[New instance] https://anontube.lvkaszus.pl

[lvkaszus]

URL

https://anontube.lvkaszus.pl

Mandatory checks

• [X] Instance has a domain name
• [X] Instance is served over HTTPS
• [X] Statistics (/api/v1/stats) are enabled
• [X] Instance is properly configured (including the mandatory post install configuration)
• [X] Instance has an automatic hourly restart setup of Invidious
• [X] If dash, proxy + download is enabled (default settings), the instance has unlimited traffic/bandwidth or close to unlimited (100TB minimum)

Maintainer chart

• [X] Ensure that my instance is up to date (less than one month old)
• [X] Ensure a proper uptime of my instance (around 90%)

Host country

Germany

Man in the Middle

Source code URL

https://github.com/lvkaszus/invidious-anontube

Analytics

• [ ] They are GDPR/CCPA compliant
• [ ] This is stated in your Privacy Policy
• [x] You have provided the source code's URL in the dedicated field above

Additional information

I only modified default.css stylesheet file to make dark mode better for AMOLED displays.

[github-actions[bot]]

Hello! Your instance has been added to our monitoring system: https://stats.uptimerobot.com/89VnzSKAn/794713418 You need to wait 30 days before we add your instance, this is to evaluate that your instance will keep a good uptime for one month.

Make sure you double checked all the mandatory checks or this will slow down the process of adding your instance!

[lvkaszus]

@unixfox @SamantazFox

A small update from my side:

Since I wrote this post, now my Invidious instance is available at https://anontube.lvkaszus.pl and the address I gave in the request to add the instance to the list is a permanent redirect from https://anontube.lvkasz.us to https://anontube.lvkaszus.pl . I did this because looking at the other request to add an instance here: https://github.com/iv-org/documentation/issues/384 - it is forbidden to use Cloudflare, so I moved the instance to my other domain which does not use Cloudflare but pure OVH DNS and nothing in between i.e. no more Man-in-the-Middle. (also updated this request by removing Cloudflare text from Man-in-the-Middle!)

I apologize for any problems associated with changing the domain - although the previous .us domain is a redirect and this does not change the operation of my instance so I think it is not a problem.

Kind regards 😄 @lvkaszus

[unixfox]

Hello,

Could you please update the title of the issue with the new domain? Same in the first comment.

And it's not forbidden to use cloudflare, just not recommended.

[lvkaszus]

@unixfox Updated. I didn't updated uptimerobot.com uptime status page domain name because I can't, I think you must update it but it works correctly as it should so no problem

[unixfox]

Instance incorrectly configured: https://docs.invidious.io/installation/#post-install-configuration

[unixfox]

Please consider joining our Matrix room for public instance maintainers by joining our Matrix room: https://matrix.to/#/#invidious:matrix.org then pinging @\unixfox, @\TheFrenchGhosty and @\SamantazFox for asking to be invited to the Matrix room. We discuss troubles managing a public instance, sharing some advices and more.

[lvkaszus]

Instance incorrectly configured: https://docs.invidious.io/installation/#post-install-configuration

@unixfox There are my Post-install steps that are working for a few days:

hmac_key is set correctly I think, domain name is set correctly, and also the https_only is set to true.

external_port is set to 443 as described in Post-install configuration steps - but it is behind NGINX Reverse Proxy that serves traffic from internet to my instance on port 3000 not exposed outside but only locally on my server (forgot to change from 0.0.0.0 to 127.0.0.1 but I think it doesn't matter that much), so I didn't exactly know to type it there or just remove external_port line from my configuration file.

Also, the Logrotate config is working as it should, and my NGINX Vhost file looks like this:

server {
        listen 80;
        listen [::]:80;
        listen 443 ssl http2;
        listen [::]:443 ssl http2;

        server_name anontube.lvkaszus.pl;

        ssl_certificate /etc/letsencrypt/live/lvkaszus.pl/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/lvkaszus.pl/privkey.pem;

        # SSL/TLS Settings based on syslink.pl/cipherlist
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        ssl_ciphers "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305";
        ssl_ecdh_curve secp384r1;
        ssl_session_timeout  10m;
        ssl_session_cache shared:SSL:10m;
        ssl_session_tickets off;
        ssl_stapling on;
        ssl_stapling_verify on;

        server_tokens off;

        location / {
                proxy_pass http://127.0.0.1:3000;
                proxy_set_header X-Forwarded-For $remote_addr;
                proxy_set_header Host $host;
                proxy_http_version 1.1;
                proxy_set_header Connection "";
        }

        if ($https = '') { return 301 https://$host$request_uri; }
}

EDIT! I also forgot to mention, that I have automatic Invidious service restart after one hour configured and enabled successfully by using crontab and this config line:

*/60 * * * * systemctl restart invidious

[unixfox]

Hello @lvkaszus,

We have recently released two major tutorials for improving your public instance.

• Escaping the YouTube block (403 errors in playback): https://docs.invidious.io/ipv6-rotator/
• Improving the performance and the stability of your public instance: https://docs.invidious.io/improve-public-instance/

We highly recommend you to read our tutorials.

If you need help please either ask in the invidious room on matrix or here.