{ config, ... }: let host = "videos.dgnum.eu"; in { services.peertube = { enable = true; settings = { object_storage = { enabled = true; endpoint = "s3.dgnum.eu"; region = "garage"; videos = { bucket_name = "peertube-videos-dgnum"; prefix = "web-videos"; }; streaming_playlists = { bucket_name = "peertube-videos-dgnum"; prefix = "streaming-playlists"; }; }; smtp = { transport = "smtp"; hostname = "kurisu.lahfa.xyz"; port = 465; username = "web-services@infra.dgnum.eu"; tls = true; disable_starttls = true; from_address = "videos@infra.dgnum.eu"; }; email.subject.prefix = "[videos.dgnum]"; webadmin.configuration.edition.allowed = false; user.video_quota = "10GB"; }; localDomain = host; configureNginx = true; listenWeb = 443; enableWebHttps = true; redis.createLocally = true; database.createLocally = true; smtp.passwordFile = config.age.secrets."peertube-smtp_password_file".path; serviceEnvironmentFile = config.age.secrets."peertube-service_environment_file".path; secrets.secretsFile = config.age.secrets."peertube-secrets_file".path; }; services.nginx.virtualHosts.${host} = { enableACME = true; forceSSL = true; }; dgn-secrets.matches."^peertube-.*$" = { owner = "peertube"; }; }