Fijxu/docker-compose-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update invidious docker compose files (Now more clean than ever

Browse source
This commit is contained in:
root 2024-11-11 12:42:53 -03:00
parent 9f268867d0
commit 0fc1dc0e6a
16 changed files with 607280 additions and 784 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
invidious/README.md Normal file
View file

@ -0,0 +1,6 @@
- ./invidious: Backend 1 without VPN
- ./invidious-vpn: Backend 2 with VPN
- ./invidious-vpn2: Backend 3 with VPN
- ./invidious-external: Backend 4 without VPN
(invidious-external is not any different from invidious, is just the name that I used when I created the backend 4, I don't remember why but as they say: "If it works, don't touch it")

60
invidious/invidious-external/docker-compose.yml Normal file
View file

@ -0,0 +1,60 @@
# Docker compose file for Backend 4 of inv.nadeko.net
services:
# INVIDIOUS CLEARNET
invidious:
env_file:
# Env file containing variables like TAG, INV_MEM_*
- .env
# Env file containing INVIDIOUS_* variables
- ../.env
image: "git.nadeko.net/fijxu/invidious:${TAG}"
restart: unless-stopped
mem_limit: ${INV_MEM_LIMIT}
mem_reservation: ${INV_MEM_RESERVATION}
cpus: ${INV_CPU} # Limit to X% of the CPU
deploy:
replicas: 4
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
depends_on:
- haproxy
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# Without depends because haproxy is smart
haproxy:
image: haproxy:lts-alpine
restart: always
ports:
# Invidious
- "127.0.0.1:20100:8001"
# TOR
#- "127.0.0.1:20102:8002"
# I2P
#- "127.0.0.1:20103:8003"
# HTTP3-PROXY
# - "127.0.0.1:10061:8004"
# METRICS
- "127.0.0.1:20104:8404"
volumes:
- ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg
ptgen:
image: git.nadeko.net/fijxu/youtube-po-token-generator:latest
cpus: 0.1
restart: unless-stopped
environment:
- HOST=valkey-external
depends_on:
- haproxy
networks:
default:
name: invidious-external

38
invidious/invidious-external/haproxy.cfg Normal file
View file

@ -0,0 +1,38 @@
global
# This because haproxy is dumb and likes to use the maxconnection from the kernel and that is super mega huge making haproxy oom
maxconn 8192
# 777 perms for all sockets
unix-bind mode 777
stats socket ipv4@0.0.0.0:8405 level admin
resolvers docker
# To be able to use multiple replicas of invidious
# using domains
nameserver dns1 127.0.0.11:53
defaults
mode http
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
# Use another server if one takes too long to reply
retries 2
option redispatch
timeout client 30s
timeout connect 30s
timeout server 120s
timeout queue 10s
http-reuse always
# Prometheus for graphs
frontend prometheus
bind *:8404
mode http
http-request use-service prometheus-exporter if { path /metrics }
no log
frontend invidious
bind *:8001
default_backend invidious
backend invidious
balance roundrobin
server-template invidious 8 invidious:3000 check resolvers docker init-addr libc,none

217
invidious/invidious-vpn-2/docker-compose.yml
View file

@ -1,155 +1,77 @@
# Docker compose file for ${DOMAIN} # Docker compose file for Backend 3 of inv.nadeko.net
#
services: services:
invidious-extend:
env_file:
# Env file containing variables like TAG, INV_MEM_*
- .env
# Env file containing INVIDIOUS_* variables
- ../.env
image: "git.nadeko.net/fijxu/invidious:${TAG}"
restart: unless-stopped
mem_limit: ${INV_MEM_LIMIT}
mem_reservation: ${INV_MEM_RESERVATION}
cpus: ${INV_CPU} # Limit to X% of the CPU
network_mode: "service:gluetun"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
depends_on:
# - inv_sig_helper
- haproxy
environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# INVIDIOUS CLEARNET # INVIDIOUS CLEARNET
invidious: invidious:
image: "git.nadeko.net/fijxu/invidious:${TAG}" extends:
env_file: service: invidious-extend
- .env
network_mode: "service:gluetun"
restart: unless-stopped
mem_limit: "${INV_MEM_LIMIT}"
mem_reservation: "${INV_MEM_RESERVATION}"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
environment: environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_PORT: "3000" INVIDIOUS_PORT: "3000"
depends_on:
- inv_sig_helper
- haproxy
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# INVIDIOUS CLEARNET invidious2:
invidious-2: extends:
image: "git.nadeko.net/fijxu/invidious:${TAG}" service: invidious-extend
env_file:
- .env
network_mode: "service:gluetun"
restart: unless-stopped
mem_limit: "${INV_MEM_LIMIT}"
mem_reservation: "${INV_MEM_RESERVATION}"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
environment: environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_PORT: "3001" INVIDIOUS_PORT: "3001"
depends_on:
- inv_sig_helper
- haproxy
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# INVIDIOUS CLEARNET invidious3:
invidious-3: extends:
image: "git.nadeko.net/fijxu/invidious:${TAG}" service: invidious-extend
env_file:
- .env
network_mode: "service:gluetun"
restart: unless-stopped
mem_limit: "${INV_MEM_LIMIT}"
mem_reservation: "${INV_MEM_RESERVATION}"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
environment: environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_PORT: "3002" INVIDIOUS_PORT: "3002"
depends_on:
- inv_sig_helper
- haproxy
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# INVIDIOUS TOR invidious4:
invidious-tor: extends:
env_file: service: invidious-extend
- .env INVIDIOUS_PORT: "3003"
image: "git.nadeko.net/fijxu/invidious:${TAG}"
network_mode: "service:gluetun"
restart: unless-stopped
mem_limit: "${INV_MEM_LIMIT}"
mem_reservation: "${INV_MEM_RESERVATION}"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_DOMAIN: "inv.nadekonw7plitnjuawu6ytjsl7jlglk2t6pyq6eftptmiv3dvqndwvyd.onion"
INVIDIOUS_PORT: "3010"
INVIDIOUS_HTTPS_ONLY: false
INVIDIOUS_HSTS: false
depends_on:
- inv_sig_helper
- haproxy
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# INVIDIOUS I2P
invidious-i2p:
env_file:
- .env
image: "git.nadeko.net/fijxu/invidious:${TAG}"
network_mode: "service:gluetun"
restart: unless-stopped
mem_limit: "${INV_MEM_LIMIT}"
mem_reservation: "${INV_MEM_RESERVATION}"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_DOMAIN: "inv.zzls.i2p"
INVIDIOUS_PORT: "3011"
INVIDIOUS_HTTPS_ONLY: false
INVIDIOUS_HSTS: false
depends_on:
- inv_sig_helper
- haproxy
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# SIGNATURE HELPER # SIGNATURE HELPER
inv_sig_helper: # inv_sig_helper:
image: quay.io/invidious/inv-sig-helper # image: quay.io/invidious/inv-sig-helper
restart: unless-stopped # restart: unless-stopped
network_mode: "service:gluetun" # network_mode: "service:gluetun"
mem_limit: "512m" # mem_limit: "512m"
init: true # init: true
command: ["--tcp", "0.0.0.0:12999"] # command: ["--tcp", "0.0.0.0:12999"]
environment: # environment:
- RUST_LOG=info # - RUST_LOG=info
depends_on: # depends_on:
- gluetun # - gluetun
http3-proxy: # http3-proxy:
image: git.nadeko.net/fijxu/http3-proxy:latest # image: git.nadeko.net/fijxu/http3-ytproxy:latest
restart: unless-stopped # restart: unless-stopped
network_mode: "service:gluetun" # network_mode: "service:gluetun"
environment: # depends_on:
DISABLE_WEBP: 1 # - haproxy
depends_on: # - gluetun
- gluetun
# Without depends because haproxy is smart
haproxy: haproxy:
image: haproxy:lts-alpine image: haproxy:lts-alpine
restart: unless-stopped restart: unless-stopped
@ -157,15 +79,15 @@ services:
# Invidious # Invidious
- "127.0.0.1:10080:8001" - "127.0.0.1:10080:8001"
# TOR # TOR
- "127.0.0.1:10082:8002" #- "127.0.0.1:10082:8002"
# I2P # I2P
- "127.0.0.1:10083:8003" #- "127.0.0.1:10083:8003"
# HTTP3-PROXY # HTTP3-PROXY
# - "127.0.0.1:10081:8004" #- "127.0.0.1:10081:8004"
# METRICS # METRICS
- "127.0.0.1:10084:8404" - "127.0.0.1:10084:8404"
volumes: volumes:
- ./haproxy:/usr/local/etc/haproxy - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg
networks: networks:
gluetun_network_2: gluetun_network_2:
depends_on: depends_on:
@ -174,11 +96,6 @@ services:
gluetun: gluetun:
image: qmcgaw/gluetun image: qmcgaw/gluetun
restart: unless-stopped restart: unless-stopped
ports:
# THIS IS ACTUALLY THE PORT OF HTTP3-PROXY
# SINCE THE HTTP3-PTOXY SERVICE IS RUNNING
# UNDER GLUETUN NETWORK.
- "127.0.0.1:10081:8080"
env_file: env_file:
- .env - .env
cap_add: cap_add:
@ -197,6 +114,16 @@ services:
networks: networks:
gluetun_network_2: gluetun_network_2:
ptgen:
image: git.nadeko.net/fijxu/youtube-po-token-generator:latest
cpus: 0.1
restart: unless-stopped
network_mode: "service:gluetun"
environment:
- HOST=valkey-vpn-2
depends_on:
- gluetun
networks: networks:
default: default:
name: invidious-vpn-2 name: invidious-vpn-2

303403
invidious/invidious-vpn-2/gluetun/servers.json Normal file
View file

File diff suppressed because it is too large Load diff

45
invidious/invidious-vpn-2/haproxy.cfg Normal file
View file

@ -0,0 +1,45 @@
global
# This because haproxy is dumb and likes to use the maxconnection from the kernel and that is super mega huge making haproxy oom
maxconn 8192
# 777 perms for all sockets
unix-bind mode 777
stats socket ipv4@0.0.0.0:8405 level admin
resolvers docker
# To be able to use multiple replicas of invidious
# using domains
nameserver dns1 127.0.0.11:53
defaults
mode http
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
# Use another server if one takes too long to reply
retries 2
option redispatch
timeout client 30s
timeout connect 30s
timeout server 120s
timeout queue 10s
http-reuse always
# Prometheus for graphs
frontend prometheus
bind *:8404
mode http
http-request use-service prometheus-exporter if { path /metrics }
no log
frontend invidious
bind *:8001
default_backend invidious
backend invidious
balance roundrobin
server invidious-1-vpn gluetun:3000 check init-addr libc,none
server invidious-2-vpn gluetun:3001 check init-addr libc,none
server invidious-3-vpn gluetun:3002 check init-addr libc,none
server invidious-4-vpn gluetun:3003 check init-addr libc,none
server invidious-5-vpn gluetun:3004 check init-addr libc,none
server invidious-6-vpn gluetun:3005 check init-addr libc,none

150
invidious/invidious-vpn-2/haproxy/haproxy.cfg
View file

@ -1,150 +0,0 @@
global
# This because haproxy is dumb and likes to use the maxconnection from the kernel and that is super mega huge making haproxy oom
maxconn 16384
# 777 perms for all sockets
unix-bind mode 777
stats socket ipv4@0.0.0.0:8405 level admin
resolvers docker
# To be able to use multiple replicas of invidious
# using domains
nameserver dns1 127.0.0.11:53
defaults
mode http
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
# Use another server if one takes too long to reply
retries 2
option redispatch
timeout client 30s
timeout connect 5s
timeout server 30s
timeout queue 10s
http-reuse always
# Prometheus for graphs
frontend prometheus
bind *:8404
mode http
http-request use-service prometheus-exporter if { path /metrics }
no log
frontend stats
mode http
bind *:8405
stats enable
stats uri /stats
stats refresh 1s
stats admin if TRUE
cache invidious-thumbnail-cache
# 96MB
total-max-size 96
# 32kB
max-object-size 32768
# 30min
max-age 1800
process-vary on
cache invidious-ggpht-cache
# 96MB
total-max-size 96
# 32kB
max-object-size 32768
# 1h
max-age 3600
process-vary on
cache invidious-sb-cache
# 128MB
total-max-size 128
# 128kB
max-object-size 131072
# 1h
max-age 86400
process-vary on
frontend invidious
http-request set-var(txn.ipath) path
bind *:8001
default_backend invidious
frontend invidious-tor
http-request set-var(txn.ipath) path
bind *:8002
default_backend invidious-tor
frontend invidious-i2p
http-request set-var(txn.ipath) path
bind *:8003
default_backend invidious-i2p
frontend http3-proxy
http-request set-var(txn.hpath) path
bind *:8004
default_backend http3-proxy
backend invidious
balance roundrobin
# Caches video storyboards
http-request cache-use invidious-sb-cache if { path_beg /sb/ }
http-response cache-store invidious-sb-cache
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
acl sb var(txn.ipath) -m beg /sb/
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } sb
http-response set-header X-Cache-Status MISS if { srv_id -m found } sb
server invidious-1-vpn gluetun:3000 check init-addr libc,none
server invidious-2-vpn gluetun:3001 check init-addr libc,none
server invidious-3-vpn gluetun:3002 check init-addr libc,none
server invidious-4-vpn gluetun:3003 check init-addr libc,none
server invidious-5-vpn gluetun:3004 check init-addr libc,none
server invidious-6-vpn gluetun:3005 check init-addr libc,none
backend invidious-tor
# Caches video storyboards
http-request cache-use invidious-sb-cache if { path_beg /sb/ }
http-response cache-store invidious-sb-cache
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
acl sb var(txn.ipath) -m beg /sb/
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } sb
http-response set-header X-Cache-Status MISS if { srv_id -m found } sb
server invidious-tor-vpn gluetun:3010 check init-addr libc,none
backend invidious-i2p
# Caches video storyboards
http-request cache-use invidious-sb-cache if { path_beg /sb/ }
http-response cache-store invidious-sb-cache
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
acl sb var(txn.ipath) -m beg /sb/
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } sb
http-response set-header X-Cache-Status MISS if { srv_id -m found } sb
server invidious-i2p-vpn gluetun:3011 check init-addr libc,none
backend http3-proxy
# Caches video thumbnails, profile pictures and others
http-request cache-use invidious-thumbnail-cache if { path_beg /vi/ }
http-response cache-store invidious-thumbnail-cache
http-request cache-use invidious-ggpht-cache if { path_beg /ggpht/ }
http-response cache-store invidious-ggpht-cache
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
acl youtube_thumbnails var(txn.hpath) -m beg /vi/
acl youtube_ggpht var(txn.hpath) -m beg /ggpht/
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_thumbnails
http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_thumbnails
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_ggpht
http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_ggpht
server http3-proxy-1-vpn gluetun:8080 check init-addr libc,none

216
invidious/invidious-vpn/docker-compose.yml
View file

@ -1,156 +1,77 @@
# Docker compose file for ${DOMAIN} # Docker compose file for Backend 2 of inv.nadeko.net
services: services:
invidious-extend:
env_file:
# Env file containing variables like TAG, INV_MEM_*
- .env
# Env file containing INVIDIOUS_* variables
- ../.env
image: "git.nadeko.net/fijxu/invidious:${TAG}"
restart: unless-stopped
mem_limit: ${INV_MEM_LIMIT}
mem_reservation: ${INV_MEM_RESERVATION}
cpus: ${INV_CPU} # Limit to X% of the CPU
network_mode: "service:gluetun"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
depends_on:
# - inv_sig_helper
- haproxy
environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# INVIDIOUS CLEARNET # INVIDIOUS CLEARNET
invidious: invidious:
image: "git.nadeko.net/fijxu/invidious:${TAG}" extends:
env_file: service: invidious-extend
- .env
network_mode: "service:gluetun"
restart: unless-stopped
mem_limit: "${INV_MEM_LIMIT}"
mem_reservation: "${INV_MEM_RESERVATION}"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
environment: environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_PORT: "3000" INVIDIOUS_PORT: "3000"
depends_on: invidious2:
- inv_sig_helper extends:
- haproxy service: invidious-extend
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# INVIDIOUS CLEARNET
invidious-2:
image: "git.nadeko.net/fijxu/invidious:${TAG}"
env_file:
- .env
network_mode: "service:gluetun"
restart: unless-stopped
mem_limit: "${INV_MEM_LIMIT}"
mem_reservation: "${INV_MEM_RESERVATION}"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
environment: environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_PORT: "3001" INVIDIOUS_PORT: "3001"
depends_on:
- inv_sig_helper
- haproxy
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# INVIDIOUS CLEARNET invidious3:
invidious-3: extends:
image: "git.nadeko.net/fijxu/invidious:${TAG}" service: invidious-extend
env_file:
- .env
network_mode: "service:gluetun"
restart: unless-stopped
mem_limit: "${INV_MEM_LIMIT}"
mem_reservation: "${INV_MEM_RESERVATION}"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
environment: environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_PORT: "3002" INVIDIOUS_PORT: "3002"
depends_on:
- inv_sig_helper
- haproxy
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# INVIDIOUS TOR invidious4:
invidious-tor: extends:
env_file: service: invidious-extend
- .env INVIDIOUS_PORT: "3003"
image: "git.nadeko.net/fijxu/invidious:${TAG}"
network_mode: "service:gluetun"
restart: unless-stopped
mem_limit: "${INV_MEM_LIMIT}"
mem_reservation: "${INV_MEM_RESERVATION}"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_DOMAIN: "inv.nadekonw7plitnjuawu6ytjsl7jlglk2t6pyq6eftptmiv3dvqndwvyd.onion"
INVIDIOUS_PORT: "3010"
INVIDIOUS_HTTPS_ONLY: false
INVIDIOUS_HSTS: false
depends_on:
- inv_sig_helper
- haproxy
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# INVIDIOUS I2P
invidious-i2p:
env_file:
- .env
image: "git.nadeko.net/fijxu/invidious:${TAG}"
network_mode: "service:gluetun"
restart: unless-stopped
mem_limit: "${INV_MEM_LIMIT}"
mem_reservation: "${INV_MEM_RESERVATION}"
volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro
environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_DOMAIN: "inv.zzls.i2p"
INVIDIOUS_PORT: "3011"
INVIDIOUS_HTTPS_ONLY: false
INVIDIOUS_HSTS: false
depends_on:
- inv_sig_helper
- haproxy
healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s
timeout: 5s
retries: 2
# SIGNATURE HELPER # SIGNATURE HELPER
inv_sig_helper: # inv_sig_helper:
image: quay.io/invidious/inv-sig-helper # image: quay.io/invidious/inv-sig-helper
restart: unless-stopped # restart: unless-stopped
network_mode: "service:gluetun" # network_mode: "service:gluetun"
mem_limit: "512m" # mem_limit: "512m"
init: true # init: true
command: ["--tcp", "0.0.0.0:12999"] # command: ["--tcp", "0.0.0.0:12999"]
environment: # environment:
- RUST_LOG=info # - RUST_LOG=info
depends_on: # depends_on:
- gluetun # - gluetun
http3-proxy: # http3-proxy:
image: git.nadeko.net/fijxu/http3-proxy:latest # image: git.nadeko.net/fijxu/http3-ytproxy:latest
restart: unless-stopped # restart: unless-stopped
network_mode: "service:gluetun" # network_mode: "service:gluetun"
environment: # depends_on:
DISABLE_WEBP: 1 # - haproxy
depends_on: # - gluetun
- gluetun
# Without depends because haproxy is smart
haproxy: haproxy:
image: haproxy:lts-alpine image: haproxy:lts-alpine
restart: unless-stopped restart: unless-stopped
@ -158,15 +79,15 @@ services:
# Invidious # Invidious
- "127.0.0.1:10070:8001" - "127.0.0.1:10070:8001"
# TOR # TOR
- "127.0.0.1:10072:8002" #- "127.0.0.1:10072:8002"
# I2P # I2P
- "127.0.0.1:10073:8003" #- "127.0.0.1:10073:8003"
# HTTP3-PROXY # HTTP3-PROXY
# - "127.0.0.1:10071:8004" #- "127.0.0.1:10071:8004"
# METRICS # METRICS
- "127.0.0.1:10074:8404" - "127.0.0.1:10074:8404"
volumes: volumes:
- ./haproxy:/usr/local/etc/haproxy - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg
networks: networks:
gluetun_network: gluetun_network:
depends_on: depends_on:
@ -175,11 +96,6 @@ services:
gluetun: gluetun:
image: qmcgaw/gluetun image: qmcgaw/gluetun
restart: unless-stopped restart: unless-stopped
ports:
# THIS IS ACTUALLY THE PORT OF HTTP3-PROXY
# SINCE THE HTTP3-PTOXY SERVICE IS RUNNING
# UNDER GLUETUN NETWORK.
- "127.0.0.1:10071:8080"
env_file: env_file:
- .env - .env
cap_add: cap_add:
@ -198,6 +114,16 @@ services:
networks: networks:
gluetun_network: gluetun_network:
ptgen:
image: git.nadeko.net/fijxu/youtube-po-token-generator:latest
cpus: 0.1
restart: unless-stopped
network_mode: "service:gluetun"
environment:
- HOST=valkey-vpn
depends_on:
- gluetun
networks: networks:
default: default:
name: invidious-vpn name: invidious-vpn

303403
invidious/invidious-vpn/gluetun/servers.json Normal file
View file

File diff suppressed because it is too large Load diff

43
invidious/invidious-vpn/haproxy.cfg Normal file
View file

@ -0,0 +1,43 @@
global
# This because haproxy is dumb and likes to use the maxconnection from the kernel and that is super mega huge making haproxy oom
maxconn 8192
# 777 perms for all sockets
unix-bind mode 777
stats socket ipv4@0.0.0.0:8405 level admin
resolvers docker
# To be able to use multiple replicas of invidious
# using domains
nameserver dns1 127.0.0.11:53
defaults
mode http
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
# Use another server if one takes too long to reply
retries 2
option redispatch
timeout client 30s
timeout connect 30s
timeout server 120s
timeout queue 10s
http-reuse always
# Prometheus for graphs
frontend prometheus
bind *:8404
mode http
http-request use-service prometheus-exporter if { path /metrics }
no log
frontend invidious
bind *:8001
default_backend invidious
backend invidious
balance roundrobin
server invidious-1-vpn gluetun:3000 check init-addr libc,none
server invidious-2-vpn gluetun:3001 check init-addr libc,none
server invidious-3-vpn gluetun:3002 check init-addr libc,none
server invidious-4-vpn gluetun:3003 check init-addr libc,none
server invidious-5-vpn gluetun:3004 check init-addr libc,none
server invidious-6-vpn gluetun:3005 check init-addr libc,none

149
invidious/invidious-vpn/haproxy/haproxy.cfg
View file

@ -1,149 +0,0 @@
global
# This because haproxy is dumb and likes to use the maxconnection from the kernel and that is super mega huge making haproxy oom
maxconn 16384
# 777 perms for all sockets
unix-bind mode 777
stats socket ipv4@0.0.0.0:8405 level admin
resolvers docker
# To be able to use multiple replicas of invidious
# using domains
nameserver dns1 127.0.0.11:53
defaults
mode http
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
# Use another server if one takes too long to reply
retries 2
option redispatch
timeout client 30s
timeout connect 5s
timeout server 30s
timeout queue 10s
http-reuse always
# Prometheus for graphs
frontend prometheus
bind *:8404
mode http
http-request use-service prometheus-exporter if { path /metrics }
no log
frontend stats
mode http
bind *:8405
stats enable
stats uri /stats
stats refresh 1s
stats admin if TRUE
cache invidious-thumbnail-cache
# 96MB
total-max-size 96
# 32kB
max-object-size 32768
# 30min
max-age 1800
process-vary on
cache invidious-ggpht-cache
# 96MB
total-max-size 96
# 32kB
max-object-size 32768
# 1h
max-age 3600
process-vary on
cache invidious-sb-cache
# 128MB
total-max-size 128
# 128kB
max-object-size 131072
# 1h
max-age 86400
process-vary on
frontend invidious
http-request set-var(txn.ipath) path
bind *:8001
default_backend invidious
frontend invidious-tor
http-request set-var(txn.ipath) path
bind *:8002
default_backend invidious-tor
frontend invidious-i2p
http-request set-var(txn.ipath) path
bind *:8003
default_backend invidious-i2p
frontend http3-proxy
http-request set-var(txn.hpath) path
bind *:8004
default_backend http3-proxy
backend invidious
balance roundrobin
# Caches video storyboards
http-request cache-use invidious-sb-cache if { path_beg /sb/ }
http-response cache-store invidious-sb-cache
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
acl sb var(txn.ipath) -m beg /sb/
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } sb
http-response set-header X-Cache-Status MISS if { srv_id -m found } sb
server invidious-1-vpn gluetun:3000 check init-addr libc,none
server invidious-2-vpn gluetun:3001 check init-addr libc,none
server invidious-3-vpn gluetun:3002 check init-addr libc,none
server invidious-4-vpn gluetun:3003 check init-addr libc,none
server invidious-5-vpn gluetun:3004 check init-addr libc,none
server invidious-6-vpn gluetun:3005 check init-addr libc,none
backend invidious-tor
# Caches video storyboards
http-request cache-use invidious-sb-cache if { path_beg /sb/ }
http-response cache-store invidious-sb-cache
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
acl sb var(txn.ipath) -m beg /sb/
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } sb
http-response set-header X-Cache-Status MISS if { srv_id -m found } sb
server invidious-tor-vpn gluetun:3010 check init-addr libc,none
backend invidious-i2p
# Caches video storyboards
http-request cache-use invidious-sb-cache if { path_beg /sb/ }
http-response cache-store invidious-sb-cache
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
acl sb var(txn.ipath) -m beg /sb/
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } sb
http-response set-header X-Cache-Status MISS if { srv_id -m found } sb
server invidious-i2p-vpn gluetun:3011 check init-addr libc,none
backend http3-proxy
# Caches video thumbnails, profile pictures and others
http-request cache-use invidious-thumbnail-cache if { path_beg /vi/ }
http-response cache-store invidious-thumbnail-cache
http-request cache-use invidious-ggpht-cache if { path_beg /ggpht/ }
http-response cache-store invidious-ggpht-cache
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
acl youtube_thumbnails var(txn.hpath) -m beg /vi/
acl youtube_ggpht var(txn.hpath) -m beg /ggpht/
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_thumbnails
http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_thumbnails
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_ggpht
http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_ggpht
server http3-proxy-1-vpn gluetun:8080 check init-addr libc,none

160
invidious/invidious/docker-compose.yml
View file

@ -1,23 +1,27 @@
# Docker compose file for inv.nadeko.net # Docker compose file for Backend 1 of inv.nadeko.net
services: services:
# INVIDIOUS CLEARNET # INVIDIOUS CLEARNET
invidious: invidious:
env_file: env_file:
# Env file containing variables like TAG, INV_MEM_*
- .env - .env
# Env file containing INVIDIOUS_* variables
- ../.env
image: "git.nadeko.net/fijxu/invidious:${TAG}" image: "git.nadeko.net/fijxu/invidious:${TAG}"
restart: unless-stopped restart: unless-stopped
mem_limit: "${INV_MEM_LIMIT}" mem_limit: ${INV_MEM_LIMIT}
mem_reservation: "${INV_MEM_RESERVATION}" mem_reservation: ${INV_MEM_RESERVATION}
cpus: ${INV_CPU} # Limit to X% of the CPU
deploy: deploy:
replicas: 6 replicas: 4
volumes: volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw - /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro - ./config.yml:/etc/invidious/config.yml:ro
environment: environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml" INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
depends_on: depends_on:
- inv_sig_helper # - inv_sig_helper
- haproxy - haproxy
healthcheck: healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1 test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
@ -26,76 +30,78 @@ services:
retries: 2 retries: 2
# INVIDIOUS TOR # INVIDIOUS TOR
invidious-tor: # invidious-tor:
env_file: # env_file:
- .env # - .env
image: "git.nadeko.net/fijxu/invidious:${TAG}" # - ../.env
restart: unless-stopped # - ../.env-tor-i2p
mem_limit: "${INV_MEM_LIMIT}" # image: "git.nadeko.net/fijxu/invidious:${TAG}"
mem_reservation: "${INV_MEM_RESERVATION}" # restart: unless-stopped
deploy: # mem_limit: "${INV_MEM_LIMIT}"
replicas: 2 # mem_reservation: "${INV_MEM_RESERVATION}"
volumes: # volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw # - /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro # - ./config.yml:/etc/invidious/config.yml:ro
environment: # environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml" # INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_DOMAIN: "inv.nadekonw7plitnjuawu6ytjsl7jlglk2t6pyq6eftptmiv3dvqndwvyd.onion" # INVIDIOUS_DOMAIN: "inv.nadekonw7plitnjuawu6ytjsl7jlglk2t6pyq6eftptmiv3dvqndwvyd.onion"
INVIDIOUS_HTTPS_ONLY: false # INVIDIOUS_HTTPS_ONLY: false
INVIDIOUS_HSTS: false # INVIDIOUS_HSTS: false
depends_on: # depends_on:
- inv_sig_helper # # - inv_sig_helper
- haproxy # - haproxy
healthcheck: # healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1 # test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s # interval: 300s
timeout: 5s # timeout: 5s
retries: 2 # retries: 2
# INVIDIOUS I2P # INVIDIOUS I2P
invidious-i2p: # invidious-i2p:
env_file: # env_file:
- .env # - .env
image: "git.nadeko.net/fijxu/invidious:${TAG}" # - ../.env
restart: unless-stopped # - ../.env-tor-i2p
mem_limit: "${INV_MEM_LIMIT}" # image: "git.nadeko.net/fijxu/invidious:${TAG}"
mem_reservation: "${INV_MEM_RESERVATION}" # restart: unless-stopped
deploy: # mem_limit: "${INV_MEM_LIMIT}"
replicas: 2 # mem_reservation: "${INV_MEM_RESERVATION}"
volumes: # volumes:
- /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw # - /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
- ./config.yml:/etc/invidious/config.yml:ro # - ./config.yml:/etc/invidious/config.yml:ro
environment: # environment:
INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml" # INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
INVIDIOUS_DOMAIN: "inv.zzls.i2p" # INVIDIOUS_DOMAIN: "inv.zzls.i2p"
INVIDIOUS_HTTPS_ONLY: false # INVIDIOUS_HTTPS_ONLY: false
INVIDIOUS_HSTS: false # INVIDIOUS_HSTS: false
depends_on: # depends_on:
- inv_sig_helper # # - inv_sig_helper
- haproxy # - haproxy
healthcheck: # healthcheck:
test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1 # test: wget -nv --tries=1 --spider https://inv.nadeko.net/watch?v=mcYLzu_1cNc || exit 1
interval: 300s # interval: 300s
timeout: 5s # timeout: 5s
retries: 2 # retries: 2
#
# SIGNATURE HELPER # SIGNATURE HELPER
inv_sig_helper: # inv_sig_helper:
image: git.nadeko.net/fijxu/inv_sig_helper:latest # image: git.nadeko.net/fijxu/inv_sig_helper:latest
restart: unless-stopped # restart: unless-stopped
mem_limit: "512m" # mem_limit: "512m"
init: true # init: true
command: ["--tcp", "0.0.0.0:12999"] # command: ["--tcp", "0.0.0.0:12999"]
environment: # environment:
- RUST_LOG=info # - RUST_LOG=info
http3-proxy: # http3-proxy:
image: git.nadeko.net/fijxu/http3-proxy:latest # image: git.nadeko.net/fijxu/http3-ytproxy:latest
restart: unless-stopped # restart: unless-stopped
ports: # volumes:
- "127.0.0.1:10061:8080" # - /run/http3-proxy:/tmp:rw
environment: # ports:
DISABLE_WEBP: 1 # - "127.0.0.1:10061:8080"
# environment:
# DISABLE_WEBP: 1
# Without depends because haproxy is smart # Without depends because haproxy is smart
haproxy: haproxy:
@ -115,7 +121,17 @@ services:
# STATS # STATS
- "127.0.0.1:10065:8405" - "127.0.0.1:10065:8405"
volumes: volumes:
- ./haproxy:/usr/local/etc/haproxy - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg
ptgen:
image: git.nadeko.net/fijxu/youtube-po-token-generator:latest
cpus: 0.1
restart: unless-stopped
environment:
- HOST=valkey
- RENEW_INTERVAL=60
depends_on:
- haproxy
networks: networks:
default: default:

39
invidious/invidious/haproxy.cfg Normal file
View file

@ -0,0 +1,39 @@
global
# This because haproxy is dumb and likes to use the maxconnection from the kernel and that is super mega huge making haproxy oom
maxconn 8192
# 777 perms for all sockets
unix-bind mode 777
stats socket ipv4@0.0.0.0:8405 level admin
resolvers docker
# To be able to use multiple replicas of invidious
# using domains
nameserver dns1 127.0.0.11:53
defaults
mode http
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
# Use another server if one takes too long to reply
retries 2
option redispatch
timeout client 30s
timeout connect 30s
timeout server 120s
timeout queue 10s
http-reuse always
# Prometheus for graphs
frontend prometheus
bind *:8404
mode http
http-request use-service prometheus-exporter if { path /metrics }
no log
frontend invidious
bind *:8001
default_backend invidious
backend invidious
balance roundrobin
server-template invidious 8 invidious:3000 check resolvers docker init-addr libc,none

123
invidious/invidious/haproxy/haproxy.cfg
View file

@ -1,123 +0,0 @@
global
# This because haproxy is dumb and likes to use the maxconnection from the kernel and that is super mega huge making haproxy oom
maxconn 16384
# 777 perms for all sockets
unix-bind mode 777
stats socket ipv4@0.0.0.0:8405 level admin
resolvers docker
# To be able to use multiple replicas of invidious
# using domains
nameserver dns1 127.0.0.11:53
defaults
mode http
# https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
# Use another server if one takes too long to reply
retries 2
option redispatch
timeout client 30s
timeout connect 5s
timeout server 30s
timeout queue 10s
http-reuse always
# Prometheus for graphs
frontend prometheus
bind *:8404
mode http
http-request use-service prometheus-exporter if { path /metrics }
no log
frontend stats
mode http
bind *:8405
stats enable
stats uri /stats
stats refresh 1s
stats admin if TRUE
cache invidious-thumbnail-cache
# 96MB
total-max-size 96
# 32kB
max-object-size 32768
# 30min
max-age 1800
process-vary on
cache invidious-ggpht-cache
# 96MB
total-max-size 96
# 32kB
max-object-size 32768
# 30min
max-age 3600
process-vary on
cache invidious-sb-cache
# 128MB
total-max-size 128
# 128kB
max-object-size 131072
# 1h
max-age 86400
process-vary on
frontend invidious
http-request set-var(txn.ipath) path
bind *:8001
default_backend invidious
frontend invidious-tor
bind *:8002
default_backend invidious-tor
frontend invidious-i2p
bind *:8003
default_backend invidious-i2p
frontend http3-proxy
http-request set-var(txn.path) path
bind *:8004
default_backend http3-proxy
backend invidious
balance roundrobin
# Caches video storyboards
http-request cache-use invidious-sb-cache if { path_beg /sb/ }
http-response cache-store invidious-sb-cache
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
acl sb var(txn.ipath) -m beg /sb/
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } sb
http-response set-header X-Cache-Status MISS if { srv_id -m found } sb
server-template invidious 8 invidious:3000 check resolvers docker init-addr libc,none
backend invidious-tor
server-template invidious-tor 2 invidious-tor:3000 check resolvers docker init-addr libc,none
backend invidious-i2p
server-template invidious-i2p 2 invidious-i2p:3000 check resolvers docker init-addr libc,none
backend http3-proxy
# Caches video thumbnails, profile pictures and others
http-request cache-use invidious-thumbnail-cache if { path_beg /vi/ }
http-response cache-store invidious-thumbnail-cache
http-request cache-use invidious-ggpht-cache if { path_beg /ggpht/ }
http-response cache-store invidious-ggpht-cache
# https://discourse.haproxy.org/t/http-response-set-header-with-condition-not-working/3108
acl youtube_thumbnails var(txn.path) -m beg /vi/
acl youtube_ggpht var(txn.path) -m beg /ggpht/
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_thumbnails
http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_thumbnails
http-response set-header X-Cache-Status HIT if !{ srv_id -m found } youtube_ggpht
http-response set-header X-Cache-Status MISS if { srv_id -m found } youtube_ggpht
server http3-proxy-1 http3-proxy:8080 check resolvers docker init-addr libc,none
server http3-proxy-2 http3-proxy:8080 check resolvers docker init-addr libc,none

6
invidious/reload-config.sh Executable file
View file

@ -0,0 +1,6 @@
#!/bin/bash
docker compose --file /home/services/invidious/invidious/docker-compose.yml kill -s HUP invidious invidious-tor
docker compose --file /home/services/invidious/invidious-vpn/docker-compose.yml kill -s HUP invidious invidious-2 invidious-3 invidious-4 invidious-tor ptgen
docker compose --file /home/services/invidious/invidious-vpn-2/docker-compose.yml kill -s HUP invidious invidious-2 invidious-3 invidious-4 invidious-tor ptgen
docker compose --file /home/services/invidious/invidious-external/docker-compose.yml kill -s HUP invidious invidious-tor

6
invidious/restart-all-backends.sh Executable file
View file

@ -0,0 +1,6 @@
#!/bin/bash
docker compose --file /home/services/invidious/invidious/docker-compose.yml up -d --force-recreate invidious --remove-orphans
docker compose --file /home/services/invidious/invidious-vpn/docker-compose.yml up -d --force-recreate invidious invidious-2 invidious-3 invidious-4 ptgen --remove-orphans
docker compose --file /home/services/invidious/invidious-vpn-2/docker-compose.yml up -d --force-recreate invidious invidious-2 invidious-3 invidious-4 ptgen --remove-orphans
docker compose --file /home/services/invidious/invidious-external/docker-compose.yml up -d --force-recreate invidious --remove-orphans