# Шаблон для /opt/invidious/docker-compose.yml на CT 107 # Секреты в .env (генерируется deploy-invidious-credentials.sh из Vaultwarden). # .env не коммитить. services: invidious: image: quay.io/invidious/invidious:latest restart: unless-stopped ports: - "3000:3000" env_file: .env environment: INVIDIOUS_CONFIG: | db: dbname: invidious user: ${POSTGRES_USER} password: ${POSTGRES_PASSWORD} host: invidious-db port: 5432 check_tables: true invidious_companion: - private_url: "http://companion:8282/companion" invidious_companion_key: "${INVIDIOUS_COMPANION_KEY}" external_port: 443 domain: "video.katykhin.ru" https_only: true use_pubsub_feeds: true use_innertube_for_captions: true hmac_key: "${HMAC_KEY}" default_user_preferences: default_home: Popular dark_mode: "light" player_style: "youtube" vr_mode: false automatic_instance_redirect: false healthcheck: test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/stats || exit 1 interval: 30s timeout: 5s retries: 2 logging: options: max-size: "1G" max-file: "4" depends_on: invidious-db: condition: service_healthy companion: image: quay.io/invidious/invidious-companion:latest env_file: .env environment: SERVER_SECRET_KEY: ${INVIDIOUS_COMPANION_KEY} restart: unless-stopped logging: options: max-size: "1G" max-file: "4" cap_drop: - ALL read_only: true volumes: - companioncache:/var/tmp/youtubei.js:rw security_opt: - no-new-privileges:true invidious-db: image: docker.io/library/postgres:14 restart: unless-stopped volumes: - postgresdata:/var/lib/postgresql/data - ./config/sql:/config/sql - ./docker/init-invidious-db.sh:/docker-entrypoint-initdb.d/init-invidious-db.sh env_file: .env environment: POSTGRES_DB: invidious POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} healthcheck: test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"] volumes: postgresdata: companioncache: