changes

2026-01-02 13:57:00 -07:00
parent e0093b0e53
commit 094aa7efd2
6 changed files with 99 additions and 45 deletions
--- a/.github/workflows/apply-kubernetes.yml
+++ b/.github/workflows/apply-kubernetes.yml
@@ -0,0 +1,32 @@
+name: Apply Kuberentes Configs
+on: [push, workflow_dispatch]
+jobs:
+  update-repo:
+    runs-on: [home-server]
+    steps:
+      - name: checkout repo
+        working-directory: /home/github/infrastructure
+        run: |
+          if [ -d "infrastructure" ]; then
+            cd infrastructure
+              echo "Infrastructure folder exists. Resetting to the most recent commit."
+              git reset --hard HEAD
+              git pull https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }} $(git rev-parse --abbrev-ref HEAD)
+          else
+            git clone https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git
+          fi
+  update-infrastructure:
+    runs-on: [home-server]
+    needs: update-repo 
+    steps:
+      - name: update home server containers
+        env:
+          MY_GITHUB_TOKEN: ${{ secrets.MY_GITHUB_TOKEN }}
+          HOMEASSISTANT_TOKEN: ${{ secrets.HOMEASSISTANT_TOKEN }}
+          GRAFANA_PASSWORD: ${{ secrets.GRAFANA_PASSWORD }}
+          CLOUDFLARE_CONFIG: ${{ secrets.CLOUDFLARE_CONFIG }}
+          COPILOT_TOKEN: ${{ secrets.COPILOT_TOKEN }}
+        working-directory: /home/github/infrastructure/infrastructure
+        run: |
+          kubectl apply -f kuberentes/ingress
+          kubectl apply -f kuberentes/proxy-ingress
--- a/home-server/docker-compose.yml
+++ b/home-server/docker-compose.yml
@@ -183,33 +183,33 @@ services:
  #     - 0.0.0.0:9162:9162
  # docker run -it --rm  -p 9162:9162 --net=host sfudeus/apcupsd_exporter:master_1.19

-  reverse-proxy:
-    image: ghcr.io/linuxserver/swag
-    container_name: reverse-proxy
-    restart: unless-stopped
-    cap_add:
-      - NET_ADMIN
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - TZ=America/Denver
-      - URL=alexmickelson.guru
-      - SUBDOMAINS=wildcard
-      - VALIDATION=dns
-      - DNSPLUGIN=cloudflare
-    volumes:
-      - ./nginx.conf:/config/nginx/site-confs/default.conf
-      - /data/swag:/config
-      - /data/cloudflare/cloudflare.ini:/config/dns-conf/cloudflare.ini
-    ports:
-      - 0.0.0.0:80:80
-      - 0.0.0.0:443:443
-      # - 0.0.0.0:7080:80
-      # - 0.0.0.0:7443:443
-    extra_hosts:
-      - host.docker.internal:host-gateway
-    networks:
-      - proxy
+  # reverse-proxy:
+  #   image: ghcr.io/linuxserver/swag
+  #   container_name: reverse-proxy
+  #   restart: unless-stopped
+  #   cap_add:
+  #     - NET_ADMIN
+  #   environment:
+  #     - PUID=1000
+  #     - PGID=1000
+  #     - TZ=America/Denver
+  #     - URL=alexmickelson.guru
+  #     - SUBDOMAINS=wildcard
+  #     - VALIDATION=dns
+  #     - DNSPLUGIN=cloudflare
+  #   volumes:
+  #     - ./nginx.conf:/config/nginx/site-confs/default.conf
+  #     - /data/swag:/config
+  #     - /data/cloudflare/cloudflare.ini:/config/dns-conf/cloudflare.ini
+  #   ports:
+  #     - 0.0.0.0:80:80
+  #     - 0.0.0.0:443:443
+  #     # - 0.0.0.0:7080:80
+  #     # - 0.0.0.0:7443:443
+  #   extra_hosts:
+  #     - host.docker.internal:host-gateway
+  #   networks:
+  #     - proxy


  audiobookshelf:
@@ -220,7 +220,6 @@ services:
    volumes:
      - /data/media/audiobooks:/audiobooks
      - /data/media/audiobooks-libation:/audiobooks-libation
-      # - </path/to/podcasts>:/podcasts
      - /data/audiobookshelf/config:/config
      - /data/audiobookshelf/metadata:/metadata
    networks:
--- a/kubernetes/jellyfin/deployment.yml
+++ b/kubernetes/jellyfin/deployment.yml
@@ -13,13 +13,18 @@ spec:
      labels:
        app: jellyfin
    spec:
+      hostNetwork: true
      containers:
        - name: jellyfin
          image: jellyfin/jellyfin
          securityContext:
            runAsUser: 1000
            runAsGroup: 1000
+            supplementalGroups:
+              - 303 # render group for GPU access
          volumeMounts:
+            - name: dri-device
+              mountPath: /dev/dri/renderD128
            - name: config-volume
              mountPath: /config
            - name: cache-volume
@@ -52,4 +57,8 @@ spec:
        - name: tvshows-volume
          hostPath:
            path: /data/jellyfin/tvshows
-      restartPolicy: Always
+        - name: dri-device
+          hostPath:
+            path: /dev/dri/renderD128
+            type: CharDevice
+      restartPolicy: Always
--- a/kubernetes/jellyfin/ingress.yml
+++ b/kubernetes/jellyfin/ingress.yml
@@ -1,14 +1,14 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: jellyfin-ingress
-  namespace: projects
-spec:
-  rules:
-    - host: jellyfin.alexmickelson.guru
-      http:
-        paths:
-          - path: /
-            backend:
-              service: jellyfin
-              port: 8096
+# apiVersion: networking.k8s.io/v1
+# kind: Ingress
+# metadata:
+#   name: jellyfin-ingress
+#   namespace: projects
+# spec:
+#   rules:
+#     - host: jellyfin.alexmickelson.guru
+#       http:
+#         paths:
+#           - path: /
+#             backend:
+#               service: jellyfin
+#               port: 8096
--- a/kubernetes/jellyfin/service.yml
+++ b/kubernetes/jellyfin/service.yml
@@ -10,4 +10,18 @@ spec:
    - protocol: TCP
      port: 8096
      targetPort: 8096
-  type: ClusterIP
+      nodePort: 30096
+  type: NodePort
+# apiVersion: v1
+# kind: Service
+# metadata:
+#   name: jellyfin
+#   namespace: projects
+# spec:
+#   selector:
+#     app: jellyfin
+#   ports:
+#     - protocol: TCP
+#       port: 8096
+#       targetPort: 8096
+#   type: ClusterIP
--- a/nix/home-manager/work.home.nix
+++ b/nix/home-manager/work.home.nix
@@ -53,7 +53,7 @@ in {
    opencodeFlake.packages.${system}.opencode
    bitwarden-desktop
    wiremix
-    moonlight-qt
+    (config.lib.nixGL.wrap moonlight-qt)
    # jan
    # texlivePackages.jetbrainsmono-otf
    # nerd-fonts.fira-code