aboutsummaryrefslogtreecommitdiff
path: root/doc/book/connect/apps/index.md
diff options
context:
space:
mode:
authorAlex <alex@adnab.me>2023-01-02 12:49:14 +0000
committerAlex <alex@adnab.me>2023-01-02 12:49:14 +0000
commit1649002e2b8f0ec59715236ca5a67859162c787f (patch)
tree3dd59f4f6a4915d357dcea6c6f8b06776b9b8b66 /doc/book/connect/apps/index.md
parent822e344845436c13437c30362e2ffd8fb29077d8 (diff)
parentfd10200bec692041dd82bafc80e8a916143de670 (diff)
downloadgarage-1649002e2b8f0ec59715236ca5a67859162c787f.tar.gz
garage-1649002e2b8f0ec59715236ca5a67859162c787f.zip
Merge pull request 'Add a note about Peertube 5.0 private videos' (#456) from kaiyou/garage:docs-apps into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/456
Diffstat (limited to 'doc/book/connect/apps/index.md')
-rw-r--r--doc/book/connect/apps/index.md11
1 files changed, 10 insertions, 1 deletions
diff --git a/doc/book/connect/apps/index.md b/doc/book/connect/apps/index.md
index 05e7cad9..737351a0 100644
--- a/doc/book/connect/apps/index.md
+++ b/doc/book/connect/apps/index.md
@@ -8,7 +8,7 @@ In this section, we cover the following web applications:
| Name | Status | Note |
|------|--------|------|
| [Nextcloud](#nextcloud) | ✅ | Both Primary Storage and External Storage are supported |
-| [Peertube](#peertube) | ✅ | Must be configured with the website endpoint |
+| [Peertube](#peertube) | ✅ | Supported with the website endpoint, proxifying private videos unsupported |
| [Mastodon](#mastodon) | ✅ | Natively supported |
| [Matrix](#matrix) | ✅ | Tested with `synapse-s3-storage-provider` |
| [Pixelfed](#pixelfed) | ❓ | Not yet tested |
@@ -128,6 +128,10 @@ In other words, Peertube is only responsible of the "control plane" and offload
In return, this system is a bit harder to configure.
We show how it is still possible to configure Garage with Peertube, allowing you to spread the load and the bandwidth usage on the Garage cluster.
+Starting from version 5.0, Peertube also supports improving the security for private videos by not exposing them directly
+but relying on a single control point in the Peertube instance. This is based on S3 per-object and prefix ACL, which are not currently supported
+in Garage, so this feature is unsupported. While this technically impedes security for private videos, it is not a blocking issue and could be
+a reasonable trade-off for some instances.
### Create resources in Garage
@@ -195,6 +199,11 @@ object_storage:
max_upload_part: 2GB
+ proxy:
+ # You may enable this feature, yet it will not provide any security benefit, so
+ # you should rather benefit from Garage public endpoint for all videos
+ proxify_private_files: false
+
streaming_playlists:
bucket_name: 'peertube-playlist'