150 lines
5.5 KiB

description: "PeerTube Server"
maintainer: "Valentin Lab <valentin.lab@kalysto.org>"
## XXXvlab: docker uses the 'build' directory or the 'image:' option here.
#docker-image: chocobozzz/peertube:production-stretch ## YYY: to save in our docker-registry
data-resources:
- /var/lib/peertube
- /var/log/peertube
- /var/cache/peertube
config-resources:
- /etc/peertube
## XXXvlab: options here are the one provided to the server as
## defaults BUT that can be changed from within the web
## interface.
default-options:
# If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag
# In addition, if some resolutions are enabled the mp4 video file will be transcoded to these new resolutions.
# Please, do not disable transcoding since many uploaded videos will not work
transcoding:
enabled: true
threads: 1
resolutions: # Only created if the original video has a higher resolution, uses more storage!
240p: true
360p: true
480p: true
720p: true
1080p: true
import:
# Add ability for your users to import remote videos (from YouTube, torrent...)
videos:
http: # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html
enabled: true
torrent: # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)
enabled: true
signup:
enabled: true
uses:
postgres-database:
constraint: required
auto: summon
solves:
database: "main storage"
default-options:
extensions:
- pg_trgm
- unaccent
redis-database:
constraint: required
auto: summon
solves:
database: "short time storage"
# log-rotate:
# constraint: recommended
# auto: pair
# solves:
# disk-leak: "/var/log/peertube"
backup:
constraint: recommended
auto: pair
solves:
backup: "Automatic regular backup"
default-options:
## First pattern matching wins, no pattern matching includes.
## include-patterns are checked first, then exclude-patterns
## Patterns rules:
## - ending / for directory
## - '*' authorized
## - must start with a '/', will start from $SERVICE_DATASTORE
exclude-patterns:
- /var/cache/
- /var/tmp/
web-proxy:
constraint: required
auto: pair
solves:
proxy: "Public access"
default-options:
apache-custom-rules:
- |
## From https://gist.github.com/rigelk/07a0b8963fa4fc1ad756374c28479bc7
Protocols h2 http/1.1
# HSTS (mod_headers is required) (63072000 seconds = 2 years) (only activate it knowingly)
#Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Content-Type-Options nosniff
Header always set X-Robots-Tag none
Header always set X-XSS-Protection "1; mode=block"
# Hard limit, PeerTube does not support videos > 4GB
LimitRequestBody 4294967294
# Set caching on assets for 1 year
<FilesMatch ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$>
Header append Cache-Control "public, max-age=31536000, immutable"
</FilesMatch>
AliasMatch ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ /var/www/peertube/peertube-latest/client/dist/$1
# Set caching on image files for 1 year
<FilesMatch ^/static/(thumbnails|avatars)/(.*)$>
Header append Cache-Control "public, max-age=31536000, immutable"
</FilesMatch>
AliasMatch ^/static/(thumbnails|avatars)/(.*)$ /var/www/peertube/storage/$1/$2
# Bypass PeerTube webseed route for better performances
Alias /static/webseed /var/www/peertube/storage/videos
<Location /static/webseed>
# Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 800
SetEnvIf Request_Method "GET" GETMETH=1
Header set Access-Control-Allow-Origin "*" env=GETMETH
Header set Access-Control-Allow-Headers "Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type" env=GETMETH
Header set Access-Control-Allow-Methods "GET, OPTIONS" env=GETMETH
Header set toto "foo" env=GETMETH
SetEnvIf GETMETH "1" dontlog
SetEnvIf Request_Method "OPTIONS" OPTIONSMETH=1
Header set Access-Control-Allow-Origin "*" env=OPTIONSMETH
Header set Access-Control-Allow-Headers "Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type" env=OPTIONSMETH
Header set Access-Control-Allow-Methods "GET, OPTIONS" env=OPTIONSMETH
Header set Access-Control-Max-Age "1000" env=OPTIONSMETH
Header set Content-Type "text/plain charset=UTF-8" env=OPTIONSMETH
Header set Content-Length "0" env=OPTIONSMETH
</Location>
<Location /videos/embed>
Header unset X-Frame-Options
</Location>
ProxyPreserveHost On
ProxyRequests On
ProxyTimeout 600
# Websocket tracker
RewriteEngine On
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule /(.*) ws://127.0.0.1:9000/$1 [P,L]
# <Location />
# ProxyPass http://127.0.0.1:9000/
# </Location>