apiVersion: v1 kind: Namespace metadata: name: jellyfin --- apiVersion: apps/v1 kind: Deployment metadata: name: jellyfin namespace: jellyfin spec: replicas: 1 selector: matchLabels: app: jellyfin template: metadata: labels: app: jellyfin spec: hostNetwork: true securityContext: fsGroup: 1000 supplementalGroups: - 303 # render group for GPU access containers: - name: jellyfin image: jellyfin/jellyfin securityContext: runAsUser: 1000 runAsGroup: 1000 volumeMounts: - name: dri-device mountPath: /dev/dri/renderD128 - name: config-volume mountPath: /config - name: cache-volume mountPath: /cache - name: music-volume mountPath: /music - name: movies-volume mountPath: /movies - name: tvshows-volume mountPath: /tvshows - name: home-videos-volume mountPath: /home-videos readOnly: true ports: - containerPort: 8096 name: jellyfin env: - name: JELLYFIN_PublishedServerUrl value: "https://jellyfin.alexmickelson.guru" volumes: - name: config-volume hostPath: path: /data/jellyfin/config - name: cache-volume hostPath: path: /data/jellyfin/cache - name: music-volume hostPath: path: /data/media/music/tagged - name: movies-volume hostPath: path: /data/media/movies - name: tvshows-volume hostPath: path: /data/media/tvshows - name: home-videos-volume hostPath: path: /data/nextcloud/html/data/alex/files/Documents/home-video - name: dri-device hostPath: path: /dev/dri/renderD128 type: CharDevice restartPolicy: Always --- apiVersion: v1 kind: Service metadata: name: jellyfin namespace: jellyfin spec: selector: app: jellyfin ports: - name: http protocol: TCP port: 8096 targetPort: 8096 type: ClusterIP --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: jellyfin namespace: jellyfin annotations: cert-manager.io/cluster-issuer: cloudflare-issuer spec: ingressClassName: nginx tls: - hosts: - jellyfin.alexmickelson.guru secretName: jellyfin-tls rules: - host: jellyfin.alexmickelson.guru http: paths: - path: / pathType: Prefix backend: service: name: jellyfin port: number: 8096