apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: jellyfin namespace: jellyfin spec: chart: spec: chart: jellyfin version: 2.x sourceRef: kind: HelmRepository name: utkuozdemir namespace: flux-system interval: 15m timeout: 5m releaseName: jellyfin values: # -- Number of replicas to run. Chart is not designed to scale horizontally, use at your own risk replicaCount: 1 # -- Use host network hostNetwork: false port: 8096 hostPort: # -- Use host port for the application enabled: false # -- Host port to bind to port: 8096 # -- Additional port definitions for the pod additionalPorts: [] # - name: tcp-8920 # containerPort: 8920 # protocol: TCP # hostPort: 8920 # - name: udp-1900 # containerPort: 1900 # protocol: UDP # hostPort: 1900 # - name: udp-7359 # containerPort: 7359 # protocol: UDP # hostPort: 7359 # -- Additional port definitions for the service additionalServicePorts: [] image: # -- Image repository repository: docker.io/linuxserver/jellyfin # -- Image pull policy pullPolicy: IfNotPresent # -- Image tag (if not specified, defaults to the chart's appVersion) tag: "" # -- Image pull secrets imagePullSecrets: [] # -- String to partially override fullname template with a string (will prepend the release name) nameOverride: "" # -- String to fully override fullname template with a string fullnameOverride: "" serviceAccount: # -- Specifies whether a service account should be created create: true # -- Annotations to add to the service account annotations: {} # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template name: "" # -- Annotations for the pods podAnnotations: {} # -- Security context for the pods podSecurityContext: {} # -- Security context for the container. NET_ADMIN capability is required for the VPN to work properly. securityContext: capabilities: add: - NET_ADMIN # -- Deployment strategy strategy: type: Recreate service: # -- Type of the service type: ClusterIP # -- Port for the service to use port: 8096 ingress: # -- Expose the app using an ingress enabled: true # -- Ingress class name className: traefik # -- Annotations for the ingress annotations: traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd # -- Ingress hosts configuration # @default -- see [values.yaml](values.yaml) hosts: - host: jellyfin.michaelthomson.dev paths: - path: / pathType: ImplementationSpecific # -- The TLS configuration for the Ingress tls: - secretName: letsencrypt-wildcard-cert-michaelthomson.dev hosts: - jellyfin.michaelthomson.dev # -- The resource requests and limits of the container resources: {} # -- The node selector for the deployment nodeSelector: {} # -- Tolerations for the pod assignment tolerations: [] # -- Affinity for the pod assignment affinity: {} persistence: config: # -- Config: Enable persistence enabled: true # -- Config: Persistence type is pvc. When `false`, data volume definition is read from `persistence.config.customVolume` isPvc: true # -- Config: Name of the existing claim to be used for config existingClaim: "" # -- Config: Storage class for the volume storageClass: longhorn # -- Config: Annotations for the claim annotations: {} # helm.sh/resource-policy: keep # -- Config: Access modes for the claim accessModes: - ReadWriteOnce # -- Config: Size for the claim size: 2Gi # -- Config: Alternative data volume definition (e.g. nfs, hostPath). Used when `persistence.config.isPvc` is `false` customVolume: {} # hostPath: # path: /path/on/host data: # -- Data: Enable persistence enabled: true # -- Data: Persistence type is pvc. When `false`, data volume definition is read from `persistence.data.customVolume` isPvc: true # -- Data: Name of the existing claim to be used existingClaim: "" # -- Data: Storage class for the data volume storageClass: longhorn # -- Data: Annotations for the claim annotations: {} # helm.sh/resource-policy: keep # -- Data: Access modes for the claim accessModes: - ReadWriteOnce # -- Data: Size for the claim size: 64Gi # -- Data: Alternative data volume definition (e.g. nfs, hostPath). Used when `persistence.data.isPvc` is `false` customVolume: {} # hostPath: # path: /path/on/host # -- Non-sensitive environment variables to be set in the pods. See the [application docs](https://docs.linuxserver.io/images/docker-jellyfin) env: {} # -- Sensitive environment variables to be set in the pods. See the [application docs](https://docs.linuxserver.io/images/docker-jellyfin) secretEnv: {} # -- DNS configuration for the pod dnsConfig: {} # -- DNS policy for the pod dnsPolicy: ClusterFirst # -- Arbitrary extra volume definitions for the pod extraVolumes: [] # -- Arbitrary extra volume mounts for the pod extraVolumeMounts: {} # -- Pod liveness probe livenessProbe: {} # -- Pod readiness probe readinessProbe: httpGet: port: http # -- Init containers initContainers: [] # - name: init # image: busybox:stable-musl # command: # - sh # - -c # - echo "initializing..." # -- Sidecar containers sidecarContainers: [] # - name: sidecar # image: busybox:stable-musl # command: # - tail # - -f # - /dev/null