diff options
-rw-r--r-- | nixops/modules/websites/default.nix | 2 | ||||
-rw-r--r-- | nixops/modules/websites/tools/peertube.nix | 225 | ||||
-rw-r--r-- | nixops/modules/websites/tools/peertube/default.nix | 101 | ||||
-rw-r--r-- | nixops/modules/websites/tools/peertube/peertube.nix | 190 | ||||
-rw-r--r-- | pkgs/impure/peertube/default.nix | 58 | ||||
-rw-r--r-- | pkgs/impure/peertube/ldap.patch (renamed from nixops/modules/websites/tools/peertube/ldap.patch) | 0 | ||||
-rw-r--r-- | pkgs/impure/peertube/ldap_yarn.patch (renamed from nixops/modules/websites/tools/peertube/ldap_yarn.patch) | 0 | ||||
-rw-r--r-- | pkgs/impure/peertube/peertube.json (renamed from nixops/modules/websites/tools/peertube/peertube.json) | 0 | ||||
-rw-r--r-- | pkgs/impure/peertube/sendmail.patch (renamed from nixops/modules/websites/tools/peertube/sendmail.patch) | 0 | ||||
-rw-r--r-- | pkgs/impure/peertube/yarn-packages.nix (renamed from nixops/modules/websites/tools/peertube/yarn-packages.nix) | 0 | ||||
-rw-r--r-- | pkgs/webapps/default.nix | 1 |
11 files changed, 285 insertions, 292 deletions
diff --git a/nixops/modules/websites/default.nix b/nixops/modules/websites/default.nix index e40c8f4..555e780 100644 --- a/nixops/modules/websites/default.nix +++ b/nixops/modules/websites/default.nix | |||
@@ -130,7 +130,7 @@ in | |||
130 | ./tools/mediagoblin.nix | 130 | ./tools/mediagoblin.nix |
131 | ./tools/diaspora.nix | 131 | ./tools/diaspora.nix |
132 | ./tools/ether.nix | 132 | ./tools/ether.nix |
133 | ./tools/peertube | 133 | ./tools/peertube.nix |
134 | # built using: | 134 | # built using: |
135 | # sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix | 135 | # sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix |
136 | # Removed allGranted | 136 | # Removed allGranted |
diff --git a/nixops/modules/websites/tools/peertube.nix b/nixops/modules/websites/tools/peertube.nix new file mode 100644 index 0000000..e15f638 --- /dev/null +++ b/nixops/modules/websites/tools/peertube.nix | |||
@@ -0,0 +1,225 @@ | |||
1 | { lib, pkgs, config, myconfig, mylibs, ... }: | ||
2 | let | ||
3 | peertube = pkgs.webapps.peertube; | ||
4 | varDir = "/var/lib/peertube"; | ||
5 | env = myconfig.env.tools.peertube; | ||
6 | cfg = config.services.myWebsites.tools.peertube; | ||
7 | in { | ||
8 | options.services.myWebsites.tools.peertube = { | ||
9 | enable = lib.mkEnableOption "enable Peertube's website"; | ||
10 | }; | ||
11 | |||
12 | config = lib.mkIf cfg.enable { | ||
13 | ids.uids.peertube = env.user.uid; | ||
14 | ids.gids.peertube = env.user.gid; | ||
15 | |||
16 | users.users.peertube = { | ||
17 | name = "peertube"; | ||
18 | uid = config.ids.uids.peertube; | ||
19 | group = "peertube"; | ||
20 | description = "Peertube user"; | ||
21 | home = varDir; | ||
22 | useDefaultShell = true; | ||
23 | extraGroups = [ "keys" ]; | ||
24 | }; | ||
25 | |||
26 | users.groups.peertube.gid = config.ids.gids.peertube; | ||
27 | |||
28 | systemd.services.peertube = { | ||
29 | description = "Peertube"; | ||
30 | wantedBy = [ "multi-user.target" ]; | ||
31 | after = [ "network.target" "postgresql.service" ]; | ||
32 | wants = [ "postgresql.service" ]; | ||
33 | |||
34 | environment.NODE_CONFIG_DIR = "${varDir}/config"; | ||
35 | environment.NODE_ENV = "production"; | ||
36 | environment.HOME = peertube; | ||
37 | |||
38 | path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ]; | ||
39 | |||
40 | script = '' | ||
41 | exec npm run start | ||
42 | ''; | ||
43 | |||
44 | serviceConfig = { | ||
45 | User = "peertube"; | ||
46 | Group = "peertube"; | ||
47 | WorkingDirectory = peertube; | ||
48 | PrivateTmp = true; | ||
49 | ProtectHome = true; | ||
50 | ProtectControlGroups = true; | ||
51 | Restart = "always"; | ||
52 | Type = "simple"; | ||
53 | TimeoutSec = 60; | ||
54 | }; | ||
55 | |||
56 | unitConfig.RequiresMountsFor = varDir; | ||
57 | }; | ||
58 | |||
59 | mySecrets.keys = [{ | ||
60 | dest = "webapps/tools-peertube"; | ||
61 | user = "peertube"; | ||
62 | group = "peertube"; | ||
63 | permissions = "0640"; | ||
64 | text = '' | ||
65 | listen: | ||
66 | hostname: 'localhost' | ||
67 | port: ${env.listenPort} | ||
68 | webserver: | ||
69 | https: true | ||
70 | hostname: 'peertube.immae.eu' | ||
71 | port: 443 | ||
72 | trust_proxy: | ||
73 | - 'loopback' | ||
74 | database: | ||
75 | hostname: '${env.postgresql.socket}' | ||
76 | port: 5432 | ||
77 | suffix: '_prod' | ||
78 | username: '${env.postgresql.user}' | ||
79 | password: '${env.postgresql.password}' | ||
80 | pool: | ||
81 | max: 5 | ||
82 | redis: | ||
83 | socket: '${env.redis.socket}' | ||
84 | auth: null | ||
85 | db: ${env.redis.db_index} | ||
86 | ldap: | ||
87 | enable: true | ||
88 | ldap_only: false | ||
89 | url: ldaps://${env.ldap.host}/${env.ldap.base} | ||
90 | bind_dn: ${env.ldap.dn} | ||
91 | bind_password: ${env.ldap.password} | ||
92 | base: ${env.ldap.base} | ||
93 | mail_entry: "mail" | ||
94 | user_filter: "${env.ldap.filter}" | ||
95 | smtp: | ||
96 | transport: sendmail | ||
97 | sendmail: '/run/wrappers/bin/sendmail' | ||
98 | hostname: null | ||
99 | port: 465 # If you use StartTLS: 587 | ||
100 | username: null | ||
101 | password: null | ||
102 | tls: true # If you use StartTLS: false | ||
103 | disable_starttls: false | ||
104 | ca_file: null # Used for self signed certificates | ||
105 | from_address: 'peertube@tools.immae.eu' | ||
106 | storage: | ||
107 | tmp: '${varDir}/storage/tmp/' | ||
108 | avatars: '${varDir}/storage/avatars/' | ||
109 | videos: '${varDir}/storage/videos/' | ||
110 | redundancy: '${varDir}/storage/videos/' | ||
111 | logs: '${varDir}/storage/logs/' | ||
112 | previews: '${varDir}/storage/previews/' | ||
113 | thumbnails: '${varDir}/storage/thumbnails/' | ||
114 | torrents: '${varDir}/storage/torrents/' | ||
115 | captions: '${varDir}/storage/captions/' | ||
116 | cache: '${varDir}/storage/cache/' | ||
117 | log: | ||
118 | level: 'info' | ||
119 | search: | ||
120 | remote_uri: | ||
121 | users: true | ||
122 | anonymous: false | ||
123 | trending: | ||
124 | videos: | ||
125 | interval_days: 7 | ||
126 | redundancy: | ||
127 | videos: | ||
128 | check_interval: '1 hour' # How often you want to check new videos to cache | ||
129 | strategies: # Just uncomment strategies you want | ||
130 | # Following are saved in local-production.json | ||
131 | cache: | ||
132 | previews: | ||
133 | size: 500 # Max number of previews you want to cache | ||
134 | captions: | ||
135 | size: 500 # Max number of video captions/subtitles you want to cache | ||
136 | admin: | ||
137 | email: 'peertube@tools.immae.eu' | ||
138 | contact_form: | ||
139 | enabled: true | ||
140 | signup: | ||
141 | enabled: false | ||
142 | limit: 10 | ||
143 | requires_email_verification: false | ||
144 | filters: | ||
145 | cidr: | ||
146 | whitelist: [] | ||
147 | blacklist: [] | ||
148 | user: | ||
149 | video_quota: -1 | ||
150 | video_quota_daily: -1 | ||
151 | transcoding: | ||
152 | enabled: false | ||
153 | allow_additional_extensions: true | ||
154 | threads: 1 | ||
155 | resolutions: | ||
156 | 240p: false | ||
157 | 360p: false | ||
158 | 480p: true | ||
159 | 720p: true | ||
160 | 1080p: true | ||
161 | hls: | ||
162 | enabled: false | ||
163 | import: | ||
164 | videos: | ||
165 | http: | ||
166 | enabled: true | ||
167 | torrent: | ||
168 | enabled: false | ||
169 | instance: | ||
170 | name: 'Immae’s PeerTube' | ||
171 | short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.' | ||
172 | description: ''' | ||
173 | terms: ''' | ||
174 | default_client_route: '/videos/trending' | ||
175 | default_nsfw_policy: 'blur' | ||
176 | customizations: | ||
177 | javascript: ''' | ||
178 | css: ''' | ||
179 | robots: | | ||
180 | User-agent: * | ||
181 | Disallow: | ||
182 | securitytxt: | ||
183 | "# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:" | ||
184 | services: | ||
185 | # You can provide a reporting endpoint for Content Security Policy violations | ||
186 | csp-logger: | ||
187 | twitter: | ||
188 | username: '@_immae' | ||
189 | whitelisted: false | ||
190 | ''; | ||
191 | }]; | ||
192 | |||
193 | system.activationScripts.peertube = { | ||
194 | deps = [ "users" ]; | ||
195 | text = '' | ||
196 | install -m 0750 -o peertube -g peertube -d ${varDir} | ||
197 | install -m 0750 -o peertube -g peertube -d ${varDir}/config | ||
198 | ln -sf /var/secrets/webapps/tools-peertube ${varDir}/config/production.yaml | ||
199 | ''; | ||
200 | }; | ||
201 | |||
202 | services.myWebsites.tools.modules = [ | ||
203 | "headers" "proxy" "proxy_http" "proxy_wstunnel" | ||
204 | ]; | ||
205 | security.acme.certs."eldiron".extraDomains."peertube.immae.eu" = null; | ||
206 | services.myWebsites.tools.vhostConfs.peertube = { | ||
207 | certName = "eldiron"; | ||
208 | hosts = [ "peertube.immae.eu" ]; | ||
209 | root = null; | ||
210 | extraConfig = [ '' | ||
211 | ProxyPass / http://localhost:${env.listenPort}/ | ||
212 | ProxyPassReverse / http://localhost:${env.listenPort}/ | ||
213 | |||
214 | ProxyPreserveHost On | ||
215 | RequestHeader set X-Real-IP %{REMOTE_ADDR}s | ||
216 | |||
217 | ProxyPass /tracker/socket ws://127.0.0.1:${env.listenPort}/tracker/socket | ||
218 | ProxyPassReverse /tracker/socket ws://127.0.0.1:${env.listenPort}/tracker/socket | ||
219 | |||
220 | ProxyPass /socket.io ws://127.0.0.1:${env.listenPort}/socket.io | ||
221 | ProxyPassReverse /socket.io ws://127.0.0.1:${env.listenPort}/socket.io | ||
222 | '' ]; | ||
223 | }; | ||
224 | }; | ||
225 | } | ||
diff --git a/nixops/modules/websites/tools/peertube/default.nix b/nixops/modules/websites/tools/peertube/default.nix deleted file mode 100644 index 1ad79d7..0000000 --- a/nixops/modules/websites/tools/peertube/default.nix +++ /dev/null | |||
@@ -1,101 +0,0 @@ | |||
1 | { lib, pkgs, config, myconfig, mylibs, ... }: | ||
2 | let | ||
3 | peertube = pkgs.callPackage ./peertube.nix { | ||
4 | inherit (mylibs) fetchedGithub; | ||
5 | env = myconfig.env.tools.peertube; | ||
6 | }; | ||
7 | |||
8 | cfg = config.services.myWebsites.tools.peertube; | ||
9 | in { | ||
10 | options.services.myWebsites.tools.peertube = { | ||
11 | enable = lib.mkEnableOption "enable Peertube's website"; | ||
12 | }; | ||
13 | |||
14 | config = lib.mkIf cfg.enable { | ||
15 | ids.uids.peertube = myconfig.env.tools.peertube.user.uid; | ||
16 | ids.gids.peertube = myconfig.env.tools.peertube.user.gid; | ||
17 | |||
18 | users.users.peertube = { | ||
19 | name = "peertube"; | ||
20 | uid = config.ids.uids.peertube; | ||
21 | group = "peertube"; | ||
22 | description = "Peertube user"; | ||
23 | home = peertube.varDir; | ||
24 | useDefaultShell = true; | ||
25 | extraGroups = [ "keys" ]; | ||
26 | }; | ||
27 | |||
28 | users.groups.peertube.gid = config.ids.gids.peertube; | ||
29 | |||
30 | systemd.services.peertube = { | ||
31 | description = "Peertube"; | ||
32 | wantedBy = [ "multi-user.target" ]; | ||
33 | after = [ "network.target" "postgresql.service" ]; | ||
34 | wants = [ "postgresql.service" ]; | ||
35 | |||
36 | environment.NODE_CONFIG_DIR = "${peertube.varDir}/config"; | ||
37 | environment.NODE_ENV = "production"; | ||
38 | environment.HOME = peertube.webappDir; | ||
39 | |||
40 | path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ]; | ||
41 | |||
42 | script = '' | ||
43 | exec npm run start | ||
44 | ''; | ||
45 | |||
46 | serviceConfig = { | ||
47 | User = "peertube"; | ||
48 | Group = "peertube"; | ||
49 | WorkingDirectory = peertube.webappDir; | ||
50 | PrivateTmp = true; | ||
51 | ProtectHome = true; | ||
52 | ProtectControlGroups = true; | ||
53 | Restart = "always"; | ||
54 | Type = "simple"; | ||
55 | TimeoutSec = 60; | ||
56 | }; | ||
57 | |||
58 | unitConfig.RequiresMountsFor = peertube.varDir; | ||
59 | }; | ||
60 | |||
61 | mySecrets.keys = [{ | ||
62 | dest = "webapps/tools-peertube"; | ||
63 | user = "peertube"; | ||
64 | group = "peertube"; | ||
65 | permissions = "0640"; | ||
66 | text = peertube.config; | ||
67 | }]; | ||
68 | |||
69 | system.activationScripts.peertube = { | ||
70 | deps = [ "users" ]; | ||
71 | text = '' | ||
72 | install -m 0750 -o peertube -g peertube -d ${peertube.varDir} | ||
73 | install -m 0750 -o peertube -g peertube -d ${peertube.varDir}/config | ||
74 | ln -sf /var/secrets/webapps/tools-peertube ${peertube.varDir}/config/production.yaml | ||
75 | ''; | ||
76 | }; | ||
77 | |||
78 | services.myWebsites.tools.modules = [ | ||
79 | "headers" "proxy" "proxy_http" "proxy_wstunnel" | ||
80 | ]; | ||
81 | security.acme.certs."eldiron".extraDomains."peertube.immae.eu" = null; | ||
82 | services.myWebsites.tools.vhostConfs.peertube = { | ||
83 | certName = "eldiron"; | ||
84 | hosts = [ "peertube.immae.eu" ]; | ||
85 | root = null; | ||
86 | extraConfig = [ '' | ||
87 | ProxyPass / http://localhost:${peertube.listenPort}/ | ||
88 | ProxyPassReverse / http://localhost:${peertube.listenPort}/ | ||
89 | |||
90 | ProxyPreserveHost On | ||
91 | RequestHeader set X-Real-IP %{REMOTE_ADDR}s | ||
92 | |||
93 | ProxyPass /tracker/socket ws://127.0.0.1:${peertube.listenPort}/tracker/socket | ||
94 | ProxyPassReverse /tracker/socket ws://127.0.0.1:${peertube.listenPort}/tracker/socket | ||
95 | |||
96 | ProxyPass /socket.io ws://127.0.0.1:${peertube.listenPort}/socket.io | ||
97 | ProxyPassReverse /socket.io ws://127.0.0.1:${peertube.listenPort}/socket.io | ||
98 | '' ]; | ||
99 | }; | ||
100 | }; | ||
101 | } | ||
diff --git a/nixops/modules/websites/tools/peertube/peertube.nix b/nixops/modules/websites/tools/peertube/peertube.nix deleted file mode 100644 index d2be5b6..0000000 --- a/nixops/modules/websites/tools/peertube/peertube.nix +++ /dev/null | |||
@@ -1,190 +0,0 @@ | |||
1 | { env, fetchedGithub, fetchurl, fetchzip, stdenv, writeText, pkgs, cacert }: | ||
2 | let | ||
3 | varDir = "/var/lib/peertube"; | ||
4 | listenPort = env.listenPort; | ||
5 | # Doesn't seem to work | ||
6 | # patchedPackages = stdenv.mkDerivation (fetchedGithub ./peertube.json // rec { | ||
7 | # patches = [ ./ldap.patch ]; | ||
8 | # installPhase = '' | ||
9 | # mkdir $out | ||
10 | # cp package.json yarn.lock $out/ | ||
11 | # ''; | ||
12 | # }); | ||
13 | # yarnModules = pkgs.yarn2nix.mkYarnModules { | ||
14 | # name = "peertube-yarn-modules"; | ||
15 | # packageJSON = "${patchedPackages}/package.json"; | ||
16 | # yarnLock = "${patchedPackages}/yarn.lock"; | ||
17 | # yarnNix = ./yarn-packages.nix; | ||
18 | # }; | ||
19 | patchedServer = stdenv.mkDerivation (fetchedGithub ./peertube.json // rec { | ||
20 | __noChroot = true; | ||
21 | patches = [ | ||
22 | ./ldap.patch | ||
23 | ./sendmail.patch | ||
24 | ]; | ||
25 | buildPhase = '' | ||
26 | export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
27 | export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
28 | export HOME=$PWD | ||
29 | yarn install --pure-lockfile | ||
30 | npm run build:server | ||
31 | ''; | ||
32 | installPhase = '' | ||
33 | mkdir $out | ||
34 | cp -a dist/server $out | ||
35 | ''; | ||
36 | buildInputs = [ pkgs.python pkgs.git pkgs.yarn pkgs.nodejs ]; | ||
37 | }); | ||
38 | webappDir = stdenv.mkDerivation rec { | ||
39 | __noChroot = true; | ||
40 | version = "v1.2.0"; | ||
41 | name = "peertube-${version}"; | ||
42 | src = fetchzip { | ||
43 | url = "https://github.com/Chocobozzz/PeerTube/releases/download/${version}/${name}.zip"; | ||
44 | sha256 = "18fp3fy1crw67gdpc29nr38b5zy2f68l70w47zwp7dzhd8bbbipp"; | ||
45 | }; | ||
46 | patches = [ ./ldap_yarn.patch ]; | ||
47 | buildPhase = '' | ||
48 | export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
49 | export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
50 | export HOME=$PWD | ||
51 | yarn install --production --pure-lockfile | ||
52 | rm -rf dist/server && cp -a ${patchedServer}/server dist | ||
53 | ''; | ||
54 | installPhase = '' | ||
55 | mkdir $out | ||
56 | cp -a * $out | ||
57 | ''; | ||
58 | buildInputs = [ pkgs.yarn pkgs.git pkgs.python ]; | ||
59 | }; | ||
60 | config = '' | ||
61 | listen: | ||
62 | hostname: 'localhost' | ||
63 | port: ${env.listenPort} | ||
64 | webserver: | ||
65 | https: true | ||
66 | hostname: 'peertube.immae.eu' | ||
67 | port: 443 | ||
68 | trust_proxy: | ||
69 | - 'loopback' | ||
70 | database: | ||
71 | hostname: '${env.postgresql.socket}' | ||
72 | port: 5432 | ||
73 | suffix: '_prod' | ||
74 | username: '${env.postgresql.user}' | ||
75 | password: '${env.postgresql.password}' | ||
76 | pool: | ||
77 | max: 5 | ||
78 | redis: | ||
79 | socket: '${env.redis.socket}' | ||
80 | auth: null | ||
81 | db: ${env.redis.db_index} | ||
82 | ldap: | ||
83 | enable: true | ||
84 | ldap_only: false | ||
85 | url: ldaps://${env.ldap.host}/${env.ldap.base} | ||
86 | bind_dn: ${env.ldap.dn} | ||
87 | bind_password: ${env.ldap.password} | ||
88 | base: ${env.ldap.base} | ||
89 | mail_entry: "mail" | ||
90 | user_filter: "${env.ldap.filter}" | ||
91 | smtp: | ||
92 | transport: sendmail | ||
93 | sendmail: '/run/wrappers/bin/sendmail' | ||
94 | hostname: null | ||
95 | port: 465 # If you use StartTLS: 587 | ||
96 | username: null | ||
97 | password: null | ||
98 | tls: true # If you use StartTLS: false | ||
99 | disable_starttls: false | ||
100 | ca_file: null # Used for self signed certificates | ||
101 | from_address: 'peertube@tools.immae.eu' | ||
102 | storage: | ||
103 | tmp: '${varDir}/storage/tmp/' | ||
104 | avatars: '${varDir}/storage/avatars/' | ||
105 | videos: '${varDir}/storage/videos/' | ||
106 | redundancy: '${varDir}/storage/videos/' | ||
107 | logs: '${varDir}/storage/logs/' | ||
108 | previews: '${varDir}/storage/previews/' | ||
109 | thumbnails: '${varDir}/storage/thumbnails/' | ||
110 | torrents: '${varDir}/storage/torrents/' | ||
111 | captions: '${varDir}/storage/captions/' | ||
112 | cache: '${varDir}/storage/cache/' | ||
113 | log: | ||
114 | level: 'info' | ||
115 | search: | ||
116 | remote_uri: | ||
117 | users: true | ||
118 | anonymous: false | ||
119 | trending: | ||
120 | videos: | ||
121 | interval_days: 7 | ||
122 | redundancy: | ||
123 | videos: | ||
124 | check_interval: '1 hour' # How often you want to check new videos to cache | ||
125 | strategies: # Just uncomment strategies you want | ||
126 | # Following are saved in local-production.json | ||
127 | cache: | ||
128 | previews: | ||
129 | size: 500 # Max number of previews you want to cache | ||
130 | captions: | ||
131 | size: 500 # Max number of video captions/subtitles you want to cache | ||
132 | admin: | ||
133 | email: 'peertube@tools.immae.eu' | ||
134 | contact_form: | ||
135 | enabled: true | ||
136 | signup: | ||
137 | enabled: false | ||
138 | limit: 10 | ||
139 | requires_email_verification: false | ||
140 | filters: | ||
141 | cidr: | ||
142 | whitelist: [] | ||
143 | blacklist: [] | ||
144 | user: | ||
145 | video_quota: -1 | ||
146 | video_quota_daily: -1 | ||
147 | transcoding: | ||
148 | enabled: false | ||
149 | allow_additional_extensions: true | ||
150 | threads: 1 | ||
151 | resolutions: | ||
152 | 240p: false | ||
153 | 360p: false | ||
154 | 480p: true | ||
155 | 720p: true | ||
156 | 1080p: true | ||
157 | hls: | ||
158 | enabled: false | ||
159 | import: | ||
160 | videos: | ||
161 | http: | ||
162 | enabled: true | ||
163 | torrent: | ||
164 | enabled: false | ||
165 | instance: | ||
166 | name: 'Immae’s PeerTube' | ||
167 | short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.' | ||
168 | description: ''' | ||
169 | terms: ''' | ||
170 | default_client_route: '/videos/trending' | ||
171 | default_nsfw_policy: 'blur' | ||
172 | customizations: | ||
173 | javascript: ''' | ||
174 | css: ''' | ||
175 | robots: | | ||
176 | User-agent: * | ||
177 | Disallow: | ||
178 | securitytxt: | ||
179 | "# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:" | ||
180 | services: | ||
181 | # You can provide a reporting endpoint for Content Security Policy violations | ||
182 | csp-logger: | ||
183 | twitter: | ||
184 | username: '@_immae' | ||
185 | whitelisted: false | ||
186 | ''; | ||
187 | in | ||
188 | { | ||
189 | inherit varDir webappDir config listenPort; | ||
190 | } | ||
diff --git a/pkgs/impure/peertube/default.nix b/pkgs/impure/peertube/default.nix new file mode 100644 index 0000000..89fcb04 --- /dev/null +++ b/pkgs/impure/peertube/default.nix | |||
@@ -0,0 +1,58 @@ | |||
1 | { stdenv, fetchzip, cacert, mylibs, python, git, yarn, nodejs }: | ||
2 | let | ||
3 | # Doesn't seem to work | ||
4 | # patchedPackages = stdenv.mkDerivation (fetchedGithub ./peertube.json // rec { | ||
5 | # patches = [ ./ldap.patch ]; | ||
6 | # installPhase = '' | ||
7 | # mkdir $out | ||
8 | # cp package.json yarn.lock $out/ | ||
9 | # ''; | ||
10 | # }); | ||
11 | # yarnModules = pkgs.yarn2nix.mkYarnModules { | ||
12 | # name = "peertube-yarn-modules"; | ||
13 | # packageJSON = "${patchedPackages}/package.json"; | ||
14 | # yarnLock = "${patchedPackages}/yarn.lock"; | ||
15 | # yarnNix = ./yarn-packages.nix; | ||
16 | # }; | ||
17 | patchedServer = stdenv.mkDerivation (mylibs.fetchedGithub ./peertube.json // rec { | ||
18 | __noChroot = true; | ||
19 | patches = [ | ||
20 | ./ldap.patch | ||
21 | ./sendmail.patch | ||
22 | ]; | ||
23 | buildPhase = '' | ||
24 | export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
25 | export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
26 | export HOME=$PWD | ||
27 | yarn install --pure-lockfile | ||
28 | npm run build:server | ||
29 | ''; | ||
30 | installPhase = '' | ||
31 | mkdir $out | ||
32 | cp -a dist/server $out | ||
33 | ''; | ||
34 | buildInputs = [ python git yarn nodejs ]; | ||
35 | }); | ||
36 | in | ||
37 | stdenv.mkDerivation rec { | ||
38 | __noChroot = true; | ||
39 | version = "v1.2.0"; | ||
40 | name = "peertube-${version}"; | ||
41 | src = fetchzip { | ||
42 | url = "https://github.com/Chocobozzz/PeerTube/releases/download/${version}/${name}.zip"; | ||
43 | sha256 = "18fp3fy1crw67gdpc29nr38b5zy2f68l70w47zwp7dzhd8bbbipp"; | ||
44 | }; | ||
45 | patches = [ ./ldap_yarn.patch ]; | ||
46 | buildPhase = '' | ||
47 | export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
48 | export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
49 | export HOME=$PWD | ||
50 | yarn install --production --pure-lockfile | ||
51 | rm -rf dist/server && cp -a ${patchedServer}/server dist | ||
52 | ''; | ||
53 | installPhase = '' | ||
54 | mkdir $out | ||
55 | cp -a * $out | ||
56 | ''; | ||
57 | buildInputs = [ yarn git python ]; | ||
58 | } | ||
diff --git a/nixops/modules/websites/tools/peertube/ldap.patch b/pkgs/impure/peertube/ldap.patch index 7ad5cc5..7ad5cc5 100644 --- a/nixops/modules/websites/tools/peertube/ldap.patch +++ b/pkgs/impure/peertube/ldap.patch | |||
diff --git a/nixops/modules/websites/tools/peertube/ldap_yarn.patch b/pkgs/impure/peertube/ldap_yarn.patch index 538ce04..538ce04 100644 --- a/nixops/modules/websites/tools/peertube/ldap_yarn.patch +++ b/pkgs/impure/peertube/ldap_yarn.patch | |||
diff --git a/nixops/modules/websites/tools/peertube/peertube.json b/pkgs/impure/peertube/peertube.json index fd2ef7d..fd2ef7d 100644 --- a/nixops/modules/websites/tools/peertube/peertube.json +++ b/pkgs/impure/peertube/peertube.json | |||
diff --git a/nixops/modules/websites/tools/peertube/sendmail.patch b/pkgs/impure/peertube/sendmail.patch index b42bc49..b42bc49 100644 --- a/nixops/modules/websites/tools/peertube/sendmail.patch +++ b/pkgs/impure/peertube/sendmail.patch | |||
diff --git a/nixops/modules/websites/tools/peertube/yarn-packages.nix b/pkgs/impure/peertube/yarn-packages.nix index b1be2e1..b1be2e1 100644 --- a/nixops/modules/websites/tools/peertube/yarn-packages.nix +++ b/pkgs/impure/peertube/yarn-packages.nix | |||
diff --git a/pkgs/webapps/default.nix b/pkgs/webapps/default.nix index 11bd0ce..84e39ff 100644 --- a/pkgs/webapps/default.nix +++ b/pkgs/webapps/default.nix | |||
@@ -65,6 +65,7 @@ rec { | |||
65 | lib.attrsets.genAttrs names | 65 | lib.attrsets.genAttrs names |
66 | (name: callPackage (./nextcloud/apps + "/${name}.nix") { buildApp = nextcloud.buildApp; }); | 66 | (name: callPackage (./nextcloud/apps + "/${name}.nix") { buildApp = nextcloud.buildApp; }); |
67 | 67 | ||
68 | peertube = callPackage ../impure/peertube { inherit mylibs; }; | ||
68 | phpldapadmin = callPackage ./phpldapadmin {}; | 69 | phpldapadmin = callPackage ./phpldapadmin {}; |
69 | rompr = callPackage ./rompr { inherit mylibs; }; | 70 | rompr = callPackage ./rompr { inherit mylibs; }; |
70 | 71 | ||