Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation

2025-08-29 23:08:06 +02:00 · 2025-07-08 23:43:13 +02:00
parent 6b87a049d4
commit 563d5fd528
1242 changed files with 2301 additions and 1355 deletions
--- a/roles/web-app-peertube/templates/docker-compose.yml.j2
+++ b/roles/web-app-peertube/templates/docker-compose.yml.j2
@@ -0,0 +1,24 @@
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
+
+  application:
+{% set container_port = 9000 %}
+    image: chocobozzz/peertube:production-{{ applications[application_id].version }}
+    container_name: {{ container_name }}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
+    ports:
+     - "1935:1935"  # @todo Add to ports
+     - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" 
+    volumes:
+      - assets:/app/client/dist
+      - data:/data
+      - config:/config
+{% include 'roles/docker-container/templates/depends_on/dmbs_excl.yml.j2' %}
+{% include 'roles/docker-container/templates/networks.yml.j2' %}
+{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
+{% include 'roles/docker-compose/templates/volumes.yml.j2' %}
+  assets:
+  data:
+  redis:
+  config:
+
+{% include 'roles/docker-compose/templates/networks.yml.j2' %}
--- a/roles/web-app-peertube/templates/env.j2
+++ b/roles/web-app-peertube/templates/env.j2
@@ -0,0 +1,24 @@
+# Database / Postgres service configuration
+POSTGRES_USER={{database_username}}
+POSTGRES_PASSWORD={{database_password}}
+POSTGRES_DB={{database_name}}
+PEERTUBE_DB_USERNAME={{database_username}}
+PEERTUBE_DB_PASSWORD={{database_password}}
+PEERTUBE_DB_SSL=false
+PEERTUBE_DB_HOSTNAME={{database_host}}
+
+# PeerTube server configuration
+PEERTUBE_WEBSERVER_HOSTNAME={{domains | get_domain(application_id)}}
+PEERTUBE_TRUST_PROXY=["127.0.0.1", "loopback"]
+
+PEERTUBE_SECRET={{applications[application_id].credentials.secret}}
+
+# E-mail configuration
+PEERTUBE_SMTP_USERNAME={{ users['no-reply'].email }}
+PEERTUBE_SMTP_PASSWORD={{ users['no-reply'].mailu_token }}
+PEERTUBE_SMTP_HOSTNAME={{system_email.host}}
+PEERTUBE_SMTP_PORT={{system_email.port}}
+PEERTUBE_SMTP_FROM={{ users['no-reply'].email }}
+PEERTUBE_SMTP_TLS={{ system_email.tls | lower }}
+PEERTUBE_SMTP_DISABLE_STARTTLS={{ 'false' if system_email.start_tls else 'true' }}
+PEERTUBE_ADMIN_EMAIL={{ users['no-reply'].email }}
--- a/roles/web-app-peertube/templates/peertube.conf.j2
+++ b/roles/web-app-peertube/templates/peertube.conf.j2
@@ -0,0 +1,82 @@
+server {
+  server_name {{domain}};
+
+  {% include 'roles/letsencrypt/templates/ssl_header.j2' %}
+
+  {% include 'roles/webserver-injector-core/templates/global.includes.conf.j2'%}
+  
+  {% include 'roles/webserver-proxy-core/templates/headers/content_security_policy.conf.j2' %}
+  
+  ##
+  # Application
+  ##
+
+  location @api {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host            $host;
+    proxy_set_header X-Real-IP       $remote_addr;
+
+    client_max_body_size  100k; # default is 1M
+
+    proxy_connect_timeout 10m;
+    proxy_send_timeout    10m;
+    proxy_read_timeout    10m;
+    send_timeout          10m;
+
+    #adapt
+    proxy_pass http://127.0.0.1:{{ports.localhost.http[application_id]}};
+  }
+
+  location / {
+    try_files /dev/null @api;
+  }
+
+  location = /api/v1/videos/upload-resumable {
+    client_max_body_size    0;
+    proxy_request_buffering off;
+
+    try_files /dev/null @api;
+  }
+
+  location ~ ^/api/v1/videos/(upload|([^/]+/studio/edit))$ {
+    limit_except POST HEAD { deny all; }
+    client_max_body_size  12G; # default is 1M
+    add_header            X-File-Maximum-Size 8G always; # inform backend of the set value in bytes before mime-encoding (x * 1.4 >= client_max_body_size)
+
+    try_files /dev/null @api;
+  }
+
+  location ~ ^/api/v1/(videos|video-playlists|video-channels|users/me) {
+    client_max_body_size                      6M; # default is 1M
+    add_header            X-File-Maximum-Size 4M always; # inform backend of the set value in bytes before mime-encoding (x * 1.4 >= client_max_body_size)
+
+    try_files /dev/null @api;
+  }
+
+  ##
+  # Websocket
+  ##
+
+  location @api_websocket {
+    proxy_http_version 1.1;
+    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header   Host            $host;
+    proxy_set_header   X-Real-IP       $remote_addr;
+    proxy_set_header   Upgrade         $http_upgrade;
+    proxy_set_header   Connection      "upgrade";
+
+    proxy_pass http://127.0.0.1:{{ports.localhost.http[application_id]}};
+  }
+
+  location /socket.io {
+    try_files /dev/null @api_websocket;
+  }
+
+  location /tracker/socket {
+    # Peers send a message to the tracker every 15 minutes
+    # Don't close the websocket before then
+    proxy_read_timeout 15m; # default is 60s
+
+    try_files /dev/null @api_websocket;
+  }
+}