diff --git a/kubernetes/apps/media/kustomization.yaml b/kubernetes/apps/media/kustomization.yaml index 900688e..eca52ee 100644 --- a/kubernetes/apps/media/kustomization.yaml +++ b/kubernetes/apps/media/kustomization.yaml @@ -8,6 +8,6 @@ resources: #- ./booklore #- ./feishin #- ./immich - #- ./plex + - ./plex #- ./karakeep - ./navidrome diff --git a/kubernetes/apps/media/plex/app.ks.yaml b/kubernetes/apps/media/plex/app.ks.yaml new file mode 100644 index 0000000..8403ace --- /dev/null +++ b/kubernetes/apps/media/plex/app.ks.yaml @@ -0,0 +1,28 @@ +--- +# yaml-language-server: $schema=https://schemas.tholinka.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app plex + namespace: &namespace media +spec: + interval: 1h + components: + - ../../../../components/volsync + # - ../../../../components/keda/nfs-scaler + dependsOn: + # - name: keda + # namespace: observability + - name: storage-ready + namespace: flux-system + path: ./kubernetes/apps/media/plex/app + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 50Gi + prune: true + sourceRef: + kind: GitRepository + name: flux-system + namespace: flux-system + targetNamespace: *namespace diff --git a/kubernetes/apps/media/plex/app/helm-release.yaml b/kubernetes/apps/media/plex/app/helm-release.yaml new file mode 100644 index 0000000..ab6cf22 --- /dev/null +++ b/kubernetes/apps/media/plex/app/helm-release.yaml @@ -0,0 +1,121 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s-labs/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app plex +spec: + interval: 1h + chartRef: + kind: OCIRepository + name: app-template + driftDetection: + ignore: + - paths: [/spec/replicas] + values: + controllers: + *app : + annotations: + reloader.stakater.com/auto: "true" + containers: + app: + image: + repository: ghcr.io/home-operations/plex + tag: 1.43.0.10467@sha256:fa62165df48d04e9a418805951e903f831dec0e0601f4dc4245f9948d7fd719b + env: + PLEX_ADVERTISE_URL: https://plex.laurivan.com:443,http://plex.servers.internal:32400,http://plex.media.svc.cluster.local:32400 + probes: + liveness: &probes + enabled: true + custom: true + spec: + httpGet: + path: /identity + port: &port 32400 + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + readiness: *probes + startup: + enabled: true + spec: + failureThreshold: 30 + periodSeconds: 10 + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: { drop: [ALL] } + resources: + claims: + - name: gpu + requests: + cpu: 1 + memory: 2Gi + limits: + memory: 16Gi + defaultPodOptions: + securityContext: + runAsNonRoot: true + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + nodeSelector: + cpu: i5-9500T + resourceClaims: + - name: gpu + resourceClaimTemplateName: *app + service: + app: + type: LoadBalancer + ipFamilies: [IPv4] + ipFamilyPolicy: SingleStack + externalTrafficPolicy: Local + annotations: + lbipam.cilium.io/ips: 10.0.0.156 + ports: + http: + port: *port + route: + app: + # annotations: + # gatus.home-operations.com/endpoint: |- + # conditions: ["[STATUS] == 401"] + hostnames: + - "{{ .Release.Name }}.laurivan.com" + parentRefs: + - name: envoy-internal + namespace: network + rules: + - backendRefs: [{}] + filters: + - type: RequestHeaderModifier + requestHeaderModifier: + remove: [Range] + matches: + - path: + type: PathPrefix + value: /library/streams + - backendRefs: [{}] + persistence: + config: + existingClaim: "{{ .Release.Name }}" + config-cache: + existingClaim: "{{ .Release.Name }}-cache" + globalMounts: + - path: /config/Library/Application Support/Plex Media Server/Cache + tmpfs: + type: emptyDir + globalMounts: + - path: /config/Library/Application Support/Plex Media Server/Logs + subPath: logs + - path: /tmp + subPath: tmp + media: + type: nfs + server: 10.0.0.14 + path: /mnt/Main/shares/video + globalMounts: + - path: /video + readOnly: true diff --git a/kubernetes/apps/media/plex/app/kustomization.yaml b/kubernetes/apps/media/plex/app/kustomization.yaml new file mode 100644 index 0000000..3d71a4a --- /dev/null +++ b/kubernetes/apps/media/plex/app/kustomization.yaml @@ -0,0 +1,9 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./pvc.yaml + - ./helm-release.yaml + # Don't use this for now, we need a GPU + # - ./resourceclaimtemplate.yaml diff --git a/kubernetes/apps/media/plex/app/pvc.yaml b/kubernetes/apps/media/plex/app/pvc.yaml new file mode 100644 index 0000000..223c7f5 --- /dev/null +++ b/kubernetes/apps/media/plex/app/pvc.yaml @@ -0,0 +1,12 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/refs/heads/master/master/persistentvolumeclaim-v1.json +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: plex-cache +spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: 100Gi + storageClassName: ceph-block diff --git a/kubernetes/apps/media/plex/app/resourceclaimingtemplate.yaml b/kubernetes/apps/media/plex/app/resourceclaimingtemplate.yaml new file mode 100644 index 0000000..4d2fd1a --- /dev/null +++ b/kubernetes/apps/media/plex/app/resourceclaimingtemplate.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: resource.k8s.io/v1 +kind: ResourceClaimTemplate +metadata: + name: plex +spec: + spec: + devices: + requests: + - name: gpu + exactly: + deviceClassName: gpu.intel.com diff --git a/kubernetes/apps/media/plex/kustomization.yaml b/kubernetes/apps/media/plex/kustomization.yaml new file mode 100644 index 0000000..7aacfdb --- /dev/null +++ b/kubernetes/apps/media/plex/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ./app.ks.yaml