diff --git a/src/freedombone-app-peertube b/src/freedombone-app-peertube
index 193ff9231bb1e8aa5c8e006d17ba5664dddeb365..524693f25b771df20a70ba29aaa32b41b1c5c7db 100755
--- a/src/freedombone-app-peertube
+++ b/src/freedombone-app-peertube
@@ -163,7 +163,9 @@ function install_peertube_base {
fi
# install a second time locally
- peertube_local_install="sudo -H -u peertube ${PEERTUBE_DIR}/peertube-latest/node_modules/.bin/npm install"
+ peertube_local_npm="sudo -H -u peertube ${PEERTUBE_DIR}/peertube-latest/node_modules/.bin/npm"
+ peertube_local_fix="$peertube_local_npm audit fix"
+ peertube_local_install="$peertube_local_npm install"
if [ ! $peertube_upgrading ]; then
increment_app_install_progress
@@ -197,9 +199,11 @@ function install_peertube_base {
sudo -H -u peertube mkdir -p ${PEERTUBE_DIR}/storage/logs
fi
- #sudo -H -u peertube ${PEERTUBE_DIR}/peertube-latest/node_modules/.bin/npm audit fix
-
peertube_tcp_tuning
+
+ cd ${PEERTUBE_DIR} || exit 72
+ $peertube_local_install
+ $peertube_local_fix
}
function peertube_setting_registration {
@@ -634,6 +638,11 @@ function upgrade_peertube {
install_peertube_base
+ PEERTUBE_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_peertube/hostname)
+ PEERTUBE_ADMIN_PASSWORD=$(grep "password: '" "$PEERTUBE_DIR/config/production.yaml" | awk -F "'" '{print $2}')
+ read_config_param MY_EMAIL_ADDRESS
+ peertube_create_config
+
chown -R peertube:peertube $PEERTUBE_DIR
if [ -d $PEERTUBE_DIR/.cache ]; then
@@ -984,195 +993,302 @@ function peertube_create_config {
new_peertube_config_file=$peertube_prefix${PEERTUBE_CONFIG_FILE}
- { echo 'listen:';
- echo " hostname: 'localhost'";
- echo " port: $PEERTUBE_PORT";
- echo '';
- echo '# Correspond to your reverse proxy "listen" configuration';
- echo 'webserver:'; } > "$new_peertube_config_file"
+ # retain a copy of the original config
+ if [ -f "$new_peertube_config_file" ]; then
+ if [ ! -f "${new_peertube_config_file}.old" ]; then
+ cp "$new_peertube_config_file" "${new_peertube_config_file}.old"
+ chown peertube:peertube "${new_peertube_config_file}.old"
+ fi
+ fi
+
if [ ! "$peertube_prefix" ]; then
if [[ "$ONION_ONLY" == 'no' ]]; then
- { echo ' https: true';
- echo " hostname: '$PEERTUBE_DOMAIN_NAME'";
- echo ' port: 443'; } >> "$new_peertube_config_file"
+ peertube_config_https="true"
+ peertube_config_hostname="$PEERTUBE_DOMAIN_NAME"
+ peertube_config_port=443
else
- { echo ' https: false';
- echo " hostname: '$PEERTUBE_ONION_HOSTNAME'";
- echo ' port: 80'; } >> "$new_peertube_config_file"
+ peertube_config_https="false"
+ peertube_config_hostname="$PEERTUBE_ONION_HOSTNAME"
+ peertube_config_port=80
fi
else
- { echo ' https: false';
- echo " hostname: ''";
- echo " port: $MESH_PEERTUBE_PORT"; } >> "$new_peertube_config_file"
- fi
- { echo '# Proxies to trust to get real client IP';
- echo "# If you run PeerTube just behind a local proxy (nginx), keep 'loopback'";
- echo '# If you run PeerTube behind a remote proxy, add the proxy IP address (or subnet)';
- echo 'trust_proxy:';
- echo " - 'loopback'";
- echo '';
- echo '# Your database name will be "peertube"+database.suffix';
- echo 'database:';
- echo " hostname: 'localhost'";
- echo ' port: 5432';
- echo " suffix: ''";
- echo " username: 'peertube'"; } >> "$new_peertube_config_file"
+ peertube_config_https="false"
+ peertube_config_hostname=""
+ peertube_config_port=$MESH_PEERTUBE_PORT
+ fi
+
if [ ! "$peertube_prefix" ]; then
- echo " password: '$PEERTUBE_ADMIN_PASSWORD'" >> "$new_peertube_config_file"
+ peertube_config_database_password="$PEERTUBE_ADMIN_PASSWORD"
else
- echo " password: ''" >> "$new_peertube_config_file"
- fi
- { echo ' pool:';
- echo ' max: 5';
- echo '';
- echo '# Redis server for short time storage';
- echo "# You can also specify a 'socket' path to a unix socket but first need to";
- echo '# comment out hostname and port';
- echo 'redis:';
- echo " hostname: 'localhost'";
- echo ' port: 6379';
- echo ' auth: null';
- echo ' db: 0';
- echo '';
- echo '# SMTP server to send emails';
- echo 'smtp:';
- echo ' hostname: localhost';
- echo ' port: 25';
- echo ' username: null';
- echo ' password: null';
- echo ' tls: false';
- echo ' disable_starttls: true';
- echo ' ca_file: null';
- echo " from_address: '$MY_EMAIL_ADDRESS'";
- echo '';
- echo 'signup:';
- echo ' enabled: false';
- echo ' limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited';
- echo ' requires_email_verification: false';
- echo ' filters:';
- echo ' cidr: # You can specify CIDR ranges to whitelist (empty = no filtering) or blacklist';
- echo ' whitelist: []';
- echo ' blacklist: []';
- echo '';
- echo 'storage:';
- echo " tmp: '$PEERTUBE_DIR/storage/tmp/'";
- echo " avatars: '$PEERTUBE_DIR/storage/avatars/'";
- echo " videos: '$PEERTUBE_DIR/storage/videos/'";
- echo " redundancy: '$PEERTUBE_DIR/storage/videos/'";
- echo " logs: '$PEERTUBE_DIR/storage/logs/'";
- echo " previews: '$PEERTUBE_DIR/storage/previews/'";
- echo " thumbnails: '$PEERTUBE_DIR/storage/thumbnails/'";
- echo " torrents: '$PEERTUBE_DIR/storage/torrents/'";
- echo " captions: '$PEERTUBE_DIR/storage/captions/'";
- echo " cache: '$PEERTUBE_DIR/storage/cache/'";
- echo '';
- echo 'cache:';
- echo ' previews:';
- echo ' size: 10 # Max number of previews you want to cache';
- echo ' captions:';
- echo ' size: 500 # Max number of video captions/subtitles you want to cache';
- echo '';
- echo 'admin:';
- # This is deliberately a dummy email address
- echo " email: 'testuser@testdomain.net'";
- echo '';
- echo 'contact_form:';
- echo ' enabled: true';
- echo '';
- echo '';
- echo 'user:';
- echo ' # Default value of maximum video BYTES the user can upload (does not take into account transcoded files).';
- echo ' # -1 == unlimited';
- echo ' video_quota: -1';
- echo ' video_quota_daily: -1';
- echo '';
- echo '# If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag';
- echo '# Uses a lot of CPU!';
- echo 'transcoding:';
- echo ' enabled: false';
- echo ' # Allow your users to upload .mkv, .mov, .avi, .flv videos';
- echo ' allow_additional_extensions: true';
- echo ' threads: 2';
- echo ' resolutions: # Only created if the original video has a higher resolution';
- echo ' 240p: true';
- echo ' 360p: false';
- echo ' 480p: false';
- echo ' 720p: false';
- echo ' 1080p: false';
- echo '';
- echo 'import:';
- echo '# Add ability for your users to import remote videos (from YouTube, torrent...)';
- echo ' videos:';
- echo ' http: # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html';
- echo ' enabled: false';
- echo ' torrent: # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)';
- echo ' enabled: false';
- echo 'instance:';
- echo " name: 'PeerTube'";
- echo " short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.'";
- echo " description: '' # Support markdown";
- echo " terms: '' # Support markdown";
- echo " default_client_route: '/videos/trending'";
- echo ' # By default, "do_not_list" or "blur" or "display" NSFW videos';
- echo ' # Could be overridden per user with a setting';
- echo " default_nsfw_policy: 'do_not_list'";
- echo ' customizations:';
- echo " javascript: '' # Directly your JavaScript code (without <script> tags). Will be eval at runtime";
- echo " css: '' # Directly your CSS code (without <style> tags). Will be injected at runtime";
- echo " # Robot.txt rules. To disallow robots to crawl your instance and disallow indexation of your site, add '/' to 'Disallow:'";
- echo ' robots: |';
- echo ' User-agent: *';
- echo ' Disallow:';
- echo ' # Security.txt rules. To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string.';
- echo ' securitytxt:';
- echo " \"# If you would like to report a security issue then go right ahead\"";
- echo '';
- echo 'log:';
- echo " level: 'error' # debug/info/warning/error";
- echo '';
- echo 'search:';
- echo ' remote_uri: # Add ability to search remote videos/actors by URI, that may not be federated with your instance';
- echo ' users: true';
- echo ' anonymous: false';
- echo '';
- echo 'trending:';
- echo ' videos:';
- echo ' interval_days: 7 # Compute trending videos for the last x days';
- echo '';
- echo '# Cache remote videos on your server, to help other instances to broadcast the video';
- echo '# You can define multiple caches using different sizes/strategies';
- echo '# Once you have defined your strategies, choose which instances you want to cache in admin -> manage follows -> following';
- echo 'redundancy:';
- echo ' videos:';
- echo " check_interval: '1 hour' # How often you want to check new videos to cache";
- echo ' strategies:';
- echo ' # -';
- echo " # size: '1GB'";
- echo ' # # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)';
- echo " # min_lifetime: '48 hours'";
- echo " # strategy: 'most-views' # Cache videos that have the most views";
- echo ' # -';
- echo " # size: '1GB'";
- echo ' # # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)';
- echo " # min_lifetime: '48 hours'";
- echo " # strategy: 'trending' # Cache trending videos";
- echo ' # -';
- echo " # size: '1GB'";
- echo ' # # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)';
- echo " # min_lifetime: '48 hours'";
- echo " # strategy: 'recently-added' # Cache recently added videos";
- echo ' # min_views: 10 # Having at least x views';
- echo '';
- echo 'services:';
- echo ' # You can provide a reporting endpoint for Content Security Policy violations';
- echo ' csp-logger:';
- echo ' # Cards configuration to format video in Twitter';
- echo ' twitter:';
- echo " username: '' # Indicates the Twitter account for the website or platform on which the content was published";
- echo ' # If true, a video player will be embedded in the Twitter feed on PeerTube video share';
- echo ' # If false, we use an image link card that will redirect on your PeerTube instance';
- echo ' # Test on https://cards-dev.twitter.com/validator to see if you are whitelisted';
- echo ' whitelisted: false'; } >> "$new_peertube_config_file"
+ peertube_config_database_password=""
+ fi
+
+ cat <<EOF > "$new_peertube_config_file"
+listen:
+ hostname: 'localhost'
+ port: $PEERTUBE_PORT
+
+# Correspond to your reverse proxy server_name/listen configuration
+webserver:
+ https: $peertube_config_https
+ hostname: '$peertube_config_hostname'
+ port: $peertube_config_port
+
+rates_limit:
+ login:
+ # 15 attempts in 5 min
+ window: 5 minutes
+ max: 15
+ ask_send_email:
+ # 3 attempts in 5 min
+ window: 5 minutes
+ max: 3
+
+# Proxies to trust to get real client IP
+# If you run PeerTube just behind a local proxy (nginx), keep 'loopback'
+# If you run PeerTube behind a remote proxy, add the proxy IP address (or subnet)
+trust_proxy:
+ - 'loopback'
+
+# Your database name will be "peertube"+database.suffix
+database:
+ hostname: 'localhost'
+ port: 5432
+ suffix: ''
+ username: 'peertube'
+ password: '$peertube_config_database_password'
+ pool:
+ max: 5
+
+# Redis server for short time storage
+# You can also specify a 'socket' path to a unix socket but first need to
+# comment out hostname and port
+redis:
+ hostname: 'localhost'
+ port: 6379
+ auth: null
+ db: 0
+
+# SMTP server to send emails
+smtp:
+ hostname: null
+ port: 25
+ username: null
+ password: null
+ tls: true # If you use StartTLS: false
+ disable_starttls: true
+ ca_file: null # Used for self signed certificates
+ from_address: '$MY_EMAIL_ADDRESS'
+
+# From the project root directory
+storage:
+ tmp: '$PEERTUBE_DIR/storage/tmp/' # Used to download data (imports etc), store uploaded files before processing...
+ avatars: '$PEERTUBE_DIR/storage/avatars/'
+ videos: '$PEERTUBE_DIR/storage/videos/'
+ streaming_playlists: '$PEERTUBE_DIR/storage/streaming-playlists/'
+ redundancy: '$PEERTUBE_DIR/storage/videos/'
+ logs: '$PEERTUBE_DIR/storage/logs/'
+ previews: '$PEERTUBE_DIR/storage/previews/'
+ thumbnails: '$PEERTUBE_DIR/storage/thumbnails/'
+ torrents: '$PEERTUBE_DIR/storage/torrents/'
+ captions: '$PEERTUBE_DIR/storage/captions/'
+ cache: '$PEERTUBE_DIR/storage/cache/'
+
+log:
+ level: 'info' # debug/info/warning/error
+
+search:
+ # Add ability to fetch remote videos/actors by their URI, that may not be federated with your instance
+ # If enabled, the associated group will be able to "escape" from the instance follows
+ # That means they will be able to follow channels, watch videos, list videos of non followed instances
+ remote_uri:
+ users: true
+ anonymous: false
+
+trending:
+ videos:
+ interval_days: 7 # Compute trending videos for the last x days
+
+# Cache remote videos on your server, to help other instances to broadcast the video
+# You can define multiple caches using different sizes/strategies
+# Once you have defined your strategies, choose which instances you want to cache in admin -> manage follows -> following
+redundancy:
+ videos:
+ check_interval: '1 hour' # How often you want to check new videos to cache
+ strategies: # Just uncomment strategies you want
+# -
+# size: '10GB'
+# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
+# min_lifetime: '48 hours'
+# strategy: 'most-views' # Cache videos that have the most views
+# -
+# size: '10GB'
+# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
+# min_lifetime: '48 hours'
+# strategy: 'trending' # Cache trending videos
+# -
+# size: '10GB'
+# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
+# min_lifetime: '48 hours'
+# strategy: 'recently-added' # Cache recently added videos
+# min_views: 10 # Having at least x views
+
+csp:
+ enabled: false
+ report_only: true # CSP directives are still being tested, so disable the report only mode at your own risk!
+ report_uri:
+
+tracker:
+ # If you disable the tracker, you disable the P2P aspect of PeerTube
+ enabled: true
+ # Only handle requests on your videos.
+ # If you set this to false it means you have a public tracker.
+ # Then, it is possible that clients overload your instance with external torrents
+ private: true
+ # Reject peers that do a lot of announces (could improve privacy of TCP/UDP peers)
+ reject_too_many_announces: false
+
+history:
+ videos:
+ # If you want to limit users videos history
+ # -1 means there is no limitations
+ # Other values could be '6 months' or '30 days' etc (PeerTube will periodically delete old entries from database)
+ max_age: -1
+
+views:
+ videos:
+ # PeerTube creates a database entry every hour for each video to track views over a period of time
+ # This is used in particular by the Trending page
+ # PeerTube could remove old remote video views if you want to reduce your database size (video view counter will not be altered)
+ # -1 means no cleanup
+ # Other values could be '6 months' or '30 days' etc (PeerTube will periodically delete old entries from database)
+ remote:
+ max_age: -1
+
+
+###############################################################################
+#
+# From this point, all the following keys can be overridden by the web interface
+# (local-production.json file). If you need to change some values, prefer to
+# use the web interface because the configuration will be automatically
+# reloaded without any need to restart PeerTube.
+#
+# /!\ If you already have a local-production.json file, the modification of the
+# following keys will have no effect /!\.
+#
+###############################################################################
+
+cache:
+ previews:
+ size: 500 # Max number of previews you want to cache
+ captions:
+ size: 500 # Max number of video captions/subtitles you want to cache
+
+admin:
+ # Used to generate the root user at first startup
+ # And to receive emails from the contact form
+ email: '$MY_EMAIL_ADDRESS'
+
+contact_form:
+ enabled: true
+
+signup:
+ enabled: false
+ limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited
+ requires_email_verification: false
+ filters:
+ cidr: # You can specify CIDR ranges to whitelist (empty = no filtering) or blacklist
+ whitelist: []
+ blacklist: []
+
+user:
+ # Default value of maximum video BYTES the user can upload (does not take into account transcoded files).
+ # -1 == unlimited
+ video_quota: -1
+ video_quota_daily: -1
+
+# If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag
+# In addition, if some resolutions are enabled the mp4 video file will be transcoded to these new resolutions.
+# Please, do not disable transcoding since many uploaded videos will not work
+transcoding:
+ enabled: true
+ # Allow your users to upload .mkv, .mov, .avi, .flv videos
+ allow_additional_extensions: true
+ threads: 1
+ resolutions: # Only created if the original video has a higher resolution, uses more storage!
+ 240p: false
+ 360p: false
+ 480p: false
+ 720p: false
+ 1080p: false
+ # /!\ EXPERIMENTAL /!\
+ # /!\ Requires ffmpeg >= 4
+ # Generate HLS playlists and fragmented MP4 files. Better playback than with WebTorrent:
+ # * Resolution change is smoother
+ # * Faster playback in particular with long videos
+ # * More stable playback (less bugs/infinite loading)
+ # /!\ Multiplies videos storage by 2 /!\
+ hls:
+ enabled: false
+
+import:
+ # Add ability for your users to import remote videos (from YouTube, torrent...)
+ videos:
+ http: # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html
+ enabled: false
+ torrent: # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)
+ enabled: false
+
+auto_blacklist:
+ # New videos automatically blacklisted so moderators can review before publishing
+ videos:
+ of_users:
+ enabled: false
+
+# Instance settings
+instance:
+ name: 'PeerTube'
+ short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.'
+ description: '' # Support markdown
+ terms: '' # Support markdown
+ default_client_route: '/videos/trending'
+ # Whether or not the instance is dedicated to NSFW content
+ # Enabling it will allow other administrators to know that you are mainly federating sensitive content
+ # Moreover, the NSFW checkbox on video upload will be automatically checked by default
+ is_nsfw: false
+ # By default, "do_not_list" or "blur" or "display" NSFW videos
+ # Could be overridden per user with a setting
+ default_nsfw_policy: 'do_not_list'
+ customizations:
+ javascript: '' # Directly your JavaScript code (without <script> tags). Will be eval at runtime
+ css: '' # Directly your CSS code (without <style> tags). Will be injected at runtime
+ # Robot.txt rules. To disallow robots to crawl your instance and disallow indexation of your site, add '/' to "Disallow:'
+ robots: |
+ User-agent: *
+ Disallow:
+ # Security.txt rules. To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string.
+ securitytxt:
+ "# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:"
+
+services:
+ # You can provide a reporting endpoint for Content Security Policy violations
+ csp-logger:
+ # Cards configuration to format video in Twitter
+ twitter:
+ username: '@Chocobozzz' # Indicates the Twitter account for the website or platform on which the content was published
+ # If true, a video player will be embedded in the Twitter feed on PeerTube video share
+ # If false, we use an image link card that will redirect on your PeerTube instance
+ # Test on https://cards-dev.twitter.com/validator to see if you are whitelisted
+ whitelisted: false
+
+followers:
+ instance:
+ # Allow or not other instances to follow yours
+ enabled: true
+ # Whether or not an administrator must manually validate a new follower
+ manual_approval: false
+EOF
+
}
function mesh_install_peertube {