changes

.github/workflows/apply-kubernetes.yml

@@ -0,0 +1,32 @@
+name: Apply Kuberentes Configs
+on: [push, workflow_dispatch]
+jobs:
+  update-repo:
+    runs-on: [home-server]
+    steps:
+      - name: checkout repo
+        working-directory: /home/github/infrastructure
+        run: |
+          if [ -d "infrastructure" ]; then
+            cd infrastructure
+              echo "Infrastructure folder exists. Resetting to the most recent commit."
+              git reset --hard HEAD
+              git pull https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }} $(git rev-parse --abbrev-ref HEAD)
+          else
+            git clone https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git
+          fi
+  update-infrastructure:
+    runs-on: [home-server]
+    needs: update-repo 
+    steps:
+      - name: update home server containers
+        env:
+          MY_GITHUB_TOKEN: ${{ secrets.MY_GITHUB_TOKEN }}
+          HOMEASSISTANT_TOKEN: ${{ secrets.HOMEASSISTANT_TOKEN }}
+          GRAFANA_PASSWORD: ${{ secrets.GRAFANA_PASSWORD }}
+          CLOUDFLARE_CONFIG: ${{ secrets.CLOUDFLARE_CONFIG }}
+          COPILOT_TOKEN: ${{ secrets.COPILOT_TOKEN }}
+        working-directory: /home/github/infrastructure/infrastructure
+        run: |
+          kubectl apply -f kuberentes/ingress
+          kubectl apply -f kuberentes/proxy-ingress

home-server/docker-compose.yml

@@ -183,33 +183,33 @@ services:
   #     - 0.0.0.0:9162:9162
   # docker run -it --rm  -p 9162:9162 --net=host sfudeus/apcupsd_exporter:master_1.19
 
-  reverse-proxy:
+  # reverse-proxy:
-    image: ghcr.io/linuxserver/swag
+  #   image: ghcr.io/linuxserver/swag
-    container_name: reverse-proxy
+  #   container_name: reverse-proxy
-    restart: unless-stopped
+  #   restart: unless-stopped
-    cap_add:
+  #   cap_add:
-      - NET_ADMIN
+  #     - NET_ADMIN
-    environment:
+  #   environment:
-      - PUID=1000
+  #     - PUID=1000
-      - PGID=1000
+  #     - PGID=1000
-      - TZ=America/Denver
+  #     - TZ=America/Denver
-      - URL=alexmickelson.guru
+  #     - URL=alexmickelson.guru
-      - SUBDOMAINS=wildcard
+  #     - SUBDOMAINS=wildcard
-      - VALIDATION=dns
+  #     - VALIDATION=dns
-      - DNSPLUGIN=cloudflare
+  #     - DNSPLUGIN=cloudflare
-    volumes:
+  #   volumes:
-      - ./nginx.conf:/config/nginx/site-confs/default.conf
+  #     - ./nginx.conf:/config/nginx/site-confs/default.conf
-      - /data/swag:/config
+  #     - /data/swag:/config
-      - /data/cloudflare/cloudflare.ini:/config/dns-conf/cloudflare.ini
+  #     - /data/cloudflare/cloudflare.ini:/config/dns-conf/cloudflare.ini
-    ports:
+  #   ports:
-      - 0.0.0.0:80:80
+  #     - 0.0.0.0:80:80
-      - 0.0.0.0:443:443
+  #     - 0.0.0.0:443:443
-      # - 0.0.0.0:7080:80
+  #     # - 0.0.0.0:7080:80
-      # - 0.0.0.0:7443:443
+  #     # - 0.0.0.0:7443:443
-    extra_hosts:
+  #   extra_hosts:
-      - host.docker.internal:host-gateway
+  #     - host.docker.internal:host-gateway
-    networks:
+  #   networks:
-      - proxy
+  #     - proxy
 
 
   audiobookshelf:
@@ -220,7 +220,6 @@ services:
     volumes:
       - /data/media/audiobooks:/audiobooks
       - /data/media/audiobooks-libation:/audiobooks-libation
-      # - </path/to/podcasts>:/podcasts
       - /data/audiobookshelf/config:/config
       - /data/audiobookshelf/metadata:/metadata
     networks:

kubernetes/jellyfin/deployment.yml

@@ -13,13 +13,18 @@ spec:
       labels:
         app: jellyfin
     spec:
+      hostNetwork: true
       containers:
         - name: jellyfin
           image: jellyfin/jellyfin
           securityContext:
             runAsUser: 1000
             runAsGroup: 1000
+            supplementalGroups:
+              - 303 # render group for GPU access
           volumeMounts:
+            - name: dri-device
+              mountPath: /dev/dri/renderD128
             - name: config-volume
               mountPath: /config
             - name: cache-volume
@@ -52,4 +57,8 @@ spec:
         - name: tvshows-volume
           hostPath:
             path: /data/jellyfin/tvshows
+        - name: dri-device
+          hostPath:
+            path: /dev/dri/renderD128
+            type: CharDevice
       restartPolicy: Always

kubernetes/jellyfin/ingress.yml

@@ -1,14 +1,14 @@
-apiVersion: networking.k8s.io/v1
+# apiVersion: networking.k8s.io/v1
-kind: Ingress
+# kind: Ingress
-metadata:
+# metadata:
-  name: jellyfin-ingress
+#   name: jellyfin-ingress
-  namespace: projects
+#   namespace: projects
-spec:
+# spec:
-  rules:
+#   rules:
-    - host: jellyfin.alexmickelson.guru
+#     - host: jellyfin.alexmickelson.guru
-      http:
+#       http:
-        paths:
+#         paths:
-          - path: /
+#           - path: /
-            backend:
+#             backend:
-              service: jellyfin
+#               service: jellyfin
-              port: 8096
+#               port: 8096

kubernetes/jellyfin/service.yml

@@ -10,4 +10,18 @@ spec:
     - protocol: TCP
       port: 8096
       targetPort: 8096
-  type: ClusterIP
+      nodePort: 30096
+  type: NodePort
+# apiVersion: v1
+# kind: Service
+# metadata:
+#   name: jellyfin
+#   namespace: projects
+# spec:
+#   selector:
+#     app: jellyfin
+#   ports:
+#     - protocol: TCP
+#       port: 8096
+#       targetPort: 8096
+#   type: ClusterIP

nix/home-manager/work.home.nix

@@ -53,7 +53,7 @@ in {
     opencodeFlake.packages.${system}.opencode
     bitwarden-desktop
     wiremix
-    moonlight-qt
+    (config.lib.nixGL.wrap moonlight-qt)
     # jan
     # texlivePackages.jetbrainsmono-otf
     # nerd-fonts.fira-code