Update production.yaml

2022-10-28 09:59:39 +02:00 · 2022-10-28 09:59:39 +02:00 · 1ebe2c2b9f
parent 5a122dddc5
commit 1ebe2c2b9f
3 changed files with 15 additions and 3 deletions
--- a/config/production.yaml.example
+++ b/config/production.yaml.example
@ -138,6 +138,10 @@ storage:
  # If not, peertube will fallback to the default file
  client_overrides: '/var/www/peertube/storage/client-overrides/'

+static_files:
+  # Require and check user authentication when accessing private files (internal/private video files)
+  private_files_require_auth: true
+
 object_storage:
  enabled: false

@ -149,9 +153,17 @@ object_storage:
  upload_acl:
    # Set this ACL on each uploaded object of public/unlisted videos
    public: 'public-read'
-      # Set this ACL on each uploaded object of private/internal videos
+    # Set this ACL on each uploaded object of private/internal videos
+    # PeerTube can proxify requests to private objects so your users can access them
    private: 'private'

+  proxy:
+    # If private files (private/internal video files) have a private ACL, users can't access directly the ressource
+    # PeerTube can proxify requests between your object storage service and your users
+    # If you disable PeerTube proxy, ensure you use your own proxy that is able to access the private files
+    # Or you can also set a public ACL for private files in object storage if you don't want to use a proxy
+    proxify_private_files: true
+
  credentials:
    # You can also use AWS_ACCESS_KEY_ID env variable
    access_key_id: ''
--- a/server/tests/api/object-storage/video-static-file-privacy.ts
+++ b/server/tests/api/object-storage/video-static-file-privacy.ts
@ -385,7 +385,7 @@ describe('Object storage for video static file privacy', function () {
  })

  after(async function () {
-    this.timeout(60000)
+    this.timeout(240000)

    const { data } = await server.videos.listAllForAdmin()

--- a/server/tests/api/users/users.ts
+++ b/server/tests/api/users/users.ts
@ -181,7 +181,7 @@ describe('Test users', function () {
    })

    it('Should refresh the token', async function () {
-      this.timeout(15000)
+      this.timeout(50000)

      const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
      await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)