diff --git a/services/service_invidious/deploy-service.yml b/services/service_invidious/deploy-service.yml
index cf923e5..5b37062 100755
--- a/services/service_invidious/deploy-service.yml
+++ b/services/service_invidious/deploy-service.yml
@@ -20,6 +20,7 @@
         group: service_invidious
       loop:
         - docker-compose.yml 
+        - identity-gen.sh
 
     - name: Copy postgresql config and other database files
       ansible.builtin.template:
diff --git a/services/service_invidious/docker-compose.yml b/services/service_invidious/docker-compose.yml
index 6498312..f7269a9 100755
--- a/services/service_invidious/docker-compose.yml
+++ b/services/service_invidious/docker-compose.yml
@@ -48,6 +48,9 @@ services:
           host: 11.1.0.22
           port: 5432
         check_tables: true
+        signature_server: 11.1.0.23:12999
+        visitor_data: "{{ service_invidious_visitor_data }}"
+        po_token: "{{ service_invidious_po_token }}"
         external_port: 443
         domain: invidious.{{ domain_name }}
         https_only: true
@@ -70,6 +73,27 @@ services:
           cpus: '0.25'
           memory: 512M
 
+  invidious-signature-helper:
+    image: quay.io/invidious/inv-sig-helper:latest
+    init: true
+    command: ["--tcp", "0.0.0.0:12999"]
+    environment:
+      - RUST_LOG=info
+    restart: unless-stopped
+    cap_drop:
+      - ALL
+    read_only: true
+    security_opt:
+      - no-new-privileges:true
+    networks:
+      invidious:
+        ipv4_address: 11.1.0.23
+    deploy:
+      resources:
+        limits:
+          cpus: '0.10'
+          memory: 128M
+
   invidious-db:
     image: docker.io/library/postgres:16-alpine
     restart: unless-stopped
diff --git a/services/service_invidious/identity-gen.sh b/services/service_invidious/identity-gen.sh
new file mode 100755
index 0000000..d1ab2ff
--- /dev/null
+++ b/services/service_invidious/identity-gen.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+docker run quay.io/invidious/youtube-trusted-session-generator
diff --git a/services/service_invidious/servicesecrets.example b/services/service_invidious/servicesecrets.example
index 2ef68ff..11cbfc8 100755
--- a/services/service_invidious/servicesecrets.example
+++ b/services/service_invidious/servicesecrets.example
@@ -1,2 +1,4 @@
 # Example service secrets for invidious docker service, to be encrypted with ansible vault and called servicesecrets.enc
 service_invidious_postgres_password: ***
+service_invidious_visitor_data: ***
+service_invidious_po_token: ***