diff --git a/kubernetes/main/apps/media/kustomization.yaml b/kubernetes/main/apps/media/kustomization.yaml index 9c5365d..bc0583c 100644 --- a/kubernetes/main/apps/media/kustomization.yaml +++ b/kubernetes/main/apps/media/kustomization.yaml @@ -11,4 +11,5 @@ resources: #- ./plex - ./tautulli - ./ombi -- ./freshrss \ No newline at end of file +- ./freshrss +- ./navidrome/ks.yaml \ No newline at end of file diff --git a/kubernetes/main/apps/media/navidrome/app/helm-release.yaml b/kubernetes/main/apps/media/navidrome/app/helm-release.yaml new file mode 100644 index 0000000..c5e1efc --- /dev/null +++ b/kubernetes/main/apps/media/navidrome/app/helm-release.yaml @@ -0,0 +1,103 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: navidrome +spec: + interval: 5m + chart: + spec: + chart: app-template + version: 3.4.0 + sourceRef: + kind: HelmRepository + name: bjws-charts + namespace: flux-system + + values: + controllers: + navidrome: + containers: + app: + image: + repository: deluan/navidrome + tag: 0.53.3 + + env: + ND_SCANSCHEDULE: 1h + ND_LOGLEVEL: info + + probes: + liveness: &probes + enabled: true + custom: true + spec: + httpGet: + path: / + port: &port 4533 + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + readiness: *probes + startup: + enabled: true + spec: + failureThreshold: 30 + periodSeconds: 10 + +# securityContext: +# allowPrivilegeEscalation: false +# readOnlyRootFilesystem: true +# capabilities: { drop: ["ALL"] } + + defaultPodOptions: + securityContext: +# runAsNonRoot: true + runAsUser: 10000 + runAsGroup: 10000 + fsGroup: 10000 + fsGroupChangePolicy: OnRootMismatch + + service: + app: + controller: navidrome + ports: + http: + port: *port + + ingress: + app: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-production + traefik.ingress.kubernetes.io/router.entrypoints: websecure + #className: external + hosts: + - host: "navidrome.${SECRET_NEW_DOMAIN}" + paths: + - path: / + service: + identifier: app + port: http + + persistence: + data: + existingClaim: navidrome + globalMounts: + - path: /data + + cache: + type: persistentVolumeClaim + size: 15Gi + retain: true + storageClass: mainpool-hostpath + accessMode: ReadWriteOnce + globalMounts: + - path: /data/cache + + media: + type: hostPath + hostPath: /mnt/MainPool/Media/Media/Music + globalMounts: + - path: /media + readOnly: true diff --git a/kubernetes/main/apps/media/navidrome/app/kustomization.yaml b/kubernetes/main/apps/media/navidrome/app/kustomization.yaml new file mode 100644 index 0000000..cc46271 --- /dev/null +++ b/kubernetes/main/apps/media/navidrome/app/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ../../../../../common/templates/volsync +- ./helm-release.yaml \ No newline at end of file diff --git a/kubernetes/main/apps/media/navidrome/ks.yaml b/kubernetes/main/apps/media/navidrome/ks.yaml new file mode 100644 index 0000000..06fef96 --- /dev/null +++ b/kubernetes/main/apps/media/navidrome/ks.yaml @@ -0,0 +1,31 @@ +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app navidrome + namespace: flux-system +spec: + timeout: 5m + interval: 10m + targetNamespace: media + path: ./kubernetes/main/apps/media/navidrome/app + prune: true + sourceRef: + kind: GitRepository + name: home-cluster + decryption: + provider: sops + secretRef: + name: sops-gpg + dependsOn: + - name: openebs + - name: openebs-sc + postBuild: + substituteFrom: + - kind: ConfigMap + name: cluster-settings + - kind: Secret + name: cluster-secrets + substitute: + APP: *app + VOLSYNC_CAPACITY: 15Gi \ No newline at end of file