Cleanup in haproxy
This commit is contained in:
parent
66001d93a9
commit
0c40e04a77
3 changed files with 127 additions and 106 deletions
|
|
@ -446,6 +446,93 @@ services:
|
|||
timeout: 5s
|
||||
retries: 2
|
||||
|
||||
# INVIDIOUS CLEARNET
|
||||
invidious-6:
|
||||
env_file:
|
||||
- .env
|
||||
image: "git.nadeko.net/fijxu/invidious:${TAG}"
|
||||
network_mode: "service:gluetun"
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
|
||||
environment:
|
||||
INVIDIOUS_CONFIG: |
|
||||
feed_threads: 0
|
||||
log_level: Warn
|
||||
# db:
|
||||
# dbname: "${PGSQL_DBNAME}"
|
||||
# user: "${PGSQL_USER}"
|
||||
# password: "${PGSQL_PASS}"
|
||||
# host: 172.80.0.22
|
||||
# port: 5432
|
||||
port: 3005
|
||||
database_url: postgres://kemal:kemal@/invidious
|
||||
redis_url: tcp://172.80.0.20:6379
|
||||
donation_url: "https://nadeko.net/donate"
|
||||
contact_url: "https://nadeko.net/contact"
|
||||
home_domain: "nadeko.net"
|
||||
materialious_domain: "materialious.nadeko.net"
|
||||
full_refresh: false
|
||||
https_only: true
|
||||
hmac_key: "${HMAC_KEY}"
|
||||
domain: "${DOMAIN}"
|
||||
use_pubsub_feeds: true
|
||||
popular_enabled: true
|
||||
captcha_enabled: true
|
||||
login_enabled: true
|
||||
registration_enabled: false
|
||||
statistics_enabled: true
|
||||
external_port: 443
|
||||
default_user_preferences:
|
||||
annotations: true
|
||||
disable_proxy: ["downloads"]
|
||||
annotations_subscribed: true
|
||||
autoplay: true
|
||||
captions: ["English", "Spanish", "English (auto-generated)"]
|
||||
comments: ["youtube", ""]
|
||||
dark_mode: auto
|
||||
latest_only: false
|
||||
listen: false
|
||||
locale: en-US
|
||||
watch_history: true
|
||||
max_results: 60
|
||||
notifications_only: false
|
||||
banner: "${BANNER}"
|
||||
player_style: invidious
|
||||
quality: "${QUALITY}"
|
||||
quality_dash: auto
|
||||
default_home: Popular
|
||||
feed_menu: ["Popular", "Trending", "Subscriptions", "Playlists"]
|
||||
automatic_instance_redirect: true
|
||||
region: CL
|
||||
sort: published
|
||||
extend_desc: true
|
||||
save_player_pos: true
|
||||
cache_annotations: true
|
||||
hsts: true
|
||||
enable_user_notifications: false
|
||||
modified_source_code_url: "${MODIFIED_SOURCE_CODE}"
|
||||
force_resolve: ipv4
|
||||
pool_size: "${POOL_SIZE}"
|
||||
use_innertube_for_captions: true
|
||||
jobs:
|
||||
refresh_channels:
|
||||
enable: false
|
||||
subscribe_to_feeds:
|
||||
enable: false
|
||||
po_token: "${PO_TOKEN}"
|
||||
visitor_data: "${VISITOR_DATA}"
|
||||
signature_server: "172.80.0.30:12999"
|
||||
depends_on:
|
||||
- valkey
|
||||
- inv_sig_helper
|
||||
- gluetun
|
||||
healthcheck:
|
||||
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1
|
||||
interval: 30s
|
||||
timeout: 5s
|
||||
retries: 2
|
||||
|
||||
# SIGNATURE HELPER
|
||||
inv_sig_helper:
|
||||
image: quay.io/invidious/inv-sig-helper
|
||||
|
|
@ -498,8 +585,11 @@ services:
|
|||
- WIREGUARD_PRIVATE_KEY="${WIREGUARD_KEY}"
|
||||
- WIREGUARD_ADDRESSES="${WIREGUARD_ADDRESSES}"
|
||||
- SERVER_HOSTNAMES="${SERVER_HOSTNAMES}"
|
||||
- DNS_KEEP_NAMESERVER=on
|
||||
networks:
|
||||
gluetun_network:
|
||||
depends_on:
|
||||
- haproxy
|
||||
|
||||
# gluetun-updater:
|
||||
# image: qmcgaw/gluetun
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
global
|
||||
# This because haproxy is dumb and likes to use the maxconnection from the kernel and that is super mega huge making haproxy oom
|
||||
maxconn 32768
|
||||
maxconn 16384
|
||||
# 777 perms for all sockets
|
||||
unix-bind mode 777
|
||||
stats socket ipv4@0.0.0.0:8405 level admin
|
||||
|
|
@ -17,6 +17,7 @@ defaults
|
|||
timeout server 5s
|
||||
timeout http-request 10s
|
||||
|
||||
# Prometheus for graphs
|
||||
frontend prometheus
|
||||
bind *:8404
|
||||
mode http
|
||||
|
|
@ -45,90 +46,50 @@ cache invidious-ggpht-cache
|
|||
total-max-size 96
|
||||
# 32kB
|
||||
max-object-size 32768
|
||||
# 30min
|
||||
# 1h
|
||||
max-age 3600
|
||||
process-vary on
|
||||
|
||||
# cache api-cache
|
||||
# # 32MB
|
||||
# total-max-size 32
|
||||
# # 4kB
|
||||
# max-object-size 32000
|
||||
# # 5min
|
||||
# max-age 300
|
||||
# process-vary on
|
||||
|
||||
frontend invidious
|
||||
http-request set-var(txn.ggpht) path
|
||||
bind /tmp/invidious-vpn.sock
|
||||
bind *:8001
|
||||
#filter cache invidious-api-cache
|
||||
#http-request cache-use invidious-api-cache if { path_beg /api/v1 }
|
||||
#http-response cache-store invidious-api-cache
|
||||
default_backend invidious
|
||||
|
||||
# frontend invidious-tor
|
||||
# bind /tmp/invidious-tor.sock
|
||||
# bind *:8002
|
||||
# default_backend invidious-tor
|
||||
#
|
||||
# frontend invidious-i2p
|
||||
# bind /tmp/invidious-i2p.sock
|
||||
# bind *:8003
|
||||
# default_backend invidious-i2p
|
||||
|
||||
frontend http3-proxy
|
||||
http-request set-var(txn.vipath) path
|
||||
# acl vi path_beg /vi/
|
||||
bind /tmp/http3-proxy-vpn.sock
|
||||
bind *:8004
|
||||
#http-response set-header Cache-Control public
|
||||
#http-response set-header Expires -1
|
||||
#http-response set-header Pragma cache
|
||||
# acl youtube_thumbnails path_beg /vi/
|
||||
#
|
||||
default_backend http3-proxy
|
||||
|
||||
backend invidious
|
||||
balance leastconn
|
||||
#http-request cache-use api-cache if { path_beg /api/v1/channels/ }
|
||||
#http-response cache-store api-cache
|
||||
# acl inv_api var(txn.api) -m beg /api/
|
||||
# http-response set-header X-Cache-Status HIT if !{ srv_id -m found } inv_api
|
||||
# http-response set-header X-Cache-Status MISS if { srv_id -m found } inv_api
|
||||
#
|
||||
# http-request cache-use invidious-ggpht-cache if { path_beg /ggpht/ }
|
||||
# http-response cache-store invidious-ggpht-cache
|
||||
|
||||
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
|
||||
# acl youtube_ggpht var(txn.ggpht) -m beg /ggpht/
|
||||
# http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_ggpht
|
||||
# http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_ggpht
|
||||
server invidious-1-vpn gluetun:3000 check init-addr libc,none
|
||||
server invidious-2-vpn gluetun:3001 check init-addr libc,none
|
||||
server invidious-3-vpn gluetun:3002 check init-addr libc,none
|
||||
server invidious-4-vpn gluetun:3003 check init-addr libc,none
|
||||
server invidious-5-vpn gluetun:3004 check init-addr libc,none
|
||||
server invidious-6-vpn gluetun:3005 check init-addr libc,none
|
||||
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
|
||||
option redispatch
|
||||
|
||||
# backend invidious-tor
|
||||
# server-template invidious-tor 2 invidious-tor:3000 check resolvers docker init-addr libc,none
|
||||
#
|
||||
# backend invidious-i2p
|
||||
# server-template invidious-i2p 2 invidious-i2p:3000 check resolvers docker init-addr libc,none
|
||||
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
|
||||
option redispatch 2
|
||||
|
||||
backend http3-proxy
|
||||
# Unix socket for http3-proxy for later
|
||||
#server http3-proxy-unix-socket /http3-proxy/http-proxy.sock
|
||||
# balance source
|
||||
# Caches video thumbnails, profile pictures and others
|
||||
http-request cache-use invidious-thumbnail-cache if { path_beg /vi/ }
|
||||
http-response cache-store invidious-thumbnail-cache
|
||||
http-request cache-use invidious-ggpht-cache if { path_beg /ggpht/ }
|
||||
http-response cache-store invidious-ggpht-cache
|
||||
|
||||
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
|
||||
acl youtube_thumbnails var(txn.vipath) -m beg /vi/
|
||||
acl youtube_thumbnails var(txn.path) -m beg /vi/
|
||||
acl youtube_ggpht var(txn.path) -m beg /ggpht/
|
||||
|
||||
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_thumbnails
|
||||
http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_thumbnails
|
||||
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_ggpht
|
||||
http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_ggpht
|
||||
|
||||
server http3-proxy-1-vpn gluetun:8080 check init-addr libc,none
|
||||
|
||||
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
|
||||
# Use another server if one takes too long to reply
|
||||
# option redispatch 2
|
||||
# Only 1 server, not neccessary
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
global
|
||||
# This because haproxy is dumb and likes to use the maxconnection from the kernel and that is super mega huge making haproxy oom
|
||||
maxconn 32768
|
||||
maxconn 16384
|
||||
# 777 perms for all sockets
|
||||
unix-bind mode 777
|
||||
stats socket ipv4@0.0.0.0:8405 level admin
|
||||
|
|
@ -17,6 +17,7 @@ defaults
|
|||
timeout server 5s
|
||||
timeout http-request 10s
|
||||
|
||||
# Prometheus for graphs
|
||||
frontend prometheus
|
||||
bind *:8404
|
||||
mode http
|
||||
|
|
@ -49,67 +50,30 @@ cache invidious-ggpht-cache
|
|||
max-age 3600
|
||||
process-vary on
|
||||
|
||||
# cache api-cache
|
||||
# # 32MB
|
||||
# total-max-size 32
|
||||
# # 4kB
|
||||
# max-object-size 32000
|
||||
# # 5min
|
||||
# max-age 300
|
||||
# process-vary on
|
||||
|
||||
frontend invidious
|
||||
http-request set-var(txn.ggpht) path
|
||||
bind /tmp/invidious.sock
|
||||
bind *:8001
|
||||
#filter cache invidious-api-cache
|
||||
#http-request cache-use invidious-api-cache if { path_beg /api/v1 }
|
||||
#http-response cache-store invidious-api-cache
|
||||
# use_backend http3-proxy if { path_beg /videoplayback }
|
||||
default_backend invidious
|
||||
|
||||
frontend invidious-tor
|
||||
bind /tmp/invidious-tor.sock
|
||||
bind *:8002
|
||||
default_backend invidious-tor
|
||||
|
||||
frontend invidious-i2p
|
||||
bind /tmp/invidious-i2p.sock
|
||||
bind *:8003
|
||||
default_backend invidious-i2p
|
||||
|
||||
frontend http3-proxy
|
||||
http-request set-var(txn.vipath) path
|
||||
# acl vi path_beg /vi/
|
||||
bind /tmp/http3-proxy.sock
|
||||
http-request set-var(txn.path) path
|
||||
bind *:8004
|
||||
#http-response set-header Cache-Control public
|
||||
#http-response set-header Expires -1
|
||||
#http-response set-header Pragma cache
|
||||
# acl youtube_thumbnails path_beg /vi/
|
||||
#
|
||||
default_backend http3-proxy
|
||||
|
||||
backend invidious
|
||||
balance leastconn
|
||||
#http-request cache-use api-cache if { path_beg /api/v1/channels/ }
|
||||
#http-response cache-store api-cache
|
||||
# acl inv_api var(txn.api) -m beg /api/
|
||||
# http-response set-header X-Cache-Status HIT if !{ srv_id -m found } inv_api
|
||||
# http-response set-header X-Cache-Status MISS if { srv_id -m found } inv_api
|
||||
#
|
||||
http-request cache-use invidious-ggpht-cache if { path_beg /ggpht/ }
|
||||
http-response cache-store invidious-ggpht-cache
|
||||
|
||||
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
|
||||
acl youtube_ggpht var(txn.ggpht) -m beg /ggpht/
|
||||
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_ggpht
|
||||
http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_ggpht
|
||||
server-template invidious 8 invidious:3000 check resolvers docker init-addr libc,none
|
||||
|
||||
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
|
||||
option redispatch
|
||||
# server invidious-1 gluetun:3000 check resolvers docker init-addr libc,none
|
||||
# server invidious-2 gluetun:3001 check resolvers docker init-addr libc,none
|
||||
# Use another server if one takes too long to reply
|
||||
option redispatch 2
|
||||
|
||||
backend invidious-tor
|
||||
server-template invidious-tor 2 invidious-tor:3000 check resolvers docker init-addr libc,none
|
||||
|
|
@ -118,19 +82,25 @@ backend invidious-i2p
|
|||
server-template invidious-i2p 2 invidious-i2p:3000 check resolvers docker init-addr libc,none
|
||||
|
||||
backend http3-proxy
|
||||
# Unix socket for http3-proxy for later
|
||||
#server http3-proxy-unix-socket /http3-proxy/http-proxy.sock
|
||||
# balance source
|
||||
# Caches video thumbnails, profile pictures and others
|
||||
http-request cache-use invidious-thumbnail-cache if { path_beg /vi/ }
|
||||
http-response cache-store invidious-thumbnail-cache
|
||||
http-request cache-use invidious-ggpht-cache if { path_beg /ggpht/ }
|
||||
http-response cache-store invidious-ggpht-cache
|
||||
|
||||
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
|
||||
acl youtube_thumbnails var(txn.vipath) -m beg /vi/
|
||||
acl youtube_thumbnails var(txn.path) -m beg /vi/
|
||||
acl youtube_ggpht var(txn.path) -m beg /ggpht/
|
||||
|
||||
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_thumbnails
|
||||
http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_thumbnails
|
||||
#server http3-proxy-1 gluetun:8080 check resolvers docker init-addr libc,none
|
||||
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_ggpht
|
||||
http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_ggpht
|
||||
|
||||
server http3-proxy-1 http3-proxy:8080 check resolvers docker init-addr libc,none
|
||||
server http3-proxy-2 http3-proxy:8080 check resolvers docker init-addr libc,none
|
||||
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
|
||||
option redispatch
|
||||
|
||||
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
|
||||
# Use another server if one takes too long to reply
|
||||
option redispatch 2
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue