-
Notifications
You must be signed in to change notification settings - Fork 13
/
helmrelease.yaml
99 lines (99 loc) · 3.06 KB
/
helmrelease.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: navidrome
spec:
chart:
spec:
chart: app-template
version: 3.2.1
sourceRef:
kind: HelmRepository
name: bjw-s
namespace: flux-system
interval: 30m
values:
controllers:
navidrome:
pod:
securityContext:
runAsUser: 568
runAsGroup: &gid 2000
fsGroup: *gid
fsGroupChangePolicy: OnRootMismatch
containers:
app:
image:
repository: ghcr.io/navidrome/navidrome
tag: 0.52.5
env:
TZ: ${CONFIG_TIMEZONE}
ND_DATAFOLDER: /config
ND_MUSICFOLDER: /music
ND_PORT: &port 8080
ND_SCANSCHEDULE: 30m
ND_ENABLEDOWNLOADS: "true"
ND_ENABLEEXTERNALSERVICES: "true"
ND_ENABLESHARING: "false"
ND_ENABLETRANSCODINGCONFIG: "false"
ND_LOGLEVEL: info
ND_PROMETHEUS_ENABLED: true
ND_REVERSEPROXYUSERHEADER: "X-authentik-username"
ND_REVERSEPROXYWHITELIST: "172.16.0.0/16"
ND_AUTHREQUESTLIMIT: 0
probes:
liveness: &probes
enabled: true
custom: true
spec:
httpGet:
path: /ping
port: *port
readiness: *probes
resources:
requests:
cpu: 50m
memory: 100Mi
limits:
memory: 300Mi
service:
app:
controller: navidrome
ports:
http:
port: *port
ingress:
main:
className: public
annotations:
authentik.home.arpa/enabled: "true"
nginx.ingress.kubernetes.io/auth-signin: |-
https://${HOSTNAME}/outpost.goauthentik.io/start?rd=$escaped_request_uri
gethomepage.dev/enabled: "true"
gethomepage.dev/group: Media
gethomepage.dev/name: Navidrome
gethomepage.dev/icon: navidrome.svg
gethomepage.dev/widget.type: navidrome
gethomepage.dev/widget.url: http://navidrome.media:8080
gethomepage.dev/widget.user: "{{`{{HOMEPAGE_VAR_NAVIDROME_USER}}`}}"
gethomepage.dev/widget.token: "{{`{{HOMEPAGE_VAR_NAVIDROME_TOKEN}}`}}"
gethomepage.dev/widget.salt: "{{`{{HOMEPAGE_VAR_NAVIDROME_SALT}}`}}"
hosts:
- host: &host ${HOSTNAME}
paths:
- path: /
service:
identifier: app
port: http
tls: [hosts: [*host]]
persistence:
config:
existingClaim: ${VOLSYNC_CLAIM}
music:
existingClaim: media-datastore
globalMounts:
- path: /music
subPath: Music
readOnly: true