user}'
38 password: '${env.postgresql.password}'
42 socket: '${env.redis.socket}'
47 sendmail: '/run/wrappers/bin/sendmail'
48 from_address: 'peertube@tools.immae.eu'
50 tmp: '${pcfg.dataDir}/storage/tmp/'
51 avatars: '${pcfg.dataDir}/storage/avatars/'
52 videos: '${pcfg.dataDir}/storage/videos/'
53 streaming_playlists: '${pcfg.dataDir}/storage/streaming-playlists/'
54 redundancy: '${pcfg.dataDir}/storage/videos/'
55 logs: '${pcfg.dataDir}/storage/logs/'
56 previews: '${pcfg.dataDir}/storage/previews/'
57 thumbnails: '${pcfg.dataDir}/storage/thumbnails/'
58 torrents: '${pcfg.dataDir}/storage/torrents/'
59 captions: '${pcfg.dataDir}/storage/captions/'
60 cache: '${pcfg.dataDir}/storage/cache/'
61 plugins: '${pcfg.dataDir}/storage/plugins/'
62 client_overrides: '${pcfg.dataDir}/storage/client-overrides/'
66 services.websites.env.tools.modules = [
67 "headers" "proxy" "proxy_http" "proxy_wstunnel"
69 services.filesWatcher.peertube = {
71 paths = [ pcfg.configFile ];
74 services.websites.env.tools.vhostConfs.peertube = {
77 hosts = [ "peertube.immae.eu" ];
82 RewriteCond %{REQUEST_URI} ^/socket.io [NC]
83 RewriteCond %{QUERY_STRING} transport=websocket [NC]
84 RewriteRule /(.*) ws://localhost:${toString env.listenPort}/$1 [P,NE,QSA,L]
86 RewriteCond %{REQUEST_URI} ^/tracker/socket [NC]
87 RewriteRule /(.*) ws://localhost:${toString env.listenPort}/$1 [P,NE,QSA,L]
89 ProxyPass / http://localhost:${toString env.listenPort}/
90 ProxyPassReverse / http://localhost:${toString env.listenPort}/
93 RequestHeader set X-Real-IP %{REMOTE_ADDR}s