From a5875376b85eaec84065c486135c627dd7cd1ea8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicolas=20=E2=80=9CNiols=E2=80=9D=20Jeannerod?=
 <nicolas.jeannerod@moduscreate.com>
Date: Tue, 17 Dec 2024 17:14:27 +0100
Subject: [PATCH] Fix Peertube service

---
 services/fediversity/peertube.nix | 12 +++++++++++-
 services/vm/peertube-vm.nix       | 18 +++++++++++++++---
 2 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/services/fediversity/peertube.nix b/services/fediversity/peertube.nix
index 1d1ea08..bb2b618 100644
--- a/services/fediversity/peertube.nix
+++ b/services/fediversity/peertube.nix
@@ -11,6 +11,10 @@ lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) {
   networking.firewall.allowedTCPPorts = [
     80
     443
+
+    ## For Live streaming and Live streaming when RTMPS is enabled.
+    1935
+    1936
   ];
 
   services.garage = {
@@ -70,6 +74,8 @@ lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) {
         enabled = true;
         endpoint = config.fediversity.internal.garage.api.url;
         region = "garage";
+        upload_acl.public = null; # Garage does not support ACL
+        upload_acl.private = null; # Garage does not support ACL
 
         # not supported by garage
         # SEE: https://garagehq.deuxfleurs.fr/documentation/connect/apps/#peertube
@@ -101,7 +107,11 @@ lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) {
 
   ## Proxying through Nginx
 
-  services.peertube.configureNginx = true;
+  services.peertube = {
+    configureNginx = true;
+    listenWeb = 443;
+    enableWebHttps = true;
+  };
   services.nginx.virtualHosts.${config.services.peertube.localDomain} = {
     forceSSL = true;
     enableACME = true;
diff --git a/services/vm/peertube-vm.nix b/services/vm/peertube-vm.nix
index 9ba7c00..0e2c992 100644
--- a/services/vm/peertube-vm.nix
+++ b/services/vm/peertube-vm.nix
@@ -1,11 +1,23 @@
-{ modulesPath, ... }:
+{
+  modulesPath,
+  pkgs,
+  ...
+}:
 
 {
-
   imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ];
 
+  fediversity = {
+    enable = true;
+    domain = "localhost";
+    peertube.enable = true;
+
+    temp.peertubeSecretsFile = pkgs.writeText "secret" ''
+      574e093907d1157ac0f8e760a6deb1035402003af5763135bae9cbd6abe32b24
+    '';
+  };
+
   services.peertube = {
-    enableWebHttps = false;
     settings = {
       listen.hostname = "0.0.0.0";
       instance.name = "PeerTube Test VM";