From 0eaac6ba283159841da70fdfd74cb0ef7c6203ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Thu, 14 Feb 2019 19:23:06 +0100 Subject: Add peertube tool Fixes https://git.immae.eu/mantisbt/view.php?id=118 --- .../modules/websites/tools/peertube/peertube.nix | 190 +++++++++++++++++++++ 1 file changed, 190 insertions(+) create mode 100644 nixops/modules/websites/tools/peertube/peertube.nix (limited to 'nixops/modules/websites/tools/peertube/peertube.nix') diff --git a/nixops/modules/websites/tools/peertube/peertube.nix b/nixops/modules/websites/tools/peertube/peertube.nix new file mode 100644 index 0000000..75629bd --- /dev/null +++ b/nixops/modules/websites/tools/peertube/peertube.nix @@ -0,0 +1,190 @@ +{ env, fetchedGithub, fetchurl, fetchzip, stdenv, writeText, pkgs, cacert }: +let + varDir = "/var/lib/peertube"; + listenPort = env.listenPort; + # Doesn't seem to work + # patchedPackages = stdenv.mkDerivation (fetchedGithub ./peertube.json // rec { + # patches = [ ./ldap.patch ]; + # installPhase = '' + # mkdir $out + # cp package.json yarn.lock $out/ + # ''; + # }); + # yarnModules = pkgs.yarn2nix.mkYarnModules { + # name = "peertube-yarn-modules"; + # packageJSON = "${patchedPackages}/package.json"; + # yarnLock = "${patchedPackages}/yarn.lock"; + # yarnNix = ./yarn-packages.nix; + # }; + patchedServer = stdenv.mkDerivation (fetchedGithub ./peertube.json // rec { + __noChroot = true; + patches = [ + ./ldap.patch + ./sendmail.patch + ]; + buildPhase = '' + export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt + export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt + export HOME=$PWD + yarn install --pure-lockfile + npm run build:server + ''; + installPhase = '' + mkdir $out + cp -a dist/server $out + ''; + buildInputs = [ pkgs.python pkgs.git pkgs.yarn pkgs.nodejs ]; + }); + webappDir = stdenv.mkDerivation rec { + __noChroot = true; + version = "v1.2.0"; + name = "peertube-${version}"; + src = fetchzip { + url = "https://github.com/Chocobozzz/PeerTube/releases/download/${version}/${name}.zip"; + sha256 = "18fp3fy1crw67gdpc29nr38b5zy2f68l70w47zwp7dzhd8bbbipp"; + }; + patches = [ ./ldap_yarn.patch ]; + buildPhase = '' + export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt + export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt + export HOME=$PWD + yarn install --production --pure-lockfile + rm -rf dist/server && cp -a ${patchedServer}/server dist + ''; + installPhase = '' + mkdir $out + cp -a * $out + ''; + buildInputs = [ pkgs.yarn pkgs.git pkgs.python ]; + }; + config = writeText "production.yaml" '' + listen: + hostname: 'localhost' + port: ${env.listenPort} + webserver: + https: true + hostname: 'peertube.immae.eu' + port: 443 + trust_proxy: + - 'loopback' + database: + hostname: '${env.postgresql.socket}' + port: 5432 + suffix: '_prod' + username: '${env.postgresql.user}' + password: '${env.postgresql.password}' + pool: + max: 5 + redis: + socket: '${env.redis.socket}' + auth: null + db: ${env.redis.db_index} + ldap: + enable: true + ldap_only: false + url: ldaps://${env.ldap.host}/${env.ldap.base} + bind_dn: ${env.ldap.dn} + bind_password: ${env.ldap.password} + base: ${env.ldap.base} + mail_entry: "mail" + user_filter: "${env.ldap.filter}" + smtp: + transport: sendmail + sendmail: '/run/wrappers/bin/sendmail' + hostname: null + port: 465 # If you use StartTLS: 587 + username: null + password: null + tls: true # If you use StartTLS: false + disable_starttls: false + ca_file: null # Used for self signed certificates + from_address: 'peertube@immae.eu' + storage: + tmp: '${varDir}/storage/tmp/' + avatars: '${varDir}/storage/avatars/' + videos: '${varDir}/storage/videos/' + redundancy: '${varDir}/storage/videos/' + logs: '${varDir}/storage/logs/' + previews: '${varDir}/storage/previews/' + thumbnails: '${varDir}/storage/thumbnails/' + torrents: '${varDir}/storage/torrents/' + captions: '${varDir}/storage/captions/' + cache: '${varDir}/storage/cache/' + log: + level: 'info' + search: + remote_uri: + users: true + anonymous: false + trending: + videos: + interval_days: 7 + redundancy: + videos: + check_interval: '1 hour' # How often you want to check new videos to cache + strategies: # Just uncomment strategies you want + # Following are saved in local-production.json + cache: + previews: + size: 500 # Max number of previews you want to cache + captions: + size: 500 # Max number of video captions/subtitles you want to cache + admin: + email: 'peertube@immae.eu' + contact_form: + enabled: true + signup: + enabled: false + limit: 10 + requires_email_verification: false + filters: + cidr: + whitelist: [] + blacklist: [] + user: + video_quota: -1 + video_quota_daily: -1 + transcoding: + enabled: false + allow_additional_extensions: true + threads: 1 + resolutions: + 240p: false + 360p: false + 480p: true + 720p: true + 1080p: true + hls: + enabled: false + import: + videos: + http: + enabled: true + torrent: + enabled: false + instance: + name: 'Immae’s PeerTube' + short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.' + description: ''' + terms: ''' + default_client_route: '/videos/trending' + default_nsfw_policy: 'blur' + customizations: + javascript: ''' + css: ''' + robots: | + User-agent: * + Disallow: + securitytxt: + "# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:" + services: + # You can provide a reporting endpoint for Content Security Policy violations + csp-logger: + twitter: + username: '@_immae' + whitelisted: false + ''; +in + { + inherit varDir webappDir config listenPort; + } -- cgit v1.2.3