plex: controllers: main: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 pod: securityContext: runAsUser: 568 runAsGroup: 568 fsGroup: 568 fsGroupChangePolicy: OnRootMismatch supplementalGroups: - 44 - 100 - 109 - 65539 containers: main: image: repository: ghcr.io/onedr0p/plex tag: 1.40.3.8555-fef15d30c pullPolicy: IfNotPresent env: - name: TZ value: US/Central - name: ADVERTISE_IP value: https://plex.alexlebens.net:443/ - name: ALLOWED_NETWORKS value: 10.0.0.0/8,192.168.1.0/24 resources: limits: gpu.intel.com/i915: 1 cpu: 5000m memory: 4Gi requests: gpu.intel.com/i915: 1 cpu: 100m memory: 1Gi serviceAccount: create: true service: main: controller: main type: LoadBalancer annotations: metallb.universe.tf/allow-shared-ip: "external" externalIPs: - 192.168.1.17 - 192.168.1.16 - 192.168.1.15 ports: http: port: 32400 targetPort: 32400 protocol: HTTP ingress: main: enabled: true className: traefik annotations: traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" cert-manager.io/cluster-issuer: letsencrypt-issuer hosts: - host: plex.alexlebens.net paths: - path: / pathType: Prefix service: name: plex port: 32400 tls: - secretName: plex-secret-tls hosts: - plex.alexlebens.net persistence: config: existingClaim: plex-config advancedMounts: main: main: - path: /config readOnly: false transcode: type: emptyDir advancedMounts: main: main: - path: /transcode readOnly: false media: existingClaim: plex-nfs-storage advancedMounts: main: main: - path: /mnt/store readOnly: false