From 9e4f78f3608bae4ac4a1157f1238cc1d2c53f1b4 Mon Sep 17 00:00:00 2001 From: Fijxu Date: Wed, 21 May 2025 16:36:10 -0400 Subject: [PATCH] chore: add development compose and configs --- docker-compose.yml | 134 ++++++++++++++++++++++++++++++--------------- docker/config.yml | 62 +++++++++++++++++++++ docker/haproxy.cfg | 59 ++++++++++++++++++++ docker/valkey.conf | 10 ++++ 4 files changed, 221 insertions(+), 44 deletions(-) create mode 100644 docker/config.yml create mode 100644 docker/haproxy.cfg create mode 100644 docker/valkey.conf diff --git a/docker-compose.yml b/docker-compose.yml index fa077f19..a05de35a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,56 +1,102 @@ -# Docker compose file for inv.nadeko.net +# DEVELOPMENT DOCKER COMPOSE FILE! DO NOT USE ON PRODUCTION! + +x-common-invidious-env: &common-invidious-env + INVIDIOUS_CONFIG_FILE: "/etc/invidious/config.yml" + +x-common: &common-invidious + image: "git.nadeko.net/fijxu/invidious:latest" + restart: always + deploy: + replicas: 4 + volumes: + - ./docker/config.yml:/etc/invidious/config.yml:ro + - valkey_socket:/tmp + +x-common-haproxy: &common-haproxy + hostname: haproxy + image: haproxy:lts-alpine + restart: always + volumes: + - ./docker/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg + +x-common-valkey: &common-valkey + image: valkey/valkey:7.2-alpine + hostname: valkey + restart: unless-stopped + volumes: + - ./docker/valkey.conf:/usr/local/etc/valkey/valkey.conf + - valkey_socket:/tmp + command: "valkey-server /usr/local/etc/valkey/valkey.conf" services: - valkey: - image: valkey/valkey:7.2-alpine - restart: unless-stopped - volumes: - - "./valkey:/data" - - invidious-refresher: - image: git.nadeko.net/fijxu/invidious:latest - restart: unless-stopped - volumes: - - ./config/config-refresher.yml:/etc/invidious/config.yml:ro - - ./logs:/var/log/invidious:rw - - /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw - environment: - INVIDIOUS_CONFIG_FILE: /etc/invidious/config.yml - depends_on: - - valkey - healthcheck: - test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1 - interval: 30s - timeout: 5s - retries: 2 - + # INVIDIOUS SECTION # invidious: - image: git.nadeko.net/fijxu/invidious:latest - restart: unless-stopped - deploy: - replicas: 8 - volumes: - - ./config/config.yml:/etc/invidious/config.yml:ro - - ./logs:/var/log/invidious:rw - - /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432:rw + <<: *common-invidious environment: - INVIDIOUS_CONFIG_FILE: /etc/invidious/config.yml + <<: *common-invidious-env + networks: + - invidious depends_on: - valkey - healthcheck: - test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/trending || exit 1 - interval: 30s - timeout: 5s - retries: 2 + - pgbouncer + - haproxy + # HAPROXY SECTION # + haproxy: + <<: *common-haproxy + ports: + # Port to expose invidious + - "127.0.0.1:11101:8001" + networks: + - invidious - invidious-nginx: - image: nginx:latest + valkey: + <<: *common-valkey + networks: + - invidious + + postgres: + image: docker.io/library/postgres:17 restart: unless-stopped volumes: - - ./nginx.conf:/etc/nginx/nginx.conf:ro - depends_on: + - /tmp/postgresdata:/var/lib/postgresql/data + - ./config/sql:/config/sql + - ./docker/init-invidious-db.sh:/docker-entrypoint-initdb.d/init-invidious-db.sh + environment: + POSTGRES_DB: invidious + POSTGRES_USER: kemal + POSTGRES_PASSWORD: kemal + healthcheck: + test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"] + networks: - invidious - ports: - - "127.0.0.1:10011:3000" + + # Pgbouncer to keep connections to the database open + pgbouncer: + image: edoburu/pgbouncer + restart: unless-stopped + environment: + - POOL_MODE=transaction + # Everything is being done locally + # https://www.pgbouncer.org/config.html + - AUTH_TYPE=scram-sha-256 + - DB_HOST=postgres + - DB_USER=kemal + - DB_PASSWORD=kemal + - DB_NAME=invidious + - VERBOSE=3 + - LISTEN_PORT=6432 + networks: + - invidious + depends_on: + postgres: + condition: service_healthy + +networks: + invidious: + name: invidious + +volumes: + valkey_socket: + postgresdata: diff --git a/docker/config.yml b/docker/config.yml new file mode 100644 index 00000000..c5620030 --- /dev/null +++ b/docker/config.yml @@ -0,0 +1,62 @@ +channel_threads: 0 +log_level: Info +colorize_logs: true +database_url: postgres://kemal:kemal@pgbouncer:6432/invidious +redis_url: tcp://valkey:6379 +https_only: true +domain: inv.nadeko.net +use_pubsub_feeds: false +popular_enabled: true +captcha_enabled: true +login_enabled: true +registration_enabled: true +statistics_enabled: true +external_port: 443 +cache_annotations: true +hsts: true +enable_user_notifications: true +modified_source_code_url: https://git.nadeko.net/Fijxu/invidious +force_resolve: ipv4 +pool_size: 100 +use_innertube_for_captions: true + +instance_maintainer_email: admin@nadeko.net +footer_instance_donate_link: "https://nadeko.net/donate" +footer_instance_section_custom_fields: + - ["Tor", "http://inv.nadekonw7plitnjuawu6ytjsl7jlglk2t6pyq6eftptmiv3dvqndwvyd.onion"] + - ["Backend information / InformaciĆ³n de la Instancia", "https://nadeko.net/invidious-instance-information/"] + - ["Service Status / Estado del servicio", "https://status.nadeko.net/status/invidious"] + - ["REPORT ISSUES HERE!", "https://git.nadeko.net/Fijxu/invidious/issues"] + - ["nadeko.net Matrix Room", "https://matrix.to/#/#nadeko.net:tchncs.de"] + +# inv.nadeko.net only options +pubsub_domain: https://inv.nadeko.net +max_dash_resolution: 1080 + +jobs: + refresh_channels: + enable: false + subscribe_to_feeds: + enable: false + +default_user_preferences: + region: CL + dark_mode: dark + autoplay: true + quality: dash + save_player_pos: true + extend_desc: true + #local: false + +server_id_cookie_name: "COMPANION_IDD" + +video_cache: + enabled: true + backend: 1 + +force_local: true +check_backends_interval: 3 +max_popular_results: 100 +disable_video_downloads: true + +hmac_key: "blahblahthisisnotarealkeyusedonproductionthisisjustfortesting123" \ No newline at end of file diff --git a/docker/haproxy.cfg b/docker/haproxy.cfg new file mode 100644 index 00000000..3eb738ff --- /dev/null +++ b/docker/haproxy.cfg @@ -0,0 +1,59 @@ +# Notes: +# Why I deleted `balance roundrobin`: +# +# https://www.haproxy.com/documentation/haproxy-configuration-manual/latest/#4-balance: +# The load balancing algorithm of a backend is set to roundrobin when no other +# algorithm, mode nor option have been set. The algorithm may only be set once +# for each backend. +# +# --- +# Why I removed `option http-keep-alive`: This is on by default + +# https://git.nadeko.net/Fijxu/docker-compose-configs/src/branch/master/invidious/invidious-all/haproxy.cfg + +global + # This because haproxy is dumb and likes to use the maxconnection (somaxconn) from the kernel and that is super mega huge making haproxy oom + maxconn 8192 + +resolvers docker + # To be able to use multiple replicas of invidious + # using domains + nameserver dns1 127.0.0.11:53 + +defaults + mode http + # https://www.haproxy.com/documentation/haproxy-configuration-tutorials/service-reliability/retries/ + # Use another server if one takes too long to reply + retries 4 + option redispatch + timeout client 60s + timeout connect 5s + # The default timeout of http request on invidious is 10 seconds. + # If this is less than 10 seconds, the reverse proxy may return + # "503 service unavailable", not letting invidious respond to + # the client. + timeout server 60s + timeout queue 30s + # https://www.haproxy.com/documentation/haproxy-configuration-manual/latest/#4.2-http-reuse + http-reuse safe + +# Prometheus for graphs +frontend prometheus + bind *:8404 + mode http + http-request use-service prometheus-exporter if { path /metrics } + no log + +frontend invidious + bind *:8001 + + # Use captcha only for /watch path + use_backend captcha if { path /watch } || { path /watch/ } || { path_beg /.well-known/.git.gammaspectra.live } + default_backend invidious + +backend captcha + server srv1 captcha:4000 check resolvers docker init-addr libc,none + +backend invidious + server-template srv 4 invidious:3000 check resolvers docker init-addr libc,none + diff --git a/docker/valkey.conf b/docker/valkey.conf new file mode 100644 index 00000000..dc168f1b --- /dev/null +++ b/docker/valkey.conf @@ -0,0 +1,10 @@ +unixsocket /tmp/valkey.sock +unixsocketperm 777 + +maxmemory 2048mb +maxmemory-policy volatile-lfu + +# Disable AOF +appendonly no +# Disable RDB +save ""