diff --git a/webapps/peertube/LISEZMOI.md b/webapps/peertube/LISEZMOI.md
new file mode 100644
index 00000000..28c3068f
--- /dev/null
+++ b/webapps/peertube/LISEZMOI.md
@@ -0,0 +1,49 @@
+peertube
+=====
+
+Ce rôle installe un serveur peertube.
+
+Notez qu'hormis le présent fichier LISEZMOI.md, tous les fichiers du rôle peertube sont rédigés en anglais afin de suivre les conventions de la communauté Ansible, favoriser sa réutilisation et son amélioration, etc. Libre à vous cependant de faire appel à ce role dans un playbook rédigé principalement en français ou toute autre langue.
+
+Requis
+------
+
+...
+
+Variables du rôle
+-----------------
+
+Plusieurs des valeurs par défaut dans defaults/main.yml doivent être changées soit directement dans defaults/main.yml ou mieux encore en les supplantant ailleurs, par exemple dans votre playbook (voir l'exemple ci-bas).
+
+Dépendances
+------------
+
+Ce rôle Ansible dépend des rôles suivants :
+
+- nodejs
+
+Exemple de playbook
+-------------------
+
+```
+- name: "Déployer un serveur peertube"
+ hosts:
+ - all
+ vars:
+ # Supplanter ici les variables du rôle
+ domains: ['votre-vrai-domaine.org']
+ service: 'mon-peertube'
+
+ roles:
+ - { role: webapps/peertube , tags: "peertube" }
+```
+
+Licence
+-------
+
+GPLv3
+
+Infos sur l'auteur
+------------------
+
+Mathieu Gauthier-Pilote, administrateur de systèmes chez Evolix.
diff --git a/webapps/peertube/README.md b/webapps/peertube/README.md
index 4e4af14c..d022a374 100644
--- a/webapps/peertube/README.md
+++ b/webapps/peertube/README.md
@@ -1,10 +1,49 @@
-# Peertube
+peertube
+=====
-This depends on the following roles
+This role installs or upgrades the server for peertube.
- - certbot
- - evolinux-base
- - nginx
- - nodejs
- - postgresql
- - redis
\ No newline at end of file
+FRENCH: Voir le fichier LISEZMOI.md pour le français.
+
+Requirements
+------------
+
+...
+
+Role Variables
+--------------
+
+Several of the default values in defaults/main.yml must be changed either directly in defaults/main.yml or better even by overwriting them somewhere else, for example in your playbook (see the example below).
+
+Dependencies
+------------
+
+This Ansible role depends on the following other roles:
+
+- nodejs
+
+Example Playbook
+----------------
+
+```
+- name: "Deploy a peertube server"
+ hosts:
+ - all
+ vars:
+ # Overwrite the role variables here
+ domains: ['your-real-domain.org']
+ service: 'my-peertube'
+
+ roles:
+ - { role: webapps/peertube , tags: "peertube" }
+```
+
+License
+-------
+
+GPLv3
+
+Author Information
+------------------
+
+Mathieu Gauthier-Pilote, sys. admin. at Evolix.
diff --git a/webapps/peertube/defaults/main.yml b/webapps/peertube/defaults/main.yml
index 72acfe7a..431d22b9 100644
--- a/webapps/peertube/defaults/main.yml
+++ b/webapps/peertube/defaults/main.yml
@@ -1,18 +1,14 @@
---
-peertube_version: "latest-24"
-peertube_archive_name: "{{ peertube_version }}.tar.bz2"
-peertube_releases_baseurl: ""
-
-peertube_instance_name: "peertube"
-peertube_user: "{{ peertube_instance_name }}"
-peertube_domains: []
-
-peertube_home: "/home/{{ peertube_user }}"
-peertube_webroot: "{{ peertube_home }}/peertube"
-peertube_data: "{{ peertube_webroot }}/data"
-
-peertube_db_user: "{{ peertube_user }}"
-peertube_db_name: "{{ peertube_instance_name }}"
-
-peertube_admin_login: "admin"
-peertube_admin_password: ""
+# defaults file for vars
+system_dep: "['curl', 'python3-dev', 'python-is-python3', 'python3-psycopg2','certbot', 'nginx', 'ffmpeg', 'postgresql', 'postgresql-contrib', 'openssl', 'g++', 'make', 'redis-server', 'git', 'unzip', 'acl']"
+version: 'v5.1.0'
+download_url: "https://github.com/Chocobozzz/PeerTube/releases/download/{{ version }}/peertube-{{ version }}.zip"
+domains: ['example.domain.org']
+service_home: '/var/www/peertube'
+db_host: 'localhost'
+db_port: '5432'
+db_name: "{{ service }}"
+db_user: "{{ service }}"
+db_password: 'UQ6_CHANGE_ME_Gzb'
+pt_secret: 'd98a73_CHANGE_ME_c00c7c'
+pt_host: '127.0.0.1:9000'
diff --git a/webapps/peertube/handlers/main.yml b/webapps/peertube/handlers/main.yml
index 46b3b014..214734cf 100644
--- a/webapps/peertube/handlers/main.yml
+++ b/webapps/peertube/handlers/main.yml
@@ -1,15 +1,2 @@
---
-- name: reload php-fpm
- service:
- name: php7.3-fpm
- state: reloaded
-
-- name: reload nginx
- service:
- name: nginx
- state: reloaded
-
-- name: reload apache
- service:
- name: apache2
- state: reloaded
\ No newline at end of file
+# handlers file
diff --git a/webapps/peertube/meta/main.yml b/webapps/peertube/meta/main.yml
index ed97d539..b065fb2a 100644
--- a/webapps/peertube/meta/main.yml
+++ b/webapps/peertube/meta/main.yml
@@ -1 +1,52 @@
----
+galaxy_info:
+ author: Mathieu Gauthier-Pilote
+ description: sys. admin.
+ company: Evolix
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Choose a valid license ID from https://spdx.org - some suggested licenses:
+ # - BSD-3-Clause (default)
+ # - MIT
+ # - GPL-2.0-or-later
+ # - GPL-3.0-only
+ # - Apache-2.0
+ # - CC-BY-4.0
+ license: license GPL-3.0-only
+
+ min_ansible_version: 2.10
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ #
+ # Provide a list of supported platforms, and for each platform a list of versions.
+ # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+ # To view available platforms and versions (or releases), visit:
+ # https://galaxy.ansible.com/api/v1/platforms/
+ #
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
+ # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+ # if you add dependencies to this list.
diff --git a/webapps/peertube/tasks/apache-system.yml b/webapps/peertube/tasks/apache-system.yml
deleted file mode 100644
index 490d2f8d..00000000
--- a/webapps/peertube/tasks/apache-system.yml
+++ /dev/null
@@ -1,33 +0,0 @@
----
-
-- name: "Get PHP Version"
- shell: 'php -v | grep "PHP [0-9]." | sed -E "s/PHP ([0-9]\.[0-9]).*/\1/g;"'
- register: shell_php
- check_mode: no
-
-- name: "Set variables"
- set_fact:
- php_version: "{{ shell_php.stdout }}"
-
-- name: Apply specific PHP settings (apache)
- ini_file:
- path: "/etc/php/{{ php_version }}/apache2/conf.d/zzz-evolinux-custom.ini"
- section: ''
- option: "{{ item.option }}"
- value: "{{ item.value }}"
- notify: reload apache
- with_items:
- - {option: 'allow_url_fopen', value: 'On'}
- - {option: 'disable_functions', value: ''}
- - {option: 'max_execution_time', value: '300'}
- - {option: 'memory_limit', value: '512M'}
-
-- name: Apply specific PHP settings (cli)
- ini_file:
- path: "/etc/php/{{ php_version }}/cli/conf.d/zzz-evolinux-custom.ini"
- section: ''
- option: "{{ item.option }}"
- value: "{{ item.value }}"
- with_items:
- - {option: 'allow_url_fopen', value: 'On'}
- - {option: 'apc.enable_cli', value: 'On'}
diff --git a/webapps/peertube/tasks/apache-vhost.yml b/webapps/peertube/tasks/apache-vhost.yml
deleted file mode 100644
index e3f213ca..00000000
--- a/webapps/peertube/tasks/apache-vhost.yml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-- name: Copy Apache vhost
- template:
- src: apache-vhost.conf.j2
- dest: "/etc/apache2/sites-available/{{ nextcloud_instance_name }}.conf"
- mode: "0640"
- notify: reload apache
- tags:
- - nextcloud
-
-- name: Enable Apache vhost
- file:
- src: "/etc/apache2/sites-available/{{ nextcloud_instance_name }}.conf"
- dest: "/etc/apache2/sites-enabled/{{ nextcloud_instance_name }}.conf"
- state: link
- notify: reload apache
- tags:
- - nextcloud
-
-# - name: Generate ssl config
-# shell:
-# cmd: "/usr/local/sbin/vhost-domains {{ nextcloud_instance_name }} | /usr/local/sbin/make-csr {{ nextcloud_instance_name }}"
-# creates: "/etc/nginx/ssl/{{ nextcloud_instance_name }}.conf"
\ No newline at end of file
diff --git a/webapps/peertube/tasks/archive.yml b/webapps/peertube/tasks/archive.yml
deleted file mode 100644
index d59bd582..00000000
--- a/webapps/peertube/tasks/archive.yml
+++ /dev/null
@@ -1,37 +0,0 @@
----
-
-- name: Retrieve Nextcloud archive
- get_url:
- url: "{{ nextcloud_releases_baseurl }}{{ nextcloud_archive_name }}"
- dest: "{{ nextcloud_home }}/{{ nextcloud_archive_name }}"
- force: no
- tags:
- - nextcloud
-
-- name: Retrieve Nextcloud sha256 checksum
- get_url:
- url: "{{ nextcloud_releases_baseurl }}{{ nextcloud_archive_name }}.sha256"
- dest: "{{ nextcloud_home }}/{{ nextcloud_archive_name }}.sha256"
- force: no
- tags:
- - nextcloud
-
-- name: Verify Nextcloud sha256 checksum
- command: "sha256sum -c {{ nextcloud_archive_name }}.sha256"
- changed_when: "False"
- args:
- chdir: "{{ nextcloud_home }}"
- tags:
- - nextcloud
-
-- name: Extract Nextcloud archive
- unarchive:
- src: "{{ nextcloud_home }}/{{ nextcloud_archive_name }}"
- dest: "{{ nextcloud_home }}"
- creates: "{{ nextcloud_home }}/nextcloud"
- remote_src: True
- mode: "0750"
- owner: "{{ nextcloud_user }}"
- group: "{{ nextcloud_user }}"
- tags:
- - nextcloud
diff --git a/webapps/peertube/tasks/config.yml b/webapps/peertube/tasks/config.yml
deleted file mode 100644
index 85142726..00000000
--- a/webapps/peertube/tasks/config.yml
+++ /dev/null
@@ -1,81 +0,0 @@
----
-
-- block:
- - name: Generate admin password
- command: 'apg -n 1 -m 16 -M lcN'
- register: nextcloud_admin_password_apg
- check_mode: no
- changed_when: False
-
- - debug:
- var: nextcloud_admin_password_apg
-
- - set_fact:
- nextcloud_admin_password: "{{ nextcloud_admin_password_apg.stdout }}"
-
- tags:
- - nextcloud
- when: nextcloud_admin_password | length == 0
-
-- name: Get Nextcloud Status
- shell: "php ./occ status --output json | grep -v 'Nextcloud is not installed'"
- args:
- chdir: "{{ nextcloud_webroot }}"
- become_user: "{{ nextcloud_user }}"
- register: nc_status
- check_mode: no
- tags:
- - nextcloud
-
-- name: Install Nextcloud
- command: "php ./occ maintenance:install --database mysql --database-name {{ nextcloud_db_name | mandatory }} --database-user {{ nextcloud_db_user | mandatory }} --database-pass {{ nextcloud_db_pass | mandatory }} --admin-user {{ nextcloud_admin_login | mandatory }} --admin-pass {{ nextcloud_admin_password | mandatory }} --data-dir {{ nextcloud_data | mandatory }}"
- args:
- chdir: "{{ nextcloud_webroot }}"
- creates: "{{ nextcloud_home }}/config/config.php"
- become_user: "{{ nextcloud_user }}"
- when: (nc_status.stdout | from_json).installed == false
- tags:
- - nextcloud
-
-- name: Configure Nextcloud Mysql password
- replace:
- dest: "{{ nextcloud_home }}/nextcloud/config/config.php"
- regexp: "'dbpassword' => '([^']*)',"
- replace: "'dbpassword' => '{{ nextcloud_db_pass }}',"
- tags:
- - nextcloud
-
-- name: Configure Nextcloud cron
- cron:
- name: 'Nextcloud'
- minute: "*/5"
- job: "php -f {{ nextcloud_webroot }}/cron.php"
- user: "{{ nextcloud_user }}"
- tags:
- - nextcloud
-
-- name: Erase previously trusted domains config
- command: "php ./occ config:system:set trusted_domains"
- args:
- chdir: "{{ nextcloud_webroot }}"
- become_user: "{{ nextcloud_user }}"
- tags:
- - nextcloud
-
-- name: Configure trusted domains
- command: "php ./occ config:system:set trusted_domains {{ item.0 }} --value {{ item.1 }}"
- args:
- chdir: "{{ nextcloud_webroot }}"
- with_indexed_items:
- - "{{ nextcloud_domains }}"
- become_user: "{{ nextcloud_user }}"
- tags:
- - nextcloud
-
-#- name: Configure memcache local to APCu
-# command: "php ./occ config:system:set memcache.local --value '\\OC\\Memcache\\APCu'"
-# args:
-# chdir: "{{ nextcloud_webroot }}"
-# become_user: "{{ nextcloud_user }}"
-# tags:
-# - nextcloud
diff --git a/webapps/peertube/tasks/main.yml b/webapps/peertube/tasks/main.yml
index fbf7dbb5..8e0742df 100644
--- a/webapps/peertube/tasks/main.yml
+++ b/webapps/peertube/tasks/main.yml
@@ -1,24 +1,143 @@
---
-- name: Install dependencies
- apt:
+# tasks file for peertube install
+
+- name: Add bullseye-backports repo into sources list (for redis)
+ apt_repository:
+ repo: deb http://mirror.evolix.org/debian bullseye-backports main
state: present
- name:
- - ffmpeg
- - python3-dev
- - python-is-python3
- - g++
- - make
- tags:
- - peertube
-- include: apache-system.yml
+- name: Install main system dependencies
+ apt:
+ name: "{{ system_dep }}"
-- include: user.yml
+- name: Upgrade redis-server to the latest version from bullseye-backports
+ apt:
+ name: redis-server
+ state: latest
+ default_release: bullseye-backports
+ update_cache: yes
-- include: archive.yml
+- name: Add UNIX account
+ user:
+ name: "{{ service }}"
+ home: "{{ service_home }}"
+ shell: /bin/bash
-- include: apache-vhost.yml
+- name: Add PostgreSQL user
+ postgresql_user:
+ name: "{{ db_user }}"
+ password: "{{ db_password }}"
+ no_password_changes: true
+ become_user: postgres
-- include: mysql-user.yml
+- name: Add PostgreSQL database
+ postgresql_db:
+ name: "{{ db_name }}"
+ owner: "{{ db_user }}"
+ template: template0
+ encoding: UTF-8
+ become_user: postgres
-- include: config.yml
+- name: Add dirs required by peertube
+ file:
+ path: "{{ item }}"
+ state: directory
+ loop:
+ - "~/config"
+ - "~/storage"
+ - "~/versions"
+ become_user: "{{ service }}"
+
+- name: Unarchive peertube archive
+ unarchive:
+ src: "{{ download_url }}"
+ dest: ~/versions
+ remote_src: yes
+ become_user: "{{ service }}"
+
+- name: Symbolic link to unarchived version
+ file:
+ src: "~/versions/peertube-{{ version }}"
+ dest: "~/peertube-latest"
+ state: link
+ become_user: "{{ service }}"
+
+- name: Install PeerTube nodejs deps (via yarn)
+ shell: "yarn install --production --pure-lockfile"
+ args:
+ chdir: "~/peertube-latest"
+ become_user: "{{ service }}"
+
+- name: Copy default.yaml to prod dir
+ copy:
+ src: "~/peertube-latest/config/default.yaml"
+ dest: "~/config/default.yaml"
+ remote_src: true
+ become_user: "{{ service }}"
+
+- name: Template peertube conf file
+ template:
+ src: "production.yaml.j2"
+ dest: "~/config/production.yaml"
+ become_user: "{{ service }}"
+
+- name: Template peertube systemd unit
+ template:
+ src: "peertube.service.j2"
+ dest: "/etc/systemd/system/{{ service }}.service"
+
+- name: Start peertube systemd unit
+ service:
+ name: "{{ service }}"
+ enabled: true
+ state: started
+
+#~ - name: Check if SSL certificate is present and register result
+ #~ stat:
+ #~ path: "/etc/letsencrypt/live/{{ domains |first }}/fullchain.pem"
+ #~ register: ssl
+
+#~ - name: Generate certificate only if required (first time)
+ #~ block:
+ #~ - name: Template vhost without SSL for successfull LE challengce
+ #~ template:
+ #~ src: "vhost.conf.j2"
+ #~ dest: "/etc/nginx/sites-available/{{ service }}.conf"
+ #~ - name: Enable temporary nginx vhost for peertube
+ #~ file:
+ #~ src: "/etc/nginx/sites-available/{{ service }}.conf"
+ #~ dest: "/etc/nginx/sites-enabled/{{ service }}.conf"
+ #~ state: link
+ #~ - name: Reload nginx conf
+ #~ service:
+ #~ name: nginx
+ #~ state: reloaded
+ #~ - name: Make sure /var/lib/letsencrypt exists and has correct permissions
+ #~ file:
+ #~ path: /var/lib/letsencrypt
+ #~ state: directory
+ #~ mode: '0755'
+ #~ - name: Generate certificate with certbot
+ #~ shell: certbot certonly --webroot --webroot-path /var/lib/letsencrypt -d {{ domains |first }}
+ #~ when: ssl.stat.exists == true
+
+#~ - name: (Re)check if SSL certificate is present and register result
+ #~ stat:
+ #~ path: "/etc/letsencrypt/live/{{ domains |first }}/fullchain.pem"
+ #~ register: ssl
+
+- name: (Re)template conf file for nginx vhost with SSL
+ template:
+ src: "vhost.conf.j2"
+ dest: "/etc/nginx/sites-available/{{ service }}.conf"
+
+- name: Enable nginx vhost for peertube
+ file:
+ src: "/etc/nginx/sites-available/{{ service }}.conf"
+ dest: "/etc/nginx/sites-enabled/{{ service }}.conf"
+ state: link
+
+- name: Reload nginx conf
+ service:
+ name: nginx
+ state: reloaded
diff --git a/webapps/peertube/tasks/postgres-user.yml b/webapps/peertube/tasks/postgres-user.yml
deleted file mode 100644
index 896d6f67..00000000
--- a/webapps/peertube/tasks/postgres-user.yml
+++ /dev/null
@@ -1,40 +0,0 @@
----
-
-- name: Create a new database
- community.postgresql.postgresql_db:
- name: "{{ peertube_db_name }}"
- tags:
- - peertube
-
-- name: Generate Postgres password
- command: 'apg -n 1 -m 16 -M lcN'
- register: peertube_db_pass_apg
- check_mode: no
- changed_when: False
- tags:
- - peertube
-
-- name: Connect to peertube database, create peertube user, and grant access to database
- community.postgresql.postgresql_user:
- db: "{{ peertube_db_name }}"
- name: "{{ peertube_db_user }}"
- password: "{{ peertube_db_pass_apg.stdout }}"
- priv: "ALL"
- tags:
- - peertube
-
-- name: Store credentials in my.cnf
- ini_file:
- dest: "{{ nextcloud_home }}/.my.cnf"
- owner: "{{ nextcloud_user }}"
- group: "{{ nextcloud_user }}"
- mode: "0600"
- section: client
- option: "{{ item.option }}"
- value: "{{ item.value }}"
- loop:
- - { option: "user", value: "{{ nextcloud_db_user }}" }
- - { option: "database", value: "{{ nextcloud_db_name }}" }
- - { option: "password", value: "{{ nextcloud_db_pass }}" }
- tags:
- - nextcloud
diff --git a/webapps/peertube/tasks/upgrade.yml b/webapps/peertube/tasks/upgrade.yml
new file mode 100644
index 00000000..fdda1728
--- /dev/null
+++ b/webapps/peertube/tasks/upgrade.yml
@@ -0,0 +1,75 @@
+---
+# tasks file for peertube upgrade
+
+- name: Stop peertube systemd unit
+ service:
+ name: "{{ service }}"
+ state: stopped
+
+- name: Dump database to a file with compression
+ postgresql_db:
+ name: "{{ db_name }}"
+ state: dump
+ target: "~/{{ db_name }}.sql.gz"
+ become_user: postgres
+
+- name: Unarchive new peertube archive
+ unarchive:
+ src: "{{ download_url }}"
+ dest: ~/versions
+ remote_src: yes
+ become_user: "{{ service }}"
+
+- name: Symbolic link to new version
+ file:
+ src: "~/versions/peertube-{{ version }}"
+ dest: "~/peertube-latest"
+ state: link
+ become_user: "{{ service }}"
+
+- name: Install PeerTube nodejs deps (via yarn)
+ shell: "yarn install --production --pure-lockfile"
+ args:
+ chdir: "~/peertube-latest"
+ become_user: "{{ service }}"
+
+- name: Copy default.yaml to prod dir
+ copy:
+ src: "~/peertube-latest/config/default.yaml"
+ dest: "~/config/default.yaml"
+ remote_src: true
+ become_user: "{{ service }}"
+
+- name: Template peertube conf file
+ template:
+ src: "production.yaml.j2"
+ dest: "~/config/production.yaml"
+ become_user: "{{ service }}"
+
+- name: Restart peertube systemd unit
+ systemd:
+ name: "{{ service }}"
+ daemon_reload: true
+ state: restarted
+
+- name: Retemplate conf file for nginx vhost
+ template:
+ src: "vhost.conf.j2"
+ dest: "/etc/nginx/sites-available/{{ service }}.conf"
+
+- name: Reload nginx conf
+ service:
+ name: nginx
+ state: reloaded
+
+- name: Define variable to skip next task by default
+ set_fact:
+ keep_db_dump: true
+
+- name: Remove database dump
+ file:
+ path: "~/{{ db_name }}.sql.gz"
+ state: absent
+ become_user: postgres
+ when: keep_db_dump is undefined
+ tags: clean
diff --git a/webapps/peertube/tasks/user.yml b/webapps/peertube/tasks/user.yml
deleted file mode 100644
index f064a888..00000000
--- a/webapps/peertube/tasks/user.yml
+++ /dev/null
@@ -1,33 +0,0 @@
----
-- name: Create {{ peertube_user }} unix group
- group:
- name: "{{ peertube_user | mandatory }}"
- state: present
- tags:
- - peertube
-
-- name: Create {{ peertube_user | mandatory }} unix user
- user:
- name: "{{ peertube_user | mandatory }}"
- group: "{{ peertube_user | mandatory }}"
- home: "{{ peertube_home | mandatory }}"
- shell: '/bin/bash'
- create_home: True
- state: present
- mode: "0755"
- tags:
- - peertube
-
-- name: Create top-level directories
- file:
- dest: "{{ item }}"
- state: directory
- mode: "0700"
- owner: "{{ peertube_user }}"
- group: "{{ peertube_user }}"
- loop:
- - "{{ peertube_home }}/log"
- - "{{ peertube_home }}/tmp"
- - "{{ peertube_home }}/data"
- tags:
- - peertube
diff --git a/webapps/peertube/templates/apache-vhost.conf.j2 b/webapps/peertube/templates/apache-vhost.conf.j2
deleted file mode 100644
index ff9f621c..00000000
--- a/webapps/peertube/templates/apache-vhost.conf.j2
+++ /dev/null
@@ -1,41 +0,0 @@
-
- ServerName {{ nextcloud_domains[0] }}
-
- {% for domain_alias in nextcloud_domains[1:] %}
- ServerAlias {{ domain_alias }}
- {% endfor %}
-
- # SSLEngine on
- # SSLCertificateFile /etc/letsencrypt/live/{{ nextcloud_instance_name }}/fullchain.pem
- # SSLCertificateKeyFile /etc/letsencrypt/live/{{ nextcloud_instance_name }}/privkey.pem
-
- DocumentRoot {{ nextcloud_webroot }}/
-
-
- Require all granted
- AllowOverride All
- Options FollowSymLinks MultiViews
-
-
- Dav off
-
-
-
- # SSL Redirect
- # RewriteEngine On
- # RewriteCond %{HTTPS} !=on
- # RewriteCond %{HTTP:X-Forwarded-Proto} !=https
- # RewriteRule ^ https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
-
- # ITK
- AssignUserID {{ nextcloud_user }} {{ nextcloud_user }}
-
- # LOG
- CustomLog /var/log/apache2/access.log vhost_combined
- ErrorLog /var/log/apache2/error.log
-
- # PHP
- php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f {{ nextcloud_user }}"
- php_admin_value open_basedir "/usr/share/php:{{ nextcloud_home }}:/tmp"
-
-
\ No newline at end of file
diff --git a/webapps/peertube/templates/peertube-tcp.conf.j2 b/webapps/peertube/templates/peertube-tcp.conf.j2
new file mode 100644
index 00000000..6cded79b
--- /dev/null
+++ b/webapps/peertube/templates/peertube-tcp.conf.j2
@@ -0,0 +1,8 @@
+# In a video server, we are often sending files to a client
+# which can't accept it as fast as our local network connection
+# could produce packets. To prevent packet loss and buffer bloat,
+# it's especially important to use a modern CoDel scheduler which
+# knows how to delay outgoing packets to match slower client links.
+
+net.core.default_qdisc = fq_codel
+net.ipv4.tcp_congestion_control = bbr
diff --git a/webapps/peertube/templates/peertube.service.j2 b/webapps/peertube/templates/peertube.service.j2
new file mode 100644
index 00000000..339b9657
--- /dev/null
+++ b/webapps/peertube/templates/peertube.service.j2
@@ -0,0 +1,35 @@
+[Unit]
+Description=PeerTube daemon
+After=network.target postgresql.service redis-server.service
+
+[Service]
+Type=simple
+Environment=NODE_ENV=production
+Environment=NODE_CONFIG_DIR={{ service_home }}/config
+User={{ service }}
+Group={{ service }}
+ExecStart=/usr/bin/node dist/server
+WorkingDirectory={{ service_home }}/peertube-latest
+SyslogIdentifier=peertube
+Restart=always
+
+; Some security directives.
+; Mount /usr, /boot, and /etc as read-only for processes invoked by this service.
+ProtectSystem=full
+; Sets up a new /dev mount for the process and only adds API pseudo devices
+; like /dev/null, /dev/zero or /dev/random but not physical devices. Disabled
+; by default because it may not work on devices like the Raspberry Pi.
+PrivateDevices=false
+; Ensures that the service process and all its children can never gain new
+; privileges through execve().
+NoNewPrivileges=true
+; This makes /home, /root, and /run/user inaccessible and empty for processes invoked
+; by this unit. Make sure that you do not depend on data inside these folders.
+ProtectHome=true
+; Drops the sys admin capability from the daemon.
+CapabilityBoundingSet=~CAP_SYS_ADMIN
+
+[Install]
+WantedBy=multi-user.target
+
+
diff --git a/webapps/peertube/templates/production.yaml.j2 b/webapps/peertube/templates/production.yaml.j2
new file mode 100644
index 00000000..3dec0809
--- /dev/null
+++ b/webapps/peertube/templates/production.yaml.j2
@@ -0,0 +1,790 @@
+listen:
+ hostname: '127.0.0.1'
+ port: 9000
+
+# Correspond to your reverse proxy server_name/listen configuration (i.e., your public PeerTube instance URL)
+webserver:
+ https: false
+ hostname: '{{ domains| first }}'
+ port: 80
+
+# Secrets you need to generate the first time you run PeerTube
+secrets:
+ # Generate one using `openssl rand -hex 32`
+ peertube: '{{ pt_secret }}'
+
+rates_limit:
+ api:
+ # 50 attempts in 10 seconds
+ window: 10 seconds
+ max: 50
+ login:
+ # 15 attempts in 5 min
+ window: 5 minutes
+ max: 15
+ signup:
+ # 2 attempts in 5 min (only succeeded attempts are taken into account)
+ window: 5 minutes
+ max: 2
+ ask_send_email:
+ # 3 attempts in 5 min
+ window: 5 minutes
+ max: 3
+ receive_client_log:
+ # 10 attempts in 10 min
+ window: 10 minutes
+ max: 10
+
+oauth2:
+ token_lifetime:
+ access_token: '1 day'
+ refresh_token: '2 weeks'
+
+# Proxies to trust to get real client IP
+# If you run PeerTube just behind a local proxy (nginx), keep 'loopback'
+# If you run PeerTube behind a remote proxy, add the proxy IP address (or subnet)
+trust_proxy:
+ - 'loopback'
+
+# Your database name will be database.name OR 'peertube'+database.suffix
+database:
+ hostname: '{{ db_host }}'
+ port: {{ db_port }}
+ ssl: false
+ suffix: ''
+ name: '{{ db_name }}'
+ username: '{{ db_user }}'
+ password: '{{ db_password }}'
+ pool:
+ max: 5
+
+# Redis server for short time storage
+# You can also specify a 'socket' path to a unix socket but first need to
+# set 'hostname' and 'port' to null
+redis:
+ hostname: 'localhost'
+ port: 6379
+ auth: null
+ db: 0
+
+# SMTP server to send emails
+smtp:
+ # smtp or sendmail
+ transport: smtp
+ # Path to sendmail command. Required if you use sendmail transport
+ sendmail: null
+ hostname: null
+ port: 465 # If you use StartTLS: 587
+ username: null
+ password: null
+ tls: true # If you use StartTLS: false
+ disable_starttls: false
+ ca_file: null # Used for self signed certificates
+ from_address: 'admin@example.com'
+
+email:
+ body:
+ signature: 'PeerTube'
+ subject:
+ prefix: '[PeerTube]'
+
+# Update default PeerTube values
+# Set by API when the field is not provided and put as default value in client
+defaults:
+ # Change default values when publishing a video (upload/import/go Live)
+ publish:
+ download_enabled: true
+
+ comments_enabled: true
+
+ # public = 1, unlisted = 2, private = 3, internal = 4
+ privacy: 1
+
+ # CC-BY = 1, CC-SA = 2, CC-ND = 3, CC-NC = 4, CC-NC-SA = 5, CC-NC-ND = 6, Public Domain = 7
+ # You can also choose a custom licence value added by a plugin
+ # No licence by default
+ licence: null
+
+ p2p:
+ # Enable P2P by default in PeerTube client
+ # Can be enabled/disabled by anonymous users and logged in users
+ webapp:
+ enabled: true
+
+ # Enable P2P by default in PeerTube embed
+ # Can be enabled/disabled by URL option
+ embed:
+ enabled: true
+
+# From the project root directory
+storage:
+ tmp: '/var/www/peertube/storage/tmp/' # Use to download data (imports etc), store uploaded files before and during processing...
+ bin: '/var/www/peertube/storage/bin/'
+ avatars: '/var/www/peertube/storage/avatars/'
+ videos: '/var/www/peertube/storage/videos/'
+ streaming_playlists: '/var/www/peertube/storage/streaming-playlists/'
+ redundancy: '/var/www/peertube/storage/redundancy/'
+ logs: '/var/www/peertube/storage/logs/'
+ previews: '/var/www/peertube/storage/previews/'
+ thumbnails: '/var/www/peertube/storage/thumbnails/'
+ torrents: '/var/www/peertube/storage/torrents/'
+ captions: '/var/www/peertube/storage/captions/'
+ cache: '/var/www/peertube/storage/cache/'
+ plugins: '/var/www/peertube/storage/plugins/'
+ well_known: '/var/www/peertube/storage/well-known/'
+ # Overridable client files in client/dist/assets/images:
+ # - logo.svg
+ # - favicon.png
+ # - default-playlist.jpg
+ # - default-avatar-account.png
+ # - default-avatar-video-channel.png
+ # - and icons/*.png (PWA)
+ # Could contain for example assets/images/favicon.png
+ # If the file exists, peertube will serve it
+ # If not, peertube will fallback to the default file
+ client_overrides: '/var/www/peertube/storage/client-overrides/'
+
+static_files:
+ # Require and check user authentication when accessing private files (internal/private video files)
+ private_files_require_auth: true
+
+object_storage:
+ enabled: false
+
+ # Without protocol, will default to HTTPS
+ endpoint: '' # 's3.amazonaws.com' or 's3.fr-par.scw.cloud' for example
+
+ region: 'us-east-1'
+
+ upload_acl:
+ # Set this ACL on each uploaded object of public/unlisted videos
+ # Use null if your S3 provider does not support object ACL
+ public: 'public-read'
+ # Set this ACL on each uploaded object of private/internal videos
+ # PeerTube can proxify requests to private objects so your users can access them
+ # Use null if your S3 provider does not support object ACL
+ private: 'private'
+
+ proxy:
+ # If private files (private/internal video files) have a private ACL, users can't access directly the ressource
+ # PeerTube can proxify requests between your object storage service and your users
+ # If you disable PeerTube proxy, ensure you use your own proxy that is able to access the private files
+ # Or you can also set a public ACL for private files in object storage if you don't want to use a proxy
+ proxify_private_files: true
+
+ credentials:
+ # You can also use AWS_ACCESS_KEY_ID env variable
+ access_key_id: ''
+ # You can also use AWS_SECRET_ACCESS_KEY env variable
+ secret_access_key: ''
+
+ # Maximum amount to upload in one request to object storage
+ max_upload_part: 100MB
+
+ streaming_playlists:
+ bucket_name: 'streaming-playlists'
+
+ # Allows setting all buckets to the same value but with a different prefix
+ prefix: '' # Example: 'streaming-playlists:'
+
+ # Base url for object URL generation, scheme and host will be replaced by this URL
+ # Useful when you want to use a CDN/external proxy
+ base_url: '' # Example: 'https://mirror.example.com'
+
+ # Same settings but for webtorrent videos
+ videos:
+ bucket_name: 'videos'
+ prefix: ''
+ base_url: ''
+
+log:
+ level: 'info' # 'debug' | 'info' | 'warn' | 'error'
+
+ rotation:
+ enabled : true # Enabled by default, if disabled make sure that 'storage.logs' is pointing to a folder handled by logrotate
+ max_file_size: 12MB
+ max_files: 20
+
+ anonymize_ip: false
+
+ log_ping_requests: true
+ log_tracker_unknown_infohash: true
+
+ prettify_sql: false
+
+ # Accept warn/error logs coming from the client
+ accept_client_log: true
+
+# Support of Open Telemetry metrics and tracing
+# For more information: https://docs.joinpeertube.org/maintain/observability
+open_telemetry:
+ metrics:
+ enabled: false
+
+ http_request_duration:
+ # You can disable HTTP request duration metric that can have a high tag cardinality
+ enabled: true
+
+ # Create a prometheus exporter server on this port so prometheus server can scrape PeerTube metrics
+ prometheus_exporter:
+ hostname: '127.0.0.1'
+ port: 9091
+
+ tracing:
+ enabled: false
+
+ # Send traces to a Jaeger compatible endpoint
+ jaeger_exporter:
+ endpoint: ''
+
+trending:
+ videos:
+ interval_days: 7 # Compute trending videos for the last x days for 'most-viewed' algorithm
+
+ algorithms:
+ enabled:
+ - 'hot' # Adaptation of Reddit's 'Hot' algorithm
+ - 'most-viewed' # Number of views in the last x days
+ - 'most-liked' # Global views since the upload of the video
+
+ default: 'most-viewed'
+
+# Cache remote videos on your server, to help other instances to broadcast the video
+# You can define multiple caches using different sizes/strategies
+# Once you have defined your strategies, choose which instances you want to cache in admin -> manage follows -> following
+redundancy:
+ videos:
+ check_interval: '1 hour' # How often you want to check new videos to cache
+ strategies: # Just uncomment strategies you want
+# -
+# size: '10GB'
+# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
+# min_lifetime: '48 hours'
+# strategy: 'most-views' # Cache videos that have the most views
+# -
+# size: '10GB'
+# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
+# min_lifetime: '48 hours'
+# strategy: 'trending' # Cache trending videos
+# -
+# size: '10GB'
+# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
+# min_lifetime: '48 hours'
+# strategy: 'recently-added' # Cache recently added videos
+# min_views: 10 # Having at least x views
+
+# Other instances that duplicate your content
+remote_redundancy:
+ videos:
+ # 'nobody': Do not accept remote redundancies
+ # 'anybody': Accept remote redundancies from anybody
+ # 'followings': Accept redundancies from instance followings
+ accept_from: 'anybody'
+
+csp:
+ enabled: false
+ report_only: true # CSP directives are still being tested, so disable the report only mode at your own risk!
+ report_uri:
+
+security:
+ # Set the X-Frame-Options header to help to mitigate clickjacking attacks
+ frameguard:
+ enabled: true
+
+ # Set x-powered-by HTTP header to "PeerTube"
+ # Can help remote software to know this is a PeerTube instance
+ powered_by_header:
+ enabled: true
+
+tracker:
+ # If you disable the tracker, you disable the P2P on your PeerTube instance
+ enabled: true
+ # Only handle requests on your videos
+ # If you set this to false it means you have a public tracker
+ # Then, it is possible that clients overload your instance with external torrents
+ private: true
+ # Reject peers that do a lot of announces (could improve privacy of TCP/UDP peers)
+ reject_too_many_announces: false
+
+history:
+ videos:
+ # If you want to limit users videos history
+ # -1 means there is no limitations
+ # Other values could be '6 months' or '30 days' etc (PeerTube will periodically delete old entries from database)
+ max_age: -1
+
+views:
+ videos:
+ # PeerTube creates a database entry every hour for each video to track views over a period of time
+ # This is used in particular by the Trending page
+ # PeerTube could remove old remote video views if you want to reduce your database size (video view counter will not be altered)
+ # -1 means no cleanup
+ # Other values could be '6 months' or '30 days' etc (PeerTube will periodically delete old entries from database)
+ remote:
+ max_age: '30 days'
+
+ # PeerTube buffers local video views before updating and federating the video
+ local_buffer_update_interval: '30 minutes'
+
+ ip_view_expiration: '1 hour'
+
+# Used to get country location of views of local videos
+geo_ip:
+ enabled: true
+
+ country:
+ database_url: 'https://dbip.mirror.framasoft.org/files/dbip-country-lite-latest.mmdb'
+
+plugins:
+ # The website PeerTube will ask for available PeerTube plugins and themes
+ # This is an unmoderated plugin index, so only install plugins/themes you trust
+ index:
+ enabled: true
+ check_latest_versions_interval: '12 hours' # How often you want to check new plugins/themes versions
+ url: 'https://packages.joinpeertube.org'
+
+federation:
+ videos:
+ federate_unlisted: false
+
+ # Add a weekly job that cleans up remote AP interactions on local videos (shares, rates and comments)
+ # It removes objects that do not exist anymore, and potentially fix their URLs
+ cleanup_remote_interactions: true
+
+peertube:
+ check_latest_version:
+ # Check and notify admins of new PeerTube versions
+ enabled: true
+ # You can use a custom URL if your want, that respect the format behind https://joinpeertube.org/api/v1/versions.json
+ url: 'https://joinpeertube.org/api/v1/versions.json'
+
+webadmin:
+ configuration:
+ edition:
+ # Set this to false if you don't want to allow config edition in the web interface by instance admins
+ allowed: true
+
+# XML, Atom or JSON feeds
+feeds:
+ videos:
+ # Default number of videos displayed in feeds
+ count: 20
+
+ comments:
+ # Default number of comments displayed in feeds
+ count: 20
+
+###############################################################################
+#
+# From this point, almost all following keys can be overridden by the web interface
+# (local-production.json file). If you need to change some values, prefer to
+# use the web interface because the configuration will be automatically
+# reloaded without any need to restart PeerTube
+#
+# /!\ If you already have a local-production.json file, modification of some of
+# the following keys will have no effect /!\
+#
+###############################################################################
+
+cache:
+ previews:
+ size: 500 # Max number of previews you want to cache
+ captions:
+ size: 500 # Max number of video captions/subtitles you want to cache
+ torrents:
+ size: 500 # Max number of video torrents you want to cache
+
+admin:
+ # Used to generate the root user at first startup
+ # And to receive emails from the contact form
+ email: 'admin@example.com'
+
+contact_form:
+ enabled: true
+
+signup:
+ enabled: false
+
+ limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited
+
+ minimum_age: 16 # Used to configure the signup form
+
+ # Users fill a form to register so moderators can accept/reject the registration
+ requires_approval: true
+ requires_email_verification: false
+
+ filters:
+ cidr: # You can specify CIDR ranges to whitelist (empty = no filtering) or blacklist
+ whitelist: []
+ blacklist: []
+
+user:
+ # Default value of maximum video bytes the user can upload (does not take into account transcoded files)
+ # Byte format is supported ("1GB" etc)
+ # -1 == unlimited
+ video_quota: -1
+ video_quota_daily: -1
+
+video_channels:
+ max_per_user: 20 # Allows each user to create up to 20 video channels.
+
+# If enabled, the video will be transcoded to mp4 (x264) with `faststart` flag
+# In addition, if some resolutions are enabled the mp4 video file will be transcoded to these new resolutions
+# Please, do not disable transcoding since many uploaded videos will not work
+transcoding:
+ enabled: true
+
+ # Allow your users to upload .mkv, .mov, .avi, .wmv, .flv, .f4v, .3g2, .3gp, .mts, m2ts, .mxf, .nut videos
+ allow_additional_extensions: true
+
+ # If a user uploads an audio file, PeerTube will create a video by merging the preview file and the audio file
+ allow_audio_files: true
+
+ # Amount of threads used by ffmpeg for 1 transcoding job
+ threads: 1
+ # Amount of transcoding jobs to execute in parallel
+ concurrency: 1
+
+ # Choose the transcoding profile
+ # New profiles can be added by plugins
+ # Available in core PeerTube: 'default'
+ profile: 'default'
+
+ resolutions: # Only created if the original video has a higher resolution, uses more storage!
+ 0p: false # audio-only (creates mp4 without video stream, always created when enabled)
+ 144p: false
+ 240p: false
+ 360p: false
+ 480p: false
+ 720p: false
+ 1080p: false
+ 1440p: false
+ 2160p: false
+
+ # Transcode and keep original resolution, even if it's above your maximum enabled resolution
+ always_transcode_original_resolution: true
+
+ # Generate videos in a WebTorrent format (what we do since the first PeerTube release)
+ # If you also enabled the hls format, it will multiply videos storage by 2
+ # If disabled, breaks federation with PeerTube instances < 2.1
+ webtorrent:
+ enabled: false
+
+ # /!\ Requires ffmpeg >= 4.1
+ # Generate HLS playlists and fragmented MP4 files. Better playback than with WebTorrent:
+ # * Resolution change is smoother
+ # * Faster playback in particular with long videos
+ # * More stable playback (less bugs/infinite loading)
+ # If you also enabled the webtorrent format, it will multiply videos storage by 2
+ hls:
+ enabled: true
+
+live:
+ enabled: false
+
+ # Limit lives duration
+ # -1 == unlimited
+ max_duration: -1 # For example: '5 hours'
+
+ # Limit max number of live videos created on your instance
+ # -1 == unlimited
+ max_instance_lives: 20
+
+ # Limit max number of live videos created by a user on your instance
+ # -1 == unlimited
+ max_user_lives: 3
+
+ # Allow your users to save a replay of their live
+ # PeerTube will transcode segments in a video file
+ # If the user daily/total quota is reached, PeerTube will stop the live
+ # /!\ transcoding.enabled (and not live.transcoding.enabled) has to be true to create a replay
+ allow_replay: true
+
+ # Allow your users to change latency settings (small latency/default/high latency)
+ # Small latency live streams cannot use P2P
+ # High latency live streams can increase P2P ratio
+ latency_setting:
+ enabled: true
+
+ # Your firewall should accept traffic from this port in TCP if you enable live
+ rtmp:
+ enabled: true
+
+ # Listening hostname/port for RTMP server
+ # '::' to listen on IPv6 and IPv4, '0.0.0.0' to listen on IPv4
+ # Use null to automatically listen on '::' if IPv6 is available, or '0.0.0.0' otherwise
+ hostname: null
+ port: 1935
+
+ # Public hostname of your RTMP server
+ # Use null to use the same value than `webserver.hostname`
+ public_hostname: null
+
+ rtmps:
+ enabled: false
+
+ # Listening hostname/port for RTMPS server
+ # '::' to listen on IPv6 and IPv4, '0.0.0.0' to listen on IPv4
+ # Use null to automatically listen on '::' if IPv6 is available, or '0.0.0.0' otherwise
+ hostname: null
+ port: 1936
+
+ # Absolute paths
+ key_file: ''
+ cert_file: ''
+
+ # Public hostname of your RTMPS server
+ # Use null to use the same value than `webserver.hostname`
+ public_hostname: null
+
+ # Allow to transcode the live streaming in multiple live resolutions
+ transcoding:
+ enabled: true
+ threads: 2
+
+ # Choose the transcoding profile
+ # New profiles can be added by plugins
+ # Available in core PeerTube: 'default'
+ profile: 'default'
+
+ resolutions:
+ 144p: false
+ 240p: false
+ 360p: false
+ 480p: false
+ 720p: false
+ 1080p: false
+ 1440p: false
+ 2160p: false
+
+ # Also transcode original resolution, even if it's above your maximum enabled resolution
+ always_transcode_original_resolution: true
+
+video_studio:
+ # Enable video edition by users (cut, add intro/outro, add watermark etc)
+ # If enabled, users can create transcoding tasks as they wish
+ enabled: false
+
+import:
+ # Add ability for your users to import remote videos (from YouTube, torrent...)
+ videos:
+ # Amount of import jobs to execute in parallel
+ concurrency: 1
+
+ # Set a custom video import timeout to not block import queue
+ timeout: '2 hours'
+
+ # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html
+ http:
+ # We recommend to use a HTTP proxy if you enable HTTP import to prevent private URL access from this server
+ # See https://docs.joinpeertube.org/maintain/configuration#security for more information
+ enabled: false
+
+ youtube_dl_release:
+ # Direct download URL to youtube-dl binary
+ # Github releases API is also supported
+ # Examples:
+ # * https://api.github.com/repos/ytdl-org/youtube-dl/releases
+ # * https://api.github.com/repos/yt-dlp/yt-dlp/releases
+ # * https://yt-dl.org/downloads/latest/youtube-dl
+ url: 'https://api.github.com/repos/yt-dlp/yt-dlp/releases'
+
+ # Release binary name: 'yt-dlp' or 'youtube-dl'
+ name: 'yt-dlp'
+
+ # Path to the python binary to execute for youtube-dl or yt-dlp
+ python_path: '/usr/bin/python3'
+
+ # IPv6 is very strongly rate-limited on most sites supported by youtube-dl
+ force_ipv4: false
+
+ # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)
+ torrent:
+ # We recommend to only enable magnet URI/torrent import if you trust your users
+ # See https://docs.joinpeertube.org/maintain/configuration#security for more information
+ enabled: false
+
+ # Add ability for your users to synchronize their channels with external channels, playlists, etc.
+ video_channel_synchronization:
+ enabled: false
+
+ max_per_user: 10
+
+ check_interval: 1 hour
+
+ # Number of latest published videos to check and to potentially import when syncing a channel
+ videos_limit_per_synchronization: 10
+
+ # Max number of videos to import when the user asks for full sync
+ full_sync_videos_limit: 1000
+
+auto_blacklist:
+ # New videos automatically blacklisted so moderators can review before publishing
+ videos:
+ of_users:
+ enabled: false
+
+# Instance settings
+instance:
+ name: 'PeerTube'
+ short_description: 'PeerTube, an ActivityPub-federated video streaming platform using P2P directly in your web browser.'
+ description: 'Welcome to this PeerTube instance!' # Support markdown
+ terms: 'No terms for now.' # Support markdown
+ code_of_conduct: '' # Supports markdown
+
+ # Who moderates the instance? What is the policy regarding NSFW videos? Political videos? etc
+ moderation_information: '' # Supports markdown
+
+ # Why did you create this instance?
+ creation_reason: '' # Supports Markdown
+
+ # Who is behind the instance? A single person? A non profit?
+ administrator: '' # Supports Markdown
+
+ # How long do you plan to maintain this instance?
+ maintenance_lifetime: '' # Supports Markdown
+
+ # How will you pay the PeerTube instance server? With your own funds? With users donations? Advertising?
+ business_model: '' # Supports Markdown
+
+ # If you want to explain on what type of hardware your PeerTube instance runs
+ # Example: '2 vCore, 2GB RAM...'
+ hardware_information: '' # Supports Markdown
+
+ # What are the main languages of your instance? To interact with your users for example
+ # Uncomment or add the languages you want
+ # List of supported languages: https://peertube.cpy.re/api/v1/videos/languages
+ languages:
+# - en
+# - es
+# - fr
+
+ # You can specify the main categories of your instance (dedicated to music, gaming or politics etc)
+ # Uncomment or add the category ids you want
+ # List of supported categories: https://peertube.cpy.re/api/v1/videos/categories
+ categories:
+# - 1 # Music
+# - 2 # Films
+# - 3 # Vehicles
+# - 4 # Art
+# - 5 # Sports
+# - 6 # Travels
+# - 7 # Gaming
+# - 8 # People
+# - 9 # Comedy
+# - 10 # Entertainment
+# - 11 # News & Politics
+# - 12 # How To
+# - 13 # Education
+# - 14 # Activism
+# - 15 # Science & Technology
+# - 16 # Animals
+# - 17 # Kids
+# - 18 # Food
+
+ default_client_route: '/videos/trending'
+
+ # Whether or not the instance is dedicated to NSFW content
+ # Enabling it will allow other administrators to know that you are mainly federating sensitive content
+ # Moreover, the NSFW checkbox on video upload will be automatically checked by default
+ is_nsfw: false
+ # By default, `do_not_list` or `blur` or `display` NSFW videos
+ # Could be overridden per user with a setting
+ default_nsfw_policy: 'do_not_list'
+
+ customizations:
+ javascript: '' # Directly your JavaScript code (without