jellyfin

2026-02-15 18:20:55 -07:00
parent 76708b98da
commit 46b710252e
9 changed files with 172 additions and 464 deletions
--- a/home-server/docker-compose.yml
+++ b/home-server/docker-compose.yml
@@ -1,23 +1,23 @@
 services:
-  jellyfin:
+  # jellyfin:
-    image: jellyfin/jellyfin
+  #   image: jellyfin/jellyfin
-    container_name: jellyfin
+  #   container_name: jellyfin
-    user: 1000:1000
+  #   user: 1000:1000
-    network_mode: "host"
+  #   network_mode: "host"
-    volumes:
+  #   volumes:
-      - /data/jellyfin/config:/config
+  #     - /data/jellyfin/config:/config
-      - /data/jellyfin/cache:/cache
+  #     - /data/jellyfin/cache:/cache
-      - /data/media/music/tagged:/music
+  #     - /data/media/music/tagged:/music
-      - /data/media/movies:/movies
+  #     - /data/media/movies:/movies
-      - /data/media/tvshows:/tvshows
+  #     - /data/media/tvshows:/tvshows
-      - /data/nextcloud/html/data/alex/files/Documents/home-video:/home-videos:ro
+  #     - /data/nextcloud/html/data/alex/files/Documents/home-video:/home-videos:ro
-    restart: "unless-stopped"
+  #   restart: "unless-stopped"
-    group_add:
+  #   group_add:
-      - "303" # getent group render | cut -d: -f3
+  #     - "303" # getent group render | cut -d: -f3
-    devices:
+  #   devices:
-      - /dev/dri/renderD128:/dev/dri/renderD128
+  #     - /dev/dri/renderD128:/dev/dri/renderD128
-    environment:
+  #   environment:
-      - JELLYFIN_PublishedServerUrl=https://jellyfin.alexmickelson.guru
+  #     - JELLYFIN_PublishedServerUrl=https://jellyfin.alexmickelson.guru
  nextcloud:
    build:
@@ -102,38 +102,6 @@ services:
    restart: always
    network_mode: host
  # zwave-js-ui:
  #   container_name: zwave-js-ui
  #   image: zwavejs/zwave-js-ui:latest
  #   restart: always
  #   tty: true
  #   stop_signal: SIGINT
  #   environment:
  #     - SESSION_SECRET=iqpwoeinf9384bw3p48gbwer
  #     - TZ=America/Denver
  #   devices:
  #     # Do not use /dev/ttyUSBX serial devices, as those mappings can change over time.
  #     # Instead, use the /dev/serial/by-id/X serial device for your Z-Wave stick.
  #     # - '/dev/serial/by-id/insert_stick_reference_here:/dev/zwave'
  #     - /dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_31500417-if00-port0:/dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_31500417-if00-port0
  #     - /dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_31500417-if01-port0:/dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_31500417-if01-port0
  #   volumes:
  #       - /data/zwave:/usr/src/app/store
  #   ports:
  #     - '3050:8091'
  #     - '3051:3051'
  # music-assistant-server:
  #   image: ghcr.io/music-assistant/server:2
  #   container_name: music-assistant-server
  #   restart: unless-stopped
  #   network_mode: host
  #   volumes:
  #     - /data/music-assistant-server/data:/data/
  #   environment:
  #     - LOG_LEVEL=info
  prometheus:
    image: public.ecr.aws/bitnami/prometheus:2
    container_name: prometheus
@@ -168,70 +136,6 @@ services:
    ports:
      - 3000:3000
  # acpupsd_exporter:
  #   image: sfudeus/apcupsd_exporter:master_1.19
  #   container_name: apcupsd_exporter
  #   restart: always
  #   extra_hosts:
  #     - host.docker.internal:host-gateway
  #   command: -apcupsd.addr host.docker.internal:3551
  #   ports:
  #     - 0.0.0.0:9162:9162
  # docker run -it --rm  -p 9162:9162 --net=host sfudeus/apcupsd_exporter:master_1.19
  # reverse-proxy:
  #   image: ghcr.io/linuxserver/swag
  #   container_name: reverse-proxy
  #   restart: unless-stopped
  #   cap_add:
  #     - NET_ADMIN
  #   environment:
  #     - PUID=1000
  #     - PGID=1000
  #     - TZ=America/Denver
  #     - URL=alexmickelson.guru
  #     - SUBDOMAINS=wildcard
  #     - VALIDATION=dns
  #     - DNSPLUGIN=cloudflare
  #   volumes:
  #     - ./nginx.conf:/config/nginx/site-confs/default.conf
  #     - /data/swag:/config
  #     - /data/cloudflare/cloudflare.ini:/config/dns-conf/cloudflare.ini
  #   ports:
  #     - 0.0.0.0:80:80
  #     - 0.0.0.0:443:443
  #     # - 0.0.0.0:7080:80
  #     # - 0.0.0.0:7443:443
  #   extra_hosts:
  #     - host.docker.internal:host-gateway
  #   networks:
  #     - proxy
  # audiobookshelf:
  #   image: ghcr.io/advplyr/audiobookshelf:latest
  #   restart: unless-stopped
  #   ports:
  #     - 13378:80
  #   volumes:
  #     - /data/media/audiobooks:/audiobooks
  #     - /data/media/audiobooks-libation:/audiobooks-libation
  #     - /data/audiobookshelf/config:/config
  #     - /data/audiobookshelf/metadata:/metadata
  #   networks:
  #     - proxy
  copilot-api:
    image: node:latest
    working_dir: /app
    command: sh -c "npm cache clean --force && npx copilot-api@latest start --github-token $COPILOT_TOKEN --port 4444"
    environment:
      - COPILOT_TOKEN=${COPILOT_TOKEN}
    ports:
      - "4444:4444"
    restart: unless-stopped
    networks:
      - proxy
  esphome:
    container_name: esphome
--- a/kubernetes/jellyfin/deployment.yml
+++ b/kubernetes/jellyfin/deployment.yml
@@ -1,8 +1,13 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: jellyfin
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: jellyfin
-  namespace: projects
+  namespace: jellyfin
 spec:
  replicas: 1
  selector:
@@ -14,14 +19,16 @@ spec:
        app: jellyfin
    spec:
      hostNetwork: true
      securityContext:
        fsGroup: 1000
        supplementalGroups:
          - 303 # render group for GPU access
      containers:
        - name: jellyfin
          image: jellyfin/jellyfin
          securityContext:
            runAsUser: 1000
            runAsGroup: 1000
            supplementalGroups:
              - 303 # render group for GPU access
          volumeMounts:
            - name: dri-device
              mountPath: /dev/dri/renderD128
@@ -35,6 +42,9 @@ spec:
              mountPath: /movies
            - name: tvshows-volume
              mountPath: /tvshows
            - name: home-videos-volume
              mountPath: /home-videos
              readOnly: true
          ports:
            - containerPort: 8096
              name: jellyfin
@@ -50,15 +60,58 @@ spec:
            path: /data/jellyfin/cache
        - name: music-volume
          hostPath:
-            path: /data/jellyfin/music
+            path: /data/media/music/tagged
        - name: movies-volume
          hostPath:
-            path: /data/jellyfin/movies
+            path: /data/media/movies
        - name: tvshows-volume
          hostPath:
-            path: /data/jellyfin/tvshows
+            path: /data/media/tvshows
        - name: home-videos-volume
          hostPath:
            path: /data/nextcloud/html/data/alex/files/Documents/home-video
        - name: dri-device
          hostPath:
            path: /dev/dri/renderD128
            type: CharDevice
      restartPolicy: Always
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: jellyfin
  namespace: jellyfin
 spec:
  selector:
    app: jellyfin
  ports:
  - name: http
    protocol: TCP
    port: 8096
    targetPort: 8096
  type: ClusterIP
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: jellyfin
  namespace: jellyfin
  annotations:
    cert-manager.io/cluster-issuer: cloudflare-issuer
 spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - jellyfin.alexmickelson.guru
    secretName: jellyfin-tls
  rules:
  - host: jellyfin.alexmickelson.guru
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: jellyfin
            port:
              number: 8096
--- a/kubernetes/jellyfin/ingress.yml
+++ b/kubernetes/jellyfin/ingress.yml
@@ -1,14 +0,0 @@
 # apiVersion: networking.k8s.io/v1
 # kind: Ingress
 # metadata:
 #   name: jellyfin-ingress
 #   namespace: projects
 # spec:
 #   rules:
 #     - host: jellyfin.alexmickelson.guru
 #       http:
 #         paths:
 #           - path: /
 #             backend:
 #               service: jellyfin
 #               port: 8096
--- a/kubernetes/jellyfin/service.yml
+++ b/kubernetes/jellyfin/service.yml
@@ -1,27 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: jellyfin
  namespace: projects
 spec:
  selector:
    app: jellyfin
  ports:
    - protocol: TCP
      port: 8096
      targetPort: 8096
      nodePort: 30096
  type: NodePort
 # apiVersion: v1
 # kind: Service
 # metadata:
 #   name: jellyfin
 #   namespace: projects
 # spec:
 #   selector:
 #     app: jellyfin
 #   ports:
 #     - protocol: TCP
 #       port: 8096
 #       targetPort: 8096
 #   type: ClusterIP
--- a/kubernetes/minecraft/minecraft-dep.yml
+++ b/kubernetes/minecraft/minecraft-dep.yml
@@ -1,96 +1,100 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: minecraft
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: minecraft
  namespace: minecraft
 spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: minecraft
  template:
    metadata:
      labels:
        app: minecraft
    spec:
      containers:
      - name: tailscale
        image: tailscale/tailscale:latest
        env:
        - name: TS_STATE_DIR
          value: "/var/lib/tailscale"
        - name: TS_KUBE_SECRET
          value: ""
        - name: TS_AUTHKEY
          value: "tskey-auth-REPLACE_ME"
        - name: TS_HOSTNAME
          value: "minecraft"
        volumeMounts:
        - name: tailscale-data
          mountPath: /var/lib/tailscale
        - name: dev-tun
          mountPath: /dev/net/tun
        securityContext:
          capabilities:
            add:
            - NET_ADMIN
            - SYS_MODULE
      - name: minecraft
        image: itzg/minecraft-server:java21
        stdin: true
        tty: true
        env:
        - name: EULA
          value: "true"
        - name: MEMORY
          value: "6G"
        - name: CF_OVERRIDES_EXCLUSIONS
          value: |
            # Not applicable for server side
            shaderpacks/**
        volumeMounts:
        - name: minecraft-data
          mountPath: /data
        - name: modpacks
          mountPath: /modpacks
          readOnly: true
        resources:
          requests:
            memory: "6Gi"
          limits:
            memory: "8Gi"
      volumes:
      - name: minecraft-data
        hostPath:
          path: /data/minecraft/data
          type: DirectoryOrCreate
      - name: modpacks
        hostPath:
          path: /data/minecraft/modpacks
          type: DirectoryOrCreate
      - name: tailscale-data
        hostPath:
          path: /data/minecraft/tailscale
          type: DirectoryOrCreate
      - name: dev-tun
        hostPath:
          path: /dev/net/tun
          type: CharDevice
 ---
 # apiVersion: v1
-# kind: Namespace
+# kind: Service
 # metadata:
 #   name: minecraft
 # ---
 # apiVersion: apps/v1
 # kind: Deployment
 # metadata:
 #   name: minecraft
 #   namespace: minecraft
 # spec:
 #   replicas: 1
 #   selector:
 #     matchLabels:
 #     app: minecraft
-#   template:
+#   ports:
 #     metadata:
 #       labels:
 #         app: minecraft
 #     spec:
 #       containers:
 #       - name: tailscale
 #         image: tailscale/tailscale:latest
 #         env:
 #         - name: TS_STATE_DIR
 #           value: "/var/lib/tailscale"
 #         - name: TS_AUTHKEY
 #           value: "tskey-auth-REPLACE_ME"
 #         - name: TS_HOSTNAME
 #           value: "minecraft"
 #         volumeMounts:
 #         - name: tailscale-data
 #           mountPath: /var/lib/tailscale
 #         - name: dev-tun
 #           mountPath: /dev/net/tun
 #         securityContext:
 #           capabilities:
 #             add:
 #             - NET_ADMIN
 #             - SYS_MODULE
 #   - name: minecraft
-#         image: itzg/minecraft-server:java21
+#     protocol: TCP
-#         stdin: true
+#     port: 25565
-#         tty: true
+#     targetPort: 25565
-#         env:
+#   type: ClusterIP
 #         - name: EULA
 #           value: "true"
 #         - name: MEMORY
 #           value: "6G"
 #         - name: CF_OVERRIDES_EXCLUSIONS
 #           value: |
 #             # Not applicable for server side
 #             shaderpacks/**
 #         volumeMounts:
 #         - name: minecraft-data
 #           mountPath: /data
 #         - name: modpacks
 #           mountPath: /modpacks
 #           readOnly: true
 #         resources:
 #           requests:
 #             memory: "6Gi"
 #           limits:
 #             memory: "8Gi"
 #       volumes:
 #       - name: minecraft-data
 #         hostPath:
 #           path: /data/minecraft/data
 #           type: DirectoryOrCreate
 #       - name: modpacks
 #         hostPath:
 #           path: /data/minecraft/modpacks
 #           type: DirectoryOrCreate
 #       - name: tailscale-data
 #         hostPath:
 #           path: /data/minecraft/tailscale-data
 #           type: DirectoryOrCreate
 #       - name: dev-tun
 #         hostPath:
 #           path: /dev/net/tun
 #           type: CharDevice
 # ---
 # # apiVersion: v1
 # # kind: Service
 # # metadata:
 # #   name: minecraft
 # #   namespace: minecraft
 # # spec:
 # #   selector:
 # #     app: minecraft
 # #   ports:
 # #   - name: minecraft
 # #     protocol: TCP
 # #     port: 25565
 # #     targetPort: 25565
 # #   type: ClusterIP
--- a/kubernetes/proxy-ingress/audiobook-proxy-ingress.yml
+++ b/kubernetes/proxy-ingress/audiobook-proxy-ingress.yml
@@ -1,53 +0,0 @@
 # apiVersion: networking.k8s.io/v1
 # kind: Ingress
 # metadata:
 #   name: audiobookshelf-ingress
 #   namespace: projects
 #   annotations:
 #     cert-manager.io/cluster-issuer: cloudflare-issuer
 # spec:
 #   ingressClassName: nginx
 #   tls:
 #   - hosts:
 #     - audiobook.alexmickelson.guru
 #     secretName: audiobookshelf-tls-cert
 #   rules:
 #   - host: audiobook.alexmickelson.guru
 #     http:
 #       paths:
 #       - path: /
 #         pathType: Prefix
 #         backend:
 #           service:
 #             name: audiobookshelf
 #             port:
 #               number: 13378
 # ---
 # apiVersion: v1
 # kind: Service
 # metadata:
 #   name: audiobookshelf
 #   namespace: projects
 # spec:
 #   ports:
 #   - port: 13378
 #     targetPort: 13378
 #     protocol: TCP
 # ---
 # apiVersion: discovery.k8s.io/v1
 # kind: EndpointSlice
 # metadata:
 #   name: audiobookshelf
 #   namespace: projects
 #   labels:
 #     kubernetes.io/service-name: audiobookshelf
 # addressType: IPv4
 # ports:
 # - name: http
 #   port: 13378
 #   protocol: TCP
 # endpoints:
 # - addresses:
 #   - 100.122.128.107
 #   conditions:
 #     ready: true
--- a/kubernetes/proxy-ingress/copilot-proxy-ingress.yml
+++ b/kubernetes/proxy-ingress/copilot-proxy-ingress.yml
@@ -1,53 +0,0 @@
 # apiVersion: networking.k8s.io/v1
 # kind: Ingress
 # metadata:
 #   name: copilot-ingress
 #   namespace: projects
 #   annotations:
 #     cert-manager.io/cluster-issuer: cloudflare-issuer
 # spec:
 #   ingressClassName: nginx
 #   tls:
 #   - hosts:
 #     - copilot.alexmickelson.guru
 #     secretName: copilot-tls-cert
 #   rules:
 #   - host: copilot.alexmickelson.guru
 #     http:
 #       paths:
 #       - path: /
 #         pathType: Prefix
 #         backend:
 #           service:
 #             name: copilot
 #             port:
 #               number: 4444
 # ---
 # apiVersion: v1
 # kind: Service
 # metadata:
 #   name: copilot
 #   namespace: projects
 # spec:
 #   ports:
 #     - port: 4444
 #       targetPort: 4444
 #       protocol: TCP
 # ---
 # apiVersion: discovery.k8s.io/v1
 # kind: EndpointSlice
 # metadata:
 #   name: copilot
 #   namespace: projects
 #   labels:
 #     kubernetes.io/service-name: copilot
 # addressType: IPv4
 # ports:
 # - name: http
 #   port: 4444
 #   protocol: TCP
 # endpoints:
 # - addresses:
 #   - 100.122.128.107
 #   conditions:
 #     ready: true
--- a/kubernetes/proxy-ingress/ha-proxy-ingress.yml
+++ b/kubernetes/proxy-ingress/ha-proxy-ingress.yml
@@ -1,53 +0,0 @@
 # apiVersion: networking.k8s.io/v1
 # kind: Ingress
 # metadata:
 #   name: home-assistant-ingress
 #   namespace: projects
 #   annotations:
 #     cert-manager.io/cluster-issuer: cloudflare-issuer
 # spec:
 #   ingressClassName: nginx
 #   tls:
 #   - hosts:
 #     - ha.alexmickelson.guru
 #     secretName: ha-tls-cert
 #   rules:
 #   - host: ha.alexmickelson.guru
 #     http:
 #       paths:
 #       - path: /
 #         pathType: Prefix
 #         backend:
 #           service:
 #             name: home-assistant
 #             port:
 #               number: 8123
 # ---
 # apiVersion: v1
 # kind: Service
 # metadata:
 #   name: home-assistant
 #   namespace: projects
 # spec:
 #   ports:
 #   - port: 8123
 #     targetPort: 8123
 #     protocol: TCP
 # ---
 # apiVersion: discovery.k8s.io/v1
 # kind: EndpointSlice
 # metadata:
 #   name: home-assistant
 #   namespace: projects
 #   labels:
 #     kubernetes.io/service-name: home-assistant
 # addressType: IPv4
 # ports:
 # - name: http
 #   port: 8123
 #   protocol: TCP
 # endpoints:
 # - addresses:
 #   - 100.122.128.107
 #   conditions:
 #     ready: true
--- a/kubernetes/proxy-ingress/musicassistant-proxy-ingress.yml
+++ b/kubernetes/proxy-ingress/musicassistant-proxy-ingress.yml
@@ -1,53 +0,0 @@
 # apiVersion: networking.k8s.io/v1
 # kind: Ingress
 # metadata:
 #   name: musicassistant-ingress
 #   namespace: projects
 #   annotations:
 #     cert-manager.io/cluster-issuer: cloudflare-issuer
 # spec:
 #   ingressClassName: nginx
 #   tls:
 #     - hosts:
 #         - sound.alexmickelson.guru
 #       secretName: sound-tls-cert
 #   rules:
 #     - host: sound.alexmickelson.guru
 #       http:
 #         paths:
 #           - path: /
 #             pathType: Prefix
 #             backend:
 #               service:
 #                 name: musicassistant
 #                 port:
 #                   number: 8095
 # ---
 # apiVersion: v1
 # kind: Service
 # metadata:
 #   name: musicassistant
 #   namespace: projects
 # spec:
 #   ports:
 #     - port: 8095
 #       targetPort: 8095
 #       protocol: TCP
 # ---
 # apiVersion: discovery.k8s.io/v1
 # kind: EndpointSlice
 # metadata:
 #   name: musicassistant
 #   namespace: projects
 #   labels:
 #     kubernetes.io/service-name: musicassistant
 # addressType: IPv4
 # ports:
 #   - name: http
 #     port: 8095
 #     protocol: TCP
 # endpoints:
 #   - addresses:
 #       - 100.122.128.107
 #     conditions:
 #       ready: true