5 changed files with 21 additions and 157 deletions
--- a/kubernetes/apps/default/jellyseerr/app/externalsecret.yaml
+++ b/kubernetes/apps/default/jellyseerr/app/externalsecret.yaml
@ -1,28 +0,0 @@
 ---
 # yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret
 metadata:
  name: jellyseerr
 spec:
  secretStoreRef:
    kind: ClusterSecretStore
    name: onepassword-connect
  target:
    name: jellyseerr-secret
    template:
      engineVersion: v2
      data:
        DB_TYPE: "postgres" # Which DB engine to use. The default is "sqlite". To use postgres, this needs to be set to "postgres"
        DB_HOST: "postgres-primary-real.database.svc"
        DB_PORT: "5432"
        DB_USER: "{{ .JELLYSEERR_POSTGRES_USER }}"
        DB_PASS: "{{ .JELLYSEERR_POSTGRES_PASSWORD }}"
        DB_NAME: "jellyseerr"
        DB_LOG_QUERIES: 'false' # Whether to log the DB queries for debugging
        DB_USE_SSL: 'false' # Whether to enable ssl for database connection
  dataFrom:
    - extract:
        key: pushover
    - extract:
        key: jellyseerr
--- a/kubernetes/apps/default/jellyseerr/app/helmrelease.yaml
+++ b/kubernetes/apps/default/jellyseerr/app/helmrelease.yaml
@ -1,93 +0,0 @@
 # yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
 ---
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
  name: jellyseerr
 spec:
  chart:
    spec:
      chart: app-template
      version: 3.2.1
      interval: 30m
      sourceRef:
        kind: HelmRepository
        name: bjw-s
        namespace: flux-system
  install:
    remediation:
      retries: 3
  upgrade:
    cleanupOnFail: true
    remediation:
      retries: 3
      strategy: rollback
  interval: 30m
  valuesFrom:
    - kind: Secret
      name: jellyseerr-secret
  values:
    controllers:
      jellyseerr:
        annotations:
          reloader.stakater.com/auto: "true"
        containers:
          app:
            env:
              NODE_ENV: production
            image:
              repository: ghcr.io/jahanson/jellyseerr
              tag: v1.9.2-postgresql
            probes:
              liveness:
                enabled: true
              readiness:
                enabled: true
            resources:
              limits:
                memory: 390Mi
              requests:
                cpu: 50m
                memory: 390Mi
            securityContext:
              allowPrivilegeEscalation: false
              capabilities:
                drop:
                  - ALL
              readOnlyRootFilesystem: true
        statefulset:
          podManagementPolicy: Parallel
          volumeClaimTemplates:
            - accessMode: ReadWriteOnce
              globalMounts:
                - path: /usr/lib/jellyseerr/config
              name: config
              size: 1Mi
        type: statefulset
    defaultPodOptions:
      securityContext:
        fsGroup: 568
        runAsGroup: 568
        runAsNonRoot: true
        runAsUser: 568
        seccompProfile:
          type: RuntimeDefault
    ingress:
      app:
        annotations:
          external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
          external-dns.alpha.kubernetes.io/target: external.hsn.dev
        className: nginx-external
        hosts:
          - host: jellyseerr.hsn.dev
            paths:
              - path: /
                service:
                  identifier: app
                  port: http
    service:
      app:
        controller: jellyseerr
        ports:
          http:
            port: 5055
--- a/kubernetes/apps/default/jellyseerr/app/kustomization.yaml
+++ b/kubernetes/apps/default/jellyseerr/app/kustomization.yaml
@ -1,7 +0,0 @@
 ---
 # yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - ./externalsecret.yaml
  - ./helmrelease.yaml
--- a/kubernetes/apps/default/jellyseerr/ks.yaml
+++ b/kubernetes/apps/default/jellyseerr/ks.yaml
@ -1,29 +0,0 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: &app jellyseerr
  namespace: flux-system
 spec:
  targetNamespace: default
  commonMetadata:
    labels:
      app.kubernetes.io/name: *app
  interval: 10m
  path: "./kubernetes/apps/default/jellyseerr/app"
  prune: true
  sourceRef:
    kind: GitRepository
    name: homelab
  wait: false
  dependsOn:
    - name: openebs
    - name: crunchy-postgres-operator
    - name: external-secrets-stores
  postBuild:
    substitute:
      APP: *app
      VOLSYNC_CAPACITY: 1Gi
      APP_GID: "1000"
      APP_UID: "1000"
--- a/shell.nix
+++ b/shell.nix
@ -18,4 +18,25 @@ pkgs.mkShell {
    pre-commit
    sops
  ];
  # Possible inputs needed. Keeping here for posterity
  # age
  # ansible
  # cilium-cli
  # direnv
  # derailed/k9s/k9s
  # fluxcd/tap/flux
  # go-task/tap/go-task
  # helm
  # ipcalc
  # jq
  # kubernetes-cli
  # kustomize
  # pre-commit
  # prettier
  # shellcheck
  # sops
  # stern
  # talhelper
  # yamllint
  # yq
 }