* Add /users/me/videos/ratings endpoint
* Move ratings endpoint from users to accounts
* /accounts/:name/ratings: add support for rating= and sort=
* Restrict ratings list to owner
* Wording and better way to ensure current account
* add Content Security Policy
* remove reflect-metadata on production builds to get rid of unsafe-eval
* fix baseCSP usage
* add SRI to CSP
* add blob: to media-src
* remove SRI
* CSP set to reportOnly
* adding data: to connect-src CSP
* remove block-all-mixed-content
* add report-uri support
* Remove hard-coded 8GB upload limit in client
Ideally we'd know what the specific server's configured upload limit
is before starting, but this 8GB limit is not useful if an administrator
has changed the nginx post limit on the server.
* Better docs for admins about client_max_body_size
Seems like some admins already tweak this value up or down to allow
for different maximum video upload sizes. The current codebase has no
other server-side limits that I'm aware of, and I've been routinely
uploading quite large videos to my instance.
This patch replaces the somewhat incorrect (or outdated?) 'hard limit'
comment with some advice about allocating enough space for nginx and
communicating the limit with your users.
Of course it would be better if this configuration could be unified with
PeerTube's config somehow. I'm not sure whether the best option there is
to turn off nginx's buffering here and let PeerTube handle the entire upload
(can we do this only for the video upload API endpoint?) or whether we want
PeerTube to generate nginx configs in a more automated way layer. In any case,
this patch is intended as an incremental improvement.
* Improve dev Dockerfile
Use Docker best-practices for the development Dockerfile. Save 3Mo.
* Update support/docker/dev/Dockerfile
Co-Authored-By: pichouk <kyane@kyane.fr>
* Set bitrate limits for transcoding (fixes#638)
* added optimization script and test, changed stuff
* fix test, improve docs
* re-add optimize-old-videos script
* added documentation
* Don't optimize videos without valid UUID, or redundancy videos
* move getUUIDFromFilename
* fix tests?
* update torrent and file size, some more fixes/improvements
* use higher bitrate for high fps video, adjust bitrates
* add test video
* don't throw error if resolution is undefined
* generate test fixture on the fly
* use random noise video for bitrate test, add promise
* shorten test video to avoid timeout
* use existing function to optimize video
* various fixes
* increase test timeout
* limit test fixture size, add link
* test fixes
* add await
* more test fixes, add -b:v parameter
* replace ffmpeg wiki link
* fix ffmpeg params
* fix unit test
* add test fixture to .gitgnore
* add video transcoding fps model
* add missing file
This goes against the recommendations (preloading should be opt-in). Putting it in the example makes it likely that people enable it without knowing what it means.
https://hstspreload.org/?domain=peertube.social#opt-in
* Suggest TCP/IP CoDel and BBR congestion control in production guide
This seems to be helping lots on my server, where the default
(Debian 9) was to use FIFO queueing which would cause buffer bloat
and huge latency for clients on slower network links.
Without gzip explicitly enabled, load times suffer from transferring
over a megabyte of plaintext javascript. With gzip enabled, the bundle
is down to about 300K, and loads much faster.
This change does not enable gzip on files that are already compressed,
so images, fonts, and videos will be sent without the CPU overhead.