diff --git a/seed/applicationservice/2022.03.08/apache/manual/image/preinstall/apache.sh b/seed/applicationservice/2022.03.08/apache/manual/image/preinstall/apache.sh
new file mode 100644
index 0000000..c8ac040
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/apache/manual/image/preinstall/apache.sh
@@ -0,0 +1 @@
+PKG="$PKG mod_ssl"
diff --git a/seed/applicationservice/2022.03.08/base-fedora-36/applicationservice.yml b/seed/applicationservice/2022.03.08/base-fedora-36/applicationservice.yml
new file mode 100644
index 0000000..8788147
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/base-fedora-36/applicationservice.yml
@@ -0,0 +1,4 @@
+format: '0.1'
+description: Information de base d'un serveur fedora version 36
+depends:
+ - base-fedora
diff --git a/seed/applicationservice/2022.03.08/base-fedora-36/dictionaries/00-fedora-version.xml b/seed/applicationservice/2022.03.08/base-fedora-36/dictionaries/00-fedora-version.xml
new file mode 100644
index 0000000..2d7cea1
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/base-fedora-36/dictionaries/00-fedora-version.xml
@@ -0,0 +1,10 @@
+
+
+
+
+
+ 36
+
+
+
+
diff --git a/seed/applicationservice/2022.03.08/base-fedora-36/manual/image/postinstall/base_fedora_version.sh b/seed/applicationservice/2022.03.08/base-fedora-36/manual/image/postinstall/base_fedora_version.sh
new file mode 100644
index 0000000..219e52e
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/base-fedora-36/manual/image/postinstall/base_fedora_version.sh
@@ -0,0 +1,7 @@
+# ACTIVE NETWORKD
+mkdir $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/network-online.target.wants
+chmod 775 $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/network-online.target.wants
+ln -s /usr/lib/systemd/system/systemd-networkd.service "$IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/dbus-org.freedesktop.network1.service"
+ln -s /usr/lib/systemd/system/systemd-networkd.service "$IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/multi-user.target.wants/systemd-networkd.service"
+ln -s /usr/lib/systemd/system/systemd-networkd-wait-online.service "$IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service"
+ln -s /usr/lib/systemd/system/systemd-networkd.socket "$IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/sockets.target.wants/systemd-networkd.socket"
diff --git a/seed/applicationservice/2022.03.08/base-fedora-36/manual/image/preinstall/base_fedora_version.sh b/seed/applicationservice/2022.03.08/base-fedora-36/manual/image/preinstall/base_fedora_version.sh
new file mode 100644
index 0000000..9b4030a
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/base-fedora-36/manual/image/preinstall/base_fedora_version.sh
@@ -0,0 +1 @@
+RELEASEVER=36
diff --git a/seed/applicationservice/2022.03.08/host-systemd-machined/templates/RPM-GPG-KEY-fedora-36-x86_64 b/seed/applicationservice/2022.03.08/host-systemd-machined/templates/RPM-GPG-KEY-fedora-36-x86_64
new file mode 100644
index 0000000..3b1b19b
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/host-systemd-machined/templates/RPM-GPG-KEY-fedora-36-x86_64
@@ -0,0 +1,29 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBGAkKwgBEAC+IQKqp/BI1VIvRRqcnRoAxkzsY3pxIS1L+C4gaWjIMf1eBBTq
+v9eKd4xHsW80VL/tl81WZWO/7JXKmgHODiXrv4HmDIOo6Z1hxehjVRF3Ih4+sKHR
+XCJgwcdJnMfqTKnHiycQggeDuheWbfjV2Fgmvxy0jh0M5PCB5taNz41LmPOaUQmn
+PXcI05CjP5msKjRBObw5Cd2oad60pTNhnBWRf288S8W4wH4jNISOZLZTOf6HU5gJ
+w9wU9RZoaz8kZPNArlJjZsN83S0XLCxpa6UUgYdzPDHOWGtcWGs3bvNAlTYuacun
+oICOvTH/ZJU7mgaZbbdSPVLDJdLBKRVgHbdTAK0J913FEiU93GJR5bf/W5FMN7DV
+6hsJVMiY/knJmkTFE9whDSjEc0TAYhQuC1HnzvMPGJvkeEz9nRqna5QUuo7V6LI4
+fZNTSlqFyIi/Oa3ZoliOyOshxJmU3y1HaNcHerO1nFbTtZ7s/TKBhY9oFq4T4gJV
+yFWy33p/JDxOtlVjpHEkzwXGdPe6R4xK8xHObEVraOMZMaweII+tMOGwVbxZu2kC
+A1aflM+oeyU1Fx9qqM0+dYyHO+kp3M5UtfM006RcNcdfoGrA4l6z9sUnHKsYzOLP
+RvKkzxiX3T91vHtRGCXjPOgOsJJzjkFtE1a5oFZg39fC99HZdbX0rUqAtQARAQAB
+tDFGZWRvcmEgKDM2KSA8ZmVkb3JhLTM2LXByaW1hcnlAZmVkb3JhcHJvamVjdC5v
+cmc+iQJOBBMBCAA4FiEEU97Sy5Iti42eY/0YmZ98vzircfQFAmAkKwgCGw8FCwkI
+BwIGFQoJCAsCBBYCAwECHgECF4AACgkQmZ98vzircfSGaxAAlDBWuY1Ch3YsssGE
+uaeOuaHmDj08p08WUAFUPBN0ID+0pmRQjywFzrufw8Z2g/lHwic+tpXXr/RtMmcl
++WzLh1E34TRqEngjDJ27QBq1Jyid3h1manKLhZhJ8b1usKHP7Dqh7n+eMTv2Qgrt
+6MrCNe4otWZ9WJ5vp/Bay5yAtU6lNoWBmJ+6BS1/2mg2jhoXrfg/Vey+/i6nYZIk
+M4IcYCyGCi9rjc8NMgkCyzPkPJtsy2taB+VdUcZyjFpc1acmC8sR/2/SEl4+pOtM
+UzW+OUOQFrerX/8MC5LqvmtsiPMyRDCOw3reJTXyoUIehoHoK9QtAdIRRP2nAkPy
+GKycVzsLbtheJXUZharXL1DwOkpMNlm3hp9BxX89m7dLblMSjtrQPs8CkpAExAQW
+FBltsD73ZhGnfE/XdWp7343m1w5W2m85/rczP+2et+c+HPmYTgaJTu8fAF0FoTDd
+uD1r9DxRa2oN3YBiPP/nXnhJaH//GgF/RRw7Fbc66fCh8DTrMsPgmyi/O3/pdSGe
+k0UqEfSdzNPbl7gVFlCbr4Ur5n1ph+sEZqOhMuyszLZZvYvUrHsDuanML5X25coP
+h+rqyjHJJeYlS2tMAQB1fmHB0LWhRhKYaOROAXFmUutFUxVVoigNCl8mV561DCz6
+6/zy81ZGeyUGOEIZ1NFuoY0EhC8=
+=KaIq
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/seed/applicationservice/2022.03.08/host-systemd-machined/templates/RPM-GPG-KEY-rpmfusion-free-fedora-36 b/seed/applicationservice/2022.03.08/host-systemd-machined/templates/RPM-GPG-KEY-rpmfusion-free-fedora-36
new file mode 100644
index 0000000..86f3622
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/host-systemd-machined/templates/RPM-GPG-KEY-rpmfusion-free-fedora-36
@@ -0,0 +1,29 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBF2tu8EBEADnI6bmlE7ebLuYSBKJavk7gwX8L2S0lDwtmAFmNcxQ/tAhh5Gx
+2RKEneou12pSxav8MvbKOr4IpJLLmuoQMLYkbQRHovgVfDYdtvK9T8tZH51ACtnC
+KKr9SucnKhWpDk3/n/djV0I2qSesE6QcJVrh66bT/8nbyIFbbiYLOgE88YAX5Wdj
+TkgmYXJ54l1MP/3N64pFlmk6myYCrLh7cibFYLZOW2Xwfq6Go6HOpGn9Cazb+T6m
+LALkVPERu2QkcUhMqy/slD5tFFb7DW1gkwnYiu5PKwThW7laZgmw2yAgDV+JccdK
+D9ZHALmy9GyQ1ZjDptpa5BObE5vazbuAbSndoIqwaMxCrlqhIYdmqz4m/HJ9BaC0
+mRSkT6N9SqytZXFhu5/Ld6+/Ol3b+q28bnV64qQrDH6hgnrRdqCQpm8g7tZFuk5X
+JsB/A+EfI2kE6YXqWaGdEx0XcqOv97n6sRZNweOHX3vSM0eLwmM2dpgc7RvMfcqr
+73ylZ9CnWVUD6cl+wE8SnGnVVqYau2spZFzKVAcfi/Zwvh6wM7/83XC2mkIHmoFR
+OY5aDWFhoFZFgiHHnmDv6kACNmSHb/oYRkvwQ+JhAQu4I9CYw1sxaUDjwtt7a+4I
+mBZM8WuvAVLkqnF+MJetiL15/W834HjCNITV03t9593T6Z1Dxpfv4hy7YwARAQAB
+tFVSUE0gRnVzaW9uIGZyZWUgcmVwb3NpdG9yeSBmb3IgRmVkb3JhICgyMDIwKSA8
+cnBtZnVzaW9uLWJ1aWxkc3lzQGxpc3RzLnJwbWZ1c2lvbi5vcmc+iQJFBBMBCAAv
+FiEE6aSRo94keBTn4Gfq4G+OzdZR/y4FAl2tu8ECGwMECwkIBwMVCAoCHgECF4AA
+CgkQ4G+OzdZR/y4ZQhAAmF5A4XC9ymd94BFwsbbpCnx2YlfmsZwT1QzBu9njjkH7
+MC4THknYe2B/muE5dPu3NseZMzue1Ou4KbMz4wq82731prLRu+iHAxAxJ1qd8whA
+QGuRJAg8+YEXKhpwpD/8P/xJo9IRmPxPM+6mQVTlASv34CEIGff1vJr40tNiU53P
+PZq9SWD3/uG84PQRmGXetfF2K3NkXqzkvQSM68JZiYR2+wMkoO9f72B7LTBrfkwy
+RcFPA7kj65pysB+l2wez03Dh/MyA3LTusd9M6FGiSOUVpQZ+NUFipIisS3vh/Bgp
+zMsj1NSsMLjUDcX8stR8GfVgTxSgWwHTNl75XwTZpJOKMoj97kh9zzLwBhZ1W+xo
+8s2W7YqVnOUl8rPm7ZbOefGkamNg8bhqcyNIEbHqR5QZVzDBT2AxVcB6jsxSHf5b
+sb+KEJff4g6E4fWPA/IYdtJ7DItbVXnkAjqD7ADUh7Xq7pOgfC/4Cledf27x73m+
+sdBvKsEBrroAsX/v4z46mQApszkfjTUAXwj2lUT+ujoktJHXqR71jbY0+8JX6Fyw
+6ZW0emxR++bt9ksLcsNmjOQP9TmQpi2CW4Z+Ol2tlwtlnKAo6ecx4aacHKg+FYuQ
+HTJRq6E6GpCPn1avf1v797RM+3zzw9TYkadfVLIQQ4HYbYzienOgGGporclrtrQ=
+=oOVZ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/seed/applicationservice/2022.03.08/lemonldap/templates/silique_video.png b/seed/applicationservice/2022.03.08/lemonldap/templates/silique_video.png
new file mode 100644
index 0000000..f41854b
Binary files /dev/null and b/seed/applicationservice/2022.03.08/lemonldap/templates/silique_video.png differ
diff --git a/seed/applicationservice/2022.03.08/peertube/DEBUG.md b/seed/applicationservice/2022.03.08/peertube/DEBUG.md
new file mode 100644
index 0000000..bdd8809
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/peertube/DEBUG.md
@@ -0,0 +1,10 @@
+# Mettre un mot de passe à l'utilisateur root
+cd /usr/share/peertube/
+export NODE_CONFIG_DIR=/etc/peertube/
+export NODE_ENV=production
+node ./dist/scripts/reset-password.js -u root
+
+
+# Debug
+sed -i "s/level: 'info' # 'debug'/level: 'debug' # 'debug'/g" /etc/peertube/production.yaml
+systemctl restart peertube
diff --git a/seed/applicationservice/2022.03.08/peertube/FIXME b/seed/applicationservice/2022.03.08/peertube/FIXME
new file mode 100644
index 0000000..a405720
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/peertube/FIXME
@@ -0,0 +1,3 @@
+yarn(pkg) !
+
+server/tools/ ?
diff --git a/seed/applicationservice/2022.03.08/peertube/applicationservice.yml b/seed/applicationservice/2022.03.08/peertube/applicationservice.yml
new file mode 100644
index 0000000..b04cca1
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/peertube/applicationservice.yml
@@ -0,0 +1,10 @@
+format: '0.1'
+description: Peertube
+depends:
+ - base-fedora-36
+ - postgresql-client
+ - relay-mail-client
+ - reverse-proxy-client
+ - redis-client
+ - nginx-common
+ - oauth2-client
diff --git a/seed/applicationservice/2022.03.08/peertube/dictionaries/30_peertube.xml b/seed/applicationservice/2022.03.08/peertube/dictionaries/30_peertube.xml
new file mode 100644
index 0000000..2d23712
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/peertube/dictionaries/30_peertube.xml
@@ -0,0 +1,68 @@
+
+
+
+
+
+ /sysusers.d/0peertube.conf
+ /tmpfiles.d/0peertube.conf
+ /etc/peertube/production.yaml
+ /etc/pam.d/login
+ /etc/nginx/conf.d/peertube.conf
+
+
+
+
+
+
+ PeerTube, an ActivityPub-federated video streaming platform using P2P directly in your web browser.
+
+
+ Welcome to this PeerTube instance!
+
+
+
+
+ True
+
+
+ Vidéo
+
+
+ Plateforme de partage de vidéo Peertube
+
+
+ Réseaux sociaux
+
+
+ silique_video.png
+
+
+
+
+
+
+ /
+
+
+ 12G
+
+
+
+
+
+
+ revprox_client_external_domainname
+ revprox_client_location
+ plugins/auth-openid-connect/0.0.7/auth/openid-connect
+ oauth2_client_external
+
+
+ True
+ False
+ revprox_client_location
+ /socket.io
+ revprox_client_is_websocket
+
+
+
+
diff --git a/seed/applicationservice/2022.03.08/peertube/manual/image/postinstall/peertube.patch b/seed/applicationservice/2022.03.08/peertube/manual/image/postinstall/peertube.patch
new file mode 100644
index 0000000..2a8f363
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/peertube/manual/image/postinstall/peertube.patch
@@ -0,0 +1,60 @@
+--- peertube_plugins/node_modules/peertube-plugin-auth-openid-connect/main.js
++++ peertube_plugins/node_modules/peertube-plugin-auth-openid-connect/main.js
+@@ -110,6 +110,14 @@ async function register ({
+ descriptionHTML: 'Will only allow login for users whose group array contains this group'
+ })
+
++ registerSetting({
++ name: 'signature-algorithm',
++ label: 'Token signature algorithm',
++ type: 'input',
++ private: true,
++ default: 'RS256'
++ })
++
+ const router = getRouter()
+ router.use('/code-cb', (req, res) => handleCb(peertubeHelpers, settingsManager, req, res))
+
+@@ -159,7 +167,8 @@ async function loadSettingsAndCreateClient (registerExternalAuth, unregisterExte
+ 'scope',
+ 'discover-url',
+ 'client-id',
+- 'client-secret'
++ 'client-secret',
++ 'signature-algorithm'
+ ])
+
+ if (!settings['discover-url']) {
+@@ -188,6 +197,8 @@ async function loadSettingsAndCreateClient (registerExternalAuth, unregisterExte
+ } else {
+ clientOptions.token_endpoint_auth_method = 'none'
+ }
++ clientOptions.id_token_signed_response_alg = settings['signature-algorithm']
++ clientOptions.authorization_signed_response_alg = settings['signature-algorithm']
+
+ store.client = new issuer.Client(clientOptions)
+
+--- peertube/dist/server/helpers/custom-validators/activitypub/actor.js.ori 2022-04-06 13:58:17.752681849 +0000
++++ peertube/dist/server/helpers/custom-validators/activitypub/actor.js 2022-04-06 13:58:22.268682531 +0000
+@@ -43,8 +43,8 @@
+ function isActorPrivateKeyValid(privateKey) {
+ return (0, misc_1.exists)(privateKey) &&
+ typeof privateKey === 'string' &&
+- privateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----') &&
+- privateKey.includes('-----END RSA PRIVATE KEY-----') &&
++ privateKey.startsWith('-----BEGIN PRIVATE KEY-----') &&
++ privateKey.includes('-----END PRIVATE KEY-----') &&
+ validator_1.default.isLength(privateKey, constants_1.CONSTRAINTS_FIELDS.ACTORS.PRIVATE_KEY);
+ }
+ exports.isActorPrivateKeyValid = isActorPrivateKeyValid;
+--- peertube/node_modules/pem/lib/pem.js.ori 2022-04-06 13:59:36.232693763 +0000
++++ peertube/node_modules/pem/lib/pem.js 2022-04-06 13:59:48.916695687 +0000
+@@ -74,7 +74,7 @@
+
+ params.push(keyBitsize)
+
+- openssl.exec(params, 'RSA PRIVATE KEY', function (sslErr, key) {
++ openssl.exec(params, 'PRIVATE KEY', function (sslErr, key) {
+ function done (err) {
+ if (err) {
+ return callback(err)
diff --git a/seed/applicationservice/2022.03.08/peertube/manual/image/postinstall/peertube.sh b/seed/applicationservice/2022.03.08/peertube/manual/image/postinstall/peertube.sh
new file mode 100644
index 0000000..bacc2e6
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/peertube/manual/image/postinstall/peertube.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+mkdir -p "$IMAGE_NAME_RISOTTO_IMAGE_DIR/proc/self/"
+cat /proc/self/stat > "$IMAGE_NAME_RISOTTO_IMAGE_DIR/proc/self/stat"
+PLUGINS_DIR=/usr/share/peertube_plugins
+echo """#!/bin/bash
+set -ex
+mv /etc/resolv.conf /tmp
+echo "nameserver 9.9.9.9" > /etc/resolv.conf
+PLUGINS_DIR=$PLUGINS_DIR
+mkdir -p "\$PLUGINS_DIR"
+cd "\$PLUGINS_DIR"
+yarn add peertube-plugin-auth-openid-connect@0.0.7 --production
+mkdir -p "\$PLUGINS_DIR/data/peertube-plugin-auth-openid-connect"
+chown peertube: "\$PLUGINS_DIR/data"
+chown peertube: "\$PLUGINS_DIR/data/peertube-plugin-auth-openid-connect"
+
+rm -f /etc/resolv.conf
+mv /tmp/resolv.conf /etc
+""" > "$IMAGE_NAME_RISOTTO_IMAGE_DIR/install.sh"
+chmod +x "$IMAGE_NAME_RISOTTO_IMAGE_DIR/install.sh"
+chroot "$IMAGE_NAME_RISOTTO_IMAGE_DIR" /install.sh
+rm "$IMAGE_NAME_RISOTTO_IMAGE_DIR/proc/self/stat"
+rmdir "$IMAGE_NAME_RISOTTO_IMAGE_DIR/proc/self/"
+
+rm -f "$IMAGE_NAME_RISOTTO_IMAGE_DIR/install.sh"
+cd "$IMAGE_NAME_RISOTTO_IMAGE_DIR$PLUGINS_DIR/.."
+patch -p0 < $OLDPWD/peertube/postinstall/peertube.patch
+cd -
diff --git a/seed/applicationservice/2022.03.08/peertube/manual/image/preinstall/peertube.sh b/seed/applicationservice/2022.03.08/peertube/manual/image/preinstall/peertube.sh
new file mode 100644
index 0000000..453ac07
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/peertube/manual/image/preinstall/peertube.sh
@@ -0,0 +1,3 @@
+PKG="$PKG peertube yarnpkg"
+COPR="https://copr.fedorainfracloud.org/coprs/daftaupe/peertube/repo/fedora-36/daftaupe-peertube-fedora-36.repo"
+FUSION=true
diff --git a/seed/applicationservice/2022.03.08/peertube/templates/login b/seed/applicationservice/2022.03.08/peertube/templates/login
new file mode 100644
index 0000000..46378f4
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/peertube/templates/login
@@ -0,0 +1,17 @@
+# File from util-linux-*.x86_64 (not installed)
+#%PAM-1.0
+auth substack system-auth
+auth include postlogin
+account required pam_nologin.so
+account include system-auth
+password include system-auth
+# pam_selinux.so close should be the first session rule
+session required pam_selinux.so close
+session required pam_loginuid.so
+# pam_selinux.so open should only be followed by sessions to be executed in the user context
+session required pam_selinux.so open
+session required pam_namespace.so
+session optional pam_keyinit.so force revoke
+session include system-auth
+session include postlogin
+-session optional pam_ck_connector.so
diff --git a/seed/applicationservice/2022.03.08/peertube/templates/nginx.peertube.conf b/seed/applicationservice/2022.03.08/peertube/templates/nginx.peertube.conf
new file mode 100644
index 0000000..9ee5b7e
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/peertube/templates/nginx.peertube.conf
@@ -0,0 +1,271 @@
+# GNUNUX /usr/share/peertube/support/nginx/peertube
+# Minimum Nginx version required: 1.13.0 (released Apr 25, 2017)
+# Please check your Nginx installation features the following modules via 'nginx -V':
+# STANDARD HTTP MODULES: Core, Proxy, Rewrite, Access, Gzip, Headers, HTTP/2, Log, Real IP, SSL, Thread Pool, Upstream, AIO Multithreading.
+# THIRD PARTY MODULES: None.
+
+# GNUNUX server {
+# GNUNUX listen 80;
+# GNUNUX listen [::]:80;
+# GNUNUX server_name ${WEBSERVER_HOST};
+# GNUNUX
+# GNUNUX location /.well-known/acme-challenge/ {
+# GNUNUX default_type "text/plain";
+# GNUNUX root /var/www/certbot;
+# GNUNUX }
+# GNUNUX location / { return 301 https://$host$request_uri; }
+# GNUNUX }
+
+upstream %%domain_name_eth0 {
+# GNUNUX server ${PEERTUBE_HOST};
+ server localhost:9000;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name %%domain_name_eth0;
+
+# GNUNUX access_log /var/log/nginx/peertube.access.log; # reduce I/0 with buffer=10m flush=5m
+# GNUNUX error_log /var/log/nginx/peertube.error.log;
+
+ ##
+ # Certificates
+ # you need a certificate to run in production. see https://letsencrypt.org/
+ ##
+# GNUNUX ssl_certificate /etc/letsencrypt/live/${WEBSERVER_HOST}/fullchain.pem;
+# GNUNUX ssl_certificate_key /etc/letsencrypt/live/${WEBSERVER_HOST}/privkey.pem;
+#>GNUNUX
+ ssl_client_certificate %%revprox_ca_file;
+ ssl_certificate %%revprox_cert_file;
+ ssl_certificate_key %%revprox_key_file;
+#= client_max_body_size)
+
+ try_files /dev/null @api;
+ }
+
+ location ~ ^/api/v1/(videos|video-playlists|video-channels|users/me) {
+ client_max_body_size 6M; # default is 1M
+ add_header X-File-Maximum-Size 4M always; # inform backend of the set value in bytes before mime-encoding (x * 1.4 >= client_max_body_size)
+
+ try_files /dev/null @api;
+ }
+
+ ##
+ # Websocket
+ ##
+
+ location @api_websocket {
+ proxy_http_version 1.1;
+# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header Host %%revprox_client_external_domainname;
+# proxy_set_header X-Real-IP $remote_addr;
+# proxy_set_header Upgrade $http_upgrade;
+# proxy_set_header Connection "upgrade";
+
+ proxy_pass http://%%domain_name_eth0;
+ }
+
+ location /socket.io {
+ try_files /dev/null @api_websocket;
+ }
+
+ location /tracker/socket {
+ # Peers send a message to the tracker every 15 minutes
+ # Don't close the websocket before then
+ proxy_read_timeout 15m; # default is 60s
+
+ try_files /dev/null @api_websocket;
+ }
+
+ ##
+ # Performance optimizations
+ # For extra performance please refer to https://github.com/denji/nginx-tuning
+ ##
+
+# GNUNUX root /var/www/peertube/storage;
+ root /usr/share/peertube;
+
+ # Enable compression for JS/CSS/HTML, for improved client load times.
+ # It might be nice to compress JSON/XML as returned by the API, but
+ # leaving that out to protect against potential BREACH attack.
+ gzip on;
+ gzip_vary on;
+ gzip_types # text/html is always compressed by HttpGzipModule
+ text/css
+ application/javascript
+ font/truetype
+ font/opentype
+ application/vnd.ms-fontobject
+ image/svg+xml;
+ gzip_min_length 1000; # default is 20 bytes
+ gzip_buffers 16 8k;
+ gzip_comp_level 2; # default is 1
+
+ client_body_timeout 30s; # default is 60
+ client_header_timeout 10s; # default is 60
+ send_timeout 10s; # default is 60
+ keepalive_timeout 10s; # default is 75
+ resolver_timeout 10s; # default is 30
+ reset_timedout_connection on;
+ proxy_ignore_client_abort on;
+
+ tcp_nopush on; # send headers in one piece
+ tcp_nodelay on; # don't buffer data sent, good for small data bursts in real time
+
+ # If you have a small /var/lib partition, it could be interesting to store temp nginx uploads in a different place
+ # See https://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_temp_path
+ #client_body_temp_path /var/www/peertube/storage/nginx/;
+
+ # Bypass PeerTube for performance reasons. Optional.
+ # Should be consistent with client-overrides assets list in /server/controllers/client.ts
+ location ~ ^/client/(assets/images/(icons/icon-36x36\.png|icons/icon-48x48\.png|icons/icon-72x72\.png|icons/icon-96x96\.png|icons/icon-144x144\.png|icons/icon-192x192\.png|icons/icon-512x512\.png|logo\.svg|favicon\.png|default-playlist\.jpg|default-avatar-account\.png|default-avatar-video-channel\.png))$ {
+ add_header Cache-Control "public, max-age=31536000, immutable"; # Cache 1 year
+
+# GNUNUX root /var/www/peertube;
+ root /usr/share/peertube;
+
+ try_files /storage/client-overrides/$1 /peertube-latest/client/dist/$1 @api;
+ }
+
+ # Bypass PeerTube for performance reasons. Optional.
+ location ~ ^/client/(.*\.(js|css|png|svg|woff2|otf|ttf|woff|eot))$ {
+ add_header Cache-Control "public, max-age=31536000, immutable"; # Cache 1 year
+
+# GNUNUX alias /var/www/peertube/client/dist/$1;
+ alias /usr/share/peertube/client/dist/$1;
+ }
+
+ # Bypass PeerTube for performance reasons. Optional.
+ location ~ ^/static/(thumbnails|avatars)/ {
+ root /srv/peertube;
+ if ($request_method = 'OPTIONS') {
+ add_header Access-Control-Allow-Origin '*';
+ add_header Access-Control-Allow-Methods 'GET, OPTIONS';
+ add_header Access-Control-Allow-Headers 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
+ add_header Access-Control-Max-Age 1728000; # Preflight request can be cached 20 days
+ add_header Content-Type 'text/plain charset=UTF-8';
+ add_header Content-Length 0;
+ return 204;
+ }
+
+ add_header Access-Control-Allow-Origin '*';
+ add_header Access-Control-Allow-Methods 'GET, OPTIONS';
+ add_header Access-Control-Allow-Headers 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
+ add_header Cache-Control "public, max-age=7200"; # Cache response 2 hours
+
+ rewrite ^/static/(.*)$ /$1 break;
+
+ try_files $uri @api;
+ }
+
+ # Bypass PeerTube for performance reasons. Optional.
+ location ~ ^/static/(webseed|redundancy|streaming-playlists)/ {
+ root /srv/peertube;
+ limit_rate_after 5M;
+
+ # Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
+ set $peertube_limit_rate 800k;
+
+ # Increase rate limit in HLS mode, because we don't have multiple simultaneous connections
+ if ($request_uri ~ -fragmented.mp4$) {
+ set $peertube_limit_rate 5M;
+ }
+
+ # Use this line with nginx >= 1.17.0
+ #limit_rate $peertube_limit_rate;
+ # Or this line if your nginx < 1.17.0
+ set $limit_rate $peertube_limit_rate;
+
+ if ($request_method = 'OPTIONS') {
+ add_header Access-Control-Allow-Origin '*';
+ add_header Access-Control-Allow-Methods 'GET, OPTIONS';
+ add_header Access-Control-Allow-Headers 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
+ add_header Access-Control-Max-Age 1728000; # Preflight request can be cached 20 days
+ add_header Content-Type 'text/plain charset=UTF-8';
+ add_header Content-Length 0;
+ return 204;
+ }
+
+ if ($request_method = 'GET') {
+ add_header Access-Control-Allow-Origin '*';
+ add_header Access-Control-Allow-Methods 'GET, OPTIONS';
+ add_header Access-Control-Allow-Headers 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
+
+ # Don't spam access log file with byte range requests
+ access_log off;
+ }
+
+ # Enabling the sendfile directive eliminates the step of copying the data into the buffer
+ # and enables direct copying data from one file descriptor to another.
+ sendfile on;
+ sendfile_max_chunk 1M; # prevent one fast connection from entirely occupying the worker process. should be > 800k.
+ aio threads;
+
+ rewrite ^/static/webseed/(.*)$ /videos/$1 break;
+ rewrite ^/static/(.*)$ /$1 break;
+
+ try_files $uri @api;
+ }
+}
diff --git a/seed/applicationservice/2022.03.08/peertube/templates/peertube.service b/seed/applicationservice/2022.03.08/peertube/templates/peertube.service
new file mode 100644
index 0000000..4120601
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/peertube/templates/peertube.service
@@ -0,0 +1,5 @@
+[Service]
+Environment=PGPASSFILE=/usr/local/lib/secrets/postgresql.pass
+ExecStartPost=+/usr/bin/timeout 90 sh -c 'while ! /usr/bin/psql --set=sslmode=verify-full -h %%pg_client_server_domainname -U %%pg_client_username %%pg_client_database -c "SELECT * FROM plugin;"; do sleep 1; done'
+ExecStartPost=+/usr/bin/psql --set=sslmode=verify-full -h %%pg_client_server_domainname -U %%pg_client_username %%pg_client_database -c "DELETE FROM plugin;"
+ExecStartPost=+/usr/bin/psql --set=sslmode=verify-full -h %%pg_client_server_domainname -U %%pg_client_username %%pg_client_database -c "INSERT INTO plugin (name, type, version, enabled, uninstalled, \"peertubeEngine\", description, homepage, settings, \"createdAt\", \"updatedAt\") VALUES ('auth-openid-connect', '1', '0.0.7', true, false, '>=2.2.0', 'Add OpenID connect support to login form in PeerTube.', 'https://framagit.org/framasoft/peertube/official-plugins/tree/master/peertube-plugin-auth-openid-connect', '{\"scope\": \"openid email profile\", \"client-id\": \"%%oauth2_client_id\", \"discover-url\": \"https://%%oauth2_client_server_domainname/.well-known/openid-configuration\", \"client-secret\": \"%%oauth2_client_secret\", \"mail-property\": \"email\", \"auth-display-name\": \"OpenID Connect\", \"username-property\": \"nickname\", \"signature-algorithm\": \"%%oauth2_client_token_signature_algo\", \"display-name-property\": \"email\"}', '2022-04-05 18:12:34.832+02', '2022-04-05 18:12:34.832+02')"
diff --git a/seed/applicationservice/2022.03.08/peertube/templates/production.yaml b/seed/applicationservice/2022.03.08/peertube/templates/production.yaml
new file mode 100644
index 0000000..d9b1e31
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/peertube/templates/production.yaml
@@ -0,0 +1,638 @@
+%compiler-settings
+commentStartToken = §
+%end compiler-settings
+listen:
+ hostname: 'localhost'
+ port: 9000
+
+# Correspond to your reverse proxy server_name/listen configuration (i.e., your public PeerTube instance URL)
+webserver:
+ https: true
+ hostname: '%%revprox_client_external_domainname'
+ port: 443
+
+rates_limit:
+ api:
+ # 50 attempts in 10 seconds
+ window: 10 seconds
+ max: 50
+ login:
+ # 15 attempts in 5 min
+ window: 5 minutes
+ max: 15
+ signup:
+ # 2 attempts in 5 min (only succeeded attempts are taken into account)
+ window: 5 minutes
+ max: 2
+ ask_send_email:
+ # 3 attempts in 5 min
+ window: 5 minutes
+ max: 3
+
+# Proxies to trust to get real client IP
+# If you run PeerTube just behind a local proxy (nginx), keep 'loopback'
+# If you run PeerTube behind a remote proxy, add the proxy IP address (or subnet)
+trust_proxy:
+ - 'loopback'
+
+# Your database name will be database.name OR 'peertube'+database.suffix
+database:
+ hostname: '%%pg_client_server_domainname'
+ port: 5432
+ ssl: true
+ suffix: '_prod'
+ name: '%%pg_client_database'
+ username: '%%pg_client_username'
+ password: '%%pg_client_password'
+ pool:
+ max: 5
+
+# Redis server for short time storage
+# You can also specify a 'socket' path to a unix socket but first need to
+# comment out hostname and port
+redis:
+ hostname: '%%redis_client_server_domainname'
+ port: 6379
+ auth: '%%redis_client_password'
+ db: 0
+
+# SMTP server to send emails
+smtp:
+ # smtp or sendmail
+ transport: smtp
+ # Path to sendmail command. Required if you use sendmail transport
+ sendmail: null
+ hostname: '%%smtp_relay_address'
+ port: 25 # If you use StartTLS: 587
+ username: '%%smtp_relay_user'
+ password: '%%smtp_relay_password'
+ tls: false # If you use StartTLS: false
+ disable_starttls: false
+ ca_file: '/etc/pki/ca-trust/source/anchors/ca_MailRelay.crt' # Used for self signed certificates
+ from_address: '%%peertube_admin_email'
+
+email:
+ body:
+ signature: 'PeerTube'
+ subject:
+ prefix: '[PeerTube]'
+
+# Update default PeerTube values
+# Set by API when the field is not provided and put as default value in client
+defaults:
+ # Change default values when publishing a video (upload/import/go Live)
+ publish:
+ download_enabled: true
+
+ comments_enabled: true
+
+ # public = 1, unlisted = 2, private = 3, internal = 4
+ privacy: 1
+
+ # CC-BY = 1, CC-SA = 2, CC-ND = 3, CC-NC = 4, CC-NC-SA = 5, CC-NC-ND = 6, Public Domain = 7
+ # You can also choose a custom licence value added by a plugin
+ # No licence by default
+ licence: null
+
+ p2p:
+ # Enable P2P by default
+ # Can be enabled/disabled by anonymous users and logged in users
+ webapp:
+ enabled: true
+
+ embed:
+ enabled: true
+
+# From the project root directory
+storage:
+ tmp: '/srv/peertube/tmp/' # Use to download data (imports etc), store uploaded files before and during processing...
+ bin: '/srv/peertube/bin/'
+ avatars: '/srv/peertube/avatars/'
+ videos: '/srv/peertube/videos/'
+ streaming_playlists: '/srv/peertube/streaming-playlists/'
+ redundancy: '/srv/peertube/redundancy/'
+ logs: '/srv/peertube/logs/'
+ previews: '/srv/peertube/previews/'
+ thumbnails: '/srv/peertube/thumbnails/'
+ torrents: '/srv/peertube/torrents/'
+ captions: '/srv/peertube/captions/'
+ cache: '/srv/peertube/cache/'
+ plugins: '/usr/share/peertube_plugins/'
+ # Overridable client files in client/dist/assets/images:
+ # - logo.svg
+ # - favicon.png
+ # - default-playlist.jpg
+ # - default-avatar-account.png
+ # - default-avatar-video-channel.png
+ # - and icons/*.png (PWA)
+ # Could contain for example assets/images/favicon.png
+ # If the file exists, peertube will serve it
+ # If not, peertube will fallback to the default file
+ client_overrides: '/srv/peertube/client-overrides/'
+
+object_storage:
+ enabled: false
+
+ # Without protocol, will default to HTTPS
+ endpoint: '' # 's3.amazonaws.com' or 's3.fr-par.scw.cloud' for example
+
+ region: 'us-east-1'
+
+ credentials:
+ # You can also use AWS_ACCESS_KEY_ID env variable
+ access_key_id: ''
+ # You can also use AWS_SECRET_ACCESS_KEY env variable
+ secret_access_key: ''
+
+ # Maximum amount to upload in one request to object storage
+ max_upload_part: 2GB
+
+ streaming_playlists:
+ bucket_name: 'streaming-playlists'
+
+ # Allows setting all buckets to the same value but with a different prefix
+ prefix: '' # Example: 'streaming-playlists:'
+
+ # Base url for object URL generation, scheme and host will be replaced by this URL
+ # Useful when you want to use a CDN/external proxy
+ base_url: '' # Example: 'https://mirror.example.com'
+
+ # Same settings but for webtorrent videos
+ videos:
+ bucket_name: 'videos'
+ prefix: ''
+ base_url: ''
+
+log:
+ level: 'info' # 'debug' | 'info' | 'warn' | 'error'
+ rotation:
+ enabled : false # Enabled by default, if disabled make sure that 'storage.logs' is pointing to a folder handled by logrotate
+ max_file_size: 12MB
+ max_files: 20
+ anonymize_ip: false
+ log_ping_requests: true
+ prettify_sql: false
+
+trending:
+ videos:
+ interval_days: 7 # Compute trending videos for the last x days
+ algorithms:
+ enabled:
+ - 'best' # adaptation of Reddit's 'Best' algorithm (Hot minus History)
+ - 'hot' # adaptation of Reddit's 'Hot' algorithm
+ - 'most-viewed' # default, used initially by PeerTube as the trending page
+ - 'most-liked'
+ default: 'most-viewed'
+
+# Cache remote videos on your server, to help other instances to broadcast the video
+# You can define multiple caches using different sizes/strategies
+# Once you have defined your strategies, choose which instances you want to cache in admin -> manage follows -> following
+redundancy:
+ videos:
+ check_interval: '1 hour' # How often you want to check new videos to cache
+ strategies: # Just uncomment strategies you want
+# -
+# size: '10GB'
+# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
+# min_lifetime: '48 hours'
+# strategy: 'most-views' # Cache videos that have the most views
+# -
+# size: '10GB'
+# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
+# min_lifetime: '48 hours'
+# strategy: 'trending' # Cache trending videos
+# -
+# size: '10GB'
+# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
+# min_lifetime: '48 hours'
+# strategy: 'recently-added' # Cache recently added videos
+# min_views: 10 # Having at least x views
+
+# Other instances that duplicate your content
+remote_redundancy:
+ videos:
+ # 'nobody': Do not accept remote redundancies
+ # 'anybody': Accept remote redundancies from anybody
+ # 'followings': Accept redundancies from instance followings
+ accept_from: 'anybody'
+
+csp:
+ enabled: false
+ report_only: true # CSP directives are still being tested, so disable the report only mode at your own risk!
+ report_uri:
+
+security:
+ # Set the X-Frame-Options header to help to mitigate clickjacking attacks
+ frameguard:
+ enabled: true
+
+tracker:
+ # If you disable the tracker, you disable the P2P aspect of PeerTube
+ enabled: true
+ # Only handle requests on your videos
+ # If you set this to false it means you have a public tracker
+ # Then, it is possible that clients overload your instance with external torrents
+ private: true
+ # Reject peers that do a lot of announces (could improve privacy of TCP/UDP peers)
+ reject_too_many_announces: false
+
+history:
+ videos:
+ # If you want to limit users videos history
+ # -1 means there is no limitations
+ # Other values could be '6 months' or '30 days' etc (PeerTube will periodically delete old entries from database)
+ max_age: -1
+
+views:
+ videos:
+ # PeerTube creates a database entry every hour for each video to track views over a period of time
+ # This is used in particular by the Trending page
+ # PeerTube could remove old remote video views if you want to reduce your database size (video view counter will not be altered)
+ # -1 means no cleanup
+ # Other values could be '6 months' or '30 days' etc (PeerTube will periodically delete old entries from database)
+ remote:
+ max_age: '30 days'
+
+ # PeerTube buffers local video views before updating and federating the video
+ local_buffer_update_interval: '30 minutes'
+
+ ip_view_expiration: '1 hour'
+
+plugins:
+ # The website PeerTube will ask for available PeerTube plugins and themes
+ # This is an unmoderated plugin index, so only install plugins/themes you trust
+ index:
+ enabled: false
+ check_latest_versions_interval: '12 hours' # How often you want to check new plugins/themes versions
+ url: 'https://packages.joinpeertube.org'
+
+federation:
+ videos:
+ federate_unlisted: false
+
+ # Add a weekly job that cleans up remote AP interactions on local videos (shares, rates and comments)
+ # It removes objects that do not exist anymore, and potentially fix their URLs
+ cleanup_remote_interactions: true
+
+peertube:
+ check_latest_version:
+ # Check and notify admins of new PeerTube versions
+ enabled: false
+ # You can use a custom URL if your want, that respect the format behind https://joinpeertube.org/api/v1/versions.json
+ url: 'https://joinpeertube.org/api/v1/versions.json'
+
+webadmin:
+ configuration:
+ edition:
+ # Set this to false if you don't want to allow config edition in the web interface by instance admins
+ allowed: false
+
+###############################################################################
+#
+# From this point, all the following keys can be overridden by the web interface
+# (local-production.json file). If you need to change some values, prefer to
+# use the web interface because the configuration will be automatically
+# reloaded without any need to restart PeerTube
+#
+# /!\ If you already have a local-production.json file, the modification of the
+# following keys will have no effect /!\
+#
+###############################################################################
+
+cache:
+ previews:
+ size: 500 # Max number of previews you want to cache
+ captions:
+ size: 500 # Max number of video captions/subtitles you want to cache
+ torrents:
+ size: 500 # Max number of video torrents you want to cache
+
+admin:
+ # Used to generate the root user at first startup
+ # And to receive emails from the contact form
+ email: '%%peertube_admin_email'
+
+contact_form:
+ enabled: true
+
+signup:
+ enabled: false
+ limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited
+ minimum_age: 16 # Used to configure the signup form
+ requires_email_verification: false
+ filters:
+ cidr: # You can specify CIDR ranges to whitelist (empty = no filtering) or blacklist
+ whitelist: []
+ blacklist: []
+
+user:
+ # Default value of maximum video bytes the user can upload (does not take into account transcoded files)
+ # Byte format is supported ("1GB" etc)
+ # -1 == unlimited
+ video_quota: -1
+ video_quota_daily: -1
+
+video_channels:
+ max_per_user: 20 # Allows each user to create up to 20 video channels.
+
+# If enabled, the video will be transcoded to mp4 (x264) with `faststart` flag
+# In addition, if some resolutions are enabled the mp4 video file will be transcoded to these new resolutions
+# Please, do not disable transcoding since many uploaded videos will not work
+transcoding:
+ enabled: true
+
+ # Allow your users to upload .mkv, .mov, .avi, .wmv, .flv, .f4v, .3g2, .3gp, .mts, m2ts, .mxf, .nut videos
+ allow_additional_extensions: true
+
+ # If a user uploads an audio file, PeerTube will create a video by merging the preview file and the audio file
+ allow_audio_files: true
+
+ # Amount of threads used by ffmpeg for 1 transcoding job
+ threads: 1
+ # Amount of transcoding jobs to execute in parallel
+ concurrency: 1
+
+ # Choose the transcoding profile
+ # New profiles can be added by plugins
+ # Available in core PeerTube: 'default'
+ profile: 'default'
+
+ resolutions: # Only created if the original video has a higher resolution, uses more storage!
+ 0p: false # audio-only (creates mp4 without video stream, always created when enabled)
+ 144p: false
+ 240p: false
+ 360p: false
+ 480p: false
+ 720p: false
+ 1080p: false
+ 1440p: false
+ 2160p: false
+
+ # Generate videos in a WebTorrent format (what we do since the first PeerTube release)
+ # If you also enabled the hls format, it will multiply videos storage by 2
+ # If disabled, breaks federation with PeerTube instances < 2.1
+ webtorrent:
+ enabled: false
+
+ # /!\ Requires ffmpeg >= 4.1
+ # Generate HLS playlists and fragmented MP4 files. Better playback than with WebTorrent:
+ # * Resolution change is smoother
+ # * Faster playback in particular with long videos
+ # * More stable playback (less bugs/infinite loading)
+ # If you also enabled the webtorrent format, it will multiply videos storage by 2
+ hls:
+ enabled: true
+
+live:
+ enabled: false
+
+ # Limit lives duration
+ # -1 == unlimited
+ max_duration: -1 # For example: '5 hours'
+
+ # Limit max number of live videos created on your instance
+ # -1 == unlimited
+ max_instance_lives: 20
+
+ # Limit max number of live videos created by a user on your instance
+ # -1 == unlimited
+ max_user_lives: 3
+
+ # Allow your users to save a replay of their live
+ # PeerTube will transcode segments in a video file
+ # If the user daily/total quota is reached, PeerTube will stop the live
+ # /!\ transcoding.enabled (and not live.transcoding.enabled) has to be true to create a replay
+ allow_replay: true
+
+ # Your firewall should accept traffic from this port in TCP if you enable live
+ rtmp:
+ enabled: true
+ port: 1935
+
+ rtmps:
+ enabled: false
+ port: 1936
+ # Absolute path
+ key_file: ''
+ # Absolute path
+ cert_file: ''
+
+ # Allow to transcode the live streaming in multiple live resolutions
+ transcoding:
+ enabled: true
+ threads: 2
+
+ # Choose the transcoding profile
+ # New profiles can be added by plugins
+ # Available in core PeerTube: 'default'
+ profile: 'default'
+
+ resolutions:
+ 144p: false
+ 240p: false
+ 360p: false
+ 480p: false
+ 720p: false
+ 1080p: false
+ 1440p: false
+ 2160p: false
+
+import:
+ # Add ability for your users to import remote videos (from YouTube, torrent...)
+ videos:
+ # Amount of import jobs to execute in parallel
+ concurrency: 1
+
+ # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html
+ http:
+ # We recommend to use a HTTP proxy if you enable HTTP import to prevent private URL access from this server
+ # See https://docs.joinpeertube.org/maintain-configuration?id=security for more information
+ enabled: true
+
+ youtube_dl_release:
+ # Direct download URL to youtube-dl binary
+ # Github releases API is also supported
+ # Examples:
+ # * https://api.github.com/repos/ytdl-org/youtube-dl/releases
+ # * https://api.github.com/repos/yt-dlp/yt-dlp/releases
+ url: 'https://yt-dl.org/downloads/latest/youtube-dl'
+
+ # youtube-dl binary name
+ # yt-dlp is also supported
+ name: 'youtube-dl'
+
+ # Path to the python binary to execute for youtube-dl or yt-dlp
+ python_path: '/usr/bin/python3'
+
+ # IPv6 is very strongly rate-limited on most sites supported by youtube-dl
+ force_ipv4: false
+
+ # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)
+ torrent:
+ # We recommend to only enable magnet URI/torrent import if you trust your users
+ # See https://docs.joinpeertube.org/maintain-configuration?id=security for more information
+ enabled: false
+
+auto_blacklist:
+ # New videos automatically blacklisted so moderators can review before publishing
+ videos:
+ of_users:
+ enabled: false
+
+# Instance settings
+instance:
+ name: 'PeerTube'
+ short_description: '%%peertube_short_description'
+ description: '%%peertube_description' # Support markdown
+ terms: 'No terms for now.' # Support markdown
+ code_of_conduct: '' # Supports markdown
+
+ # Who moderates the instance? What is the policy regarding NSFW videos? Political videos? etc
+ moderation_information: '' # Supports markdown
+
+ # Why did you create this instance?
+ creation_reason: '' # Supports Markdown
+
+ # Who is behind the instance? A single person? A non profit?
+ administrator: '' # Supports Markdown
+
+ # How long do you plan to maintain this instance?
+ maintenance_lifetime: '' # Supports Markdown
+
+ # How will you pay the PeerTube instance server? With your own funds? With users donations? Advertising?
+ business_model: '' # Supports Markdown
+
+ # If you want to explain on what type of hardware your PeerTube instance runs
+ # Example: '2 vCore, 2GB RAM...'
+ hardware_information: '' # Supports Markdown
+
+ # What are the main languages of your instance? To interact with your users for example
+ # Uncomment or add the languages you want
+ # List of supported languages: https://peertube.cpy.re/api/v1/videos/languages
+ languages:
+# - en
+# - es
+ - fr
+
+ # You can specify the main categories of your instance (dedicated to music, gaming or politics etc)
+ # Uncomment or add the category ids you want
+ # List of supported categories: https://peertube.cpy.re/api/v1/videos/categories
+ categories:
+# - 1 # Music
+# - 2 # Films
+# - 3 # Vehicles
+# - 4 # Art
+# - 5 # Sports
+# - 6 # Travels
+# - 7 # Gaming
+# - 8 # People
+# - 9 # Comedy
+# - 10 # Entertainment
+# - 11 # News & Politics
+# - 12 # How To
+# - 13 # Education
+# - 14 # Activism
+# - 15 # Science & Technology
+# - 16 # Animals
+# - 17 # Kids
+# - 18 # Food
+
+ default_client_route: '/videos/trending'
+
+ # Whether or not the instance is dedicated to NSFW content
+ # Enabling it will allow other administrators to know that you are mainly federating sensitive content
+ # Moreover, the NSFW checkbox on video upload will be automatically checked by default
+ is_nsfw: false
+ # By default, `do_not_list` or `blur` or `display` NSFW videos
+ # Could be overridden per user with a setting
+ default_nsfw_policy: 'do_not_list'
+
+ customizations:
+ javascript: '' # Directly your JavaScript code (without
+
+
+