apiVersion: apps/v1 kind: Deployment metadata: name: yubal-playlist labels: app.kubernetes.io/controller: main app.kubernetes.io/instance: yubal-playlist app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: yubal-playlist helm.sh/chart: yubal-playlist-4.6.2 namespace: yubal-playlist spec: revisionHistoryLimit: 3 replicas: 1 strategy: type: Recreate selector: matchLabels: app.kubernetes.io/controller: main app.kubernetes.io/name: yubal-playlist app.kubernetes.io/instance: yubal-playlist template: metadata: labels: app.kubernetes.io/controller: main app.kubernetes.io/instance: yubal-playlist app.kubernetes.io/name: yubal-playlist spec: enableServiceLinks: false serviceAccountName: default automountServiceAccountToken: true hostIPC: false hostNetwork: false hostPID: false dnsPolicy: ClusterFirst initContainers: - command: - /bin/sh - -ec - | if [ ! -f "/app/ytdlp/cookies.txt" ]; then echo ">> Coping files ..." ls /app/ytdlp cp -fv /app/ytdlp/cookies-ro.txt /app/ytdlp/cookies.txt echo ">> Files in ytdlp:" ls /app/ytdlp fi image: busybox:1.37.0 imagePullPolicy: IfNotPresent name: init-copy-cookie volumeMounts: - mountPath: /app/ytdlp name: config - mountPath: /app/ytdlp/cookies-ro.txt mountPropagation: None name: cookie readOnly: true subPath: cookies.txt containers: - env: - name: VPN_SERVICE_PROVIDER value: protonvpn - name: VPN_TYPE value: wireguard - name: WIREGUARD_PRIVATE_KEY valueFrom: secretKeyRef: key: private-key name: yubal-playlist-wireguard-conf - name: UPDATER_PROTONVPN_EMAIL valueFrom: secretKeyRef: key: proton-email name: yubal-playlist-wireguard-conf - name: UPDATER_PROTONVPN_PASSWORD valueFrom: secretKeyRef: key: proton-password name: yubal-playlist-wireguard-conf - name: FIREWALL_OUTBOUND_SUBNETS value: 10.0.0.0/8 - name: FIREWALL_INPUT_PORTS value: "8080" - name: DNS_UPSTREAM_RESOLVER_TYPE value: dot image: ghcr.io/qdm12/gluetun:v3.41.0@sha256:6b54856716d0de56e5bb00a77029b0adea57284cf5a466f23aad5979257d3045 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/sh - -c - (ip rule del table 51820; ip -6 rule del table 51820) || true livenessProbe: exec: command: - /gluetun-entrypoint - healthcheck failureThreshold: 5 initialDelaySeconds: 30 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 15 name: gluetun resources: limits: devic.es/tun: "1" requests: cpu: 10m devic.es/tun: "1" memory: 128Mi securityContext: capabilities: add: - NET_ADMIN - SYS_MODULE privileged: true - env: - name: YUBAL_TZ value: America/Chicago - name: YUBAL_HOST value: 0.0.0.0 - name: YUBAL_PORT value: "8080" - name: YUBAL_DEBUG value: "true" - name: YUBAL_MB_USER_AGENT value: alexanderlebens@gmail.com - name: YUBAL_LIDARR_ENDPOINT value: http://lidarr.lidarr:80 - name: YUBAL_LIDARR_API_KEY valueFrom: secretKeyRef: key: lidarr-key name: yubal-playlist-config-secret - name: YUBAL_SUBSONIC_ENDPOINT value: http://navidrome-main.navidrome - name: YUBAL_SUBSONIC_PORT value: "80" - name: YUBAL_SUBSONIC_USER valueFrom: secretKeyRef: key: subsonic-user name: yubal-playlist-config-secret - name: YUBAL_SUBSONIC_PASSWORD valueFrom: secretKeyRef: key: subsonic-password name: yubal-playlist-config-secret image: harbor.alexlebens.net/images/yubal-playlist:0.1.10 imagePullPolicy: IfNotPresent name: main resources: requests: cpu: 10m memory: 128Mi volumeMounts: - mountPath: /app/ytdlp name: config - mountPath: /app/data name: music volumes: - name: config persistentVolumeClaim: claimName: yubal-playlist - name: cookie secret: secretName: yubal-playlist-cookie - name: music persistentVolumeClaim: claimName: yubal-playlist-nfs-storage