home/nixos-servers
home/nixos-servers
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

feat(media): Move to separate k8s namespace

Browse source
This commit is contained in:
Pim Kunis 2024-07-17 11:59:48 +02:00
parent 7b1958e5c5
commit c7624baa78
6 changed files with 362 additions and 370 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -70,6 +70,7 @@ Currently, the applications being deployed like this are:
- `inbucket`
- `dnsmasq`
- `bind9`
- `media`
## Known bugs

2
flake-parts/kubenix.nix
View file

@ -100,4 +100,6 @@
"${self}/kubenix-modules/dnsmasq.nix" "dnsmasq" "dns";
kubenix.bind9 = mkDeployScriptAndManifest
"${self}/kubenix-modules/bind9" "bind9" "dns";
kubenix.media = mkDeployScriptAndManifest
"${self}/kubenix-modules/media.nix" "media" "media";
})

11
kubenix-modules/all.nix
View file

@ -1,12 +1,7 @@
let
applications = [
./media.nix
# ./argo.nix
# ./minecraft.nix
];
in
{
imports = [
# ./argo.nix
# ./minecraft.nix
./base.nix
./longhorn.nix
./esrom.nix
@ -17,5 +12,5 @@ in
./traefik.nix
./volumes.nix
./custom-types.nix
] ++ applications;
];
}

8
kubenix-modules/base.nix
View file

@ -44,17 +44,16 @@
longhorn = {
chart = nixhelm.chartsDerivations.${system}.longhorn.longhorn;
includeCRDs = true;
values = {
persistence.defaultClassReplicaCount = 2;
defaultSettings = {
defaultDataPath = "/mnt/longhorn";
storageMinimalAvailablePercentage = 0;
allowRecurringJobWhileVolumeDetached = true;
backupTarget = "nfs://lewis.dmz:/mnt/longhorn/persistent/longhorn-backup";
};
persistence = {
defaultClassReplicaCount = 2;
};
};
};
};
@ -76,6 +75,7 @@
attic = { };
inbucket = { };
dns = { };
media = { };
};
nodes =

663
kubenix-modules/media.nix
View file

@ -1,462 +1,405 @@
{ myLib, ... }: {
kubernetes.resources = {
configMaps = {
jellyfin-env.data.JELLYFIN_PublishedServerUrl = "https://media.kun.is";
transmission-env.data = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Amsterdam";
};
jellyseerr-env.data = {
LOG_LEVEL = "debug";
TZ = "Europe/Amsterdam";
};
radarr-env.data = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Amsterdam";
};
prowlarr-env.data = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Amsterdam";
};
sonarr-env.data = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Amsterdam";
};
bazarr-env.data = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Amsterdam";
};
};
deployments = {
jellyfin = {
metadata.labels = {
jellyfin.spec = {
selector.matchLabels = {
app = "media";
component = "jellyfin";
};
spec = {
selector.matchLabels = {
strategy = {
type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media";
component = "jellyfin";
};
strategy = {
type = "RollingUpdate";
spec = {
containers.jellyfin = {
image = "jellyfin/jellyfin:10.9.7";
ports.web.containerPort = 8096;
imagePullPolicy = "Always";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
env.JELLYFIN_PublishedServerUrl.value = "https://media.kun.is";
template = {
metadata.labels = {
app = "media";
component = "jellyfin";
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
{
name = "cache";
mountPath = "/config/transcodes";
}
];
};
spec = {
containers.jellyfin = {
image = "jellyfin/jellyfin:10.9.7";
envFrom = [{ configMapRef.name = "jellyfin-env"; }];
ports.web.containerPort = 8096;
imagePullPolicy = "Always";
volumes = {
config.persistentVolumeClaim.claimName = "jellyfin";
cache.persistentVolumeClaim.claimName = "jellyfin-cache";
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
{
name = "cache";
mountPath = "/config/transcodes";
}
];
media.hostPath = {
path = "/mnt/longhorn/persistent/media";
type = "Directory";
};
};
volumes = {
config.persistentVolumeClaim.claimName = "jellyfin";
cache.persistentVolumeClaim.claimName = "jellyfin-cache";
securityContext = {
fsGroup = 0;
fsGroupChangePolicy = "OnRootMismatch";
};
media.hostPath = {
path = "/mnt/longhorn/persistent/media";
type = "Directory";
};
};
securityContext = {
fsGroup = 0;
fsGroupChangePolicy = "OnRootMismatch";
};
affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms = [{
matchExpressions = [{
key = "hasMedia";
operator = "In";
values = [ "true" ];
}];
affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms = [{
matchExpressions = [{
key = "hasMedia";
operator = "In";
values = [ "true" ];
}];
};
}];
};
};
};
transmission = {
metadata.labels = {
transmission.spec = {
selector.matchLabels = {
app = "media";
component = "transmission";
};
spec = {
selector.matchLabels = {
strategy = {
type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media";
component = "transmission";
};
strategy = {
type = "RollingUpdate";
spec = {
containers.transmission = {
image = "lscr.io/linuxserver/transmission:4.0.6";
imagePullPolicy = "Always";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
ports = {
web.containerPort = 9091;
bittorrent.containerPort = 31780;
};
template = {
metadata.labels = {
app = "media";
component = "transmission";
env = {
PUID.value = "1000";
PGID.value = "1000";
TZ.value = "Europe/Amsterdam";
};
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
spec = {
containers.transmission = {
image = "lscr.io/linuxserver/transmission:4.0.6";
envFrom = [{ configMapRef.name = "transmission-env"; }];
imagePullPolicy = "Always";
volumes = {
config.persistentVolumeClaim.claimName = "transmission";
media.persistentVolumeClaim.claimName = "media";
};
ports = {
web.containerPort = 9091;
bittorrent.containerPort = 31780;
};
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
volumes = {
config.persistentVolumeClaim.claimName = "transmission";
media.persistentVolumeClaim.claimName = "media";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
};
};
};
jellyseerr = {
metadata.labels = {
jellyseerr.spec = {
selector.matchLabels = {
app = "media";
component = "jellyseerr";
};
spec = {
selector.matchLabels = {
strategy = {
type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media";
component = "jellyseerr";
};
strategy = {
type = "RollingUpdate";
spec = {
volumes.config.persistentVolumeClaim.claimName = "jellyseerr";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
containers.jellyseerr = {
image = "fallenbagel/jellyseerr:1.9.2";
ports.web.containerPort = 5055;
imagePullPolicy = "Always";
template = {
metadata.labels = {
app = "media";
component = "jellyseerr";
};
spec = {
volumes.config.persistentVolumeClaim.claimName = "jellyseerr";
containers.jellyseerr = {
image = "fallenbagel/jellyseerr:1.9.2";
envFrom = [{ configMapRef.name = "jellyseerr-env"; }];
ports.web.containerPort = 5055;
imagePullPolicy = "Always";
volumeMounts = [{
name = "config";
mountPath = "/app/config";
}];
env = {
LOG_LEVEL.value = "debug";
TZ.value = "Europe/Amsterdam";
};
securityContext = {
fsGroup = 0;
fsGroupChangePolicy = "OnRootMismatch";
};
volumeMounts = [{
name = "config";
mountPath = "/app/config";
}];
};
securityContext = {
fsGroup = 0;
fsGroupChangePolicy = "OnRootMismatch";
};
};
};
};
radarr = {
metadata.labels = {
radarr.spec = {
selector.matchLabels = {
app = "media";
component = "radarr";
};
spec = {
selector.matchLabels = {
strategy = {
type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media";
component = "radarr";
};
strategy = {
type = "RollingUpdate";
spec = {
containers.radarr = {
image = "lscr.io/linuxserver/radarr:5.7.0";
ports.web.containerPort = 7878;
imagePullPolicy = "Always";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
env = {
PUID.value = "1000";
PGID.value = "1000";
TZ.value = "Europe/Amsterdam";
};
template = {
metadata.labels = {
app = "media";
component = "radarr";
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
spec = {
containers.radarr = {
image = "lscr.io/linuxserver/radarr:5.7.0";
envFrom = [{ configMapRef.name = "radarr-env"; }];
ports.web.containerPort = 7878;
imagePullPolicy = "Always";
volumes = {
config.persistentVolumeClaim.claimName = "radarr";
media.persistentVolumeClaim.claimName = "media";
};
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
volumes = {
config.persistentVolumeClaim.claimName = "radarr";
media.persistentVolumeClaim.claimName = "media";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
};
};
};
prowlarr = {
metadata.labels = {
prowlarr.spec = {
selector.matchLabels = {
app = "media";
component = "prowlarr";
};
spec = {
selector.matchLabels = {
strategy = {
type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media";
component = "prowlarr";
};
strategy = {
type = "RollingUpdate";
spec = {
volumes.config.persistentVolumeClaim.claimName = "prowlarr";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
containers.prowlarr = {
image = "lscr.io/linuxserver/prowlarr:1.20.1";
ports.web.containerPort = 9696;
imagePullPolicy = "Always";
template = {
metadata.labels = {
app = "media";
component = "prowlarr";
};
spec = {
volumes.config.persistentVolumeClaim.claimName = "prowlarr";
containers.prowlarr = {
image = "lscr.io/linuxserver/prowlarr:1.20.1";
envFrom = [{ configMapRef.name = "prowlarr-env"; }];
ports.web.containerPort = 9696;
imagePullPolicy = "Always";
volumeMounts = [{
name = "config";
mountPath = "/config";
}];
env = {
PUID.value = "1000";
PGID.value = "1000";
TZ.value = "Europe/Amsterdam";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
volumeMounts = [{
name = "config";
mountPath = "/config";
}];
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
};
};
};
sonarr = {
metadata.labels = {
sonarr.spec = {
selector.matchLabels = {
app = "media";
component = "sonarr";
};
spec = {
selector.matchLabels = {
strategy = {
type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media";
component = "sonarr";
};
strategy = {
type = "RollingUpdate";
spec = {
containers.sonarr = {
image = "lscr.io/linuxserver/sonarr:4.0.6";
ports.web.containerPort = 8989;
imagePullPolicy = "Always";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
env = {
PUID.value = "1000";
PGID.value = "1000";
TZ.value = "Europe/Amsterdam";
};
template = {
metadata.labels = {
app = "media";
component = "sonarr";
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
spec = {
containers.sonarr = {
image = "lscr.io/linuxserver/sonarr:4.0.6";
envFrom = [{ configMapRef.name = "sonarr-env"; }];
ports.web.containerPort = 8989;
imagePullPolicy = "Always";
volumes = {
config.persistentVolumeClaim.claimName = "sonarr";
media.persistentVolumeClaim.claimName = "media";
};
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
volumes = {
config.persistentVolumeClaim.claimName = "sonarr";
media.persistentVolumeClaim.claimName = "media";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
};
};
};
bazarr = {
metadata.labels = {
bazarr.spec = {
selector.matchLabels = {
app = "media";
component = "bazarr";
};
spec = {
selector.matchLabels = {
strategy = {
type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media";
component = "bazarr";
};
strategy = {
type = "RollingUpdate";
spec = {
containers.bazarr = {
image = "lscr.io/linuxserver/bazarr:1.4.3";
ports.web.containerPort = 6767;
imagePullPolicy = "Always";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
env = {
PUID.value = "1000";
PGID.value = "1000";
TZ.value = "Europe/Amsterdam";
};
template = {
metadata.labels = {
app = "media";
component = "bazarr";
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
spec = {
containers.bazarr = {
image = "lscr.io/linuxserver/bazarr:1.4.3";
envFrom = [{ configMapRef.name = "bazarr-env"; }];
ports.web.containerPort = 6767;
imagePullPolicy = "Always";
volumes = {
config.persistentVolumeClaim.claimName = "bazarr";
media.persistentVolumeClaim.claimName = "media";
};
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
volumes = {
config.persistentVolumeClaim.claimName = "bazarr";
media.persistentVolumeClaim.claimName = "media";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
};
};
@ -564,9 +507,18 @@
};
};
persistentVolumeClaims.jellyfin-cache.spec = {
accessModes = [ "ReadWriteOnce" ];
resources.requests.storage = "20Gi";
persistentVolumeClaims = {
jellyfin-cache.spec = {
accessModes = [ "ReadWriteOnce" ];
resources.requests.storage = "20Gi";
};
media.spec = {
accessModes = [ "ReadWriteMany" ];
storageClassName = "";
resources.requests.storage = "1Mi";
volumeName = "media-media";
};
};
};
@ -641,5 +593,42 @@
};
};
};
longhorn.persistentVolumeClaim = {
jellyfin = {
volumeName = "jellyfin";
storage = "5Gi";
};
transmission = {
volumeName = "transmission";
storage = "25Mi";
};
jellyseerr = {
volumeName = "jellyseerr";
storage = "75Mi";
};
radarr = {
volumeName = "radarr";
storage = "300Mi";
};
prowlarr = {
volumeName = "prowlarr";
storage = "150Mi";
};
sonarr = {
volumeName = "sonarr";
storage = "150Mi";
};
bazarr = {
volumeName = "bazarr";
storage = "25Mi";
};
};
};
}

47
kubenix-modules/volumes.nix
View file

@ -12,27 +12,30 @@
# volumes.freshrss.persistentVolumeClaim.claimName = "freshrss";
# };
kubernetes.resources.persistentVolumes.music-syncthing.spec = {
capacity.storage = "1Gi";
accessModes = [ "ReadWriteMany" ];
kubernetes.resources.persistentVolumes = {
music-syncthing.spec = {
capacity.storage = "1Gi";
accessModes = [ "ReadWriteMany" ];
nfs = {
server = "lewis.dmz";
path = "/mnt/longhorn/persistent/media/music";
nfs = {
server = "lewis.dmz";
path = "/mnt/longhorn/persistent/media/music";
};
};
media-media.spec = {
capacity.storage = "1Gi";
accessModes = [ "ReadWriteMany" ];
nfs = {
server = "lewis.dmz";
path = "/mnt/longhorn/persistent/media";
};
};
};
lab = {
longhornVolumes = {
minecraft.storage = "1Gi";
jellyfin.storage = "5Gi";
transmission.storage = "25Mi";
jellyseerr.storage = "75Mi";
radarr.storage = "300Mi";
prowlarr.storage = "150Mi";
sonarr.storage = "150Mi";
bazarr.storage = "25Mi";
};
longhornVolumes.minecraft.storage = "1Gi";
longhorn.persistentVolume = {
freshrss.storage = "1Gi";
@ -55,11 +58,13 @@
immich-db.storage = "5Gi";
attic.storage = "15Gi";
attic-db.storage = "150Mi";
};
nfsVolumes = {
media.path = "media";
# music.path = "media/music";
jellyfin.storage = "5Gi";
transmission.storage = "25Mi";
jellyseerr.storage = "75Mi";
radarr.storage = "300Mi";
prowlarr.storage = "150Mi";
sonarr.storage = "150Mi";
bazarr.storage = "25Mi";
};
};
}