137 lines
3.7 KiB
YAML
137 lines
3.7 KiB
YAML
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: plex
|
|
namespace: media
|
|
spec:
|
|
interval: 5m
|
|
chart:
|
|
spec:
|
|
chart: app-template
|
|
version: 3.3.2
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: bjws-charts
|
|
namespace: flux-system
|
|
|
|
values:
|
|
controllers:
|
|
plex:
|
|
containers:
|
|
app:
|
|
image:
|
|
repository: ghcr.io/onedr0p/plex
|
|
tag: 1.40.4.8679-424562606
|
|
|
|
env:
|
|
TZ: America/New_York
|
|
PLEX_ADVERTISE_URL: https://kube-plex.${SECRET_NEW_DOMAIN}:443,http://192.168.10.71:32400
|
|
PLEX_NO_AUTH_NETWORKS: 192.168.10.0/24,192.168.20.0/24,10.0.0.0/16,10.43.0.0/16
|
|
|
|
probes:
|
|
liveness: &probes
|
|
enabled: true
|
|
custom: true
|
|
spec:
|
|
httpGet:
|
|
path: /identity
|
|
port: 32400
|
|
initialDelaySeconds: 0
|
|
periodSeconds: 10
|
|
timeoutSeconds: 1
|
|
failureThreshold: 3
|
|
readiness: *probes
|
|
startup:
|
|
enabled: true
|
|
spec:
|
|
failureThreshold: 30
|
|
periodSeconds: 10
|
|
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: true
|
|
capabilities: { drop: ["ALL"] }
|
|
|
|
resources:
|
|
# requests:
|
|
# cpu: 100m
|
|
limits:
|
|
gpu.intel.com/i915: 1
|
|
memory: 16Gi
|
|
|
|
defaultPodOptions:
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 10000
|
|
runAsGroup: 10000
|
|
fsGroup: 10000
|
|
fsGroupChangePolicy: OnRootMismatch
|
|
#supplementalGroups: [44, 10000]
|
|
#seccompProfile: { type: RuntimeDefault }
|
|
nodeSelector:
|
|
intel.feature.node.kubernetes.io/gpu: "true"
|
|
|
|
service:
|
|
app:
|
|
controller: plex
|
|
# type: LoadBalancer
|
|
# annotations:
|
|
# io.cilium/lb-ipam-ips: 192.168.10.71
|
|
ports:
|
|
http:
|
|
port: 32400
|
|
|
|
ingress:
|
|
app:
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-production
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
className: external
|
|
hosts:
|
|
- host: "kube-plex.${SECRET_NEW_DOMAIN}"
|
|
paths:
|
|
- path: /
|
|
service:
|
|
identifier: app
|
|
port: http
|
|
|
|
persistence:
|
|
config:
|
|
#existingClaim: plex
|
|
# TODO: If setting up Plex for the first time, you'll want to add the globalMounts section
|
|
type: persistentVolumeClaim
|
|
size: 15Gi
|
|
retain: true
|
|
storageClass: mainpool-hostpath
|
|
accessMode: ReadWriteOnce
|
|
globalMounts:
|
|
- path: /config/Library/Application Support/Plex Media Server
|
|
|
|
# Separate PVC for cache to avoid backing up cache files
|
|
cache:
|
|
type: persistentVolumeClaim
|
|
size: 15Gi
|
|
retain: true
|
|
storageClass: mainpool-hostpath
|
|
accessMode: ReadWriteOnce
|
|
globalMounts:
|
|
- path: /config/Library/Application Support/Plex Media Server/Cache
|
|
|
|
logs:
|
|
type: emptyDir
|
|
globalMounts:
|
|
- path: /config/Library/Application Support/Plex Media Server/Logs
|
|
|
|
tmp:
|
|
type: emptyDir
|
|
|
|
transcode:
|
|
type: emptyDir
|
|
|
|
media:
|
|
type: hostPath
|
|
hostPath: /mnt/MainPool/Media/Media
|
|
globalMounts:
|
|
- path: /media
|
|
readOnly: true
|