150 lines
5.5 KiB
150 lines
5.5 KiB
description: "PeerTube Server"
|
|
maintainer: "Valentin Lab <valentin.lab@kalysto.org>"
|
|
## XXXvlab: docker uses the 'build' directory or the 'image:' option here.
|
|
#docker-image: chocobozzz/peertube:production-stretch ## YYY: to save in our docker-registry
|
|
data-resources:
|
|
- /var/lib/peertube
|
|
- /var/log/peertube
|
|
- /var/cache/peertube
|
|
config-resources:
|
|
- /etc/peertube
|
|
|
|
## XXXvlab: options here are the one provided to the server as
|
|
## defaults BUT that can be changed from within the web
|
|
## interface.
|
|
default-options:
|
|
# If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag
|
|
# In addition, if some resolutions are enabled the mp4 video file will be transcoded to these new resolutions.
|
|
# Please, do not disable transcoding since many uploaded videos will not work
|
|
transcoding:
|
|
enabled: true
|
|
threads: 1
|
|
resolutions: # Only created if the original video has a higher resolution, uses more storage!
|
|
240p: true
|
|
360p: true
|
|
480p: true
|
|
720p: true
|
|
1080p: true
|
|
|
|
import:
|
|
# Add ability for your users to import remote videos (from YouTube, torrent...)
|
|
videos:
|
|
http: # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html
|
|
enabled: true
|
|
torrent: # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)
|
|
enabled: true
|
|
|
|
signup:
|
|
enabled: true
|
|
|
|
|
|
uses:
|
|
postgres-database:
|
|
constraint: required
|
|
auto: summon
|
|
solves:
|
|
database: "main storage"
|
|
default-options:
|
|
extensions:
|
|
- pg_trgm
|
|
- unaccent
|
|
redis-database:
|
|
constraint: required
|
|
auto: summon
|
|
solves:
|
|
database: "short time storage"
|
|
# log-rotate:
|
|
# constraint: recommended
|
|
# auto: pair
|
|
# solves:
|
|
# disk-leak: "/var/log/peertube"
|
|
backup:
|
|
constraint: recommended
|
|
auto: pair
|
|
solves:
|
|
backup: "Automatic regular backup"
|
|
default-options:
|
|
## First pattern matching wins, no pattern matching includes.
|
|
## include-patterns are checked first, then exclude-patterns
|
|
## Patterns rules:
|
|
## - ending / for directory
|
|
## - '*' authorized
|
|
## - must start with a '/', will start from $SERVICE_DATASTORE
|
|
exclude-patterns:
|
|
- /var/cache/
|
|
- /var/tmp/
|
|
web-proxy:
|
|
constraint: required
|
|
auto: pair
|
|
solves:
|
|
proxy: "Public access"
|
|
default-options:
|
|
apache-custom-rules:
|
|
- |
|
|
## From https://gist.github.com/rigelk/07a0b8963fa4fc1ad756374c28479bc7
|
|
|
|
Protocols h2 http/1.1
|
|
|
|
# HSTS (mod_headers is required) (63072000 seconds = 2 years) (only activate it knowingly)
|
|
#Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
|
|
|
|
Header always set X-Content-Type-Options nosniff
|
|
Header always set X-Robots-Tag none
|
|
Header always set X-XSS-Protection "1; mode=block"
|
|
|
|
# Hard limit, PeerTube does not support videos > 4GB
|
|
LimitRequestBody 4294967294
|
|
|
|
# Set caching on assets for 1 year
|
|
<FilesMatch ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$>
|
|
Header append Cache-Control "public, max-age=31536000, immutable"
|
|
</FilesMatch>
|
|
AliasMatch ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ /var/www/peertube/peertube-latest/client/dist/$1
|
|
|
|
# Set caching on image files for 1 year
|
|
<FilesMatch ^/static/(thumbnails|avatars)/(.*)$>
|
|
Header append Cache-Control "public, max-age=31536000, immutable"
|
|
</FilesMatch>
|
|
AliasMatch ^/static/(thumbnails|avatars)/(.*)$ /var/www/peertube/storage/$1/$2
|
|
|
|
# Bypass PeerTube webseed route for better performances
|
|
Alias /static/webseed /var/www/peertube/storage/videos
|
|
<Location /static/webseed>
|
|
# Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
|
|
SetOutputFilter RATE_LIMIT
|
|
SetEnv rate-limit 800
|
|
|
|
SetEnvIf Request_Method "GET" GETMETH=1
|
|
|
|
Header set Access-Control-Allow-Origin "*" env=GETMETH
|
|
Header set Access-Control-Allow-Headers "Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type" env=GETMETH
|
|
Header set Access-Control-Allow-Methods "GET, OPTIONS" env=GETMETH
|
|
Header set toto "foo" env=GETMETH
|
|
SetEnvIf GETMETH "1" dontlog
|
|
|
|
SetEnvIf Request_Method "OPTIONS" OPTIONSMETH=1
|
|
|
|
Header set Access-Control-Allow-Origin "*" env=OPTIONSMETH
|
|
Header set Access-Control-Allow-Headers "Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type" env=OPTIONSMETH
|
|
Header set Access-Control-Allow-Methods "GET, OPTIONS" env=OPTIONSMETH
|
|
Header set Access-Control-Max-Age "1000" env=OPTIONSMETH
|
|
Header set Content-Type "text/plain charset=UTF-8" env=OPTIONSMETH
|
|
Header set Content-Length "0" env=OPTIONSMETH
|
|
</Location>
|
|
|
|
<Location /videos/embed>
|
|
Header unset X-Frame-Options
|
|
</Location>
|
|
|
|
ProxyPreserveHost On
|
|
ProxyRequests On
|
|
ProxyTimeout 600
|
|
|
|
# Websocket tracker
|
|
RewriteEngine On
|
|
RewriteCond %{HTTP:Upgrade} websocket [NC]
|
|
RewriteRule /(.*) ws://127.0.0.1:9000/$1 [P,L]
|
|
|
|
# <Location />
|
|
# ProxyPass http://127.0.0.1:9000/
|
|
# </Location>
|