diff --git a/README.md b/README.md
index 3b11493..85629c7 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@
[](https://install-app.yunohost.org/?app=peertube)
=======
-Shipped Version: **1.1.0**
+Shipped Version: **1.2.0**
## What is Peertube ?
PeerTube is a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser, using WebTorrent.
diff --git a/conf/app.src b/conf/app.src
index feb4c89..7d3a43a 100644
--- a/conf/app.src
+++ b/conf/app.src
@@ -1,5 +1,5 @@
-SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v1.1.0/peertube-v1.1.0.tar.xz
-SOURCE_SUM=b775bab2bb9f9a957b7f4decc1d3372bf209628cede7e0a6a908bc0d6f4eb595
+SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v1.2.0/peertube-v1.2.0.tar.xz
+SOURCE_SUM=2ef5c4d0cf1f0f8a71e0b1f5a5146fbf4a9617ea79f32de618fe3b3c726d8f7e
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.xz
SOURCE_IN_SUBDIR=true
diff --git a/conf/nginx.conf b/conf/nginx.conf
index 1046098..10c6d5a 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -38,7 +38,16 @@
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- # Hard limit, PeerTube does not support videos > 8GB
+ # This is the maximum upload size, which roughly matches the maximum size of a video file
+ # you can send via the API or the web interface. By default this is 8GB, but administrators
+ # can increase or decrease the limit. Currently there's no way to communicate this limit
+ # to users automatically, so you may want to leave a note in your instance 'about' page if
+ # you change this.
+ #
+ # Note that temporary space is needed equal to the total size of all concurrent uploads.
+ # This data gets stored in /var/lib/nginx by default, so you may want to put this directory
+ # on a dedicated filesystem.
+ #
client_max_body_size 8G;
proxy_connect_timeout 600;
proxy_send_timeout 600;
@@ -47,7 +56,7 @@
}
# Bypass PeerTube for performance reasons. Could be removed
- location /static/webseed {
+ location ~ ^/static/(webseed|redundancy)/ {
# Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
limit_rate 800k;
@@ -70,7 +79,12 @@
access_log off;
}
- alias /home/yunohost.app/__NAME__/storage/videos;
+ root /home/yunohost.app/__NAME__/storage;
+
+ rewrite ^/static/webseed/(.*)$ /videos/$1 break;
+ rewrite ^/static/redundancy/(.*)$ /redundancy/$1 break;
+
+ try_files $uri /;
}
@@ -87,3 +101,30 @@
proxy_set_header Host $host;
proxy_pass http://localhost:__PORT__;
}
+
+location /socket.io {
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header Host $host;
+
+ proxy_pass http://localhost:__PORT__;
+
+ # enable WebSockets
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ }
+}
+
+ © 2019 GitHub, Inc.
+ Terms
+ Privacy
+ Security
+ Status
+ Help
+
+ Contact GitHub
+ Pricing
+ API
+ Training
+ Blog
+ About
diff --git a/conf/production.yaml b/conf/production.yaml
index a901947..0454369 100644
--- a/conf/production.yaml
+++ b/conf/production.yaml
@@ -47,8 +47,10 @@ smtp:
# From the project root directory
storage:
+ tmp: '/home/yunohost.app/__app__/storage/tmp/' # Used to download data (imports etc), store uploaded files before processing...
avatars: '/home/yunohost.app/__app__/storage/avatars/'
videos: '/home/yunohost.app/__app__/storage/videos/'
+ redundancy: '/home/yunohost.app/__app__/storage/videos/'
logs: '/home/yunohost.app/__app__/storage/logs/'
previews: '/home/yunohost.app/__app__/storage/previews/'
thumbnails: '/home/yunohost.app/__app__/storage/thumbnails/'
@@ -111,8 +113,13 @@ cache:
admin:
+ # Used to generate the root user at first startup
+ # And to receive emails from the contact form
email: '__email__'
+contact_form:
+ enabled: true
+
signup:
enabled: false
limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited
@@ -133,6 +140,8 @@ user:
# Please, do not disable transcoding since many uploaded videos will not work
transcoding:
enabled: true
+ # Allow your users to upload .mkv, .mov, .avi, .flv videos
+ allow_additional_extensions: true
threads: 1
resolutions: # Only created if the original video has a higher resolution, uses more storage!
240p: false
@@ -171,6 +180,8 @@ instance:
"# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:"
services:
+ # You can provide a reporting endpoint for Content Security Policy violations
+ csp-logger:
# Cards configuration to format video in Twitter
twitter:
username: '@yunohost' # Indicates the Twitter account for the website or platform on which the content was published
diff --git a/conf/systemd.service b/conf/systemd.service
index 8f5be9d..85dd1b8 100644
--- a/conf/systemd.service
+++ b/conf/systemd.service
@@ -16,5 +16,24 @@ StandardError=syslog
SyslogIdentifier=__APP__
Restart=always
+; Some security directives.
+; Use private /tmp and /var/tmp folders inside a new file system namespace,
+; which are discarded after the process stops.
+PrivateTmp=true
+; Mount /usr, /boot, and /etc as read-only for processes invoked by this service.
+ProtectSystem=full
+; Sets up a new /dev mount for the process and only adds API pseudo devices
+; like /dev/null, /dev/zero or /dev/random but not physical devices. Disabled
+; by default because it may not work on devices like the Raspberry Pi.
+PrivateDevices=false
+; Ensures that the service process and all its children can never gain new
+; privileges through execve().
+NoNewPrivileges=true
+; This makes /home, /root, and /run/user inaccessible and empty for processes invoked
+; by this unit. Make sure that you do not depend on data inside these folders.
+ProtectHome=false
+; Drops the sys admin capability from the daemon.
+CapabilityBoundingSet=~CAP_SYS_ADMIN
+
[Install]
WantedBy=multi-user.target
diff --git a/manifest.json b/manifest.json
index 7d8d9c7..33d9c95 100644
--- a/manifest.json
+++ b/manifest.json
@@ -6,7 +6,7 @@
"en": "Video streaming platform using P2P directly in the web browser, connected to a federated network",
"fr": "Plateforme de diffusion vidéo par P2P directement dans le navigateur, et connectée à un réseau fédéralisé"
},
- "version": "1.1.0",
+ "version": "1.2.0",
"url": "https://github.com/Chocobozzz/PeerTube",
"license": "AGPL-3.0-only",
"maintainer": {