chore: add development compose and configs

docker-compose.yml

@@ -1,56 +1,102 @@
-# Docker compose file for inv.nadeko.net
+# DEVELOPMENT DOCKER COMPOSE FILE! DO NOT USE ON PRODUCTION!
+
+x-common-invidious-env: &common-invidious-env
+    INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml"
+
+x-common: &common-invidious
+  image: "git.nadeko.net/fijxu/invidious:latest"
+  restart: always
+  deploy:
+    replicas: 4
+  volumes:
+    - ./docker/config.yml:/etc/invidious/config.yml:ro
+    - valkey_socket:/tmp
+
+x-common-haproxy: &common-haproxy
+  hostname: haproxy
+  image: haproxy:lts-alpine
+  restart: always
+  volumes:
+    - ./docker/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg
+
+x-common-valkey: &common-valkey
+    image: valkey/valkey:7.2-alpine
+    hostname: valkey
+    restart: unless-stopped
+    volumes:
+      - ./docker/valkey.conf:/usr/local/etc/valkey/valkey.conf
+      - valkey_socket:/tmp
+    command: "valkey-server /usr/local/etc/valkey/valkey.conf"
 
 services:
-  valkey:
-    image: valkey/valkey:7.2-alpine
-    restart: unless-stopped
-    volumes:
-      - "./valkey:/data"
-
-  invidious-refresher:
-    image: git.nadeko.net/fijxu/invidious:latest
-    restart: unless-stopped
-    volumes:
-      - ./config/config-refresher.yml:/etc/invidious/config.yml:ro
-      - ./logs:/var/log/invidious:rw
-      - /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
-    environment:
-      INVIDIOUS_CONFIG_FILE: /etc/invidious/config.yml
-    depends_on:
-      - valkey
-    healthcheck:
-      test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1
-      interval: 30s
-      timeout: 5s
-      retries: 2
-
 
+  # INVIDIOUS SECTION #
   invidious:
-    image: git.nadeko.net/fijxu/invidious:latest
-    restart: unless-stopped
-    deploy:
-      replicas: 8
-    volumes:
-      - ./config/config.yml:/etc/invidious/config.yml:ro
-      - ./logs:/var/log/invidious:rw
-      - /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw
+    <<: *common-invidious
     environment:
-      INVIDIOUS_CONFIG_FILE: /etc/invidious/config.yml
+      <<: *common-invidious-env
+    networks:
+      - invidious
     depends_on:
       - valkey
-    healthcheck:
-      test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1
-      interval: 30s
-      timeout: 5s
-      retries: 2
+      - pgbouncer
+      - haproxy
 
+  # HAPROXY SECTION #
+  haproxy:
+    <<: *common-haproxy
+    ports:
+      # Port to expose invidious
+      - "127.0.0.1:11101:8001"
+    networks:
+      - invidious
 
-  invidious-nginx:
-    image: nginx:latest
+  valkey:
+    <<: *common-valkey
+    networks:
+      - invidious
+
+  postgres:
+    image: docker.io/library/postgres:17
     restart: unless-stopped
     volumes:
-      - ./nginx.conf:/etc/nginx/nginx.conf:ro
-    depends_on:
+      - /tmp/postgresdata:/var/lib/postgresql/data
+      - ./config/sql:/config/sql
+      - ./docker/init-invidious-db.sh:/docker-entrypoint-initdb.d/init-invidious-db.sh
+    environment:
+      POSTGRES_DB: invidious
+      POSTGRES_USER: kemal
+      POSTGRES_PASSWORD: kemal
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
+    networks:
       - invidious
-    ports:
-      - "127.0.0.1:10011:3000"
+
+  # Pgbouncer to keep connections to the database open
+  pgbouncer:
+    image: edoburu/pgbouncer
+    restart: unless-stopped
+    environment:
+      - POOL_MODE=transaction
+      # Everything is being done locally
+      # https://www.pgbouncer.org/config.html
+      - AUTH_TYPE=scram-sha-256
+      - DB_HOST=postgres
+      - DB_USER=kemal
+      - DB_PASSWORD=kemal
+      - DB_NAME=invidious
+      - VERBOSE=3
+      - LISTEN_PORT=6432
+    networks:
+      - invidious
+    depends_on:
+      postgres:
+        condition: service_healthy
+
+networks:
+  invidious:
+    name: invidious
+
+volumes:
+  valkey_socket:
+  postgresdata:

docker/config.yml

@@ -0,0 +1,62 @@
+channel_threads: 0
+log_level: Info
+colorize_logs: true
+database_url: postgres://kemal:kemal@pgbouncer:6432/invidious
+redis_url: tcp://valkey:6379
+https_only: true
+domain: inv.nadeko.net
+use_pubsub_feeds: false
+popular_enabled: true
+captcha_enabled: true
+login_enabled: true
+registration_enabled: true
+statistics_enabled: true
+external_port: 443
+cache_annotations: true
+hsts: true
+enable_user_notifications: true
+modified_source_code_url: https://git.nadeko.net/Fijxu/invidious
+force_resolve: ipv4
+pool_size: 100
+use_innertube_for_captions: true
+
+instance_maintainer_email: admin@nadeko.net
+footer_instance_donate_link: "https://nadeko.net/donate"
+footer_instance_section_custom_fields:
+  - ["Tor", "http://inv.nadekonw7plitnjuawu6ytjsl7jlglk2t6pyq6eftptmiv3dvqndwvyd.onion"]
+  - ["Backend information / Información de la Instancia", "https://nadeko.net/invidious-instance-information/"]
+  - ["Service Status / Estado del servicio", "https://status.nadeko.net/status/invidious"]
+  - ["REPORT ISSUES HERE!", "https://git.nadeko.net/Fijxu/invidious/issues"]
+  - ["nadeko.net Matrix Room", "https://matrix.to/#/#nadeko.net:tchncs.de"]
+
+# inv.nadeko.net only options
+pubsub_domain: https://inv.nadeko.net
+max_dash_resolution: 1080
+
+jobs:
+  refresh_channels:
+    enable: false
+  subscribe_to_feeds:
+    enable: false
+
+default_user_preferences:
+  region: CL
+  dark_mode: dark
+  autoplay: true
+  quality: dash
+  save_player_pos: true
+  extend_desc: true
+  #local: false
+
+server_id_cookie_name: "COMPANION_IDD"
+
+video_cache:
+  enabled: true
+  backend: 1
+
+force_local: true
+check_backends_interval: 3
+max_popular_results: 100
+disable_video_downloads: true
+
+hmac_key: "blahblahthisisnotarealkeyusedonproductionthisisjustfortesting123"

docker/haproxy.cfg

@@ -0,0 +1,59 @@
+# Notes:
+# Why I deleted `balance roundrobin`:
+#
+# https://www.haproxy.com/documentation/haproxy-configuration-manual/latest/#4-balance:
+# The load balancing algorithm of a backend is set to roundrobin when no other
+# algorithm, mode nor option have been set. The algorithm may only be set once
+# for each backend.
+#
+# ---
+# Why I removed `option http-keep-alive`: This is on by default
+
+# https://git.nadeko.net/Fijxu/docker-compose-configs/src/branch/master/invidious/invidious-all/haproxy.cfg
+
+global
+    # This because haproxy is dumb and likes to use the maxconnection (somaxconn) from the kernel and that is super mega huge making haproxy oom
+    maxconn 8192
+
+resolvers docker
+    # To be able to use multiple replicas of invidious
+    # using domains
+    nameserver dns1 127.0.0.11:53
+
+defaults
+  mode http
+  # https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/
+  # Use another server if one takes too long to reply
+  retries 4
+  option redispatch
+  timeout client 60s
+  timeout connect 5s
+  # The default timeout of http request on invidious is 10 seconds.
+  # If this is less than 10 seconds, the reverse proxy may return
+  # "503 service unavailable", not letting invidious respond to 
+  # the client.
+  timeout server 60s
+  timeout queue 30s
+  # https://www.haproxy.com/documentation/haproxy-configuration-manual/latest/#4.2-http-reuse
+  http-reuse safe
+
+# Prometheus for graphs
+frontend prometheus
+    bind *:8404
+    mode http
+    http-request use-service prometheus-exporter if { path /metrics }
+    no log
+
+frontend invidious
+    bind *:8001
+	
+	# Use captcha only for /watch path
+    use_backend captcha if { path /watch } || { path /watch/ } || { path_beg /.well-known/.git.gammaspectra.live }
+    default_backend invidious
+
+backend captcha
+    server srv1 captcha:4000 check resolvers docker init-addr libc,none
+
+backend invidious
+    server-template srv 4 invidious:3000 check resolvers docker init-addr libc,none
+

docker/valkey.conf

@@ -0,0 +1,10 @@
+unixsocket /tmp/valkey.sock
+unixsocketperm 777
+
+maxmemory 2048mb
+maxmemory-policy volatile-lfu
+
+# Disable AOF
+appendonly no
+# Disable RDB
+save ""