2022-12-27 16:07:19 +01:00
|
|
|
---
|
|
|
|
|
invidious_repository: https://github.com/iv-org/invidious.git
|
|
|
|
|
invidious_folder: /srv/invidious
|
2022-12-27 16:36:24 +01:00
|
|
|
invidious_hostname: invidious.example.com
|
2022-12-28 08:57:07 +01:00
|
|
|
invidious_project_name: invidious
|
2022-12-27 16:28:49 +01:00
|
|
|
invidious_internal_port: 3000
|
|
|
|
|
#handle_ufw will allow access to individious_internal_port from everywhere, use it only if Invidious handles SSL or you don't want to use SSL (what?)
|
|
|
|
|
handle_ufw: false
|
|
|
|
|
handle_apache2_reverse_proxy: false
|
2022-12-27 16:07:19 +01:00
|
|
|
docker_compose_options:
|
|
|
|
|
version: "3"
|
|
|
|
|
services:
|
|
|
|
|
invidious:
|
|
|
|
|
image: quay.io/invidious/invidious:latest
|
|
|
|
|
# image: quay.io/invidious/invidious:latest-arm64 # ARM64/AArch64 devices
|
|
|
|
|
restart: unless-stopped
|
|
|
|
|
ports:
|
|
|
|
|
- "127.0.0.1:3300:3300"
|
|
|
|
|
environment:
|
|
|
|
|
# Please read the following file for a comprehensive list of all available
|
|
|
|
|
# configuration options and their associated syntax:
|
|
|
|
|
# https://github.com/iv-org/invidious/blob/master/config/config.example.yml
|
|
|
|
|
INVIDIOUS_CONFIG: |
|
|
|
|
|
db:
|
|
|
|
|
dbname: invidious
|
|
|
|
|
user: kemal
|
|
|
|
|
password: kemal
|
|
|
|
|
host: invidious-db
|
|
|
|
|
port: 5432
|
|
|
|
|
check_tables: true
|
|
|
|
|
external_port: 443
|
2022-12-27 16:36:24 +01:00
|
|
|
domain: {{ invidious_hostname }}
|
2022-12-27 16:07:19 +01:00
|
|
|
https_only: true
|
|
|
|
|
statistics_enabled: true
|
|
|
|
|
use_quic: true
|
|
|
|
|
admins: ["admin"]
|
|
|
|
|
banner: "Invidious"
|
|
|
|
|
default_user_preferences:
|
|
|
|
|
dark_mode: "dark"
|
|
|
|
|
local: true
|
|
|
|
|
quality_dash: auto
|
|
|
|
|
extend_desc: true
|
|
|
|
|
registration_enabled: true
|
|
|
|
|
login_enabled: true
|
|
|
|
|
captcha_enabled: true
|
|
|
|
|
port: 3300
|
|
|
|
|
hsts: true
|
|
|
|
|
log_level: All
|
|
|
|
|
channel_threads: 3
|
|
|
|
|
use_pubsub_feeds: true
|
|
|
|
|
healthcheck:
|
|
|
|
|
test: wget -nv --tries=1 --spider http://127.0.0.1:3300/api/v1/comments/jNQXAC9IVRw || exit 1
|
|
|
|
|
interval: 30s
|
|
|
|
|
timeout: 5s
|
|
|
|
|
retries: 2
|
|
|
|
|
depends_on:
|
|
|
|
|
- invidious-db
|
|
|
|
|
|
|
|
|
|
invidious-db:
|
|
|
|
|
image: docker.io/library/postgres:14
|
|
|
|
|
restart: unless-stopped
|
|
|
|
|
volumes:
|
|
|
|
|
- postgresdata:/var/lib/postgresql/data
|
|
|
|
|
- ./config/sql:/config/sql
|
|
|
|
|
- ./docker/init-invidious-db.sh:/docker-entrypoint-initdb.d/init-invidious-db.sh
|
|
|
|
|
environment:
|
|
|
|
|
POSTGRES_DB: invidious
|
|
|
|
|
POSTGRES_USER: kemal
|
|
|
|
|
POSTGRES_PASSWORD: kemal
|
|
|
|
|
healthcheck:
|
|
|
|
|
test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
|
|
|
|
|
volumes:
|
|
|
|
|
postgresdata:
|
2022-12-27 16:36:24 +01:00
|
|
|
invidious_vhosts:
|
|
|
|
|
- vhostname: "{{ invidious_hostname }}"
|
|
|
|
|
weight: 25
|
|
|
|
|
web_port: 80
|
|
|
|
|
ssl_port: 443
|
|
|
|
|
ssl: yes
|
|
|
|
|
docroot: "/var/www/{{ invidious_hostname }}"
|
|
|
|
|
serveradmin: "webmaster@{{ invidious_hostname }}"
|
|
|
|
|
server_aliases: []
|
|
|
|
|
root_options:
|
|
|
|
|
- '+FollowSymlinks'
|
|
|
|
|
- '+MultiViews'
|
|
|
|
|
root_custom_code: |
|
|
|
|
|
<IfModule mod_dav.c>
|
|
|
|
|
Dav off
|
|
|
|
|
</IfModule>
|
|
|
|
|
aliases: []
|
|
|
|
|
directories: []
|
|
|
|
|
custom_code: |
|
|
|
|
|
<IfModule mod_headers.c>
|
|
|
|
|
Header always set Strict-Transport-Security "max-age=15552001; includeSubDomains"
|
|
|
|
|
</IfModule>
|
|
|
|
|
SSLHonorCipherOrder on
|
|
|
|
|
SSLProxyEngine On
|
|
|
|
|
ProxyPreserveHost On
|
|
|
|
|
ProxyRequests off
|
|
|
|
|
SSLProxyCheckPeerCN on
|
|
|
|
|
SSLProxyCheckPeerExpire on
|
|
|
|
|
ProxyPass / http://127.0.0.1:{{ invidious_internal_port }}/ nocanon
|
|
|
|
|
ProxyPassReverse / http://127.0.0.1:{{ invidious_internal_port }}/
|
|
|
|
|
AllowEncodedSlashes on
|
|
|
|
|
|
