I have just installed a Peertube instance and would like to know what I need to do to secure my server.
Put simply : I have an nginx server with a reverse proxy installed as per the Peertube production guide. However I have not installed a firewall or any other security measures although I noticed that ports 80 and 443 have been opened during installation.
For Lychee (a photo sharing app), I followed Framasoft’s autohebergement guidelines and installed arno-iptable-firewall, fail2ban, needrestart, rkhunter, etc.
Should I do the same for my peertube server ?
There is no security measure that is specific to PeerTube ; put another way, you can/should apply as many security measures as your knowledge and time allows, but they are out of the scope of a guide specific to PeerTube, since this pertains to standard security of a web server.
Ok I understand. Thank you for the answer.
I feel that I would like to install some of the security measures I mentioned above (time permitting as you say) but to do that I would like to undertand how the PeerTube installation opened/secured ports 80 and 443. I didn’t see anything in iptables.
Could you explain briefly please ?
PeerTube doesn’t open the ports you mention. It runs on port 9000 by default. The ports you mention are those of your reverse-proxy, which is where you should look for certificate configuration and security hardening.