Commit 60421bad authored by Boxiang Sun's avatar Boxiang Sun

peertube improvement

parent 41deb87a
...@@ -161,3 +161,5 @@ return = domain secure_access ...@@ -161,3 +161,5 @@ return = domain secure_access
[publish-connection-parameter] [publish-connection-parameter]
recipe = slapos.cookbook:publish recipe = slapos.cookbook:publish
frontend-url = $${frontend:connection-secure_access} frontend-url = $${frontend:connection-secure_access}
frontend-hostname = $${frontend:connection-domain}
frontend-port = 9000
...@@ -51,7 +51,7 @@ http { ...@@ -51,7 +51,7 @@ http {
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript; gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
upstream backend { upstream backend {
server $${instance-parameter:ipv4-random}:9000; server $${instance-parameter:ipv4-random}:$${publish-connection-parameter:frontend-port};
} }
server { server {
...@@ -75,16 +75,16 @@ server { ...@@ -75,16 +75,16 @@ server {
# based on Mozilla Guideline v5.6 # based on Mozilla Guideline v5.6
## ##
# ssl_protocols TLSv1.2 TLSv1.3; ssl_protocols TLSv1.2 TLSv1.3;
# ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
# ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256; # add ECDHE-RSA-AES256-SHA if you want compatibility with Android 4 ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256; # add ECDHE-RSA-AES256-SHA if you want compatibility with Android 4
# ssl_session_timeout 1d; # defaults to 5m ssl_session_timeout 1d; # defaults to 5m
# ssl_session_cache shared:SSL:10m; # estimated to 40k sessions ssl_session_cache shared:SSL:10m; # estimated to 40k sessions
# ssl_session_tickets off; ssl_session_tickets off;
# ssl_stapling on; ssl_stapling on;
# ssl_stapling_verify on; ssl_stapling_verify on;
# HSTS (https://hstspreload.org), requires to be copied in 'location' sections that have add_header directives # HSTS (https://hstspreload.org), requires to be copied in 'location' sections that have add_header directives
#add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
## ##
# Application # Application
......
listen: listen:
hostname: '$${instance-parameter:ipv4-random}' hostname: '$${instance-parameter:ipv4-random}'
port: 9000 port: $${publish-connection-parameter:frontend-port}
# Correspond to your reverse proxy server_name/listen configuration (i.e., your public PeerTube instance URL) # Correspond to your reverse proxy server_name/listen configuration (i.e., your public PeerTube instance URL)
webserver: webserver:
https: true https: true
hostname: '[$${nginx-configuration:ip}]' hostname: '$${publish-connection-parameter:frontend-hostname}'
port: $${nginx-configuration:port} port: 443
# Secrets you need to generate the first time you run PeerTube # Secrets you need to generate the first time you run PeerTube
secrets: secrets:
...@@ -44,10 +44,10 @@ trust_proxy: ...@@ -44,10 +44,10 @@ trust_proxy:
# Your database name will be database.name OR 'peertube'+database.suffix # Your database name will be database.name OR 'peertube'+database.suffix
database: database:
hostname: '$${postgresql:ipv4}' hostname: '$${postgresql:ipv4}'
port: 5432 port: '$${postgresql:port}'
ssl: false ssl: false
suffix: '_prod' suffix: '_prod'
username: 'peertube' username: '$${postgresql:superuser}'
password: '$${postgresql:password}' password: '$${postgresql:password}'
pool: pool:
max: 5 max: 5
...@@ -191,22 +191,6 @@ log: ...@@ -191,22 +191,6 @@ log:
# Accept warn/error logs coming from the client # Accept warn/error logs coming from the client
accept_client_log: true accept_client_log: true
# Highly experimental support of Open Telemetry
open_telemetry:
metrics:
enabled: false
# Create a prometheus exporter server on this port so prometheus server can scrape PeerTube metrics
prometheus_exporter:
port: 9091
tracing:
enabled: false
# Send traces to a Jaeger compatible endpoint
jaeger_exporter:
endpoint: ''
trending: trending:
videos: videos:
interval_days: 7 # Compute trending videos for the last x days interval_days: 7 # Compute trending videos for the last x days
...@@ -302,7 +286,7 @@ plugins: ...@@ -302,7 +286,7 @@ plugins:
# The website PeerTube will ask for available PeerTube plugins and themes # The website PeerTube will ask for available PeerTube plugins and themes
# This is an unmoderated plugin index, so only install plugins/themes you trust # This is an unmoderated plugin index, so only install plugins/themes you trust
index: index:
enabled: true enabled: false
check_latest_versions_interval: '12 hours' # How often you want to check new plugins/themes versions check_latest_versions_interval: '12 hours' # How often you want to check new plugins/themes versions
url: 'https://packages.joinpeertube.org' url: 'https://packages.joinpeertube.org'
...@@ -363,7 +347,7 @@ admin: ...@@ -363,7 +347,7 @@ admin:
email: 'admin@example.com' email: 'admin@example.com'
contact_form: contact_form:
enabled: true enabled: false
signup: signup:
enabled: false enabled: false
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment