CSTF/wild-cloud
1
1
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects 1 Releases 1 Wiki Activity

Compare commits

base: CSTF:apps/homeassistant
Branches Tags
CSTF:main CSTF:golang CSTF:apps/jellyfin CSTF:apps/homepage CSTF:apps/homeassistant CSTF:apps/codimd
CSTF:POC
..
compare: CSTF:apps/jellyfin
Branches Tags
CSTF:main CSTF:golang CSTF:apps/jellyfin CSTF:apps/homepage CSTF:apps/homeassistant CSTF:apps/codimd
CSTF:POC

2 Commits
apps/homea ... apps/jelly

Author SHA1 Message Date
Paul Payne
c2efd6359a Adds jellyfin app (untested). 2025-08-16 08:05:35 -07:00
Paul Payne
6e3b50c217 Removes jellyfin app (to be updated in a branch). 2025-08-16 08:04:25 -07:00
15 changed files with 86 additions and 332 deletions
Expand all files Collapse all files

37
apps/homeassistant/config-job.yaml
View File

@@ -1,37 +0,0 @@
apiVersion: batch/v1
kind: Job
metadata:
name: homeassistant-config-setup
spec:
template:
spec:
restartPolicy: Never
containers:
- name: config-setup
image: busybox:1.35
command: ['sh', '-c']
args:
- |
# Wait for config file to exist
while [ ! -f /config/configuration.yaml ]; do
sleep 5
done
# Add HTTP config if not present
if ! grep -q "use_x_forwarded_for" /config/configuration.yaml; then
echo "" >> /config/configuration.yaml
echo "# HTTP configuration for reverse proxy support" >> /config/configuration.yaml
echo "http:" >> /config/configuration.yaml
echo " use_x_forwarded_for: true" >> /config/configuration.yaml
echo " trusted_proxies:" >> /config/configuration.yaml
echo " - 10.0.0.0/8" >> /config/configuration.yaml
echo " - 172.16.0.0/12" >> /config/configuration.yaml
echo " - 192.168.0.0/16" >> /config/configuration.yaml
fi
volumeMounts:
- mountPath: /config
name: homeassistant-config
volumes:
- name: homeassistant-config
persistentVolumeClaim:
claimName: homeassistant-pvc

88
apps/homeassistant/deployment.yaml
View File

@@ -1,88 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: homeassistant
spec:
replicas: 1
selector:
matchLabels:
component: homeassistant
strategy:
type: Recreate
template:
metadata:
labels:
component: homeassistant
spec:
# hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
initContainers:
- name: config-setup
image: busybox:1.35
command: ['sh', '-c']
args:
- |
# Create initial config if it doesn't exist
if [ ! -f /config/configuration.yaml ]; then
cat > /config/configuration.yaml << 'EOF'
# Loads default set of integrations. Do not remove.
default_config:
# Load frontend themes from the themes folder
frontend:
themes: !include_dir_merge_named themes
automation: !include automations.yaml
script: !include scripts.yaml
scene: !include scenes.yaml
# HTTP configuration for reverse proxy support
http:
use_x_forwarded_for: true
trusted_proxies:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
EOF
fi
volumeMounts:
- mountPath: /config
name: homeassistant-config
containers:
- name: homeassistant
image: "{{ .apps.homeassistant.image }}"
ports:
- containerPort: 8123
protocol: TCP
env:
- name: TZ
value: "{{ .apps.homeassistant.timezone }}"
volumeMounts:
- mountPath: /config
name: homeassistant-config
readOnly: false
resources:
requests:
memory: "512Mi"
cpu: "250m"
limits:
memory: "2Gi"
cpu: "2"
livenessProbe:
httpGet:
path: /
port: 8123
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 10
readinessProbe:
httpGet:
path: /
port: 8123
initialDelaySeconds: 15
periodSeconds: 15
timeoutSeconds: 5
volumes:
- name: homeassistant-config
persistentVolumeClaim:
claimName: homeassistant-pvc

23
apps/homeassistant/ingress.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: homeassistant-public
# annotations:
# external-dns.alpha.kubernetes.io/target: "{{ .apps.homeassistant.domain }}"
# external-dns.alpha.kubernetes.io/cloudflare-proxied: "false"
spec:
rules:
- host: "{{ .apps.homeassistant.domain }}"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: homeassistant
port:
number: 8123
tls:
- secretName: "{{ .apps.homeassistant.tlsKey }}"
hosts:
- "{{ .apps.homeassistant.domain }}"

16
apps/homeassistant/kustomization.yaml
View File

@@ -1,16 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: homeassistant
labels:
- includeSelectors: true
pairs:
app: homeassistant
managedBy: kustomize
partOf: wild-cloud
resources:
- namespace.yaml
- deployment.yaml
- service.yaml
- ingress.yaml
- pvc.yaml

13
apps/homeassistant/manifest.yaml
View File

@@ -1,13 +0,0 @@
name: homeassistant
install: true
description: Home Assistant is an open source home automation platform that puts local control and privacy first.
version: 2025.1.0
icon: https://brands.home-assistant.io/homeassistant/logo.png
requires: []
defaultConfig:
image: ghcr.io/home-assistant/home-assistant:stable
timezone: UTC
storage: 50Gi
domain: hass.{{ .cloud.internalDomain }}
tlsSecretName: wildcard-internal-wild-cloud-tls
requiredSecrets: []

4
apps/homeassistant/namespace.yaml
View File

@@ -1,4 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: homeassistant

11
apps/homeassistant/pvc.yaml
View File

@@ -1,11 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: homeassistant-pvc
spec:
storageClassName: longhorn
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .apps.homeassistant.storage }}

12
apps/homeassistant/service.yaml
View File

@@ -1,12 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: homeassistant
spec:
ports:
- name: http
port: 8123
targetPort: 8123
protocol: TCP
selector:
component: homeassistant

12
apps/jellyfin/config/example.env
View File

@@ -1,12 +0,0 @@
# Config
JELLYFIN_DOMAIN=jellyfin.$DOMAIN
JELLYFIN_CONFIG_STORAGE=1Gi
JELLYFIN_CACHE_STORAGE=10Gi
JELLYFIN_MEDIA_STORAGE=100Gi
TZ=UTC
# Docker Images
JELLYFIN_IMAGE=jellyfin/jellyfin:latest
# Jellyfin Configuration
JELLYFIN_PublishedServerUrl=https://jellyfin.$DOMAIN

78
apps/jellyfin/deployment.yaml
View File

@@ -1,49 +1,73 @@
---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: jellyfin name: jellyfin
namespace: jellyfin
spec: spec:
replicas: 1 replicas: 1
selector:
matchLabels:
app: jellyfin
strategy: strategy:
type: Recreate type: Recreate
selector:
matchLabels:
component: web
template: template:
metadata: metadata:
labels: labels:
app: jellyfin component: web
spec: spec:
securityContext:
runAsNonRoot: true
runAsUser: 999
runAsGroup: 999
seccompProfile:
type: RuntimeDefault
containers: containers:
- image: jellyfin/jellyfin:latest - name: jellyfin
name: jellyfin image: "{{ .apps.jellyfin.image }}"
imagePullPolicy: IfNotPresent
ports: ports:
- containerPort: 8096 - name: http
containerPort: 8096
protocol: TCP protocol: TCP
envFrom:
- configMapRef:
name: config
env: env:
- name: TZ - name: TZ
valueFrom: value: "{{ .apps.jellyfin.timezone }}"
configMapKeyRef: - name: JELLYFIN_PublishedServerUrl
key: TZ value: "{{ .apps.jellyfin.publishedServerUrl }}"
name: config securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: false
volumeMounts: volumeMounts:
- mountPath: /config - name: config
name: jellyfin-config mountPath: /config
- mountPath: /cache - name: cache
name: jellyfin-cache mountPath: /cache
- mountPath: /media - name: media
name: jellyfin-media mountPath: /media
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 10
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
volumes: volumes:
- name: jellyfin-config - name: config
persistentVolumeClaim: persistentVolumeClaim:
claimName: jellyfin-config-pvc claimName: jellyfin-config
- name: jellyfin-cache - name: cache
persistentVolumeClaim: persistentVolumeClaim:
claimName: jellyfin-cache-pvc claimName: jellyfin-cache
- name: jellyfin-media - name: media
persistentVolumeClaim: persistentVolumeClaim:
claimName: jellyfin-media-pvc claimName: jellyfin-media

12
apps/jellyfin/ingress.yaml
View File

@@ -1,14 +1,14 @@
---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
name: jellyfin-public name: jellyfin-public
namespace: jellyfin
annotations: annotations:
external-dns.alpha.kubernetes.io/target: your.jellyfin.domain external-dns.alpha.kubernetes.io/target: "{{ .cloud.domain }}"
external-dns.alpha.kubernetes.io/cloudflare-proxied: "false" external-dns.alpha.kubernetes.io/cloudflare-proxied: "false"
spec: spec:
rules: rules:
- host: your.jellyfin.domain - host: "{{ .apps.jellyfin.domain }}"
http: http:
paths: paths:
- path: / - path: /
@@ -17,8 +17,8 @@ spec:
service: service:
name: jellyfin name: jellyfin
port: port:
number: 8096 number: {{ .apps.jellyfin.port }}
tls: tls:
- secretName: wildcard-internal-wild-cloud-tls - secretName: "{{ .apps.jellyfin.tlsSecretName }}"
hosts: hosts:
- your.jellyfin.domain - "{{ .apps.jellyfin.domain }}"

73
apps/jellyfin/kustomization.yaml
View File

@@ -8,75 +8,8 @@ labels:
managedBy: kustomize managedBy: kustomize
partOf: wild-cloud partOf: wild-cloud
resources: resources:
- deployment.yaml
- ingress.yaml
- namespace.yaml - namespace.yaml
- pvc.yaml - deployment.yaml
- service.yaml - service.yaml
configMapGenerator: - ingress.yaml
- name: config - pvc.yaml
envs:
- config/config.env
replacements:
- source:
kind: ConfigMap
name: config
fieldPath: data.DOMAIN
targets:
- select:
kind: Ingress
name: jellyfin-public
fieldPaths:
- metadata.annotations.[external-dns.alpha.kubernetes.io/target]
- source:
kind: ConfigMap
name: config
fieldPath: data.JELLYFIN_DOMAIN
targets:
- select:
kind: Ingress
name: jellyfin-public
fieldPaths:
- spec.rules.0.host
- spec.tls.0.hosts.0
- source:
kind: ConfigMap
name: config
fieldPath: data.JELLYFIN_CONFIG_STORAGE
targets:
- select:
kind: PersistentVolumeClaim
name: jellyfin-config-pvc
fieldPaths:
- spec.resources.requests.storage
- source:
kind: ConfigMap
name: config
fieldPath: data.JELLYFIN_CACHE_STORAGE
targets:
- select:
kind: PersistentVolumeClaim
name: jellyfin-cache-pvc
fieldPaths:
- spec.resources.requests.storage
- source:
kind: ConfigMap
name: config
fieldPath: data.JELLYFIN_MEDIA_STORAGE
targets:
- select:
kind: PersistentVolumeClaim
name: jellyfin-media-pvc
fieldPaths:
- spec.resources.requests.storage
- source:
kind: ConfigMap
name: config
fieldPath: data.JELLYFIN_IMAGE
targets:
- select:
kind: Deployment
name: jellyfin
fieldPaths:
- spec.template.spec.containers.0.image

16
apps/jellyfin/manifest.yaml Normal file
View File

@@ -0,0 +1,16 @@
name: jellyfin
description: Jellyfin is a free and open-source media server and suite of multimedia applications designed to organize, manage, and share digital media files
version: 10.10.3
icon: https://jellyfin.org/images/banner-light.svg
requires: []
defaultConfig:
image: jellyfin/jellyfin:10.10.3
domain: jellyfin.{{ .cloud.domain }}
tlsSecretName: wildcard-wild-cloud-tls
port: 8096
configStorage: 1Gi
cacheStorage: 10Gi
mediaStorage: 100Gi
timezone: UTC
publishedServerUrl: "https://jellyfin.{{ .cloud.domain }}"
requiredSecrets: []

13
apps/jellyfin/pvc.yaml
View File

@@ -1,32 +1,31 @@
---
apiVersion: v1 apiVersion: v1
kind: PersistentVolumeClaim kind: PersistentVolumeClaim
metadata: metadata:
name: jellyfin-config-pvc name: jellyfin-config
namespace: jellyfin namespace: jellyfin
spec: spec:
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
resources: resources:
requests: requests:
storage: 1Gi storage: "{{ .apps.jellyfin.configStorage }}"
--- ---
apiVersion: v1 apiVersion: v1
kind: PersistentVolumeClaim kind: PersistentVolumeClaim
metadata: metadata:
name: jellyfin-cache-pvc name: jellyfin-cache
namespace: jellyfin namespace: jellyfin
spec: spec:
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
resources: resources:
requests: requests:
storage: 10Gi storage: "{{ .apps.jellyfin.cacheStorage }}"
--- ---
apiVersion: v1 apiVersion: v1
kind: PersistentVolumeClaim kind: PersistentVolumeClaim
metadata: metadata:
name: jellyfin-media-pvc name: jellyfin-media
namespace: jellyfin namespace: jellyfin
spec: spec:
accessModes: accessModes:
@@ -34,4 +33,4 @@ spec:
storageClassName: nfs storageClassName: nfs
resources: resources:
requests: requests:
storage: 100Gi storage: "{{ .apps.jellyfin.mediaStorage }}"

10
apps/jellyfin/service.yaml
View File

@@ -1,15 +1,13 @@
---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: jellyfin name: jellyfin
namespace: jellyfin namespace: jellyfin
labels:
app: jellyfin
spec: spec:
ports: ports:
- port: 8096 - name: http
targetPort: 8096 port: {{ .apps.jellyfin.port }}
targetPort: http
protocol: TCP protocol: TCP
selector: selector:
app: jellyfin component: web