[plex] migrate to common library (#698)

* [plex] migrate to common library * remove maintainers on old chart * fix: change additionalPorts to additionalServices
2025-02-03 07:49:03 +00:00 · 2021-03-21 14:16:46 -04:00 · 2021-03-21 14:16:46 -04:00 · 8d34db1ead
commit 8d34db1ead
parent 00ea6e06c3
20 changed files with 153 additions and 1343 deletions
--- a/charts/stable/plex-media-server/Chart.yaml
+++ b/charts/stable/plex-media-server/Chart.yaml
@ -2,7 +2,8 @@ apiVersion: v2
 appVersion: v1.22.0.4163-d8c4875dd
 description: Plex Media Server
 name: plex-media-server
-version: 2.3.1
+version: 2.3.2
 deprecated: true
 kubeVersion: ">=1.16.0-0"
 keywords:
 - plex
@ -12,9 +13,6 @@ icon: https://www.plex.tv/wp-content/uploads/2018/01/pmp-icon-1.png
 sources:
 - https://github.com/k8s-at-home/charts/tree/master/charts/stable/plex-media-server
 - https://github.com/k8s-at-home/container-images/
 maintainers:
 - name: billimek
  email: jeff@billimek.com
 dependencies:
 - name: common
  repository: https://library-charts.k8s-at-home.com
--- a/charts/stable/plex-media-server/README.md
+++ b/charts/stable/plex-media-server/README.md
@ -1,6 +1,6 @@
 # plex-media-server
-![Version: 2.3.1](https://img.shields.io/badge/Version-2.3.1-informational?style=flat-square) ![AppVersion: v1.22.0.4163-d8c4875dd](https://img.shields.io/badge/AppVersion-v1.22.0.4163--d8c4875dd-informational?style=flat-square)
+![Version: 2.3.2](https://img.shields.io/badge/Version-2.3.2-informational?style=flat-square) ![AppVersion: v1.22.0.4163-d8c4875dd](https://img.shields.io/badge/AppVersion-v1.22.0.4163--d8c4875dd-informational?style=flat-square)
 Plex Media Server
--- a/charts/stable/plex/.helmignore
+++ b/charts/stable/plex/.helmignore
@ -22,3 +22,5 @@
 .vscode/
 # OWNERS file for Kubernetes
 OWNERS
 # helm-docs templates
 *.gotmpl
--- a/charts/stable/plex/Chart.yaml
+++ b/charts/stable/plex/Chart.yaml
@ -1,15 +1,21 @@
 apiVersion: v2
-appVersion: 1.20.2.3402
+appVersion: v1.22.0.4163-d8c4875dd
 description: Plex Media Server
 name: plex
-version: 2.3.3
+version: 3.0.0
 kubeVersion: ">=1.16.0-0"
 keywords:
-  - plex
+- plex
 - plex-media-server
 home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/plex
 icon: https://www.plex.tv/wp-content/uploads/2018/01/pmp-icon-1.png
 sources:
-  - https://github.com/k8s-at-home/charts/tree/master/charts/stable/plex
+- https://github.com/k8s-at-home/charts/tree/master/charts/stable/plex
-  - https://hub.docker.com/r/plexinc/pms-docker/
+- https://github.com/k8s-at-home/container-images/
 maintainers:
-  - name: billimek
+- name: billimek
-    email: jeff@billimek.com
+  email: jeff@billimek.com
 dependencies:
 - name: common
  repository: https://library-charts.k8s-at-home.com
  version: 1.0.0
--- a/charts/stable/plex/README.md
+++ b/charts/stable/plex/README.md
@ -1,6 +1,6 @@
 # plex
-![Version: 2.3.3](https://img.shields.io/badge/Version-2.3.3-informational?style=flat-square) ![AppVersion: 1.20.2.3402](https://img.shields.io/badge/AppVersion-1.20.2.3402-informational?style=flat-square)
+![Version: 3.0.0](https://img.shields.io/badge/Version-3.0.0-informational?style=flat-square) ![AppVersion: v1.22.0.4163-d8c4875dd](https://img.shields.io/badge/AppVersion-v1.22.0.4163--d8c4875dd-informational?style=flat-square)
 Plex Media Server
@ -9,14 +9,17 @@ Plex Media Server
 ## Source Code
 * <https://github.com/k8s-at-home/charts/tree/master/charts/stable/plex>
-* <https://hub.docker.com/r/plexinc/pms-docker/>
+* <https://github.com/k8s-at-home/container-images/>
 ## Requirements
 Kubernetes: `>=1.16.0-0`
 ## Dependencies
 | Repository | Name | Version |
 |------------|------|---------|
 | https://library-charts.k8s-at-home.com | common | 1.0.0 |
 ## TL;DR
@ -73,105 +76,20 @@ N/A
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| affinity | object | `{}` |  |
+| env | object | `{}` |  |
-| certificate.pkcsMangler.certificateSecret.crtName | string | `"tls.crt"` |  |
+| hostNetwork | bool | `false` | Enable devices to be discoverable |
 | certificate.pkcsMangler.certificateSecret.keyName | string | `"tls.key"` |  |
 | certificate.pkcsMangler.certificateSecret.name | string | `""` |  |
 | certificate.pkcsMangler.certificateSecret.volume.mountPath | string | `"/etc/plex-certs"` |  |
 | certificate.pkcsMangler.certificateSecret.volume.name | string | `"plex-certs"` |  |
 | certificate.pkcsMangler.configmap.annotations | object | `{}` |  |
 | certificate.pkcsMangler.configmap.labels | object | `{}` |  |
 | certificate.pkcsMangler.configmap.name | string | `"42-pkcs-mangler"` |  |
 | certificate.pkcsMangler.enabled | bool | `false` |  |
 | certificate.pkcsMangler.image.repository | string | `"tlsprint/openssl"` |  |
 | certificate.pkcsMangler.image.tag | string | `"1.1.1f"` |  |
 | certificate.pkcsMangler.pfxInContainerPath | string | `"/config/plex.pfx"` |  |
 | certificate.pkcsMangler.pfxPassword.annotations | object | `{}` |  |
 | certificate.pkcsMangler.pfxPassword.labels | object | `{}` |  |
 | certificate.pkcsMangler.pfxPassword.passwordKey | string | `"pfx-password"` |  |
 | certificate.pkcsMangler.pfxPassword.secretName | string | `"plex-media-server-pfx-password"` |  |
 | certificate.pkcsMangler.pfxPassword.value | string | `"setpassword"` |  |
 | certificate.pkcsMangler.setPlexPreferences.customCertificateDomain | string | `""` |  |
 | certificate.pkcsMangler.setPlexPreferences.enabled | bool | `true` |  |
 | certificate.pkcsMangler.volume.defaultMode | int | `493` |  |
 | certificate.pkcsMangler.volume.mountPath | string | `"/etc/cont-init.d/42-pkcs-mangler"` |  |
 | certificate.pkcsMangler.volume.name | string | `"42-pkcs-mangler"` |  |
 | certificate.pkcsMangler.volume.subPath | string | `"42-pkcs-mangler"` |  |
 | claimToken | string | `""` |  |
 | deploymentAnnotations | object | `{}` |  |
 | fullnameOverride | string | `""` |  |
 | hostNetwork | bool | `false` |  |
 | image.pullPolicy | string | `"IfNotPresent"` |  |
-| image.repository | string | `"plexinc/pms-docker"` |  |
+| image.repository | string | `"ghcr.io/k8s-at-home/plex"` |  |
-| image.tag | string | `"1.20.2.3402-0fec14d92"` |  |
+| image.tag | string | `"v1.22.0.4163-d8c4875dd"` |  |
 | imagePullSecrets | list | `[]` |  |
 | ingress.annotations | object | `{}` |  |
 | ingress.enabled | bool | `false` |  |
-| ingress.hosts[0] | string | `"chart-example.local"` |  |
+| persistence.config.emptyDir | bool | `false` |  |
-| ingress.path | string | `"/"` |  |
+| persistence.config.enabled | bool | `false` |  |
-| ingress.tls | list | `[]` |  |
+| persistence.config.mountPath | string | `"/config"` |  |
-| logging.promtail.enabled | bool | `false` |  |
+| persistence.transcode.emptyDir | bool | `false` |  |
 | logging.promtail.image.pullPolicy | string | `"IfNotPresent"` |  |
 | logging.promtail.image.repository | string | `"grafana/promtail"` |  |
 | logging.promtail.image.tag | string | `"1.6.0"` |  |
 | logging.promtail.loki.url | string | `"http://loki.logs.svc.cluster.local:3100/loki/api/v1/push"` |  |
 | nameOverride | string | `""` |  |
 | nodeSelector | object | `{}` |  |
 | persistence.config.accessMode | string | `"ReadWriteOnce"` |  |
 | persistence.config.size | string | `"20Gi"` |  |
 | persistence.config.storageClass | string | `""` |  |
 | persistence.data.accessMode | string | `"ReadWriteOnce"` |  |
 | persistence.data.enabled | bool | `true` |  |
 | persistence.data.size | string | `"40Gi"` |  |
 | persistence.data.storageClass | string | `""` |  |
 | persistence.extraData | list | `[]` |  |
 | persistence.extraMounts | list | `[]` |  |
 | persistence.transcode.accessMode | string | `"ReadWriteOnce"` |  |
 | persistence.transcode.emptyDir.medium | string | `""` |  |
 | persistence.transcode.enabled | bool | `false` |  |
-| persistence.transcode.size | string | `"20Gi"` |  |
+| persistence.transcode.mountPath | string | `"/transcode"` |  |
-| persistence.transcode.storageClass | string | `""` |  |
+| service.port.port | int | `32400` |  |
-| plexPreferences.configmap.annotations | object | `{}` |  |
+| strategy.type | string | `"Recreate"` |  |
 | plexPreferences.configmap.labels | object | `{}` |  |
 | plexPreferences.configmap.name | string | `"41-plex-preferences"` |  |
 | plexPreferences.enabled | bool | `false` |  |
 | plexPreferences.volume.defaultMode | int | `493` |  |
 | plexPreferences.volume.mountPath | string | `"/etc/cont-init.d/41-plex-preferences"` |  |
 | plexPreferences.volume.name | string | `"41-plex-preferences"` |  |
 | plexPreferences.volume.subPath | string | `"41-plex-preferences"` |  |
 | podAnnotations | object | `{}` |  |
 | podSecurityContext | object | `{}` |  |
 | probes.liveness.enabled | bool | `true` |  |
 | probes.liveness.failureThreshold | int | `5` |  |
 | probes.liveness.httpGet.path | string | `"/identity"` |  |
 | probes.liveness.httpGet.port | int | `32400` |  |
 | probes.liveness.periodSeconds | int | `10` |  |
 | probes.readiness.enabled | bool | `true` |  |
 | probes.readiness.failureThreshold | int | `5` |  |
 | probes.readiness.httpGet.path | string | `"/identity"` |  |
 | probes.readiness.httpGet.port | int | `32400` |  |
 | probes.readiness.periodSeconds | int | `10` |  |
 | probes.startup.enabled | bool | `true` |  |
 | probes.startup.failureThreshold | int | `30` |  |
 | probes.startup.httpGet.path | string | `"/identity"` |  |
 | probes.startup.httpGet.port | int | `32400` |  |
 | probes.startup.initialDelaySeconds | int | `5` |  |
 | probes.startup.periodSeconds | int | `10` |  |
 | proxy.enabled | bool | `false` |  |
 | resources | object | `{}` |  |
 | securityContext | object | `{}` |  |
 | serviceTCP.annotations | object | `{}` |  |
 | serviceTCP.labels | object | `{}` |  |
 | serviceTCP.loadBalancerIP | string | `nil` |  |
 | serviceTCP.port | int | `32400` |  |
 | serviceTCP.type | string | `"ClusterIP"` |  |
 | serviceUDP.annotations | object | `{}` |  |
 | serviceUDP.labels | object | `{}` |  |
 | serviceUDP.loadBalancerIP | string | `nil` |  |
 | serviceUDP.type | string | `"ClusterIP"` |  |
 | strategyType | string | `"Recreate"` |  |
 | timezone | string | `"UTC"` |  |
 | tolerations | list | `[]` |  |
 ## Changelog
@ -179,6 +97,12 @@ All notable changes to this application Helm chart will be documented in this fi
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 ### [3.0.0]
 #### Added
 - **BREAKING** this chart is now using the common library, do not upgrade unless you know what you are doing. In most cases it is better to stay with `v2.3.1` unless you know what you are doing. There is no clear migration path since everyones deployment can vary.
 ### [2.3.1]
 #### Added
@ -193,6 +117,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - N/A
 [3.0.0]: #3.0.0
 [2.3.1]: #2.3.1
 ## Support
--- a/charts/stable/plex/README_CHANGELOG.md.gotmpl
+++ b/charts/stable/plex/README_CHANGELOG.md.gotmpl
@ -9,6 +9,12 @@ All notable changes to this application Helm chart will be documented in this fi
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 ### [3.0.0]
 #### Added
 - **BREAKING** this chart is now using the common library, do not upgrade unless you know what you are doing. In most cases it is better to stay with `v2.3.1` unless you know what you are doing. There is no clear migration path since everyones deployment can vary.
 ### [2.3.1]
 #### Added
@ -23,5 +29,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - N/A
 [3.0.0]: #3.0.0
 [2.3.1]: #2.3.1
 {{- end -}}
--- a/charts/stable/plex/configs/41-plex-preferences
+++ b/charts/stable/plex/configs/41-plex-preferences
@ -1,64 +0,0 @@
 #!/usr/bin/with-contenv bash
 # This file is based off of the official 40-plex-first-run
 # Here: https://github.com/plexinc/pms-docker/blob/master/root/etc/cont-init.d/40-plex-first-run
 # It should live in /etc/cont-init.d/
 # If we are debugging, enable trace
 if [ "${DEBUG,,}" = "true" ]; then
  set -x
 fi
 function getPref {
  local key="$1"
  xmlstarlet sel -T -t -m "/Preferences" -v "@${key}" -n "${prefFile}"
 }
 function setPref {
  local key="$1"
  local value="$2"
  count="$(xmlstarlet sel -t -v "count(/Preferences/@${key})" "${prefFile}")"
  count=$(($count + 0))
  if [[ $count > 0 ]]; then
    xmlstarlet ed --inplace --update "/Preferences/@${key}" -v "${value}" "${prefFile}"
  else
    xmlstarlet ed --inplace --insert "/Preferences"  --type attr -n "${key}" -v "${value}" "${prefFile}"
  fi
 }
 home="$(echo ~plex)"
 pmsApplicationSupportDir="${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR:-${home}/Library/Application Support}"
 prefFile="${pmsApplicationSupportDir}/Plex Media Server/Preferences.xml"
 if [ ! -z "${ADVERTISE_IP}" ]; then
  setPref "customConnections" "${ADVERTISE_IP}"
 fi
 if [ ! -z "${ALLOWED_NETWORKS}" ]; then
  setPref "allowedNetworks" "${ALLOWED_NETWORKS}"
 fi
 # Set transcoder temp if not yet set
 if [ -z "$(getPref "TranscoderTempDirectory")" ]; then
  setPref "TranscoderTempDirectory" "/transcode"
 fi
 # Parse list of all exported variables that start with PLEX_PREFERENCE_
 # The format of which is PLEX_PREFERENCE_<SOMETHING>="Key=Value"
 # Where Key is the EXACT key to use in the Plex Preference file
 # And Value is the EXACT value to use in the Plex Preference file for that key.
 # Please note it looks like many of the key's are camelCase in some fashion.
 # Additionally there are likely some preferences where environment variable injection
 # doesn't really work for.
 for var in "${!PLEX_PREFERENCE_@}"; do
  value=${!var}
  PreferenceValue=${value#*=}
  PreferenceKey=${value%=*}
  setPref $PreferenceKey $PreferenceValue
 done
 # touch /.firstRunComplete
 # echo "Plex Media Server first run setup complete"
 echo "Plex Media Server preferences update run complete"
--- a/charts/stable/plex/configs/42-pkcs-mangler
+++ b/charts/stable/plex/configs/42-pkcs-mangler
@ -1,53 +0,0 @@
 #!/usr/bin/with-contenv bash
 # This file contains part of the official PLEX 40-plex-first-run
 # Here: https://github.com/plexinc/pms-docker/blob/master/root/etc/cont-init.d/40-plex-first-run
 # It should live in /etc/cont-init.d/
 # If we are debugging, enable trace
 if [ "${DEBUG,,}" = "true" ]; then
  set -x
 fi
 function setPref {
  local key="$1"
  local value="$2"
  count="$(xmlstarlet sel -t -v "count(/Preferences/@${key})" "${prefFile}")"
  count=$(($count + 0))
  if [[ $count > 0 ]]; then
    xmlstarlet ed --inplace --update "/Preferences/@${key}" -v "${value}" "${prefFile}"
  else
    xmlstarlet ed --inplace --insert "/Preferences"  --type attr -n "${key}" -v "${value}" "${prefFile}"
  fi
 }
 home="$(echo ~plex)"
 pmsApplicationSupportDir="${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR:-${home}/Library/Application Support}"
 prefFile="${pmsApplicationSupportDir}/Plex Media Server/Preferences.xml"
 # If PKCSMANGLER__PFXINCONTAINERPATH is set, then assume we want to move the PFX Cert to that location
 if [ ! -z "${PKCSMANGLER_PFXINCONTAINERPATH}" ]; then
  # If it ends up a problem, we may need to set some kind of "don't replace existing PFX cert"
  cp -f /shared/cert.pfx "${PKCSMANGLER_PFXINCONTAINERPATH}"
  # If PKCSMANGLER__CUSTOMCERTDOMAIN is set, then assume we want to set the PLEX Preference customCertificatePath because we enabled setting PLEX Preferences
  if [ ! -z "${PKCSMANGLER_CUSTOMCERTDOMAIN}" ]; then
    setPref "customCertificatePath" "${PKCSMANGLER_PFXINCONTAINERPATH}"
  fi
 fi
 # If PKCSMANGLER_PFXPASSWORD is set, then assume we want to set the PLEX Preference customCertificateKey
 if [ ! -z "${PKCSMANGLER_PFXPASSWORD}" ]; then
  setPref "customCertificateKey" "${PKCSMANGLER_PFXPASSWORD}"
 fi
 # If PKCSMANGLER__CUSTOMCERTDOMAIN is set, then assume we want to set the PLEX Preference customCertificateDomain
 if [ ! -z "${PKCSMANGLER_CUSTOMCERTDOMAIN}" ]; then
  PreferenceValue=${PKCSMANGLER_CUSTOMCERTDOMAIN#*=}
  PreferenceKey=${PKCSMANGLER_CUSTOMCERTDOMAIN%=*}
  setPref $PreferenceKey $PreferenceValue
 fi
 # touch /.firstRunComplete
 # echo "Plex Media Server first run setup complete"
 echo "PKCS Mangler run complete"
--- a/charts/stable/plex/templates/NOTES.txt
+++ b/charts/stable/plex/templates/NOTES.txt
@ -1,19 +1 @@
-1. Get the application URL by running these commands:
+{{- include "common.notes.defaultNotes" . -}}
 {{- if .Values.ingress.enabled }}
 {{- range $host := .Values.ingress.hosts }}
  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}
 {{- end }}
 {{- else if contains "NodePort" .Values.serviceTCP.type }}
  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "plex.fullname" . }})
  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
  echo http://$NODE_IP:$NODE_PORT
 {{- else if contains "LoadBalancer" .Values.serviceTCP.type }}
     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "plex.fullname" . }}'
  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "plex.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
  echo http://$SERVICE_IP:{{ .Values.serviceTCP.port }}
 {{- else if contains "ClusterIP" .Values.serviceTCP.type }}
  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "plex.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
  echo "Visit http://127.0.0.1:8080 to use your application"
  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80
 {{- end }}
--- a/charts/stable/plex/templates/_helpers.tpl
+++ b/charts/stable/plex/templates/_helpers.tpl
@ -1,81 +0,0 @@
 {{/* vim: set filetype=mustache: */}}
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "plex.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "plex.fullname" -}}
 {{- if .Values.fullnameOverride -}}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
 {{- $name := default .Chart.Name .Values.nameOverride -}}
 {{- if contains $name .Release.Name -}}
 {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{- end -}}
 {{- end -}}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "plex.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{/*
 Common labels
 */}}
 {{- define "plex.labels" -}}
 helm.sh/chart: {{ include "plex.chart" . }}
 {{ include "plex.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end -}}
 {{/*
 Selector labels
 */}}
 {{- define "plex.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "plex.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end -}}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "plex.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create -}}
    {{ default (include "plex.fullname" .) .Values.serviceAccount.name }}
 {{- else -}}
    {{ default "default" .Values.serviceAccount.name }}
 {{- end -}}
 {{- end -}}
 {{/*
 abstract: |
  Joins a list of values into a comma separated string
 values: |
  test:
    - foo
    - bar
 usage: |
  {{ include "joinListWithComma" .Values.test }}
 return: |
  foo,bar
 */}}
 {{- define "joinListWithComma" -}}
 {{- $local := dict "first" true -}}
 {{- range $k, $v := . -}}{{- if not $local.first -}},{{- end -}}{{- $v -}}{{- $_ := set $local "first" false -}}{{- end -}}
 {{- end -}}
--- a/charts/stable/plex/templates/common.yaml
+++ b/charts/stable/plex/templates/common.yaml
@ -0,0 +1 @@
 {{ include "common.all" . }}
--- a/charts/stable/plex/templates/configmap.yaml
+++ b/charts/stable/plex/templates/configmap.yaml
@ -1,42 +0,0 @@
 {{- if .Values.plexPreferences.enabled -}}
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ .Values.plexPreferences.configmap.name }}
  labels:
    {{- include "plex.labels" . | nindent 4 }}
 {{- if .Values.plexPreferences.configmap.labels }}
 {{ toYaml .Values.plexPreferences.configmap.labels | indent 4 }}
 {{- end }}
 {{- with .Values.plexPreferences.configmap.annotations }}
  annotations:
 {{ toYaml . | indent 4 }}
 {{- end }}
 data:
 # At some point figure out how to use a value/Variable here to be able to specify
 # a different file or something.
 {{ (tpl (.Files.Glob "configs/41-plex-preferences").AsConfig . ) | indent 2 }}
 {{- end -}}
 {{- if .Values.certificate.pkcsMangler.enabled }}
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ .Values.certificate.pkcsMangler.configmap.name }}
  labels:
    {{- include "plex.labels" . | nindent 4 }}
 {{- if .Values.certificate.pkcsMangler.configmap.labels }}
 {{ toYaml .Values.certificate.pkcsMangler.configmap.labels | indent 4 }}
 {{- end }}
 {{- with .Values.certificate.pkcsMangler.configmap.annotations }}
  annotations:
 {{ toYaml . | indent 4 }}
 {{- end }}
 data:
 # At some point figure out how to use a value/Variable here to be able to specify
 # a different file or something.
 {{ (tpl (.Files.Glob "configs/42-pkcs-mangler").AsConfig . ) | indent 2 }}
 {{- end -}}
--- a/charts/stable/plex/templates/deployment.yaml
+++ b/charts/stable/plex/templates/deployment.yaml
@ -1,353 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ include "plex.fullname" . }}
  labels:
    {{- include "plex.labels" . | nindent 4 }}
  {{- if .Values.deploymentAnnotations }}
  annotations:
    {{- range $key, $value := .Values.deploymentAnnotations }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
 spec:
  replicas: 1
  revisionHistoryLimit: 3
  strategy:
    type: {{ .Values.strategyType }}
  selector:
    matchLabels:
      {{- include "plex.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
        {{- include "plex.selectorLabels" . | nindent 8 }}
      {{- if .Values.podAnnotations }}
      annotations:
        {{- range $key, $value := .Values.podAnnotations }}
        {{ $key }}: {{ $value | quote }}
        {{- end }}
      {{- end }}
    spec:
    {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
    {{- end }}
    {{- if .Values.hostNetwork }}
      hostNetwork: {{ .Values.hostNetwork }}
      dnsPolicy: ClusterFirstWithHostNet
    {{- end }}
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
  {{- if .Values.certificate.pkcsMangler.enabled }}
      initContainers:
      # This is ugly, but it does work to create a pks file that will work with PLEX from the tls.crt and tls.key that cert-manager normally creates
      {{- if .Values.certificate.pkcsMangler.enabled }}
      - name: pkcsmangler-init-container
        image: "{{ .Values.certificate.pkcsMangler.image.repository }}:{{ .Values.certificate.pkcsMangler.image.tag }}"
        imagePullPolicy: Always
        command: ["/bin/sh"]
        args: ["-c", "openssl pkcs12 -export -passout pass:$(PKCSMANGLER_PFXPASSWORD) -out /shared/cert.pfx -inkey {{ .Values.certificate.pkcsMangler.certificateSecret.volume.mountPath }}/{{ .Values.certificate.pkcsMangler.certificateSecret.keyName }} -in {{ .Values.certificate.pkcsMangler.certificateSecret.volume.mountPath }}/{{ .Values.certificate.pkcsMangler.certificateSecret.crtName }}; chmod 0444 /shared/cert.pfx"]
        env:
          - name: "PKCSMANGLER_PFXPASSWORD"
            valueFrom:
              secretKeyRef:
                name: {{ .Values.certificate.pkcsMangler.pfxPassword.secretName }}
                key: {{ .Values.certificate.pkcsMangler.pfxPassword.passwordKey }}
        volumeMounts:
        - name: shared
          mountPath: /shared
        - name: {{ .Values.certificate.pkcsMangler.certificateSecret.volume.name }}
          mountPath: {{ .Values.certificate.pkcsMangler.certificateSecret.volume.mountPath }}
      {{- end }}
  {{- end }}
      containers:
      {{- if .Values.logging.promtail.enabled }}
        - name: {{ .Chart.Name }}-promtail
          image: "{{ .Values.logging.promtail.image.repository }}:{{ .Values.logging.promtail.image.tag }}"
          imagePullPolicy: {{ .Values.logging.promtail.image.pullPolicy }}
          args:
          - -config.file=/etc/promtail/promtail.yaml
          volumeMounts:
          - name: promtail-config
            mountPath: /etc/promtail/promtail.yaml
            subPath: promtail.yaml
            readOnly: true
          - name: shared-logs
            mountPath: /plex-logs
      {{- end }}
        - name: {{ .Chart.Name }}
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          ports:
          - name: pms
            protocol: TCP
            containerPort: 32400
          - name: plex-dlna
            protocol: TCP
            containerPort: 32469
          - name: plex-dlna-udp
            protocol: UDP
            containerPort: 1900
          - name: plex-gdm1
            protocol: UDP
            containerPort: 32410
          - name: plex-gdm2
            protocol: UDP
            containerPort: 32412
          - name: plex-gdm3
            protocol: UDP
            containerPort: 32413
          - name: plex-gdm4
            protocol: UDP
            containerPort: 32414
          env:
          - name: TZ
            value: "{{ .Values.timezone }}"
          # TODO: move this to a secret?
          - name: PLEX_CLAIM
            value: "{{ .Values.claimToken }}"
          # plex env vars
          - name: PMS_INTERNAL_ADDRESS
            value: http://{{ template "plex.fullname" . }}:32400
          - name: PMS_IMAGE
            value: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
          - name: KUBE_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
          - name: TRANSCODE_PVC
  {{- if .Values.persistence.transcode.claimName }}
            value: "{{ .Values.persistence.transcode.claimName }}"
  {{- else }}
            value: "{{ template "plex.fullname" . }}-transcode"
  {{- end }}
  {{- if .Values.persistence.data.enabled }}
          - name: DATA_PVC
    {{- if .Values.persistence.data.claimName }}
            value: "{{ .Values.persistence.data.claimName }}"
    {{- else }}
            value: "{{ template "plex.fullname" . }}-data"
    {{- end }}
  {{- end }}
          - name: CONFIG_PVC
  {{- if .Values.persistence.config.claimName }}
            value: "{{ .Values.persistence.config.claimName }}"
  {{- else }}
            value: "{{ template "plex.fullname" . }}-config"
  {{- end }}
  {{- if .Values.proxy.enabled }}
    {{- if .Values.proxy.http }}
          - name: "HTTP_PROXY"
            value: "{{.Values.proxy.http}}"
    {{- end }}
    {{- if .Values.proxy.https }}
          - name: "HTTPS_PROXY"
            value: "{{.Values.proxy.https}}"
    {{- end }}
    {{- if .Values.proxy.noproxy }}
          - name: "NO_PROXY"
            value: "{{.Values.proxy.noproxy}}"
    {{- end }}
  {{- end }}
  {{- if .Values.advertiseIp }}
          - name: "ADVERTISE_IP"
            value: "{{.Values.advertiseIp}}"
 {{- end }}
 {{- if .Values.changeConfigDirOwnership }}
          - name: "CHANGE_CONFIG_DIR_OWNERSHIP"
            value: "{{.Values.changeConfigDirOwnership}}"
 {{- end }}
 {{- if .Values.allowedNetworks }}
          - name: "ALLOWED_NETWORKS"
            value: "{{include "joinListWithComma" .Values.allowedNetworks}}"
 {{- end }}
 {{- if .Values.plexUid }}
          - name: "PLEX_UID"
            value: "{{.Values.plexUid}}"
 {{- end }}
 {{- if .Values.plexGid }}
          - name: "PLEX_GID"
            value: "{{.Values.plexGid}}"
 {{- end }}
 # Extra ENV Values supplied by user
 {{- range $key, $value := .Values.extraEnv }}
          - name: {{ $key }}
            value: "{{ $value }}"
 {{- end }}
 # This is part of pkcsMangler
 {{- if .Values.certificate.pkcsMangler.enabled }}
          - name: "PKCSMANGLER_PFXINCONTAINERPATH"
            value: "{{.Values.certificate.pkcsMangler.pfxInContainerPath}}"
 {{- if .Values.certificate.pkcsMangler.setPlexPreferences.enabled }}
          - name: "PKCSMANGLER_PFXPASSWORD"
            valueFrom:
              secretKeyRef:
                name: {{ .Values.certificate.pkcsMangler.pfxPassword.secretName }}
                key: {{ .Values.certificate.pkcsMangler.pfxPassword.passwordKey }}
          - name: "PKCSMANGLER_CUSTOMCERTDOMAIN"
            value: "customCertificateDomain={{.Values.certificate.pkcsMangler.setPlexPreferences.customCertificateDomain}}"
 {{- end }}
 {{- end }}
          {{- if .Values.probes.readiness.enabled }}
          readinessProbe:
            {{- omit .Values.probes.readiness "enabled" | toYaml | nindent 12 }}
          {{- end }}
          {{- if .Values.probes.liveness.enabled }}
          livenessProbe:
            {{- omit .Values.probes.liveness "enabled" | toYaml | nindent 12 }}
          {{- end }}
          {{- if .Values.probes.startup.enabled }}
          startupProbe:
            {{- omit .Values.probes.startup "enabled" | toYaml | nindent 12 }}
          {{- end }}
          volumeMounts:
          {{- if .Values.persistence.data.enabled }}
          - name: data
            mountPath: /data
          {{- if .Values.persistence.data.subPath }}
            subPath: {{ .Values.persistence.data.subPath }}
          {{ end }}
          {{ end }}
          - name: config
            mountPath: /config
          {{- if .Values.persistence.config.subPath }}
            subPath: {{ .Values.persistence.config.subPath }}
          {{ end }}
          - name: transcode
            mountPath: /transcode
          {{- if .Values.persistence.transcode.subPath }}
            subPath: {{ .Values.persistence.transcode.subPath }}
          {{ end }}
          {{-  range .Values.persistence.extraData }}
          - mountPath: "/data-{{ .name }}"
          {{- if .subPath }}
            subPath: {{ .subPath }}
          {{ end }}
            name: "extradata-{{ .name }}"
          {{- end }}
          {{-  range .Values.persistence.extraMounts }}
          {{- if .mountPath }}
          - mountPath: /{{ .mountPath }}
          {{- else }}
          - mountPath: /{{ .name }}
          {{- end }}
          {{- if .subPath }}
            subPath: {{ .subPath }}
          {{ end }}
            name: {{ .name }}
          {{- end }}
          - name: shared
            mountPath: /shared
          - name: shared-logs
            mountPath: "/config/Library/Application Support/Plex Media Server/Logs"
          {{- if .Values.plexPreferences.enabled }}
          - name: {{ .Values.plexPreferences.volume.name }}
            mountPath: {{ .Values.plexPreferences.volume.mountPath }}
            subPath: {{ .Values.plexPreferences.volume.subPath }}
          {{- end }}
          {{- if .Values.certificate.pkcsMangler.enabled }}
          - name: {{ .Values.certificate.pkcsMangler.volume.name }}
            mountPath: {{ .Values.certificate.pkcsMangler.volume.mountPath }}
            subPath: {{ .Values.certificate.pkcsMangler.volume.subPath }}
          {{- end }}
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
 ##### VOLUMES START #####
      volumes:
 {{- if .Values.persistence.data.enabled }}
      - name: data
        persistentVolumeClaim:
  {{- if .Values.persistence.data.claimName }}
          claimName: "{{ .Values.persistence.data.claimName }}"
  {{- else }}
          claimName: "{{ template "plex.fullname" . }}-data"
  {{- end }}
 {{- end }}
      - name: config
        persistentVolumeClaim:
 {{- if .Values.persistence.config.claimName }}
          claimName: "{{ .Values.persistence.config.claimName }}"
 {{- else }}
          claimName: "{{ template "plex.fullname" . }}-config"
 {{- end }}
      - name: transcode
 {{- if .Values.persistence.transcode.enabled }}
        persistentVolumeClaim:
 {{- if .Values.persistence.transcode.claimName }}
          claimName: "{{ .Values.persistence.transcode.claimName }}"
 {{- else }}
          claimName: "{{ template "plex.fullname" . }}-transcode"
 {{- end }}
 {{- else }}
 {{- if .Values.persistence.transcode.emptyDir.medium }}
        emptyDir:
          medium: "{{ .Values.persistence.transcode.emptyDir.medium }}"
 {{- else }}
        emptyDir: {}
 {{- end }}
 {{- end }}
 {{-  range .Values.persistence.extraData }}
      - name: "extradata-{{ .name }}"
        persistentVolumeClaim:
 {{- if .claimName }}
          claimName: "{{ .claimName }}"
 {{- else }}
          claimName: "extradata-{{ .name }}"
 {{- end }}
 {{- end }}
 {{- range .Values.persistence.extraMounts }}
  {{- if .claimName }}
      - name: {{ .name }}
        persistentVolumeClaim:
          claimName: {{ .claimName }}
  {{- else if .volume }}
      - name: {{ .name }}
        {{- toYaml .volume | nindent 8 }}
  {{- end }}
 {{- end }}
      - name: shared
        emptyDir: {}
      - name: shared-logs
        emptyDir: {}
      {{- if .Values.plexPreferences.enabled }}
      - name: {{ .Values.plexPreferences.volume.name }}
        configMap:
          name: {{ .Values.plexPreferences.configmap.name }}
          defaultMode: {{ .Values.plexPreferences.volume.defaultMode }}
      {{- end }}
      {{- if .Values.certificate.pkcsMangler.enabled }}
      - name: {{ .Values.certificate.pkcsMangler.volume.name }}
        configMap:
          name: {{ .Values.certificate.pkcsMangler.configmap.name }}
          defaultMode: {{ .Values.certificate.pkcsMangler.volume.defaultMode }}
      - name: {{ .Values.certificate.pkcsMangler.certificateSecret.volume.name }}
        secret:
          secretName: {{ .Values.certificate.pkcsMangler.certificateSecret.name }}
      {{- end }}
      {{- if .Values.logging.promtail.enabled }}
      - name: promtail-config
        projected:
          defaultMode: 0444
          sources:
          - configMap:
              name: {{ template "plex.fullname" . }}-promtail
              items:
                - key: promtail.yaml
                  path: promtail.yaml
      {{- end }}
 ##### VOLUMES END #####
    {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
    {{- end }}
    {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
    {{- end }}
    {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
    {{- end }}
--- a/charts/stable/plex/templates/ingress.yaml
+++ b/charts/stable/plex/templates/ingress.yaml
@ -1,40 +0,0 @@
 {{- if .Values.ingress.enabled -}}
 {{- $fullName := include "plex.fullname" . -}}
 {{- $svcPort := .Values.serviceTCP.port -}}
 {{- $ingressPath := .Values.ingress.path -}}
 {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1beta1
 {{- else -}}
 apiVersion: extensions/v1beta1
 {{- end }}
 kind: Ingress
 metadata:
  name: {{ $fullName }}
  labels:
    {{- include "plex.labels" . | nindent 4 }}
  {{- with .Values.ingress.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 spec:
 {{- if .Values.ingress.tls }}
  tls:
  {{- range .Values.ingress.tls }}
    - hosts:
      {{- range .hosts }}
        - {{ . | quote }}
      {{- end }}
      secretName: {{ .secretName }}
  {{- end }}
 {{- end }}
  rules:
  {{- range .Values.ingress.hosts }}
    - host: {{ . | quote }}
      http:
        paths:
          - path: {{ $ingressPath }}
            backend:
              serviceName: {{ $fullName }}-tcp
              servicePort: {{ $svcPort }}
  {{- end }}
 {{- end }}
--- a/charts/stable/plex/templates/promtail-configmap.yaml
+++ b/charts/stable/plex/templates/promtail-configmap.yaml
@ -1,36 +0,0 @@
 {{- if .Values.logging.promtail.enabled }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ template "plex.fullname" . }}-promtail
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ include "plex.name" . }}
    helm.sh/chart: {{ include "plex.chart" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
 data:
  promtail.yaml: |
    server:
      http_listen_port: 9080
      grpc_listen_port: 0
    positions:
      filename: /tmp/positions.yaml
    clients:
    - url: {{ .Values.logging.promtail.loki.url }}
    scrape_configs:
    - job_name: plex-logs
      static_configs:
      - targets:
          - localhost
        labels:
          job: plex-logs
          __path__: "/plex-logs/*.log"
    - job_name: plex-plugin-logs
      static_configs:
      - targets:
          - localhost
        labels:
          job: plex-plugin-logs
          __path__: "/plex-logs/PMS Plugin Logs/*.log"
 {{- end }}
--- a/charts/stable/plex/templates/secrets.yaml
+++ b/charts/stable/plex/templates/secrets.yaml
@ -1,18 +0,0 @@
 {{- if .Values.certificate.pkcsMangler.enabled -}}
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ .Values.certificate.pkcsMangler.pfxPassword.secretName }}
  labels:
    {{- include "plex.labels" . | nindent 4 }}
 {{- if .Values.certificate.pkcsMangler.pfxPassword.labels }}
 {{ toYaml .Values.certificate.pkcsMangler.pfxPassword.labels | indent 4 }}
 {{- end }}
 {{- with .Values.certificate.pkcsMangler.pfxPassword.annotations }}
  annotations:
 {{ toYaml . | indent 4 }}
 {{- end }}
 type: Opaque
 stringData:
  {{ .Values.certificate.pkcsMangler.pfxPassword.passwordKey }}: {{ .Values.certificate.pkcsMangler.pfxPassword.value }}
 {{- end -}}
--- a/charts/stable/plex/templates/service-tcp.yaml
+++ b/charts/stable/plex/templates/service-tcp.yaml
@ -1,57 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "plex.fullname" . }}-tcp
  labels:
    {{- include "plex.labels" . | nindent 4 }}
 {{- if .Values.serviceTCP.labels }}
 {{ toYaml .Values.serviceTCP.labels | indent 4 }}
 {{- end }}
 {{- with .Values.serviceTCP.annotations }}
  annotations:
 {{ toYaml . | indent 4 }}
 {{- end }}
 spec:
 {{- if (or (eq .Values.serviceTCP.type "ClusterIP") (empty .Values.serviceTCP.type)) }}
  type: ClusterIP
  {{- if .Values.serviceTCP.clusterIP }}
  clusterIP: {{ .Values.serviceTCP.clusterIP }}
  {{end}}
 {{- else if eq .Values.serviceTCP.type "LoadBalancer" }}
  type: {{ .Values.serviceTCP.type }}
  {{- if .Values.serviceTCP.loadBalancerIP }}
  loadBalancerIP: {{ .Values.serviceTCP.loadBalancerIP }}
  {{- end }}
  {{- if .Values.serviceTCP.loadBalancerSourceRanges }}
  loadBalancerSourceRanges:
 {{ toYaml .Values.serviceTCP.loadBalancerSourceRanges | indent 4 }}
  {{- end -}}
 {{- else }}
  type: {{ .Values.serviceTCP.type }}
 {{- end }}
 {{- if .Values.serviceTCP.externalIPs }}
  externalIPs:
 {{ toYaml .Values.serviceTCP.externalIPs | indent 4 }}
 {{- end }}
  {{- if .Values.serviceTCP.externalTrafficPolicy }}
  externalTrafficPolicy: {{ .Values.serviceTCP.externalTrafficPolicy }}
  {{- end }}
  ports:
    - name: pms
      port: {{ .Values.serviceTCP.port }}
      protocol: TCP
      targetPort: pms
 {{ if (and (eq .Values.serviceTCP.type "NodePort") (not (empty .Values.serviceTCP.nodePort))) }}
      nodePort: {{.Values.serviceTCP.nodePort}}
 {{ end }}
    - name: http
      port: 80
      targetPort: pms
    - name: https
      port: 443
      targetPort: pms
    - name: plex-dlna
      port: 1900
      targetPort: plex-dlna
  selector:
    {{- include "plex.selectorLabels" . | nindent 4 }}
--- a/charts/stable/plex/templates/service-udp.yaml
+++ b/charts/stable/plex/templates/service-udp.yaml
@ -1,61 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "plex.fullname" . }}-udp
  labels:
    {{- include "plex.labels" . | nindent 4 }}
 {{- if .Values.serviceUDP.labels }}
 {{ toYaml .Values.serviceUDP.labels | indent 4 }}
 {{- end }}
 {{- with .Values.serviceUDP.annotations }}
  annotations:
 {{ toYaml . | indent 4 }}
 {{- end }}
 spec:
 {{- if (or (eq .Values.serviceUDP.type "ClusterIP") (empty .Values.serviceUDP.type)) }}
  type: ClusterIP
  {{- if .Values.serviceUDP.clusterIP }}
  clusterIP: {{ .Values.serviceUDP.clusterIP }}
  {{end}}
 {{- else if eq .Values.serviceUDP.type "LoadBalancer" }}
  type: {{ .Values.serviceUDP.type }}
  {{- if .Values.serviceUDP.loadBalancerIP }}
  loadBalancerIP: {{ .Values.serviceUDP.loadBalancerIP }}
  {{- end }}
  {{- if .Values.serviceUDP.loadBalancerSourceRanges }}
  loadBalancerSourceRanges:
 {{ toYaml .Values.serviceUDP.loadBalancerSourceRanges | indent 4 }}
  {{- end -}}
 {{- else }}
  type: {{ .Values.serviceUDP.type }}
 {{- end }}
 {{- if .Values.serviceUDP.externalIPs }}
  externalIPs:
 {{ toYaml .Values.serviceUDP.externalIPs | indent 4 }}
 {{- end }}
  {{- if .Values.serviceUDP.externalTrafficPolicy }}
  externalTrafficPolicy: {{ .Values.serviceUDP.externalTrafficPolicy }}
  {{- end }}
  ports:
    - name: plex-dlna-udp
      port: 1900
      protocol: UDP
      targetPort: plex-dlna-udp
    - name: plex-gdm1
      port: 32410
      protocol: UDP
      targetPort: plex-gdm1
    - name: plex-gdm2
      port: 32412
      protocol: UDP
      targetPort: plex-gdm2
    - name: plex-gdm3
      port: 32413
      protocol: UDP
      targetPort: plex-gdm3
    - name: plex-gdm4
      port: 32414
      protocol: UDP
      targetPort: plex-gdm4
  selector:
    {{- include "plex.selectorLabels" . | nindent 4 }}
--- a/charts/stable/plex/templates/volumes.yaml
+++ b/charts/stable/plex/templates/volumes.yaml
@ -1,57 +0,0 @@
 {{- if and (not .Values.persistence.transcode.claimName) .Values.persistence.transcode.enabled }}
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: {{ template "plex.fullname" . }}-transcode
  labels:
    {{- include "plex.labels" . | nindent 4 }}
    component: transcode
 spec:
  accessModes:
  - {{ .Values.persistence.config.accessMode | quote }}
  resources:
    requests:
      storage: {{ .Values.persistence.transcode.size | quote }}
 {{- if .Values.persistence.transcode.storageClass }}
  storageClassName: {{ .Values.persistence.transcode.storageClass | quote }}
 {{- end }}
 ---
 {{- end }}
 {{- if not .Values.persistence.config.claimName }}
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: {{ template "plex.fullname" . }}-config
  labels:
    {{- include "plex.labels" . | nindent 4 }}
    component: config
 spec:
  accessModes:
  - {{ .Values.persistence.config.accessMode | quote }}
  resources:
    requests:
      storage: {{ .Values.persistence.config.size | quote }}
 {{- if .Values.persistence.config.storageClass }}
  storageClassName: {{ .Values.persistence.config.storageClass | quote }}
 {{- end }}
 ---
 {{- end }}
 {{- if and (not .Values.persistence.data.claimName) .Values.persistence.data.enabled  }}
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: {{ template "plex.fullname" . }}-data
  labels:
    {{- include "plex.labels" . | nindent 4 }}
    component: data
 spec:
  accessModes:
  - {{ .Values.persistence.data.accessMode | quote }}
  resources:
    requests:
      storage: {{ .Values.persistence.data.size | quote }}
 {{- if .Values.persistence.data.storageClass }}
  storageClassName: {{ .Values.persistence.data.storageClass | quote }}
 {{- end }}
 ---
 {{- end }}
--- a/charts/stable/plex/values.yaml
+++ b/charts/stable/plex/values.yaml
@ -1,371 +1,122 @@
-# Default values
+#
-# This is a YAML-formatted file.
+# IMPORTANT NOTE
-# Declare variables to be passed into your templates.
+#
-
+# This chart inherits from our common library chart. You can check the default values/options here:
-# The Image to use for PLEX
+# https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml
 #
 image:
-  repository: plexinc/pms-docker
+  repository: ghcr.io/k8s-at-home/plex
  tag: 1.20.2.3402-0fec14d92
  pullPolicy: IfNotPresent
  tag: v1.22.0.4163-d8c4875dd
-#####   START  --> Official PLEX container environment variables
+strategy:
-# Override this with the plex claim token from plex.tv/claim
+  type: Recreate
 claimToken: ""
-# Set the timezone of the plex server
+env: {}
-timezone: "UTC"
+  # TZ:
  # ADVERTISE_IP:
  # ALLOWED_NETWORKS:
  # PLEX_CLAIM:
  # # NOTE: Plex preference options are camelCase and CASE SENSITIVE!
  # # You can do horrible things to your Plex configuration if you are not careful
  # # See a full list at https://support.plex.tv/articles/201105343-advanced-hidden-server-settings/
  # PLEX_PREFERENCE_1: "FriendlyName=plex-kubernetes"
  # PLEX_PREFERENCE_2: "EnableIPv6=0"
  # PLEX_PREFERENCE_3: "logDebug=0"
  # PLEX_PREFERENCE_4: "DisableTLSv1_0=1"
  # PLEX_PREFERENCE_5: "LanNetworksBandwidth=xxx.xxx.xxx.0/18\,xxx.xxx.xxx.0/24\,xxx.xxx.xxx.0/24"
  # PLEX_PREFERENCE_6: "TranscoderQuality=2"
  # PLEX_PREFERENCE_7: "TreatWanIpAsLocal=0"
  # PLEX_PREFERENCE_8: "TranscoderH264BackgroundPreset=fast"
-# add your pod network subnet to the `List of IP addresses and networks that are allowed without auth`
+service:
-# This will override the manual settings, so only use this if you will not need to change it manually.
+  port:
-# This list will be automatically converted to a command seperated string when passed to the container.
+    port: 32400
-# You would specify this when using helm CLI with --set allowedNetworks="{127.0.0.1,10.54.2.0/24}"
+  # additionalServices:
-# allowedNetworks:
+  # - enabled: true
-#   -   127.0.0.1
+  #   nameSuffix: dnla-tcp
-#   -   10.54.2.0/24
+  #   type: NodePort
-
+  #   port:
-# Instruct the Plex Media Server Container to Change the Configuration Directory Ownership
+  #     port: 32469
-# Default is true, you would only need to set this if you want to disable it.
+  #     name: dnla-tcp
-# changeConfigDirOwnership: true
+  #     protocol: TCP
-
+  #     targetPort: 32469
-# advertiseIp This variable defines the additional IPs on which the server may be be found.
+  #   externalTrafficPolicy: Local
-# For example: http://10.1.1.23:32400.
+  # - enabled: true
-# This adds to the list where the server advertises that it can be found.
+  #   nameSuffix: dnla-udp
-# See https://hub.docker.com/r/plexinc/pms-docker/ for details
+  #   type: NodePort
-# advertiseIp: "http://10.1.1.23:32400"
+  #   port:
-
+  #     port: 1900
-# Set The user id of the plex user created inside the container.
+  #     name: dnla-udp
-# See https://hub.docker.com/r/plexinc/pms-docker/ for details
+  #     protocol: UDP
-# plexUid: 1000
+  #     targetPort: 1900
-
+  #   externalTrafficPolicy: Local
 # Set The group id of the plex group created inside the container
 # See https://hub.docker.com/r/plexinc/pms-docker/ for details
 # plexGid: 1000
 #####   END  --> Official PLEX container environment variables
 # You can add as many Additional ENV variables here
 # The following is the same as --set extraEnv.TMPDIR="/transcode"
 # extraEnv:
 #   TMPDIR: /transcode
 # upgrade strategy type (e.g. Recreate or RollingUpdate)
 strategyType: Recreate
 imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
 podSecurityContext: {}
  # fsGroup: 2000
 securityContext: {}
  # capabilities:
  #   drop:
  #   - ALL
  # readOnlyRootFilesystem: true
  # runAsNonRoot: true
  # runAsUser: 1000
 serviceTCP:
  type: ClusterIP
  port: 32400
  ## Specify the nodePort value for the LoadBalancer and NodePort service types.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
  ##
  # nodePort:
  ## Provide any additional annotations which may be required. This can be used to
  ## set the LoadBalancer service type to internal only.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
  ##
  annotations: {}
  # metallb.universe.tf/allow-shared-ip: plex-svc
  labels: {}
  ## Use loadBalancerIP to request a specific static IP,
  ## otherwise leave blank
  ##
  loadBalancerIP:
  # loadBalancerSourceRanges: []
  ## Set the externalTrafficPolicy in the Service to either Cluster or Local
  # externalTrafficPolicy: Cluster
 serviceUDP:
  type: ClusterIP
  ## Provide any additional annotations which may be required. This can be used to
  ## set the LoadBalancer service type to internal only.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
  ##
  annotations: {}
  # metallb.universe.tf/allow-shared-ip: plex-svc
  labels: {}
  ## Use loadBalancerIP to request a specific static IP,
  ## otherwise leave blank
  ##
  loadBalancerIP:
  # loadBalancerSourceRanges: []
  ## Set the externalTrafficPolicy in the Service to either Cluster or Local
  # externalTrafficPolicy: Cluster
 ingress:
  enabled: false
  annotations: {}
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  path: /
  hosts:
    - chart-example.local
  tls: []
  #  - secretName: chart-example-tls
  #    hosts:
  #      - chart-example.local
 plexPreferences:
  # Enable init script that will read all environment variables starting with PLEX_PREFERENCE_
  # and take the value (of PLEX_PREFERENCE_<whatever>) as the Key:Value option to set in Plex Preference.xml
  # You can use extraEnv to add the addtional ENV's to the container.
  # NOTE: Plex preference options are camelCase and CASE SENSITIVE!
  # You can do horrible things to your PLEX configuration if you are not careful.
  # --set extraEnv.PLEX_PREFERENCE_1="FriendlyName=plex-kubeernetes-test1" `
  # --set extraEnv.PLEX_PREFERENCE_2="EnableIPv6=0" `
  # --set extraEnv.PLEX_PREFERENCE_3="logDebug=0" `
  # --set extraEnv.PLEX_PREFERENCE_4="DisableTLSv1_0=1" `
  # --set extraEnv.PLEX_PREFERENCE_5="LanNetworksBandwidth=xxx.xxx.xxx.0/18\,xxx.xxx.xxx.0/24\,xxx.xxx.xxx.0/24" `
  # --set extraEnv.PLEX_PREFERENCE_6="TranscoderQuality=2" `
  # --set extraEnv.PLEX_PREFERENCE_7="TreatWanIpAsLocal=0" `
  # --set extraEnv.PLEX_PREFERENCE_8="TranscoderH264BackgroundPreset=fast"
  # Why not use a single ENV?
  #      I thought using multiple environment variables would be less confusing
  #      It should work easily with CLI and value.yaml usage
  #      There is only minimal parsing required on the ENV value, as the only deliminator is =
  #      From what I can see, all the PLEX preferences that are NOT currently supported by the OFFICIAL
  #      Container are simple enough to work with this.
  enabled: false
  configmap:
    labels: {}
    annotations: {}
    # Right now you can't really change this, additionally the configmap data is
    # not configurable.
    name: 41-plex-preferences
  volume:
    name: 41-plex-preferences
    defaultMode: 493  # 0755 in octal permission notation
    # Using mountPath & SubPath allow you to volume mount a configMap AS A FILE
    # Unfortunately this also means that updates to the configMap are not automatically
    # propagated to the file contents. But it's better than replacing the entire
    # /etc/cont-init.d/ directory which is the "normal" behavior when doing volume
    # mounts.
    mountPath: /etc/cont-init.d/41-plex-preferences
    subPath: 41-plex-preferences
 # -- Enable devices to be discoverable
 hostNetwork: false
 persistence:
  transcode:
    # We want to enable a transcode pvc
    enabled: false
    # Optionally specify claimName to manually override the PVC to be used for
    # the transcode directory. If claimName is specified, storageClass and size
    # are ignored.
    ## claimName: "plex-transcode-pvc"
    # Optionally specify a storage class to be used for the transcode directory.
    # If not specified and claimName is not specified, the default storage
    # class will be used.
    storageClass: ""
    # subPath: some-subpath
    # The requested size of the volume to be used when creating a
    # PersistentVolumeClaim.
    size: 20Gi
    # Access mode for this volume
    accessMode: ReadWriteOnce
    # If not using a transcode PVC, specify emptyDir.medium="Memory" to use a tmpfs (in-memory)
    # Volume for /transcode. Warning! this will greatly increase the amount of memory the plex pod is using
    # AND it will count toward any ram pod/namespace limits. Additionally all data will be lost if/when the
    # pod is moved to another node. --set persistence.transcode.emptyDir.medium="Memory" `
    emptyDir:
      medium: ""
  #   medium: "Memory"
  data:
    # We want to enable a data pvc
    enabled: true
    # Optionally specify claimName to manually override the PVC to be used for
    # the data directory. If claimName is specified, storageClass and size are
    # ignored.
    ## claimName: "plex-data-pvc"
    # Optionally specify a storage class to be used for the data directory.
    # If not specified and claimName is not specified, the default storage
    # class will be used.
    storageClass: ""
    # subPath: some-subpath
    # The requested size of the volume to be used when creating a
    # PersistentVolumeClaim.
    size: 40Gi
    # Access mode for this volume
    accessMode: ReadWriteOnce
  extraData: []
    # Optionally specifify additional Data mounts.  These will be mounted as
    # /data-${name}.  This should be in the same format as the above 'data',
    # with the additional field 'name'
    # - claimName: "special-tv"
    #   name: 'foo'
    #   subPath: optional/sub/path
  extraMounts: []
  ## Include additional claims that can be mounted inside the
  ## pod. This is useful if you wish to use different paths with categories
  ## Claim will me mounted as /{mountPath} if specified. If no {mountPath} is given,
  ## mountPath will default to {name}
  # - name: video
  #   # if claimName is specified the a new volume will mounted, if omitted the mount will be considered to be associated with one of the standard volumes (e.g data, config, transcode).
  #   # This useful to mount data to a different subPath
  #   claimName: optional-claim
  #   mountPath: /mnt/path/in/pod
  #   subPath: optional/sub/path
  #
  ## Example using an existing NFS filer directly. Below the 'volume' key all volume types are allowed (eg. nfs, iscsi, hostPath).
  ## See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volume-v1-core for further information
  # - name: example2
  #   mountPath: mnt/example2
  #   volume:
  #     nfs:
  #       server: <nfs server fqdn or ip>
  #       path: <nfs export path>
  #       readOnly: true
  config:
    # Optionally specify claimName to manually override the PVC to be used for
    # the config directory. If claimName is specified, storageClass and size
    # are ignored.
    ## claimName: "plex-config-pvc"
    # Optionally specify a storage class to be used for the config directory.
    # If not specified and claimName is not specified, the default storage
    # class will be used.
    # subPath: some-subpath
    storageClass: ""
    # The requested size of the volume to be used when creating a
    # PersistentVolumeClaim.
    size: 20Gi
    # Access mode for this volume
    accessMode: ReadWriteOnce
 # Certificate(s) in Plex
 certificate:
  # Assuming you have a kubernetes certificate secret (say from cert-manager) that has a tls.crt and tls.key but NO PFX!
  # pkcsMangler to the rescue. The pkcsMangler part will add the supplied pfxPassword to a kubernetes secret
  # This is so it's not in the clear in the YAML of the deployment in the kubernetes api.
  # We will then use an OpenSSL init container to create a pfx file using the supplied secret (only available in container)
  # Then we will use an init script (via configMap) to move the pfx file out of /shared (it's temporary storage) to
  # the location specified in pfxInContainerPath.
  pkcsMangler:
    enabled: false
-    # The Image to use for pkcsMangler
+    emptyDir: false
-    image:
+    mountPath: /config
-      repository: tlsprint/openssl
+    ## Persistent Volume Storage Class
-      tag: 1.1.1f
+    ## If defined, storageClassName: <storageClass>
-    configmap:
+    ## If set to "-", storageClassName: "", which disables dynamic provisioning
-      labels: {}
+    ## If undefined (the default) or set to null, no storageClassName spec is
-      annotations: {}
+    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
-      # Right now you can't really change this, additionally the configmap data is
+    ##   GKE, AWS & OpenStack)
-      # not configurable.
+    # storageClass: "-"
-      name: 42-pkcs-mangler
+    # accessMode: ReadWriteOnce
-    volume:
+    # size: 1Gi
-      name: 42-pkcs-mangler
+    ## Do not delete the pvc upon helm uninstall
-      defaultMode: 493  # 0755 in octal permission notation
+    # skipuninstall: false
-      # Using mountPath & SubPath allow you to volume mount a configMap AS A FILE
+    # existingClaim: ""
      # Unfortunately this also means that updates to the configMap are not automtically
      # propagated to the file contents. But it's better then replacing the entire
      # /etc/cont-init.d/ directory which is the "normal" behavior when doing volume
      # mounts.
      mountPath: /etc/cont-init.d/42-pkcs-mangler
      subPath: 42-pkcs-mangler
    setPlexPreferences:
      enabled: true  # Set Plex Preferences related to Certificates
      customCertificateDomain: ""  # If not empty, Set the Plex Preference customCertificateDomain
      # Use spec.certificate.pkcsMangler.pfxPassword.value to Set the Plex Preference customCertificateKey
      # Use spec.certificate.pkcsMangler.pfxInContainerPath to Set the Plex Preference customCertificatePath
    pfxPassword:
      value: "setpassword"
      # We wlll create a Kubernetes Secret for spec.certificate.pkcsMangler.pfxPassword.value
      # These are your options.
      secretName: "plex-media-server-pfx-password"
      passwordKey: "pfx-password"
      labels: {}
      annotations: {}
    pfxInContainerPath: "/config/plex.pfx"  # This is full path in the container pkcsMangler will copy the pfx file to
    # This is the SSL Certificate Secret that will provide our crt and key file.  If you used cert-manager to create
    # the certificate, these defaults should work for you.  This Secret (and volume details) are only used by the
    # pkcsMangler Init Container.
    certificateSecret:
      name: ""
      keyName: "tls.key"
      crtName: "tls.crt"
      volume:
        name: plex-certs
        mountPath: /etc/plex-certs
-# Logging configuration
+  transcode:
 logging:
  promtail:
    enabled: false
-    image:
+    emptyDir: false
-      repository: grafana/promtail
+    mountPath: /transcode
-      tag: 1.6.0
+    ## Persistent Volume Storage Class
-      pullPolicy: IfNotPresent
+    ## If defined, storageClassName: <storageClass>
-    loki:
+    ## If set to "-", storageClassName: "", which disables dynamic provisioning
-      url: http://loki.logs.svc.cluster.local:3100/loki/api/v1/push
+    ## If undefined (the default) or set to null, no storageClassName spec is
    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
    ##   GKE, AWS & OpenStack)
    # storageClass: "-"
    # accessMode: ReadWriteOnce
    # size: 1Gi
    ## Do not delete the pvc upon helm uninstall
    # skipuninstall: false
    # existingClaim: ""
-# Probes configuration
+# podSecurityContext:
-probes:
+#   runAsUser: 568
-  liveness:
+#   runAsGroup: 568
-    enabled: true
+#   fsGroup: 568
-    httpGet:
+#   # Hardware acceleration using an Intel iGPU w/ QuickSync
-      path: /identity
+#   # These IDs below should be matched to your `video` and `render` group on the host
-      port: 32400
+#   # To obtain those IDs run the following grep statement on the host:
-    failureThreshold: 5
+#   # $ cat /etc/group | grep "video\|render"
-    periodSeconds: 10
+#   # video:x:44:
-  readiness:
+#   # render:x:109:
-    enabled: true
+#   supplementalGroups:
-    httpGet:
+#   - 44
-      path: /identity
+#   - 109
      port: 32400
    failureThreshold: 5
    periodSeconds: 10
  startup:
    enabled: true
    httpGet:
      path: /identity
      port: 32400
    initialDelaySeconds: 5
    failureThreshold: 30
    periodSeconds: 10
-resources: {}
+# resources:
-  # We usually recommend not to specify default resources and to leave this as a conscious
+#   requests:
-  # choice for the user. This also increases chances charts run on environments with little
+#     # Hardware acceleration using an Intel iGPU w/ QuickSync and
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+#     # using intel-gpu-plugin (https://github.com/intel/intel-device-plugins-for-kubernetes)
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+#     gpu.intel.com/i915: 1
-  # limits:
+#     cpu: 200m
-  #   cpu: 100m
+#     memory: 256Mi
-  #   memory: 128Mi
+#   limits:
-  # requests:
+#     # Hardware acceleration using an Intel iGPU w/ QuickSync and
-  #   cpu: 100m
+#     # using intel-gpu-plugin (https://github.com/intel/intel-device-plugins-for-kubernetes)
-  #   memory: 128Mi
+#     gpu.intel.com/i915: 1
-
+#     memory: 4096Mi
 nodeSelector: {}
 tolerations: []
 affinity: {}
 podAnnotations: {}
 deploymentAnnotations: {}
 proxy:
  # This allows to set a proxy environment variable, which PMS uses to fetch the token and assets like movie cover
  enabled: false
  # http: "http://proxy:8080"
  # https: "https://proxy:8080"
  # noproxy: "localhost,127.0.0.1,10.96.0.0/12,10.244.0.0/12"