diff --git a/config/production.yaml.example b/config/production.yaml.example index 167d23af8..c136a73ad 100644 --- a/config/production.yaml.example +++ b/config/production.yaml.example @@ -138,6 +138,10 @@ storage: # If not, peertube will fallback to the default file client_overrides: '/var/www/peertube/storage/client-overrides/' +static_files: + # Require and check user authentication when accessing private files (internal/private video files) + private_files_require_auth: true + object_storage: enabled: false @@ -149,9 +153,17 @@ object_storage: upload_acl: # Set this ACL on each uploaded object of public/unlisted videos public: 'public-read' - # Set this ACL on each uploaded object of private/internal videos + # Set this ACL on each uploaded object of private/internal videos + # PeerTube can proxify requests to private objects so your users can access them private: 'private' + proxy: + # If private files (private/internal video files) have a private ACL, users can't access directly the ressource + # PeerTube can proxify requests between your object storage service and your users + # If you disable PeerTube proxy, ensure you use your own proxy that is able to access the private files + # Or you can also set a public ACL for private files in object storage if you don't want to use a proxy + proxify_private_files: true + credentials: # You can also use AWS_ACCESS_KEY_ID env variable access_key_id: '' diff --git a/server/tests/api/object-storage/video-static-file-privacy.ts b/server/tests/api/object-storage/video-static-file-privacy.ts index ed8855b3b..ea5bdd0a8 100644 --- a/server/tests/api/object-storage/video-static-file-privacy.ts +++ b/server/tests/api/object-storage/video-static-file-privacy.ts @@ -385,7 +385,7 @@ describe('Object storage for video static file privacy', function () { }) after(async function () { - this.timeout(60000) + this.timeout(240000) const { data } = await server.videos.listAllForAdmin() diff --git a/server/tests/api/users/users.ts b/server/tests/api/users/users.ts index 9e657b387..3952a7aed 100644 --- a/server/tests/api/users/users.ts +++ b/server/tests/api/users/users.ts @@ -181,7 +181,7 @@ describe('Test users', function () { }) it('Should refresh the token', async function () { - this.timeout(15000) + this.timeout(50000) const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString() await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)