home/nixos-servers
home/nixos-servers
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

feat(media): Move to separate k8s namespace

Browse source
This commit is contained in:
Pim Kunis 2024-07-17 11:59:48 +02:00
parent 7b1958e5c5
commit c7624baa78
6 changed files with 362 additions and 370 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -70,6 +70,7 @@ Currently, the applications being deployed like this are:
- `inbucket` - `inbucket`
- `dnsmasq` - `dnsmasq`
- `bind9` - `bind9`
- `media`
## Known bugs ## Known bugs

2
flake-parts/kubenix.nix
View file

@ -100,4 +100,6 @@
"${self}/kubenix-modules/dnsmasq.nix" "dnsmasq" "dns"; "${self}/kubenix-modules/dnsmasq.nix" "dnsmasq" "dns";
kubenix.bind9 = mkDeployScriptAndManifest kubenix.bind9 = mkDeployScriptAndManifest
"${self}/kubenix-modules/bind9" "bind9" "dns"; "${self}/kubenix-modules/bind9" "bind9" "dns";
kubenix.media = mkDeployScriptAndManifest
"${self}/kubenix-modules/media.nix" "media" "media";
}) })

11
kubenix-modules/all.nix
View file

@ -1,12 +1,7 @@
let
applications = [
./media.nix
# ./argo.nix
# ./minecraft.nix
];
in
{ {
imports = [ imports = [
# ./argo.nix
# ./minecraft.nix
./base.nix ./base.nix
./longhorn.nix ./longhorn.nix
./esrom.nix ./esrom.nix
@ -17,5 +12,5 @@ in
./traefik.nix ./traefik.nix
./volumes.nix ./volumes.nix
./custom-types.nix ./custom-types.nix
] ++ applications; ];
} }

8
kubenix-modules/base.nix
View file

@ -44,17 +44,16 @@
longhorn = { longhorn = {
chart = nixhelm.chartsDerivations.${system}.longhorn.longhorn; chart = nixhelm.chartsDerivations.${system}.longhorn.longhorn;
includeCRDs = true; includeCRDs = true;
values = { values = {
persistence.defaultClassReplicaCount = 2;
defaultSettings = { defaultSettings = {
defaultDataPath = "/mnt/longhorn"; defaultDataPath = "/mnt/longhorn";
storageMinimalAvailablePercentage = 0; storageMinimalAvailablePercentage = 0;
allowRecurringJobWhileVolumeDetached = true; allowRecurringJobWhileVolumeDetached = true;
backupTarget = "nfs://lewis.dmz:/mnt/longhorn/persistent/longhorn-backup"; backupTarget = "nfs://lewis.dmz:/mnt/longhorn/persistent/longhorn-backup";
}; };
persistence = {
defaultClassReplicaCount = 2;
};
}; };
}; };
}; };
@ -76,6 +75,7 @@
attic = { }; attic = { };
inbucket = { }; inbucket = { };
dns = { }; dns = { };
media = { };
}; };
nodes = nodes =

663
kubenix-modules/media.nix
View file

@ -1,462 +1,405 @@
{ myLib, ... }: { { myLib, ... }: {
kubernetes.resources = { kubernetes.resources = {
configMaps = {
jellyfin-env.data.JELLYFIN_PublishedServerUrl = "https://media.kun.is";
transmission-env.data = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Amsterdam";
};
jellyseerr-env.data = {
LOG_LEVEL = "debug";
TZ = "Europe/Amsterdam";
};
radarr-env.data = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Amsterdam";
};
prowlarr-env.data = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Amsterdam";
};
sonarr-env.data = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Amsterdam";
};
bazarr-env.data = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Amsterdam";
};
};
deployments = { deployments = {
jellyfin = { jellyfin.spec = {
metadata.labels = { selector.matchLabels = {
app = "media"; app = "media";
component = "jellyfin"; component = "jellyfin";
}; };
spec = { strategy = {
selector.matchLabels = { type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media"; app = "media";
component = "jellyfin"; component = "jellyfin";
}; };
strategy = { spec = {
type = "RollingUpdate"; containers.jellyfin = {
image = "jellyfin/jellyfin:10.9.7";
ports.web.containerPort = 8096;
imagePullPolicy = "Always";
rollingUpdate = { env.JELLYFIN_PublishedServerUrl.value = "https://media.kun.is";
maxSurge = 0;
maxUnavailable = 1;
};
};
template = { volumeMounts = [
metadata.labels = { {
app = "media"; name = "config";
component = "jellyfin"; mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
{
name = "cache";
mountPath = "/config/transcodes";
}
];
}; };
spec = { volumes = {
containers.jellyfin = { config.persistentVolumeClaim.claimName = "jellyfin";
image = "jellyfin/jellyfin:10.9.7"; cache.persistentVolumeClaim.claimName = "jellyfin-cache";
envFrom = [{ configMapRef.name = "jellyfin-env"; }];
ports.web.containerPort = 8096;
imagePullPolicy = "Always";
volumeMounts = [ media.hostPath = {
{ path = "/mnt/longhorn/persistent/media";
name = "config"; type = "Directory";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
{
name = "cache";
mountPath = "/config/transcodes";
}
];
}; };
};
volumes = { securityContext = {
config.persistentVolumeClaim.claimName = "jellyfin"; fsGroup = 0;
cache.persistentVolumeClaim.claimName = "jellyfin-cache"; fsGroupChangePolicy = "OnRootMismatch";
};
media.hostPath = { affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms = [{
path = "/mnt/longhorn/persistent/media"; matchExpressions = [{
type = "Directory"; key = "hasMedia";
}; operator = "In";
}; values = [ "true" ];
securityContext = {
fsGroup = 0;
fsGroupChangePolicy = "OnRootMismatch";
};
affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms = [{
matchExpressions = [{
key = "hasMedia";
operator = "In";
values = [ "true" ];
}];
}]; }];
}; }];
}; };
}; };
}; };
transmission = { transmission.spec = {
metadata.labels = { selector.matchLabels = {
app = "media"; app = "media";
component = "transmission"; component = "transmission";
}; };
spec = { strategy = {
selector.matchLabels = { type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media"; app = "media";
component = "transmission"; component = "transmission";
}; };
strategy = { spec = {
type = "RollingUpdate"; containers.transmission = {
image = "lscr.io/linuxserver/transmission:4.0.6";
imagePullPolicy = "Always";
rollingUpdate = { ports = {
maxSurge = 0; web.containerPort = 9091;
maxUnavailable = 1; bittorrent.containerPort = 31780;
}; };
};
template = { env = {
metadata.labels = { PUID.value = "1000";
app = "media"; PGID.value = "1000";
component = "transmission"; TZ.value = "Europe/Amsterdam";
};
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
}; };
spec = { volumes = {
containers.transmission = { config.persistentVolumeClaim.claimName = "transmission";
image = "lscr.io/linuxserver/transmission:4.0.6"; media.persistentVolumeClaim.claimName = "media";
envFrom = [{ configMapRef.name = "transmission-env"; }]; };
imagePullPolicy = "Always";
ports = { securityContext = {
web.containerPort = 9091; fsGroup = 1000;
bittorrent.containerPort = 31780; fsGroupChangePolicy = "OnRootMismatch";
};
volumeMounts = [
{
name = "config";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
volumes = {
config.persistentVolumeClaim.claimName = "transmission";
media.persistentVolumeClaim.claimName = "media";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
}; };
}; };
}; };
}; };
jellyseerr = { jellyseerr.spec = {
metadata.labels = { selector.matchLabels = {
app = "media"; app = "media";
component = "jellyseerr"; component = "jellyseerr";
}; };
spec = { strategy = {
selector.matchLabels = { type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media"; app = "media";
component = "jellyseerr"; component = "jellyseerr";
}; };
strategy = { spec = {
type = "RollingUpdate"; volumes.config.persistentVolumeClaim.claimName = "jellyseerr";
rollingUpdate = { containers.jellyseerr = {
maxSurge = 0; image = "fallenbagel/jellyseerr:1.9.2";
maxUnavailable = 1; ports.web.containerPort = 5055;
}; imagePullPolicy = "Always";
};
template = { env = {
metadata.labels = { LOG_LEVEL.value = "debug";
app = "media"; TZ.value = "Europe/Amsterdam";
component = "jellyseerr";
};
spec = {
volumes.config.persistentVolumeClaim.claimName = "jellyseerr";
containers.jellyseerr = {
image = "fallenbagel/jellyseerr:1.9.2";
envFrom = [{ configMapRef.name = "jellyseerr-env"; }];
ports.web.containerPort = 5055;
imagePullPolicy = "Always";
volumeMounts = [{
name = "config";
mountPath = "/app/config";
}];
}; };
securityContext = { volumeMounts = [{
fsGroup = 0; name = "config";
fsGroupChangePolicy = "OnRootMismatch"; mountPath = "/app/config";
}; }];
};
securityContext = {
fsGroup = 0;
fsGroupChangePolicy = "OnRootMismatch";
}; };
}; };
}; };
}; };
radarr = { radarr.spec = {
metadata.labels = { selector.matchLabels = {
app = "media"; app = "media";
component = "radarr"; component = "radarr";
}; };
spec = { strategy = {
selector.matchLabels = { type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media"; app = "media";
component = "radarr"; component = "radarr";
}; };
strategy = { spec = {
type = "RollingUpdate"; containers.radarr = {
image = "lscr.io/linuxserver/radarr:5.7.0";
ports.web.containerPort = 7878;
imagePullPolicy = "Always";
rollingUpdate = { env = {
maxSurge = 0; PUID.value = "1000";
maxUnavailable = 1; PGID.value = "1000";
}; TZ.value = "Europe/Amsterdam";
}; };
template = { volumeMounts = [
metadata.labels = { {
app = "media"; name = "config";
component = "radarr"; mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
}; };
spec = { volumes = {
containers.radarr = { config.persistentVolumeClaim.claimName = "radarr";
image = "lscr.io/linuxserver/radarr:5.7.0"; media.persistentVolumeClaim.claimName = "media";
envFrom = [{ configMapRef.name = "radarr-env"; }]; };
ports.web.containerPort = 7878;
imagePullPolicy = "Always";
volumeMounts = [ securityContext = {
{ fsGroup = 1000;
name = "config"; fsGroupChangePolicy = "OnRootMismatch";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
volumes = {
config.persistentVolumeClaim.claimName = "radarr";
media.persistentVolumeClaim.claimName = "media";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
}; };
}; };
}; };
}; };
prowlarr = { prowlarr.spec = {
metadata.labels = { selector.matchLabels = {
app = "media"; app = "media";
component = "prowlarr"; component = "prowlarr";
}; };
spec = { strategy = {
selector.matchLabels = { type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media"; app = "media";
component = "prowlarr"; component = "prowlarr";
}; };
strategy = { spec = {
type = "RollingUpdate"; volumes.config.persistentVolumeClaim.claimName = "prowlarr";
rollingUpdate = { containers.prowlarr = {
maxSurge = 0; image = "lscr.io/linuxserver/prowlarr:1.20.1";
maxUnavailable = 1; ports.web.containerPort = 9696;
}; imagePullPolicy = "Always";
};
template = { env = {
metadata.labels = { PUID.value = "1000";
app = "media"; PGID.value = "1000";
component = "prowlarr"; TZ.value = "Europe/Amsterdam";
};
spec = {
volumes.config.persistentVolumeClaim.claimName = "prowlarr";
containers.prowlarr = {
image = "lscr.io/linuxserver/prowlarr:1.20.1";
envFrom = [{ configMapRef.name = "prowlarr-env"; }];
ports.web.containerPort = 9696;
imagePullPolicy = "Always";
volumeMounts = [{
name = "config";
mountPath = "/config";
}];
}; };
securityContext = { volumeMounts = [{
fsGroup = 1000; name = "config";
fsGroupChangePolicy = "OnRootMismatch"; mountPath = "/config";
}; }];
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
}; };
}; };
}; };
}; };
sonarr = { sonarr.spec = {
metadata.labels = { selector.matchLabels = {
app = "media"; app = "media";
component = "sonarr"; component = "sonarr";
}; };
spec = { strategy = {
selector.matchLabels = { type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media"; app = "media";
component = "sonarr"; component = "sonarr";
}; };
strategy = { spec = {
type = "RollingUpdate"; containers.sonarr = {
image = "lscr.io/linuxserver/sonarr:4.0.6";
ports.web.containerPort = 8989;
imagePullPolicy = "Always";
rollingUpdate = { env = {
maxSurge = 0; PUID.value = "1000";
maxUnavailable = 1; PGID.value = "1000";
}; TZ.value = "Europe/Amsterdam";
}; };
template = { volumeMounts = [
metadata.labels = { {
app = "media"; name = "config";
component = "sonarr"; mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
}; };
spec = { volumes = {
containers.sonarr = { config.persistentVolumeClaim.claimName = "sonarr";
image = "lscr.io/linuxserver/sonarr:4.0.6"; media.persistentVolumeClaim.claimName = "media";
envFrom = [{ configMapRef.name = "sonarr-env"; }]; };
ports.web.containerPort = 8989;
imagePullPolicy = "Always";
volumeMounts = [ securityContext = {
{ fsGroup = 1000;
name = "config"; fsGroupChangePolicy = "OnRootMismatch";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
volumes = {
config.persistentVolumeClaim.claimName = "sonarr";
media.persistentVolumeClaim.claimName = "media";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
}; };
}; };
}; };
}; };
bazarr = { bazarr.spec = {
metadata.labels = { selector.matchLabels = {
app = "media"; app = "media";
component = "bazarr"; component = "bazarr";
}; };
spec = { strategy = {
selector.matchLabels = { type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = {
metadata.labels = {
app = "media"; app = "media";
component = "bazarr"; component = "bazarr";
}; };
strategy = { spec = {
type = "RollingUpdate"; containers.bazarr = {
image = "lscr.io/linuxserver/bazarr:1.4.3";
ports.web.containerPort = 6767;
imagePullPolicy = "Always";
rollingUpdate = { env = {
maxSurge = 0; PUID.value = "1000";
maxUnavailable = 1; PGID.value = "1000";
}; TZ.value = "Europe/Amsterdam";
}; };
template = { volumeMounts = [
metadata.labels = { {
app = "media"; name = "config";
component = "bazarr"; mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
}; };
spec = { volumes = {
containers.bazarr = { config.persistentVolumeClaim.claimName = "bazarr";
image = "lscr.io/linuxserver/bazarr:1.4.3"; media.persistentVolumeClaim.claimName = "media";
envFrom = [{ configMapRef.name = "bazarr-env"; }]; };
ports.web.containerPort = 6767;
imagePullPolicy = "Always";
volumeMounts = [ securityContext = {
{ fsGroup = 1000;
name = "config"; fsGroupChangePolicy = "OnRootMismatch";
mountPath = "/config";
}
{
name = "media";
mountPath = "/media";
}
];
};
volumes = {
config.persistentVolumeClaim.claimName = "bazarr";
media.persistentVolumeClaim.claimName = "media";
};
securityContext = {
fsGroup = 1000;
fsGroupChangePolicy = "OnRootMismatch";
};
}; };
}; };
}; };
@ -564,9 +507,18 @@
}; };
}; };
persistentVolumeClaims.jellyfin-cache.spec = { persistentVolumeClaims = {
accessModes = [ "ReadWriteOnce" ]; jellyfin-cache.spec = {
resources.requests.storage = "20Gi"; accessModes = [ "ReadWriteOnce" ];
resources.requests.storage = "20Gi";
};
media.spec = {
accessModes = [ "ReadWriteMany" ];
storageClassName = "";
resources.requests.storage = "1Mi";
volumeName = "media-media";
};
}; };
}; };
@ -641,5 +593,42 @@
}; };
}; };
}; };
longhorn.persistentVolumeClaim = {
jellyfin = {
volumeName = "jellyfin";
storage = "5Gi";
};
transmission = {
volumeName = "transmission";
storage = "25Mi";
};
jellyseerr = {
volumeName = "jellyseerr";
storage = "75Mi";
};
radarr = {
volumeName = "radarr";
storage = "300Mi";
};
prowlarr = {
volumeName = "prowlarr";
storage = "150Mi";
};
sonarr = {
volumeName = "sonarr";
storage = "150Mi";
};
bazarr = {
volumeName = "bazarr";
storage = "25Mi";
};
};
}; };
} }

47
kubenix-modules/volumes.nix
View file

@ -12,27 +12,30 @@
# volumes.freshrss.persistentVolumeClaim.claimName = "freshrss"; # volumes.freshrss.persistentVolumeClaim.claimName = "freshrss";
# }; # };
kubernetes.resources.persistentVolumes.music-syncthing.spec = { kubernetes.resources.persistentVolumes = {
capacity.storage = "1Gi"; music-syncthing.spec = {
accessModes = [ "ReadWriteMany" ]; capacity.storage = "1Gi";
accessModes = [ "ReadWriteMany" ];
nfs = { nfs = {
server = "lewis.dmz"; server = "lewis.dmz";
path = "/mnt/longhorn/persistent/media/music"; path = "/mnt/longhorn/persistent/media/music";
};
};
media-media.spec = {
capacity.storage = "1Gi";
accessModes = [ "ReadWriteMany" ];
nfs = {
server = "lewis.dmz";
path = "/mnt/longhorn/persistent/media";
};
}; };
}; };
lab = { lab = {
longhornVolumes = { longhornVolumes.minecraft.storage = "1Gi";
minecraft.storage = "1Gi";
jellyfin.storage = "5Gi";
transmission.storage = "25Mi";
jellyseerr.storage = "75Mi";
radarr.storage = "300Mi";
prowlarr.storage = "150Mi";
sonarr.storage = "150Mi";
bazarr.storage = "25Mi";
};
longhorn.persistentVolume = { longhorn.persistentVolume = {
freshrss.storage = "1Gi"; freshrss.storage = "1Gi";
@ -55,11 +58,13 @@
immich-db.storage = "5Gi"; immich-db.storage = "5Gi";
attic.storage = "15Gi"; attic.storage = "15Gi";
attic-db.storage = "150Mi"; attic-db.storage = "150Mi";
}; jellyfin.storage = "5Gi";
transmission.storage = "25Mi";
nfsVolumes = { jellyseerr.storage = "75Mi";
media.path = "media"; radarr.storage = "300Mi";
# music.path = "media/music"; prowlarr.storage = "150Mi";
sonarr.storage = "150Mi";
bazarr.storage = "25Mi";
}; };
}; };
} }