---
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: &app scrypted
spec:
interval: 30m
chart:
spec:
chart: app-template
version: 3.5.1
interval: 30m
sourceRef:
kind: HelmRepository
name: bjw-s
namespace: flux-system
values:
controllers:
scrypted:
annotations:
reloader.stakater.com/auto: "true"
pod:
nodeSelector:
google.feature.node.kubernetes.io/coral: "true"
nvidia.com/gpu.present: "true"
securityContext:
supplementalGroups:
- 568
containers:
app:
image:
repository: ghcr.io/koush/scrypted
tag: v0.123.31-jammy-nvidia
probes:
liveness:
enabled: true
readiness:
enabled: true
startup:
enabled: true
spec:
failureThreshold: 30
periodSeconds: 5
resources:
requests:
cpu: 136m
memory: 1024Mi
limits:
nvidia.com/gpu: 1
memory: 8192Mi
securityContext:
privileged: true
service:
app:
controller: *app
type: LoadBalancer
annotations:
io.cilium/lb-ipam-ips: 10.1.1.33
nameOverride: *app
ports:
http:
port: 11080
primary: true
rebroadcast1: # driveway
port: 39655
rebroadcast2: # sideyard
port: 46561
rebroadcast3: # doorbell
port: 44759
homekit: # homekit
port: 42010
homekit-bridge: # bridge
port: 33961
ingress:
app:
className: "internal-nginx"
annotations:
hosts:
- host: &host scrypted.jahanson.tech
paths:
- path: /
service:
identifier: app
port: http
tls:
- hosts:
- *host
persistence:
config:
existingClaim: scrypted
advancedMounts:
scrypted:
app:
- path: /server/volume
cache:
type: emptyDir
globalMounts:
- path: /.cache
cache-npm:
type: emptyDir
globalMounts:
- path: /.npm
dev-bus-usb:
type: hostPath
hostPath: /dev/bus/usb
hostPathType: Directory
sys-bus-usb:
type: hostPath
hostPath: /sys/bus/usb
hostPathType: Directory
recordings:
type: nfs
server: shadowfax.jahanson.tech
path: /nahar/scrypted
globalMounts:
- path: /recordings