Add player f3s deployment

author: Paul Buetow <paul@buetow.org> 2026-05-03 20:28:54 +0300
committer: Paul Buetow <paul@buetow.org> 2026-05-03 20:28:54 +0300
commit: 58535bca2813dca7e255940d6932b2df5abb2cc9 (patch)
tree: 01946c7cb4e5680d396694df15ea6b94ea3f3898
parent: 931ce4e8930dcad2de3bf4ed5ff8baf1d9285675 (diff)
6 files changed, 226 insertions, 0 deletions
diff --git a/f3s/argocd-apps/services/player.yaml b/f3s/argocd-apps/services/player.yaml
new file mode 100644
index 0000000..9b58691
--- /dev/null
+++ b/f3s/argocd-apps/services/player.yaml
@@ -0,0 +1,28 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: player
+  namespace: cicd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: http://git-server.cicd.svc.cluster.local/conf.git
+    targetRevision: master
+    path: f3s/player/helm-chart
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: services
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=false
+    retry:
+      limit: 3
+      backoff:
+        duration: 5s
+        factor: 2
+        maxDuration: 1m
diff --git a/f3s/player/helm-chart/Chart.yaml b/f3s/player/helm-chart/Chart.yaml
new file mode 100644
index 0000000..a7e58c0
--- /dev/null
+++ b/f3s/player/helm-chart/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+name: player
+description: Player media app for f3s
+type: application
+version: 0.1.0
+appVersion: "deba845"
diff --git a/f3s/player/helm-chart/templates/deployment.yaml b/f3s/player/helm-chart/templates/deployment.yaml
new file mode 100644
index 0000000..d8d09f6
--- /dev/null
+++ b/f3s/player/helm-chart/templates/deployment.yaml
@@ -0,0 +1,77 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: player
+  namespace: services
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: player
+  template:
+    metadata:
+      labels:
+        app: player
+    spec:
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 65534
+        runAsGroup: 65534
+        fsGroup: 65534
+      containers:
+        - name: player
+          image: registry.lan.buetow.org:30001/player:deba845
+          imagePullPolicy: IfNotPresent
+          securityContext:
+            allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: true
+            runAsNonRoot: true
+            runAsUser: 65534
+            runAsGroup: 65534
+          ports:
+            - containerPort: 8080
+              name: http
+          env:
+            - name: PORT
+              value: "8080"
+            - name: DB_PATH
+              value: "/data/media.db"
+            - name: MEDIA_ROOT
+              value: "/media"
+            - name: SECURE_COOKIES
+              value: "true"
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: http
+            initialDelaySeconds: 5
+            periodSeconds: 10
+          readinessProbe:
+            httpGet:
+              path: /readyz
+              port: http
+            initialDelaySeconds: 3
+            periodSeconds: 5
+          resources:
+            requests:
+              memory: 128Mi
+              cpu: 100m
+            limits:
+              memory: 512Mi
+              cpu: "1"
+          volumeMounts:
+            - name: player-data
+              mountPath: /data
+            - name: player-media
+              mountPath: /media
+            - name: tmp
+              mountPath: /tmp
+      volumes:
+        - name: player-data
+          persistentVolumeClaim:
+            claimName: player-data-pvc
+        - name: player-media
+          persistentVolumeClaim:
+            claimName: player-media-pvc
+        - name: tmp
+          emptyDir: {}
diff --git a/f3s/player/helm-chart/templates/ingress.yaml b/f3s/player/helm-chart/templates/ingress.yaml
new file mode 100644
index 0000000..6ef5d0f
--- /dev/null
+++ b/f3s/player/helm-chart/templates/ingress.yaml
@@ -0,0 +1,45 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: player-ingress
+  namespace: services
+  annotations:
+    spec.ingressClassName: traefik
+    traefik.ingress.kubernetes.io/router.entrypoints: web
+spec:
+  rules:
+    - host: player.f3s.buetow.org
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: player-service
+                port:
+                  number: 8080
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: player-ingress-lan
+  namespace: services
+  annotations:
+    spec.ingressClassName: traefik
+    traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
+spec:
+  tls:
+    - hosts:
+        - player.f3s.lan.buetow.org
+      secretName: f3s-lan-tls
+  rules:
+    - host: player.f3s.lan.buetow.org
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: player-service
+                port:
+                  number: 8080
diff --git a/f3s/player/helm-chart/templates/persistent-volume.yaml b/f3s/player/helm-chart/templates/persistent-volume.yaml
new file mode 100644
index 0000000..8bdb6b7
--- /dev/null
+++ b/f3s/player/helm-chart/templates/persistent-volume.yaml
@@ -0,0 +1,55 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: player-data-pv
+spec:
+  capacity:
+    storage: 1Gi
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  hostPath:
+    path: /data/nfs/k3svolumes/player/data
+    type: Directory
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: player-data-pvc
+  namespace: services
+spec:
+  storageClassName: ""
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: player-media-pv
+spec:
+  capacity:
+    storage: 10Gi
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  hostPath:
+    path: /data/nfs/k3svolumes/player/media
+    type: Directory
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: player-media-pvc
+  namespace: services
+spec:
+  storageClassName: ""
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 10Gi
diff --git a/f3s/player/helm-chart/templates/service.yaml b/f3s/player/helm-chart/templates/service.yaml
new file mode 100644
index 0000000..a1d0408
--- /dev/null
+++ b/f3s/player/helm-chart/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: player
+  name: player-service
+  namespace: services
+spec:
+  ports:
+    - name: web
+      port: 8080
+      protocol: TCP
+      targetPort: http
+  selector:
+    app: player
author	Paul Buetow <paul@buetow.org>	2026-05-03 20:28:54 +0300
committer	Paul Buetow <paul@buetow.org>	2026-05-03 20:28:54 +0300
commit	58535bca2813dca7e255940d6932b2df5abb2cc9 (patch)
tree	01946c7cb4e5680d396694df15ea6b94ea3f3898
parent	931ce4e8930dcad2de3bf4ed5ff8baf1d9285675 (diff)