From b639cc33725fed62988b616909843bea7f7aebe3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Thu, 9 Apr 2020 17:54:17 +0200 Subject: Upgrade peertube to latest version --- .../private/websites/tools/peertube/default.nix | 108 ++++++++++++++++++--- 1 file changed, 95 insertions(+), 13 deletions(-) (limited to 'modules/private/websites/tools/peertube/default.nix') diff --git a/modules/private/websites/tools/peertube/default.nix b/modules/private/websites/tools/peertube/default.nix index 0bacfd1..445030c 100644 --- a/modules/private/websites/tools/peertube/default.nix +++ b/modules/private/websites/tools/peertube/default.nix @@ -15,7 +15,7 @@ in { services.peertube = { enable = true; configFile = "/var/secrets/webapps/tools-peertube"; - package = pkgs.webapps.peertube.override { ldap = true; }; + package = pkgs.webapps.peertube.override { ldap = true; sendmail = true; light = "fr-FR"; }; }; users.users.peertube.extraGroups = [ "keys" ]; @@ -32,6 +32,23 @@ in { https: true hostname: 'peertube.immae.eu' port: 443 + rates_limit: + api: + # 50 attempts in 10 seconds + window: 10 seconds + max: 50 + login: + # 15 attempts in 5 min + window: 5 minutes + max: 15 + signup: + # 2 attempts in 5 min (only succeeded attempts are taken into account) + window: 5 minutes + max: 2 + ask_send_email: + # 3 attempts in 5 min + window: 5 minutes + max: 3 trust_proxy: - 'loopback' database: @@ -46,15 +63,18 @@ in { socket: '${env.redis.socket}' auth: null db: ${env.redis.db} - ldap: - enable: true - ldap_only: false - url: ldaps://${env.ldap.host}/${env.ldap.base} - bind_dn: ${env.ldap.dn} - bind_password: ${env.ldap.password} - base: ${env.ldap.base} - mail_entry: "mail" - user_filter: "${env.ldap.filter}" + auth: + local: + enabled: true + ldap: + enabled: true + ldap_only: false + url: ldaps://${env.ldap.host}/${env.ldap.base} + bind_dn: ${env.ldap.dn} + bind_password: ${env.ldap.password} + base: ${env.ldap.base} + mail_entry: "mail" + user_filter: "${env.ldap.filter}" smtp: transport: sendmail sendmail: '/run/wrappers/bin/sendmail' @@ -66,10 +86,16 @@ in { disable_starttls: false ca_file: null # Used for self signed certificates from_address: 'peertube@tools.immae.eu' + email: + body: + signature: "PeerTube" + subject: + prefix: "[PeerTube]" storage: tmp: '${pcfg.dataDir}/storage/tmp/' avatars: '${pcfg.dataDir}/storage/avatars/' videos: '${pcfg.dataDir}/storage/videos/' + streaming_playlists: '${pcfg.dataDir}/storage/streaming-playlists/' redundancy: '${pcfg.dataDir}/storage/videos/' logs: '${pcfg.dataDir}/storage/logs/' previews: '${pcfg.dataDir}/storage/previews/' @@ -77,8 +103,14 @@ in { torrents: '${pcfg.dataDir}/storage/torrents/' captions: '${pcfg.dataDir}/storage/captions/' cache: '${pcfg.dataDir}/storage/cache/' + plugins: '${pcfg.dataDir}/storage/plugins/' log: level: 'info' + rotation: + enabled : true # Enabled by default, if disabled make sure that 'storage.logs' is pointing to a folder handled by logrotate + maxFileSize: 12MB + maxFiles: 20 + anonymizeIP: false search: remote_uri: users: true @@ -90,6 +122,26 @@ in { videos: check_interval: '1 hour' # How often you want to check new videos to cache strategies: # Just uncomment strategies you want + csp: + enabled: false + report_only: true # CSP directives are still being tested, so disable the report only mode at your own risk! + report_uri: + tracker: + enabled: true + private: true + reject_too_many_announces: false + history: + videos: + max_age: -1 + views: + videos: + remote: + max_age: -1 + plugins: + index: + enabled: true + check_latest_versions_interval: '12 hours' + url: 'https://packages.joinpeertube.org' # Following are saved in local-production.json cache: previews: @@ -114,13 +166,18 @@ in { transcoding: enabled: false allow_additional_extensions: true + allow_audio_files: true threads: 1 resolutions: + 0p: false 240p: false 360p: false 480p: true 720p: true 1080p: true + 2160p: false + webtorrent: + enabled: true hls: enabled: false import: @@ -129,13 +186,27 @@ in { enabled: true torrent: enabled: false + auto_blacklist: + videos: + of_users: + enabled: false instance: name: 'Immae’s PeerTube' short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.' description: ''' terms: ''' + code_of_conduct: ''' + moderation_information: ''' + creation_reason: ''' + administrator: ''' + maintenance_lifetime: ''' + business_model: ''' + hardware_information: ''' + languages: + categories: default_client_route: '/videos/trending' - default_nsfw_policy: 'blur' + is_nsfw: false + default_nsfw_policy: 'do_not_list' customizations: javascript: ''' css: ''' @@ -145,11 +216,22 @@ in { securitytxt: "# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:" services: - # You can provide a reporting endpoint for Content Security Policy violations - csp-logger: twitter: username: '@_immae' whitelisted: false + followers: + instance: + enabled: true + manual_approval: false + followings: + instance: + auto_follow_back: + enabled: false + auto_follow_index: + enabled: false + index_url: 'https://instances.joinpeertube.org' + theme: + default: 'default' ''; }]; -- cgit v1.2.3