viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add netbox, ebook2audiobook, audiblez, aiostreams and listenarr; alos reenable prowlarr, qbittorrent [ci skip]

Browse source
This commit is contained in:
Viktor Barzin 2026-01-03 16:58:57 +00:00
parent 48ff047f2a
commit e4473efaea
No known key found for this signature in database
GPG key ID: 4056458DBDBF8863
8 changed files with 516 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

3
main.tf
View file

@ -131,6 +131,7 @@ variable "grafana_db_password" { type = string }
variable "clickhouse_password" { type = string }
variable "clickhouse_postgres_password" { type = string }
variable "wealthfolio_password_hash" { type = string }
variable "aiostreams_database_connection_string" { type = string }
provider "kubernetes" {
@ -543,6 +544,8 @@ module "kubernetes_cluster" {
clickhouse_postgres_password = var.clickhouse_postgres_password
wealthfolio_password_hash = var.wealthfolio_password_hash
aiostreams_database_connection_string = var.aiostreams_database_connection_string
}

289
modules/kubernetes/ebook2audiobook/main.tf Normal file
View file

@ -0,0 +1,289 @@
variable "tls_secret_name" {}
module "tls_secret" {
source = "../setup_tls_secret"
namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name
tls_secret_name = var.tls_secret_name
}
resource "kubernetes_namespace" "ebook2audiobook" {
metadata {
name = "ebook2audiobook"
labels = {
"istio-injection" : "disabled"
}
}
}
# resource "kubernetes_deployment" "ebook2audiobook" {
# metadata {
# name = "ebook2audiobook"
# namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name
# labels = {
# app = "ebook2audiobook"
# }
# }
# spec {
# replicas = 1
# strategy {
# type = "Recreate"
# }
# selector {
# match_labels = {
# app = "ebook2audiobook"
# }
# }
# template {
# metadata {
# labels = {
# app = "ebook2audiobook"
# }
# }
# spec {
# container {
# name = "ebook2audiobook"
# # image = "docker.io/athomasson2/ebook2audiobook:latest"
# image = "docker.io/athomasson2/ebook2audiobook:v25.12.30-cu128"
# working_dir = "/app"
# # command = ["python", "app.py", "--script_mode", "full_docker"]
# # command = ["/bin/bash", "-c", <<-EOT
# # # echo "Uninstalling current pytorch"
# # # pip uninstall -y torch torchvision torchaudio coqui-tts pyannote.audio torchcodec || true
# # # echo "Installing cuda13 compatible pytorch"
# # # pip install --pre --extra-index-url https://download.pytorch.org/whl/nightly/cu130 torch torchvision torchaudio pyannote.audio torchcodec triton deepspeed coqui-tts-trainer
# # # #pip install torch==2.9.0 torchvision==0.24.0 torchaudio==2.9.0 --index-url https://download.pytorch.org/whl/cu130
# # # echo "Starting main container"
# # #python app.py --script_mode full_docker
# # sleep 3600
# # EOT
# # ]
# tty = true
# stdin = true
# port {
# container_port = 7860
# }
# volume_mount {
# mount_path = "/app"
# name = "data"
# }
# resources {
# limits = {
# "nvidia.com/gpu" = "1"
# }
# }
# security_context {
# privileged = true
# }
# }
# volume {
# name = "data"
# nfs {
# server = "10.0.10.15"
# path = "/mnt/main/ebook2audiobook"
# }
# }
# }
# }
# }
# }
resource "kubernetes_service" "ebook2audiobook" {
metadata {
name = "ebook2audiobook"
namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name
labels = {
"app" = "ebook2audiobook"
}
}
spec {
selector = {
app = "ebook2audiobook"
}
port {
name = "http"
port = 80
target_port = 7860
}
}
}
# resource "kubernetes_deployment" "piper" {
# metadata {
# name = "piper"
# namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name
# labels = {
# app = "piper"
# }
# }
# spec {
# replicas = 1
# strategy {
# type = "Recreate"
# }
# selector {
# match_labels = {
# app = "piper"
# }
# }
# template {
# metadata {
# labels = {
# app = "piper"
# }
# }
# spec {
# container {
# name = "piper"
# # image = "lscr.io/linuxserver/piper:gpu"
# # image = "piper-tts-wyoming:latest"
# image = "viktorbarzin/piper"
# # image = "nvidia/cuda:12.8.1-cudnn-devel-ubuntu24.04"
# # working_dir = "/app"
# command = ["sleep", "3600"]
# volume_mount {
# mount_path = "/config"
# name = "data"
# }
# resources {
# limits = {
# "nvidia.com/gpu" = "1"
# }
# }
# # env {
# # name = "PIPER_VOICE"
# # value = "en_US-lessac-medium"
# # }
# env {
# name = "VOICE_MODEL"
# value = "en_US-lessac-medium"
# }
# env {
# name = "LOG_LEVEL"
# value = "DEBUG"
# }
# port {
# name = "web"
# container_port = 10200
# }
# }
# volume {
# name = "data"
# nfs {
# server = "10.0.10.15"
# path = "/mnt/main/piper"
# }
# }
# }
# }
# }
# }
# resource "kubernetes_service" "piper" {
# metadata {
# name = "piper"
# namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name
# labels = {
# "app" = "piper"
# }
# }
# spec {
# selector = {
# app = "piper"
# }
# port {
# name = "http"
# port = 80
# target_port = 10200
# }
# }
# }
module "ingress" {
source = "../ingress_factory"
namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name
name = "ebook2audiobook"
tls_secret_name = var.tls_secret_name
protected = true
}
resource "kubernetes_deployment" "audiblez" {
metadata {
name = "audiblez"
namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name
labels = {
app = "audiblez"
}
}
spec {
replicas = 1
selector {
match_labels = {
app = "audiblez"
}
}
template {
metadata {
labels = {
app = "audiblez"
}
}
spec {
node_selector = {
"gpu" : "true"
}
container {
image = "viktorbarzin/audiblez:latest"
name = "audiblez"
command = ["/usr/bin/sleep", "86400"]
volume_mount {
name = "data"
mount_path = "/mnt"
}
# security_context {
# privileged = true
# capabilities {
# add = ["SYS_ADMIN"]
# }
# }
resources {
limits = {
"nvidia.com/gpu" = "1"
}
}
}
volume {
name = "data"
nfs {
server = "10.0.10.15"
path = "/mnt/main/audiblez"
}
}
}
}
}
}

24
modules/kubernetes/main.tf
View file

@ -110,6 +110,7 @@ variable "grafana_db_password" { type = string }
variable "clickhouse_password" { type = string }
variable "clickhouse_postgres_password" { type = string }
variable "wealthfolio_password_hash" { type = string }
variable "aiostreams_database_connection_string" { type = string }
variable "defcon_level" {
@ -135,7 +136,7 @@ locals {
"url", "excalidraw", "travel_blog", "dashy", "send", "ytdlp", "wealthfolio", "rybbit", "stirling-pdf",
"networking-toolbox", "navidrome", "freshrss", "forgejo", "tor-proxy", "real-estate-crawler", "n8n",
"changedetection", "linkwarden", "matrix", "homepage", "meshcentral", "diun", "cyberchef", "ntfy", "ollama",
"servarr", "jsoncrack", "paperless-ngx", "frigate", "audiobookshelf", "tandoor"
"servarr", "jsoncrack", "paperless-ngx", "frigate", "audiobookshelf", "tandoor", "ebook2audiobook", "netbox"
],
}
active_modules = distinct(flatten([
@ -644,7 +645,8 @@ module "servarr" {
for_each = contains(local.active_modules, "servarr") ? { servarr = true } : {}
tls_secret_name = var.tls_secret_name
depends_on = [null_resource.core_services]
depends_on = [null_resource.core_services]
aiostreams_database_connection_string = var.aiostreams_database_connection_string
}
# module "dnscat2" {
@ -693,10 +695,11 @@ module "meshcentral" {
depends_on = [null_resource.core_services]
}
# module "netbox" {
# source = "./netbox"
# tls_secret_name = var.tls_secret_name
# }
module "netbox" {
source = "./netbox"
for_each = contains(local.active_modules, "netbox") ? { netbox = true } : {}
tls_secret_name = var.tls_secret_name
}
module "nextcloud" {
source = "./nextcloud"
@ -909,10 +912,11 @@ module "nvidia" {
tls_secret_name = var.tls_secret_name
}
# module "ebook2audiobook" {
# source = "./ebook2audiobook"
# tls_secret_name = var.tls_secret_name
# }
module "ebook2audiobook" {
source = "./ebook2audiobook"
for_each = contains(local.active_modules, "ebook2audiobook") ? { ebook2audiobook = true } : {}
tls_secret_name = var.tls_secret_name
}
module "rybbit" {
source = "./rybbit"

102
modules/kubernetes/servarr/aiostreams/main.tf Normal file
View file

@ -0,0 +1,102 @@
variable "tls_secret_name" {}
variable "aiostreams_database_connection_string" { type = string }
resource "kubernetes_namespace" "aiostreams" {
metadata {
name = "aiostreams"
labels = {
"istio-injection" : "disabled"
}
}
}
# resource "random_string" "random" {
# length = 50
# lower = true
# }
resource "kubernetes_deployment" "aiostreams" {
metadata {
name = "aiostreams"
namespace = kubernetes_namespace.aiostreams.metadata[0].name
labels = {
app = "aiostreams"
}
}
spec {
replicas = 1
selector {
match_labels = {
app = "aiostreams"
}
}
template {
metadata {
labels = {
app = "aiostreams"
}
}
spec {
container {
image = "viren070/aiostreams:nightly"
name = "aiostreams"
port {
container_port = 3000
}
env {
name = "BASE_URL"
value = "https://aiostreams.viktorbarzin.me"
}
env {
name = "SECRET_KEY"
value = substr(sha256(uuid()), 0, 64)
}
env {
name = "DATABASE_URI"
value = var.aiostreams_database_connection_string
}
volume_mount {
name = "data"
mount_path = "/app/data"
}
}
volume {
name = "data"
nfs {
server = "10.0.10.15"
path = "/mnt/main/servarr/aiostreams"
}
}
}
}
}
}
resource "kubernetes_service" "aiostreams" {
metadata {
name = "aiostreams"
namespace = kubernetes_namespace.aiostreams.metadata[0].name
labels = {
"app" = "aiostreams"
}
}
spec {
selector = {
app = "aiostreams"
}
port {
name = "http"
port = 80
target_port = 3000
}
}
}
module "ingress" {
source = "../../ingress_factory"
namespace = kubernetes_namespace.aiostreams.metadata[0].name
name = "aiostreams"
tls_secret_name = var.tls_secret_name
# protected = true
}

88
modules/kubernetes/servarr/listenarr/main.tf Normal file
View file

@ -0,0 +1,88 @@
variable "tls_secret_name" {}
resource "kubernetes_deployment" "listenarr" {
metadata {
name = "listenarr"
namespace = "servarr"
labels = {
app = "listenarr"
}
annotations = {
"reloader.stakater.com/search" = "true"
}
}
spec {
replicas = 1
selector {
match_labels = {
app = "listenarr"
}
}
template {
metadata {
labels = {
app = "listenarr"
}
}
spec {
container {
image = "ghcr.io/therobbiedavis/listenarr:canary"
name = "listenarr"
port {
container_port = 5000
}
volume_mount {
name = "data"
mount_path = "/app/config"
}
}
volume {
name = "data"
nfs {
path = "/mnt/main/servarr/listenarr"
server = "10.0.10.15"
}
}
volume {
name = "downloads"
nfs {
path = "/mnt/main/servarr/downloads"
server = "10.0.10.15"
}
}
}
}
}
}
resource "kubernetes_service" "listenarr" {
metadata {
name = "listenarr"
namespace = "servarr"
labels = {
app = "listenarr"
}
}
spec {
selector = {
app = "listenarr"
}
port {
name = "http"
port = 80
target_port = 5000
}
}
}
module "ingress" {
source = "../../ingress_factory"
namespace = "servarr"
name = "listenarr"
tls_secret_name = var.tls_secret_name
protected = true
}

28
modules/kubernetes/servarr/main.tf
View file

@ -1,4 +1,5 @@
variable "tls_secret_name" {}
variable "aiostreams_database_connection_string" { type = string }
resource "kubernetes_namespace" "servarr" {
metadata {
@ -18,15 +19,15 @@ module "tls_secret" {
# tls_secret_name = var.tls_secret_name
# }
# module "prowlarr" {
# source = "./prowlarr"
# tls_secret_name = var.tls_secret_name
# }
module "prowlarr" {
source = "./prowlarr"
tls_secret_name = var.tls_secret_name
}
# module "qbittorrent" {
# source = "./qbittorrent"
# tls_secret_name = var.tls_secret_name
# }
module "qbittorrent" {
source = "./qbittorrent"
tls_secret_name = var.tls_secret_name
}
module "flaresolverr" {
source = "./flaresolverr"
@ -42,3 +43,14 @@ module "flaresolverr" {
# source = "./soulseek"
# tls_secret_name = var.tls_secret_name
# }
module "listenarr" {
source = "./listenarr"
tls_secret_name = var.tls_secret_name
}
module "aiostreams" {
source = "./aiostreams"
tls_secret_name = var.tls_secret_name
aiostreams_database_connection_string = var.aiostreams_database_connection_string
}

BIN
terraform.tfstate
View file

Binary file not shown.

BIN
terraform.tfvars
View file

Binary file not shown.