--- apiVersion: apps/v1 kind: Deployment metadata: name: jellyfin namespace: media spec: selector: matchLabels: app: jellyfin template: metadata: labels: app: jellyfin spec: # USE GPU runtimeClassName: nvidia restartPolicy: Always containers: - image: ghcr.io/hotio/jellyfin imagePullPolicy: Always name: jellyfin env: - name: TZ value: Australia/Melbourne - name: PUID value: '1000' - name: PGID value: '1000' - name: UMASK value: '002' - name: NVIDIA_VISIBLE_DEVICES value: all - name: NVIDIA_DRIVER_CAPABILITIES value: all ports: - containerPort: 8096 protocol: TCP volumeMounts: - mountPath: /data name: jellyfin-data readOnly: true - mountPath: /config name: jellyfin-config volumes: - name: jellyfin-data persistentVolumeClaim: claimName: data - name: jellyfin-config persistentVolumeClaim: claimName: jellyfin-config --- kind: PersistentVolumeClaim apiVersion: v1 metadata: name: jellyfin-config namespace: media spec: storageClassName: zfs-fast accessModes: - ReadWriteOnce resources: requests: storage: 8Gi --- apiVersion: v1 kind: Service metadata: labels: app: jellyfin name: jellyfin namespace: media spec: ports: - name: web port: 8096 protocol: TCP targetPort: 8096 selector: app: jellyfin type: ClusterIP --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: jellyfin-ingress namespace: media annotations: cert-manager.io/cluster-issuer: letsencrypt-prod spec: ingressClassName: haproxy tls: - secretName: jellyfin-ingress hosts: - jf.ntwl.xyz rules: - host: jf.ntwl.xyz http: paths: - backend: service: name: jellyfin port: name: web path: / pathType: Prefix --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: jellyfin-lan-ingress namespace: media annotations: haproxy.org/ssl-redirect: "false" haproxy.org/ssl-certificate: "default/tls-secret" spec: ingressClassName: haproxy rules: - host: jfl.ntwl.xyz http: paths: - backend: service: name: jellyfin port: name: web path: / pathType: Prefix