Host cobalt With YouTube Support
Posted on 10/31/2025 - hyperdefinedThis post shows how to self host cobalt with YouTube (and others) working. This guide makes your cobalt API requests routed through Cloudflare, which has much better IP reputation to prevent blocks.
Thank you to this guide by ndzn for showing how to add the Clouldflare warp stuff.
1. Setup wcgf
Head over to https://github.com/ViRb3/wgcf/releases/latest and download one from the asset list based on your system.
You probably want the wgcf_2.2.29_linux_amd64 one. Save this to your server like so:
# Replace version with the latest
wget https://github.com/ViRb3/wgcf/releases/download/v2.2.29/wgcf_2.2.29_linux_amd64If you are using a different architecture, find the one on the list and right click -> copy link and use that instead.
After you have it on your server, run the two commands below:
chmod +x ./wgcf_2.2.29_linux_amd64
./wgcf_2.2.29_linux_amd64 register
./wgcf registerThis will generate two files in the same directory: wgcf-account.toml and wgcf-profile.conf. Keep these files.
2. Setup Containers
We need to make change to your compose file that runs cobalt. We are going to add a new service to it, gluetun.
gluetun_cobalt_api:
image: qmcgaw/gluetun
container_name: gluetun_cobalt_api
environment:
- VPN_SERVICE_PROVIDER=custom
- VPN_TYPE=wireguard
- WIREGUARD_ENDPOINT_IP=162.159.192.1
- WIREGUARD_ENDPOINT_PORT=2408
- WIREGUARD_PUBLIC_KEY=add_public_key
- WIREGUARD_PRIVATE_KEY=add_private_key
- WIREGUARD_ADDRESSES=172.16.0.2/32
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- 9000:9000If you change your cobalt ports, change the port allocation on gluetun to match the ports you used for cobalt.
In the 2 environment variables, WIREGUARD_PUBLIC_KEY and WIREGUARD_PRIVATE_KEY, you need to change these to the ones you generated from step 1. You can find them in the wgcf-profile.conf file. Find the two fields in the file PrivateKey and PublicKey. Set the two environment variables to them.
Change your image from ghcr.io/imputnet/cobalt:11 to either git.canine.tools/canine.tools/cobalt:api or ghcr.io/zimpatrick/cobalt:staging. These two images are forks that made changes to allow YouTube (and others) work.
Next, remove the ports section completely from cobalt. Add this to it as well:
network_mode: service:gluetun_cobalt_apiThis tells Docker to use our gluetun container as the network. Since it uses the gluetun container, we have to move the port allocation to gluetun.
Lastly, we need to add this one environment variable to cobalt: CUSTOM_INNERTUBE_CLIENT=WEB_EMBEDDED.
Final Compose
Here is an example of a final compose.yml. Adjust it as needed.
services:
cobalt_api:
image: git.canine.tools/canine.tools/cobalt:api
restart: unless-stopped
container_name: cobalt_api
environment:
# adjust as needed
API_URL='https://api.url.example/'
CUSTOM_INNERTUBE_CLIENT=WEB_EMBEDDED # make sure this is here
network_mode: service:gluetun_cobalt_api
volumes:
# adjust as needed
- ./cookies.json:/cookies.json
- ./keys.json:/keys.json:ro
healthcheck: # you can remove this
test: wget -nv --tries=1 --spider http://127.0.0.1:9000 || exit 1
interval: 30s
timeout: 5s
retries: 2
gluetun_cobalt_api:
image: qmcgaw/gluetun
container_name: gluetun_cobalt_api
environment:
- VPN_SERVICE_PROVIDER=custom
- VPN_TYPE=wireguard
- WIREGUARD_ENDPOINT_IP=162.159.192.1
- WIREGUARD_ENDPOINT_PORT=2408
- WIREGUARD_PUBLIC_KEY=add_public_key
- WIREGUARD_PRIVATE_KEY=add_private_key
- WIREGUARD_ADDRESSES=172.16.0.2/32
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- 9000:9000 # adjust these as needed, this is the port to access cobaltTo protect your instance, change the port allocation to
127.0.0.1:9000:9000. This binds your instance to your network locally. If you want to access it remotely, setup a reverse proxy.Otherwise, your instance is public via the IP directly.