diff --git a/README.md b/README.md
index fff8871..5ea302b 100644
--- a/README.md
+++ b/README.md
@@ -4,8 +4,57 @@
[](https://install-app.yunohost.org/?app=peertube)
=======
-Shipped Version: **1.0.0-beta.15**
+Shipped Version: **1.2.0**
+# Nodejs branch for servers giving error on yarn install (OVH)
+
+You will have to run few **commands in the terminal to run Peertube**. **Nodejs** will not be installed by **shell** and **passowrd** will not be created by shell. So you have to do these **things manually**.
+
+## Steps for installing
+
+1. Install **nodejs**
+
+ $ curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
+ $ sudo apt-get install -y nodejs
+1. Install the peertube with **OVH fix** branch.
+
+ $ yunohost app --debug install --debug https://github.com/YunoHost-Apps/peertube_ynh/tree/ovh_fix
+1. After installation is complete run **yarn install**.
+
+ $ cd /var/www/peertube && yarn install --production --pure-lockfile
+1. Give proper **permissions** to peertube
+
+ $ chown -R peertube:peertube /var/www/peertube
+1. **Restart peertube** and check if there is any error message.
+
+ $ service peertube restart && journalctl -feu peertube
+
+1. If there is no **error in red** in the last lines of log. Press **ctrl+c** to stop the logs.
+1. Go to your **domain** to check if peertube is running and everthing is ok.
+1. Change your **root password** by this command:
+
+ $ cd /var/www/peertube && NODE_CONFIG_DIR="/var/www/peertube/config/" NODE_ENV=production npm run reset-password -- -u root
+
+ Username: **root**
+ password: **created in above step**
+
+## Updating peertube
+1. Stop peertube
+
+ $ service peertube stop
+1. Upgrade the package:
+
+ $ yunohost app upgrade --debug -u https://github.com/YunoHost-Apps/peertube_ynh/tree/ovh_fix peertube
+1. After installation is complete run **yarn install**.
+
+ $ cd /var/www/peertube && yarn install --production --pure-lockfile
+1. Give proper **permissions** to peertube
+
+ $ chown -R peertube:peertube /var/www/peertube
+1. Start service.
+
+ $ service peertube start
+
## What is Peertube ?
PeerTube is a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser, using WebTorrent.
diff --git a/conf/app.src b/conf/app.src
index 27a68ae..7d3a43a 100644
--- a/conf/app.src
+++ b/conf/app.src
@@ -1,5 +1,5 @@
-SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v1.0.0-beta.15/peertube-v1.0.0-beta.15.tar.xz
-SOURCE_SUM=fff45acc7cc84fc1847c0ed62fe2a64e683fe84b394cb64edb7a4b7fa9144da0
+SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v1.2.0/peertube-v1.2.0.tar.xz
+SOURCE_SUM=2ef5c4d0cf1f0f8a71e0b1f5a5146fbf4a9617ea79f32de618fe3b3c726d8f7e
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.xz
SOURCE_IN_SUBDIR=true
diff --git a/conf/nginx.conf b/conf/nginx.conf
index 2210a02..71e59d3 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -1,9 +1,10 @@
+ # Bypass PeerTube for performance reasons. Could be removed
location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ {
add_header Cache-Control "public, max-age=31536000, immutable";
alias __FINALPATH__/client/dist/$1;
}
-
+ # Bypass PeerTube for performance reasons. Could be removed
location ~ ^/static/(thumbnails|avatars)/ {
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
@@ -36,8 +37,17 @@
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-
- # Hard limit, PeerTube does not support videos > 8GB
+
+ # This is the maximum upload size, which roughly matches the maximum size of a video file
+ # you can send via the API or the web interface. By default this is 8GB, but administrators
+ # can increase or decrease the limit. Currently there's no way to communicate this limit
+ # to users automatically, so you may want to leave a note in your instance 'about' page if
+ # you change this.
+ #
+ # Note that temporary space is needed equal to the total size of all concurrent uploads.
+ # This data gets stored in /var/lib/nginx by default, so you may want to put this directory
+ # on a dedicated filesystem.
+ #
client_max_body_size 8G;
proxy_connect_timeout 600;
proxy_send_timeout 600;
@@ -46,7 +56,7 @@
}
# Bypass PeerTube for performance reasons. Could be removed
- location /static/webseed {
+ location ~ ^/static/(webseed|redundancy)/ {
# Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
limit_rate 800k;
@@ -69,7 +79,14 @@
access_log off;
}
- alias /home/yunohost.app/__NAME__/storage/videos;
+ root /home/yunohost.app/__NAME__/storage;
+
+ rewrite ^/static/webseed/(.*)$ /videos/$1 break;
+ rewrite ^/static/redundancy/(.*)$ /redundancy/$1 break;
+
+ try_files $uri /;
+
+
}
# Websocket tracker
@@ -84,3 +101,18 @@
proxy_set_header Host $host;
proxy_pass http://localhost:__PORT__;
}
+
+location /socket.io {
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header Host $host;
+
+ proxy_pass http://localhost:__PORT__;
+
+ # enable WebSockets
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ }
+
+
+
diff --git a/conf/production.yaml b/conf/production.yaml
index a13fb47..0454369 100644
--- a/conf/production.yaml
+++ b/conf/production.yaml
@@ -47,8 +47,10 @@ smtp:
# From the project root directory
storage:
+ tmp: '/home/yunohost.app/__app__/storage/tmp/' # Used to download data (imports etc), store uploaded files before processing...
avatars: '/home/yunohost.app/__app__/storage/avatars/'
videos: '/home/yunohost.app/__app__/storage/videos/'
+ redundancy: '/home/yunohost.app/__app__/storage/videos/'
logs: '/home/yunohost.app/__app__/storage/logs/'
previews: '/home/yunohost.app/__app__/storage/previews/'
thumbnails: '/home/yunohost.app/__app__/storage/thumbnails/'
@@ -60,7 +62,10 @@ log:
level: 'info' # debug/info/warning/error
search:
- remote_uri: # Add ability to search remote videos/actors by URI, that may not be federated with your instance
+# Add ability to fetch remote videos/actors by their URI, that may not be federated with your instance
+# If enabled, the associated group will be able to "escape" from the instance follows
+# That means they will be able to follow channels, watch videos, list videos of non followed instances
+ remote_uri:
users: true
anonymous: false
@@ -71,8 +76,10 @@ trending:
# Cache remote videos on your server, to help other instances to broadcast the video
# You can define multiple caches using different sizes/strategies
# Once you have defined your strategies, choose which instances you want to cache in admin -> manage follows -> following
-redundancy:
- videos:
+#redundancy:
+# videos:
+# check_interval: '6 hour' # How often you want to check new videos to cache
+# strategies:
# -
# size: '10GB'
# strategy: 'most-views' # Cache videos that have the most views
@@ -80,13 +87,11 @@ redundancy:
# size: '10GB'
# strategy: 'trending' # Cache trending videos
# -
- size: '1GB'
- # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
- min_lifetime: '48 hours'
- strategy: 'recently-added' # Cache recently added videos
- minViews: 10 # Having at least x views
-
-
+# size: '1GB'
+# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
+# min_lifetime: '48 hours'
+# strategy: 'recently-added' # Cache recently added videos
+# min_views: 10 # Having at least x views
###############################################################################
#
@@ -108,8 +113,13 @@ cache:
admin:
+ # Used to generate the root user at first startup
+ # And to receive emails from the contact form
email: '__email__'
+contact_form:
+ enabled: true
+
signup:
enabled: false
limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited
@@ -130,6 +140,8 @@ user:
# Please, do not disable transcoding since many uploaded videos will not work
transcoding:
enabled: true
+ # Allow your users to upload .mkv, .mov, .avi, .flv videos
+ allow_additional_extensions: true
threads: 1
resolutions: # Only created if the original video has a higher resolution, uses more storage!
240p: false
@@ -162,12 +174,14 @@ instance:
# Robot.txt rules. To disallow robots to crawl your instance and disallow indexation of your site, add '/' to "Disallow:'
robots: |
User-agent: *
- Disallow: ''
+ Disallow:
# Security.txt rules. To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string.
securitytxt:
"# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:"
services:
+ # You can provide a reporting endpoint for Content Security Policy violations
+ csp-logger:
# Cards configuration to format video in Twitter
twitter:
username: '@yunohost' # Indicates the Twitter account for the website or platform on which the content was published
diff --git a/conf/systemd.service b/conf/systemd.service
index 8f5be9d..85dd1b8 100644
--- a/conf/systemd.service
+++ b/conf/systemd.service
@@ -16,5 +16,24 @@ StandardError=syslog
SyslogIdentifier=__APP__
Restart=always
+; Some security directives.
+; Use private /tmp and /var/tmp folders inside a new file system namespace,
+; which are discarded after the process stops.
+PrivateTmp=true
+; Mount /usr, /boot, and /etc as read-only for processes invoked by this service.
+ProtectSystem=full
+; Sets up a new /dev mount for the process and only adds API pseudo devices
+; like /dev/null, /dev/zero or /dev/random but not physical devices. Disabled
+; by default because it may not work on devices like the Raspberry Pi.
+PrivateDevices=false
+; Ensures that the service process and all its children can never gain new
+; privileges through execve().
+NoNewPrivileges=true
+; This makes /home, /root, and /run/user inaccessible and empty for processes invoked
+; by this unit. Make sure that you do not depend on data inside these folders.
+ProtectHome=false
+; Drops the sys admin capability from the daemon.
+CapabilityBoundingSet=~CAP_SYS_ADMIN
+
[Install]
WantedBy=multi-user.target
diff --git a/manifest.json b/manifest.json
index bfae4ab..33d9c95 100644
--- a/manifest.json
+++ b/manifest.json
@@ -6,7 +6,7 @@
"en": "Video streaming platform using P2P directly in the web browser, connected to a federated network",
"fr": "Plateforme de diffusion vidéo par P2P directement dans le navigateur, et connectée à un réseau fédéralisé"
},
- "version": "1.0.0-beta.15",
+ "version": "1.2.0",
"url": "https://github.com/Chocobozzz/PeerTube",
"license": "AGPL-3.0-only",
"maintainer": {
diff --git a/scripts/install b/scripts/install
index ae188e3..565b343 100644
--- a/scripts/install
+++ b/scripts/install
@@ -69,9 +69,6 @@ ynh_app_setting_set "$app" is_public "$is_public"
# Find a free port
port=$(ynh_find_port 9000)
-
-# Open this port
-yunohost firewall allow Both "$port" 2>&1
ynh_app_setting_set "$app" port "$port"
#=================================================
@@ -141,10 +138,6 @@ ynh_setup_source "$final_path"
cp ../conf/production.yaml "$final_path/config/production.yaml"
touch "$final_path/config/local-production.json"
-(
- cd "$final_path"
- yarn install --production --pure-lockfile
-)
#=================================================
# NGINX CONFIGURATION
@@ -226,28 +219,4 @@ ynh_add_systemd_config
systemctl enable "$app"
systemctl start "$app"
-#=================================================
-# CHANGE PEERTUBE ADMIN PASSWORD AFTER INITIAL GEN
-#=================================================
-# we need to wait for the service to init peertube's database
-(
- cd "$final_path"
- sleep 30
- echo $admin_pass | NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production npm run reset-password -- -u root
-)
-
-#=================================================
-# SEND A README FOR THE ADMIN
-#=================================================
-
-message=" $app was successfully installed :)
-
-Please open your $app domain: https://$domain$path_url
-
-The admin username is: root
-The admin password is: $admin_pass
-
-If you are facing any problem or want to improve this app, please open a new issue here: https://github.com/YunoHost-Apps/peertube_ynh"
-
-ynh_send_readme_to_admin "$message"
diff --git a/scripts/restore b/scripts/restore
index a3ea65c..a35ef5e 100644
--- a/scripts/restore
+++ b/scripts/restore
@@ -62,9 +62,6 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file "$final_path"
-# Open this port
-yunohost firewall allow Both "$port" 2>&1
-
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
@@ -85,8 +82,6 @@ chown -R "$app":"$app" "/home/yunohost.app/${app}/storage"
# REINSTALL DEPENDENCIES
#=================================================
-# install nodejs
-ynh_install_nodejs 8
# add backports for Debian Jessie (required to install ffmpeg)
if [ "$(lsb_release --codename --short)" == "jessie" ]; then
@@ -128,11 +123,6 @@ ynh_restore_file "/etc/logrotate.d/$app"
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
-(
- cd "$final_path"
- yarn install --production --pure-lockfile --silent --cache-folder /var/cache/yarn/
-)
-
# Set right permissions
chown -R "$app":"$app" "$final_path"
diff --git a/scripts/upgrade b/scripts/upgrade
index 1ff822b..dcf1ff3 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -77,8 +77,15 @@ datadir="/home/yunohost.app/${app}/storage"
# Create app folders
mkdir -p "$datadir"
-# Open this port
-yunohost firewall allow Both "$port" 2>&1
+#=================================================
+# CLOSE A PORT
+#=================================================
+
+if yunohost firewall list | grep -q "\- $port$"
+then
+ echo "Close port $port"
+ yunohost firewall disallow Both "$port" 2>&1
+fi
#=================================================
# CREATE DEDICATED USER
@@ -91,8 +98,6 @@ ynh_system_user_create "$app"
# INSTALL DEPENDENCIES
#=================================================
-# install nodejs
-ynh_install_nodejs 8
# add backports for Debian Jessie (required to install ffmpeg)
if [ "$(lsb_release --codename --short)" == "jessie" ]; then
@@ -128,11 +133,6 @@ cp -a "$tmpdir/local-production.json" "$final_path/config/local-production.json
# Remove the tmp directory securely
ynh_secure_remove "$tmpdir"
-(
- cd "$final_path"
- yarn install --production --pure-lockfile
-)
-
#=================================================
# NGINX CONFIGURATION