diff options
Diffstat (limited to 'nixops/modules/websites/tools/peertube/peertube.nix')
-rw-r--r-- | nixops/modules/websites/tools/peertube/peertube.nix | 190 |
1 files changed, 190 insertions, 0 deletions
diff --git a/nixops/modules/websites/tools/peertube/peertube.nix b/nixops/modules/websites/tools/peertube/peertube.nix new file mode 100644 index 0000000..75629bd --- /dev/null +++ b/nixops/modules/websites/tools/peertube/peertube.nix | |||
@@ -0,0 +1,190 @@ | |||
1 | { env, fetchedGithub, fetchurl, fetchzip, stdenv, writeText, pkgs, cacert }: | ||
2 | let | ||
3 | varDir = "/var/lib/peertube"; | ||
4 | listenPort = env.listenPort; | ||
5 | # Doesn't seem to work | ||
6 | # patchedPackages = stdenv.mkDerivation (fetchedGithub ./peertube.json // rec { | ||
7 | # patches = [ ./ldap.patch ]; | ||
8 | # installPhase = '' | ||
9 | # mkdir $out | ||
10 | # cp package.json yarn.lock $out/ | ||
11 | # ''; | ||
12 | # }); | ||
13 | # yarnModules = pkgs.yarn2nix.mkYarnModules { | ||
14 | # name = "peertube-yarn-modules"; | ||
15 | # packageJSON = "${patchedPackages}/package.json"; | ||
16 | # yarnLock = "${patchedPackages}/yarn.lock"; | ||
17 | # yarnNix = ./yarn-packages.nix; | ||
18 | # }; | ||
19 | patchedServer = stdenv.mkDerivation (fetchedGithub ./peertube.json // rec { | ||
20 | __noChroot = true; | ||
21 | patches = [ | ||
22 | ./ldap.patch | ||
23 | ./sendmail.patch | ||
24 | ]; | ||
25 | buildPhase = '' | ||
26 | export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
27 | export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
28 | export HOME=$PWD | ||
29 | yarn install --pure-lockfile | ||
30 | npm run build:server | ||
31 | ''; | ||
32 | installPhase = '' | ||
33 | mkdir $out | ||
34 | cp -a dist/server $out | ||
35 | ''; | ||
36 | buildInputs = [ pkgs.python pkgs.git pkgs.yarn pkgs.nodejs ]; | ||
37 | }); | ||
38 | webappDir = stdenv.mkDerivation rec { | ||
39 | __noChroot = true; | ||
40 | version = "v1.2.0"; | ||
41 | name = "peertube-${version}"; | ||
42 | src = fetchzip { | ||
43 | url = "https://github.com/Chocobozzz/PeerTube/releases/download/${version}/${name}.zip"; | ||
44 | sha256 = "18fp3fy1crw67gdpc29nr38b5zy2f68l70w47zwp7dzhd8bbbipp"; | ||
45 | }; | ||
46 | patches = [ ./ldap_yarn.patch ]; | ||
47 | buildPhase = '' | ||
48 | export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
49 | export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt | ||
50 | export HOME=$PWD | ||
51 | yarn install --production --pure-lockfile | ||
52 | rm -rf dist/server && cp -a ${patchedServer}/server dist | ||
53 | ''; | ||
54 | installPhase = '' | ||
55 | mkdir $out | ||
56 | cp -a * $out | ||
57 | ''; | ||
58 | buildInputs = [ pkgs.yarn pkgs.git pkgs.python ]; | ||
59 | }; | ||
60 | config = writeText "production.yaml" '' | ||
61 | listen: | ||
62 | hostname: 'localhost' | ||
63 | port: ${env.listenPort} | ||
64 | webserver: | ||
65 | https: true | ||
66 | hostname: 'peertube.immae.eu' | ||
67 | port: 443 | ||
68 | trust_proxy: | ||
69 | - 'loopback' | ||
70 | database: | ||
71 | hostname: '${env.postgresql.socket}' | ||
72 | port: 5432 | ||
73 | suffix: '_prod' | ||
74 | username: '${env.postgresql.user}' | ||
75 | password: '${env.postgresql.password}' | ||
76 | pool: | ||
77 | max: 5 | ||
78 | redis: | ||
79 | socket: '${env.redis.socket}' | ||
80 | auth: null | ||
81 | db: ${env.redis.db_index} | ||
82 | ldap: | ||
83 | enable: true | ||
84 | ldap_only: false | ||
85 | url: ldaps://${env.ldap.host}/${env.ldap.base} | ||
86 | bind_dn: ${env.ldap.dn} | ||
87 | bind_password: ${env.ldap.password} | ||
88 | base: ${env.ldap.base} | ||
89 | mail_entry: "mail" | ||
90 | user_filter: "${env.ldap.filter}" | ||
91 | smtp: | ||
92 | transport: sendmail | ||
93 | sendmail: '/run/wrappers/bin/sendmail' | ||
94 | hostname: null | ||
95 | port: 465 # If you use StartTLS: 587 | ||
96 | username: null | ||
97 | password: null | ||
98 | tls: true # If you use StartTLS: false | ||
99 | disable_starttls: false | ||
100 | ca_file: null # Used for self signed certificates | ||
101 | from_address: 'peertube@immae.eu' | ||
102 | storage: | ||
103 | tmp: '${varDir}/storage/tmp/' | ||
104 | avatars: '${varDir}/storage/avatars/' | ||
105 | videos: '${varDir}/storage/videos/' | ||
106 | redundancy: '${varDir}/storage/videos/' | ||
107 | logs: '${varDir}/storage/logs/' | ||
108 | previews: '${varDir}/storage/previews/' | ||
109 | thumbnails: '${varDir}/storage/thumbnails/' | ||
110 | torrents: '${varDir}/storage/torrents/' | ||
111 | captions: '${varDir}/storage/captions/' | ||
112 | cache: '${varDir}/storage/cache/' | ||
113 | log: | ||
114 | level: 'info' | ||
115 | search: | ||
116 | remote_uri: | ||
117 | users: true | ||
118 | anonymous: false | ||
119 | trending: | ||
120 | videos: | ||
121 | interval_days: 7 | ||
122 | redundancy: | ||
123 | videos: | ||
124 | check_interval: '1 hour' # How often you want to check new videos to cache | ||
125 | strategies: # Just uncomment strategies you want | ||
126 | # Following are saved in local-production.json | ||
127 | cache: | ||
128 | previews: | ||
129 | size: 500 # Max number of previews you want to cache | ||
130 | captions: | ||
131 | size: 500 # Max number of video captions/subtitles you want to cache | ||
132 | admin: | ||
133 | email: 'peertube@immae.eu' | ||
134 | contact_form: | ||
135 | enabled: true | ||
136 | signup: | ||
137 | enabled: false | ||
138 | limit: 10 | ||
139 | requires_email_verification: false | ||
140 | filters: | ||
141 | cidr: | ||
142 | whitelist: [] | ||
143 | blacklist: [] | ||
144 | user: | ||
145 | video_quota: -1 | ||
146 | video_quota_daily: -1 | ||
147 | transcoding: | ||
148 | enabled: false | ||
149 | allow_additional_extensions: true | ||
150 | threads: 1 | ||
151 | resolutions: | ||
152 | 240p: false | ||
153 | 360p: false | ||
154 | 480p: true | ||
155 | 720p: true | ||
156 | 1080p: true | ||
157 | hls: | ||
158 | enabled: false | ||
159 | import: | ||
160 | videos: | ||
161 | http: | ||
162 | enabled: true | ||
163 | torrent: | ||
164 | enabled: false | ||
165 | instance: | ||
166 | name: 'Immae’s PeerTube' | ||
167 | short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.' | ||
168 | description: ''' | ||
169 | terms: ''' | ||
170 | default_client_route: '/videos/trending' | ||
171 | default_nsfw_policy: 'blur' | ||
172 | customizations: | ||
173 | javascript: ''' | ||
174 | css: ''' | ||
175 | robots: | | ||
176 | User-agent: * | ||
177 | Disallow: | ||
178 | securitytxt: | ||
179 | "# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:" | ||
180 | services: | ||
181 | # You can provide a reporting endpoint for Content Security Policy violations | ||
182 | csp-logger: | ||
183 | twitter: | ||
184 | username: '@_immae' | ||
185 | whitelisted: false | ||
186 | ''; | ||
187 | in | ||
188 | { | ||
189 | inherit varDir webappDir config listenPort; | ||
190 | } | ||