149 lines
5.5 KiB

  1. description: "PeerTube Server"
  2. maintainer: "Valentin Lab <valentin.lab@kalysto.org>"
  3. ## XXXvlab: docker uses the 'build' directory or the 'image:' option here.
  4. #docker-image: chocobozzz/peertube:production-stretch ## YYY: to save in our docker-registry
  5. data-resources:
  6. - /var/lib/peertube
  7. - /var/log/peertube
  8. - /var/cache/peertube
  9. config-resources:
  10. - /etc/peertube
  11. ## XXXvlab: options here are the one provided to the server as
  12. ## defaults BUT that can be changed from within the web
  13. ## interface.
  14. default-options:
  15. # If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag
  16. # In addition, if some resolutions are enabled the mp4 video file will be transcoded to these new resolutions.
  17. # Please, do not disable transcoding since many uploaded videos will not work
  18. transcoding:
  19. enabled: true
  20. threads: 1
  21. resolutions: # Only created if the original video has a higher resolution, uses more storage!
  22. 240p: true
  23. 360p: true
  24. 480p: true
  25. 720p: true
  26. 1080p: true
  27. import:
  28. # Add ability for your users to import remote videos (from YouTube, torrent...)
  29. videos:
  30. http: # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html
  31. enabled: true
  32. torrent: # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)
  33. enabled: true
  34. signup:
  35. enabled: true
  36. uses:
  37. postgres-database:
  38. constraint: required
  39. auto: summon
  40. solves:
  41. database: "main storage"
  42. default-options:
  43. extensions:
  44. - pg_trgm
  45. - unaccent
  46. redis-database:
  47. constraint: required
  48. auto: summon
  49. solves:
  50. database: "short time storage"
  51. # log-rotate:
  52. # constraint: recommended
  53. # auto: pair
  54. # solves:
  55. # disk-leak: "/var/log/peertube"
  56. backup:
  57. constraint: recommended
  58. auto: pair
  59. solves:
  60. backup: "Automatic regular backup"
  61. default-options:
  62. ## First pattern matching wins, no pattern matching includes.
  63. ## include-patterns are checked first, then exclude-patterns
  64. ## Patterns rules:
  65. ## - ending / for directory
  66. ## - '*' authorized
  67. ## - must start with a '/', will start from $SERVICE_DATASTORE
  68. exclude-patterns:
  69. - /var/cache/
  70. - /var/tmp/
  71. web-proxy:
  72. constraint: required
  73. auto: pair
  74. solves:
  75. proxy: "Public access"
  76. default-options:
  77. apache-custom-rules:
  78. - |
  79. ## From https://gist.github.com/rigelk/07a0b8963fa4fc1ad756374c28479bc7
  80. Protocols h2 http/1.1
  81. # HSTS (mod_headers is required) (63072000 seconds = 2 years) (only activate it knowingly)
  82. #Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
  83. Header always set X-Content-Type-Options nosniff
  84. Header always set X-Robots-Tag none
  85. Header always set X-XSS-Protection "1; mode=block"
  86. # Hard limit, PeerTube does not support videos > 4GB
  87. LimitRequestBody 4294967294
  88. # Set caching on assets for 1 year
  89. <FilesMatch ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$>
  90. Header append Cache-Control "public, max-age=31536000, immutable"
  91. </FilesMatch>
  92. AliasMatch ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ /var/www/peertube/peertube-latest/client/dist/$1
  93. # Set caching on image files for 1 year
  94. <FilesMatch ^/static/(thumbnails|avatars)/(.*)$>
  95. Header append Cache-Control "public, max-age=31536000, immutable"
  96. </FilesMatch>
  97. AliasMatch ^/static/(thumbnails|avatars)/(.*)$ /var/www/peertube/storage/$1/$2
  98. # Bypass PeerTube webseed route for better performances
  99. Alias /static/webseed /var/www/peertube/storage/videos
  100. <Location /static/webseed>
  101. # Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
  102. SetOutputFilter RATE_LIMIT
  103. SetEnv rate-limit 800
  104. SetEnvIf Request_Method "GET" GETMETH=1
  105. Header set Access-Control-Allow-Origin "*" env=GETMETH
  106. Header set Access-Control-Allow-Headers "Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type" env=GETMETH
  107. Header set Access-Control-Allow-Methods "GET, OPTIONS" env=GETMETH
  108. Header set toto "foo" env=GETMETH
  109. SetEnvIf GETMETH "1" dontlog
  110. SetEnvIf Request_Method "OPTIONS" OPTIONSMETH=1
  111. Header set Access-Control-Allow-Origin "*" env=OPTIONSMETH
  112. Header set Access-Control-Allow-Headers "Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type" env=OPTIONSMETH
  113. Header set Access-Control-Allow-Methods "GET, OPTIONS" env=OPTIONSMETH
  114. Header set Access-Control-Max-Age "1000" env=OPTIONSMETH
  115. Header set Content-Type "text/plain charset=UTF-8" env=OPTIONSMETH
  116. Header set Content-Length "0" env=OPTIONSMETH
  117. </Location>
  118. <Location /videos/embed>
  119. Header unset X-Frame-Options
  120. </Location>
  121. ProxyPreserveHost On
  122. ProxyRequests On
  123. ProxyTimeout 600
  124. # Websocket tracker
  125. RewriteEngine On
  126. RewriteCond %{HTTP:Upgrade} websocket [NC]
  127. RewriteRule /(.*) ws://127.0.0.1:9000/$1 [P,L]
  128. # <Location />
  129. # ProxyPass http://127.0.0.1:9000/
  130. # </Location>