Update peertube config for 5.0.0

iacore.conf

@@ -2,7 +2,7 @@ server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
     server_name www.1a-insec.net;
-    
+
     ssl_certificate /etc/letsencrypt/live/www.1a-insec.net/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/www.1a-insec.net/privkey.pem;
 

peertube.conf

@@ -93,6 +93,11 @@ server {
         try_files /dev/null @api_websocket;
     }
 
+    # Plugin websocket routes
+    location ~ ^/plugins/[^/]+(/[^/]+)?/ws/ {
+        try_files /dev/null @api_websocket;
+    }
+
     ##
     # Performance optimizations
     # For extra performance please refer to https://github.com/denji/nginx-tuning
@@ -170,6 +175,18 @@ server {
         try_files $uri @api;
     }
 
+    location ~ ^(/static/(webseed|streaming-playlists)/private/)|^/download {
+        # We can't rate limit a try_files directive, so we need to duplicate @api
+
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+
+        proxy_limit_rate 5M;
+
+        proxy_pass http://backend;
+    }
+
     # Bypass PeerTube for performance reasons. Optional.
     location ~ ^/static/(webseed|redundancy|streaming-playlists)/ {
         limit_rate_after 5M;
@@ -184,8 +201,8 @@ server {
 
         # Use this line with nginx >= 1.17.0
         limit_rate $peertube_limit_rate;
-        # Or this line if your nginx < 1.17.0
-        #set $limit_rate $peertube_limit_rate;
+        # Or this line with nginx < 1.17.0
+        # set $limit_rate $peertube_limit_rate;
 
         if ($request_method = 'OPTIONS') {
             add_header Access-Control-Allow-Origin '*';