---
invidious_repository: https://github.com/iv-org/invidious.git
invidious_folder: /srv/invidious
invidious_hostname: invidious.example.com
invidious_project_name: invidious
invidious_internal_port: 3000
#handle_ufw will allow access to individious_internal_port from everywhere, use it only if Invidious handles SSL or you don't want to use SSL (what?)
handle_ufw: false
handle_apache2_reverse_proxy: false
docker_compose_options:
version: "3"
services:
invidious:
image: quay.io/invidious/invidious:latest
# image: quay.io/invidious/invidious:latest-arm64 # ARM64/AArch64 devices
restart: unless-stopped
ports:
- "127.0.0.1:3300:3300"
environment:
# Please read the following file for a comprehensive list of all available
# configuration options and their associated syntax:
# https://github.com/iv-org/invidious/blob/master/config/config.example.yml
INVIDIOUS_CONFIG: |
db:
dbname: invidious
user: kemal
password: kemal
host: invidious-db
port: 5432
check_tables: true
external_port: 443
domain: {{ invidious_hostname }}
https_only: true
statistics_enabled: true
use_quic: true
admins: ["admin"]
banner: "Invidious"
default_user_preferences:
dark_mode: "dark"
local: true
quality_dash: auto
extend_desc: true
registration_enabled: true
login_enabled: true
captcha_enabled: true
port: 3300
hsts: true
log_level: All
channel_threads: 3
use_pubsub_feeds: true
healthcheck:
test: wget -nv --tries=1 --spider http://127.0.0.1:3300/api/v1/comments/jNQXAC9IVRw || exit 1
interval: 30s
timeout: 5s
retries: 2
depends_on:
- invidious-db
invidious-db:
image: docker.io/library/postgres:14
restart: unless-stopped
volumes:
- postgresdata:/var/lib/postgresql/data
- ./config/sql:/config/sql
- ./docker/init-invidious-db.sh:/docker-entrypoint-initdb.d/init-invidious-db.sh
environment:
POSTGRES_DB: invidious
POSTGRES_USER: kemal
POSTGRES_PASSWORD: kemal
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
volumes:
postgresdata:
invidious_vhosts:
- vhostname: "{{ invidious_hostname }}"
weight: 25
web_port: 80
ssl_port: 443
ssl: yes
docroot: "/var/www/{{ invidious_hostname }}"
serveradmin: "webmaster@{{ invidious_hostname }}"
server_aliases: []
root_options:
- '+FollowSymlinks'
- '+MultiViews'
root_custom_code: |
Dav off
aliases: []
directories: []
custom_code: |
Header always set Strict-Transport-Security "max-age=15552001; includeSubDomains"
SSLHonorCipherOrder on
SSLProxyEngine On
ProxyPreserveHost On
ProxyRequests off
SSLProxyCheckPeerCN on
SSLProxyCheckPeerExpire on
ProxyPass / http://127.0.0.1:{{ invidious_internal_port }}/ nocanon
ProxyPassReverse / http://127.0.0.1:{{ invidious_internal_port }}/
AllowEncodedSlashes on