alex/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

jellyfin

Browse Source
This commit is contained in:
Alex Mickelson
2026-02-15 18:20:55 -07:00
parent 76708b98da
commit 46b710252e
9 changed files with 172 additions and 464 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
kubernetes/jellyfin/deployment.yml
View File

@@ -1,8 +1,13 @@
apiVersion: v1
kind: Namespace
metadata:
name: jellyfin
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: jellyfin
namespace: projects
namespace: jellyfin
spec:
replicas: 1
selector:
@@ -14,14 +19,16 @@ spec:
app: jellyfin
spec:
hostNetwork: true
securityContext:
fsGroup: 1000
supplementalGroups:
- 303 # render group for GPU access
containers:
- name: jellyfin
image: jellyfin/jellyfin
securityContext:
runAsUser: 1000
runAsGroup: 1000
supplementalGroups:
- 303 # render group for GPU access
volumeMounts:
- name: dri-device
mountPath: /dev/dri/renderD128
@@ -35,6 +42,9 @@ spec:
mountPath: /movies
- name: tvshows-volume
mountPath: /tvshows
- name: home-videos-volume
mountPath: /home-videos
readOnly: true
ports:
- containerPort: 8096
name: jellyfin
@@ -50,15 +60,58 @@ spec:
path: /data/jellyfin/cache
- name: music-volume
hostPath:
path: /data/jellyfin/music
path: /data/media/music/tagged
- name: movies-volume
hostPath:
path: /data/jellyfin/movies
path: /data/media/movies
- name: tvshows-volume
hostPath:
path: /data/jellyfin/tvshows
path: /data/media/tvshows
- name: home-videos-volume
hostPath:
path: /data/nextcloud/html/data/alex/files/Documents/home-video
- name: dri-device
hostPath:
path: /dev/dri/renderD128
type: CharDevice
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
name: jellyfin
namespace: jellyfin
spec:
selector:
app: jellyfin
ports:
- name: http
protocol: TCP
port: 8096
targetPort: 8096
type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jellyfin
namespace: jellyfin
annotations:
cert-manager.io/cluster-issuer: cloudflare-issuer
spec:
ingressClassName: nginx
tls:
- hosts:
- jellyfin.alexmickelson.guru
secretName: jellyfin-tls
rules:
- host: jellyfin.alexmickelson.guru
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jellyfin
port:
number: 8096

14
kubernetes/jellyfin/ingress.yml
View File

@@ -1,14 +0,0 @@
# apiVersion: networking.k8s.io/v1
# kind: Ingress
# metadata:
# name: jellyfin-ingress
# namespace: projects
# spec:
# rules:
# - host: jellyfin.alexmickelson.guru
# http:
# paths:
# - path: /
# backend:
# service: jellyfin
# port: 8096

27
kubernetes/jellyfin/service.yml
View File

@@ -1,27 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: jellyfin
namespace: projects
spec:
selector:
app: jellyfin
ports:
- protocol: TCP
port: 8096
targetPort: 8096
nodePort: 30096
type: NodePort
# apiVersion: v1
# kind: Service
# metadata:
# name: jellyfin
# namespace: projects
# spec:
# selector:
# app: jellyfin
# ports:
# - protocol: TCP
# port: 8096
# targetPort: 8096
# type: ClusterIP

184
kubernetes/minecraft/minecraft-dep.yml
View File

@@ -1,96 +1,100 @@
apiVersion: v1
kind: Namespace
metadata:
name: minecraft
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: minecraft
namespace: minecraft
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: minecraft
template:
metadata:
labels:
app: minecraft
spec:
containers:
- name: tailscale
image: tailscale/tailscale:latest
env:
- name: TS_STATE_DIR
value: "/var/lib/tailscale"
- name: TS_KUBE_SECRET
value: ""
- name: TS_AUTHKEY
value: "tskey-auth-REPLACE_ME"
- name: TS_HOSTNAME
value: "minecraft"
volumeMounts:
- name: tailscale-data
mountPath: /var/lib/tailscale
- name: dev-tun
mountPath: /dev/net/tun
securityContext:
capabilities:
add:
- NET_ADMIN
- SYS_MODULE
- name: minecraft
image: itzg/minecraft-server:java21
stdin: true
tty: true
env:
- name: EULA
value: "true"
- name: MEMORY
value: "6G"
- name: CF_OVERRIDES_EXCLUSIONS
value: |
# Not applicable for server side
shaderpacks/**
volumeMounts:
- name: minecraft-data
mountPath: /data
- name: modpacks
mountPath: /modpacks
readOnly: true
resources:
requests:
memory: "6Gi"
limits:
memory: "8Gi"
volumes:
- name: minecraft-data
hostPath:
path: /data/minecraft/data
type: DirectoryOrCreate
- name: modpacks
hostPath:
path: /data/minecraft/modpacks
type: DirectoryOrCreate
- name: tailscale-data
hostPath:
path: /data/minecraft/tailscale
type: DirectoryOrCreate
- name: dev-tun
hostPath:
path: /dev/net/tun
type: CharDevice
---
# apiVersion: v1
# kind: Namespace
# metadata:
# name: minecraft
# ---
# apiVersion: apps/v1
# kind: Deployment
# kind: Service
# metadata:
# name: minecraft
# namespace: minecraft
# spec:
# replicas: 1
# selector:
# matchLabels:
# app: minecraft
# template:
# metadata:
# labels:
# app: minecraft
# spec:
# containers:
# - name: tailscale
# image: tailscale/tailscale:latest
# env:
# - name: TS_STATE_DIR
# value: "/var/lib/tailscale"
# - name: TS_AUTHKEY
# value: "tskey-auth-REPLACE_ME"
# - name: TS_HOSTNAME
# value: "minecraft"
# volumeMounts:
# - name: tailscale-data
# mountPath: /var/lib/tailscale
# - name: dev-tun
# mountPath: /dev/net/tun
# securityContext:
# capabilities:
# add:
# - NET_ADMIN
# - SYS_MODULE
# - name: minecraft
# image: itzg/minecraft-server:java21
# stdin: true
# tty: true
# env:
# - name: EULA
# value: "true"
# - name: MEMORY
# value: "6G"
# - name: CF_OVERRIDES_EXCLUSIONS
# value: |
# # Not applicable for server side
# shaderpacks/**
# volumeMounts:
# - name: minecraft-data
# mountPath: /data
# - name: modpacks
# mountPath: /modpacks
# readOnly: true
# resources:
# requests:
# memory: "6Gi"
# limits:
# memory: "8Gi"
# volumes:
# - name: minecraft-data
# hostPath:
# path: /data/minecraft/data
# type: DirectoryOrCreate
# - name: modpacks
# hostPath:
# path: /data/minecraft/modpacks
# type: DirectoryOrCreate
# - name: tailscale-data
# hostPath:
# path: /data/minecraft/tailscale-data
# type: DirectoryOrCreate
# - name: dev-tun
# hostPath:
# path: /dev/net/tun
# type: CharDevice
# ---
# # apiVersion: v1
# # kind: Service
# # metadata:
# # name: minecraft
# # namespace: minecraft
# # spec:
# # selector:
# # app: minecraft
# # ports:
# # - name: minecraft
# # protocol: TCP
# # port: 25565
# # targetPort: 25565
# # type: ClusterIP
# app: minecraft
# ports:
# - name: minecraft
# protocol: TCP
# port: 25565
# targetPort: 25565
# type: ClusterIP

53
kubernetes/proxy-ingress/audiobook-proxy-ingress.yml
View File

@@ -1,53 +0,0 @@
# apiVersion: networking.k8s.io/v1
# kind: Ingress
# metadata:
# name: audiobookshelf-ingress
# namespace: projects
# annotations:
# cert-manager.io/cluster-issuer: cloudflare-issuer
# spec:
# ingressClassName: nginx
# tls:
# - hosts:
# - audiobook.alexmickelson.guru
# secretName: audiobookshelf-tls-cert
# rules:
# - host: audiobook.alexmickelson.guru
# http:
# paths:
# - path: /
# pathType: Prefix
# backend:
# service:
# name: audiobookshelf
# port:
# number: 13378
# ---
# apiVersion: v1
# kind: Service
# metadata:
# name: audiobookshelf
# namespace: projects
# spec:
# ports:
# - port: 13378
# targetPort: 13378
# protocol: TCP
# ---
# apiVersion: discovery.k8s.io/v1
# kind: EndpointSlice
# metadata:
# name: audiobookshelf
# namespace: projects
# labels:
# kubernetes.io/service-name: audiobookshelf
# addressType: IPv4
# ports:
# - name: http
# port: 13378
# protocol: TCP
# endpoints:
# - addresses:
# - 100.122.128.107
# conditions:
# ready: true

53
kubernetes/proxy-ingress/copilot-proxy-ingress.yml
View File

@@ -1,53 +0,0 @@
# apiVersion: networking.k8s.io/v1
# kind: Ingress
# metadata:
# name: copilot-ingress
# namespace: projects
# annotations:
# cert-manager.io/cluster-issuer: cloudflare-issuer
# spec:
# ingressClassName: nginx
# tls:
# - hosts:
# - copilot.alexmickelson.guru
# secretName: copilot-tls-cert
# rules:
# - host: copilot.alexmickelson.guru
# http:
# paths:
# - path: /
# pathType: Prefix
# backend:
# service:
# name: copilot
# port:
# number: 4444
# ---
# apiVersion: v1
# kind: Service
# metadata:
# name: copilot
# namespace: projects
# spec:
# ports:
# - port: 4444
# targetPort: 4444
# protocol: TCP
# ---
# apiVersion: discovery.k8s.io/v1
# kind: EndpointSlice
# metadata:
# name: copilot
# namespace: projects
# labels:
# kubernetes.io/service-name: copilot
# addressType: IPv4
# ports:
# - name: http
# port: 4444
# protocol: TCP
# endpoints:
# - addresses:
# - 100.122.128.107
# conditions:
# ready: true

53
kubernetes/proxy-ingress/ha-proxy-ingress.yml
View File

@@ -1,53 +0,0 @@
# apiVersion: networking.k8s.io/v1
# kind: Ingress
# metadata:
# name: home-assistant-ingress
# namespace: projects
# annotations:
# cert-manager.io/cluster-issuer: cloudflare-issuer
# spec:
# ingressClassName: nginx
# tls:
# - hosts:
# - ha.alexmickelson.guru
# secretName: ha-tls-cert
# rules:
# - host: ha.alexmickelson.guru
# http:
# paths:
# - path: /
# pathType: Prefix
# backend:
# service:
# name: home-assistant
# port:
# number: 8123
# ---
# apiVersion: v1
# kind: Service
# metadata:
# name: home-assistant
# namespace: projects
# spec:
# ports:
# - port: 8123
# targetPort: 8123
# protocol: TCP
# ---
# apiVersion: discovery.k8s.io/v1
# kind: EndpointSlice
# metadata:
# name: home-assistant
# namespace: projects
# labels:
# kubernetes.io/service-name: home-assistant
# addressType: IPv4
# ports:
# - name: http
# port: 8123
# protocol: TCP
# endpoints:
# - addresses:
# - 100.122.128.107
# conditions:
# ready: true

53
kubernetes/proxy-ingress/musicassistant-proxy-ingress.yml
View File

@@ -1,53 +0,0 @@
# apiVersion: networking.k8s.io/v1
# kind: Ingress
# metadata:
# name: musicassistant-ingress
# namespace: projects
# annotations:
# cert-manager.io/cluster-issuer: cloudflare-issuer
# spec:
# ingressClassName: nginx
# tls:
# - hosts:
# - sound.alexmickelson.guru
# secretName: sound-tls-cert
# rules:
# - host: sound.alexmickelson.guru
# http:
# paths:
# - path: /
# pathType: Prefix
# backend:
# service:
# name: musicassistant
# port:
# number: 8095
# ---
# apiVersion: v1
# kind: Service
# metadata:
# name: musicassistant
# namespace: projects
# spec:
# ports:
# - port: 8095
# targetPort: 8095
# protocol: TCP
# ---
# apiVersion: discovery.k8s.io/v1
# kind: EndpointSlice
# metadata:
# name: musicassistant
# namespace: projects
# labels:
# kubernetes.io/service-name: musicassistant
# addressType: IPv4
# ports:
# - name: http
# port: 8095
# protocol: TCP
# endpoints:
# - addresses:
# - 100.122.128.107
# conditions:
# ready: true