diff --git a/main.tf b/main.tf index 9dcb32eb..eb6382a4 100644 --- a/main.tf +++ b/main.tf @@ -131,6 +131,7 @@ variable "grafana_db_password" { type = string } variable "clickhouse_password" { type = string } variable "clickhouse_postgres_password" { type = string } variable "wealthfolio_password_hash" { type = string } +variable "aiostreams_database_connection_string" { type = string } provider "kubernetes" { @@ -543,6 +544,8 @@ module "kubernetes_cluster" { clickhouse_postgres_password = var.clickhouse_postgres_password wealthfolio_password_hash = var.wealthfolio_password_hash + + aiostreams_database_connection_string = var.aiostreams_database_connection_string } diff --git a/modules/kubernetes/ebook2audiobook/main.tf b/modules/kubernetes/ebook2audiobook/main.tf new file mode 100644 index 00000000..a469569e --- /dev/null +++ b/modules/kubernetes/ebook2audiobook/main.tf @@ -0,0 +1,289 @@ + +variable "tls_secret_name" {} + +module "tls_secret" { + source = "../setup_tls_secret" + namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name + tls_secret_name = var.tls_secret_name +} + +resource "kubernetes_namespace" "ebook2audiobook" { + metadata { + name = "ebook2audiobook" + labels = { + "istio-injection" : "disabled" + } + } +} + + +# resource "kubernetes_deployment" "ebook2audiobook" { +# metadata { +# name = "ebook2audiobook" +# namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name +# labels = { +# app = "ebook2audiobook" +# } +# } +# spec { +# replicas = 1 +# strategy { +# type = "Recreate" +# } + +# selector { +# match_labels = { +# app = "ebook2audiobook" +# } +# } + +# template { +# metadata { +# labels = { +# app = "ebook2audiobook" +# } +# } + +# spec { +# container { +# name = "ebook2audiobook" +# # image = "docker.io/athomasson2/ebook2audiobook:latest" +# image = "docker.io/athomasson2/ebook2audiobook:v25.12.30-cu128" + +# working_dir = "/app" +# # command = ["python", "app.py", "--script_mode", "full_docker"] +# # command = ["/bin/bash", "-c", <<-EOT +# # # echo "Uninstalling current pytorch" +# # # pip uninstall -y torch torchvision torchaudio coqui-tts pyannote.audio torchcodec || true +# # # echo "Installing cuda13 compatible pytorch" +# # # pip install --pre --extra-index-url https://download.pytorch.org/whl/nightly/cu130 torch torchvision torchaudio pyannote.audio torchcodec triton deepspeed coqui-tts-trainer +# # # #pip install torch==2.9.0 torchvision==0.24.0 torchaudio==2.9.0 --index-url https://download.pytorch.org/whl/cu130 +# # # echo "Starting main container" +# # #python app.py --script_mode full_docker +# # sleep 3600 +# # EOT +# # ] + +# tty = true +# stdin = true + +# port { +# container_port = 7860 +# } + +# volume_mount { +# mount_path = "/app" +# name = "data" +# } + +# resources { +# limits = { +# "nvidia.com/gpu" = "1" +# } +# } +# security_context { +# privileged = true +# } +# } + +# volume { +# name = "data" +# nfs { +# server = "10.0.10.15" +# path = "/mnt/main/ebook2audiobook" +# } +# } +# } +# } +# } +# } + + +resource "kubernetes_service" "ebook2audiobook" { + metadata { + name = "ebook2audiobook" + namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name + labels = { + "app" = "ebook2audiobook" + } + } + + spec { + selector = { + app = "ebook2audiobook" + } + port { + name = "http" + port = 80 + target_port = 7860 + } + } +} + +# resource "kubernetes_deployment" "piper" { +# metadata { +# name = "piper" +# namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name +# labels = { +# app = "piper" +# } +# } +# spec { +# replicas = 1 +# strategy { +# type = "Recreate" +# } + +# selector { +# match_labels = { +# app = "piper" +# } +# } + +# template { +# metadata { +# labels = { +# app = "piper" +# } +# } + +# spec { +# container { +# name = "piper" +# # image = "lscr.io/linuxserver/piper:gpu" +# # image = "piper-tts-wyoming:latest" +# image = "viktorbarzin/piper" +# # image = "nvidia/cuda:12.8.1-cudnn-devel-ubuntu24.04" + +# # working_dir = "/app" +# command = ["sleep", "3600"] + +# volume_mount { +# mount_path = "/config" +# name = "data" +# } + +# resources { +# limits = { +# "nvidia.com/gpu" = "1" +# } +# } +# # env { +# # name = "PIPER_VOICE" +# # value = "en_US-lessac-medium" +# # } + +# env { +# name = "VOICE_MODEL" +# value = "en_US-lessac-medium" +# } +# env { +# name = "LOG_LEVEL" +# value = "DEBUG" +# } +# port { +# name = "web" +# container_port = 10200 +# } +# } + +# volume { +# name = "data" +# nfs { +# server = "10.0.10.15" +# path = "/mnt/main/piper" +# } +# } +# } +# } +# } +# } + +# resource "kubernetes_service" "piper" { +# metadata { +# name = "piper" +# namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name +# labels = { +# "app" = "piper" +# } +# } + +# spec { +# selector = { +# app = "piper" +# } +# port { +# name = "http" +# port = 80 +# target_port = 10200 +# } +# } +# } + + +module "ingress" { + source = "../ingress_factory" + namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name + name = "ebook2audiobook" + tls_secret_name = var.tls_secret_name + protected = true +} + + +resource "kubernetes_deployment" "audiblez" { + metadata { + name = "audiblez" + namespace = kubernetes_namespace.ebook2audiobook.metadata[0].name + labels = { + app = "audiblez" + } + } + spec { + replicas = 1 + selector { + match_labels = { + app = "audiblez" + } + } + template { + metadata { + labels = { + app = "audiblez" + } + } + spec { + node_selector = { + "gpu" : "true" + } + container { + image = "viktorbarzin/audiblez:latest" + name = "audiblez" + command = ["/usr/bin/sleep", "86400"] + volume_mount { + name = "data" + mount_path = "/mnt" + } + # security_context { + # privileged = true + # capabilities { + # add = ["SYS_ADMIN"] + # } + # } + resources { + limits = { + "nvidia.com/gpu" = "1" + } + } + } + volume { + name = "data" + nfs { + server = "10.0.10.15" + path = "/mnt/main/audiblez" + } + } + } + } + } +} + diff --git a/modules/kubernetes/main.tf b/modules/kubernetes/main.tf index 808a8f32..3f06cf5f 100644 --- a/modules/kubernetes/main.tf +++ b/modules/kubernetes/main.tf @@ -110,6 +110,7 @@ variable "grafana_db_password" { type = string } variable "clickhouse_password" { type = string } variable "clickhouse_postgres_password" { type = string } variable "wealthfolio_password_hash" { type = string } +variable "aiostreams_database_connection_string" { type = string } variable "defcon_level" { @@ -135,7 +136,7 @@ locals { "url", "excalidraw", "travel_blog", "dashy", "send", "ytdlp", "wealthfolio", "rybbit", "stirling-pdf", "networking-toolbox", "navidrome", "freshrss", "forgejo", "tor-proxy", "real-estate-crawler", "n8n", "changedetection", "linkwarden", "matrix", "homepage", "meshcentral", "diun", "cyberchef", "ntfy", "ollama", - "servarr", "jsoncrack", "paperless-ngx", "frigate", "audiobookshelf", "tandoor" + "servarr", "jsoncrack", "paperless-ngx", "frigate", "audiobookshelf", "tandoor", "ebook2audiobook", "netbox" ], } active_modules = distinct(flatten([ @@ -644,7 +645,8 @@ module "servarr" { for_each = contains(local.active_modules, "servarr") ? { servarr = true } : {} tls_secret_name = var.tls_secret_name - depends_on = [null_resource.core_services] + depends_on = [null_resource.core_services] + aiostreams_database_connection_string = var.aiostreams_database_connection_string } # module "dnscat2" { @@ -693,10 +695,11 @@ module "meshcentral" { depends_on = [null_resource.core_services] } -# module "netbox" { -# source = "./netbox" -# tls_secret_name = var.tls_secret_name -# } +module "netbox" { + source = "./netbox" + for_each = contains(local.active_modules, "netbox") ? { netbox = true } : {} + tls_secret_name = var.tls_secret_name +} module "nextcloud" { source = "./nextcloud" @@ -909,10 +912,11 @@ module "nvidia" { tls_secret_name = var.tls_secret_name } -# module "ebook2audiobook" { -# source = "./ebook2audiobook" -# tls_secret_name = var.tls_secret_name -# } +module "ebook2audiobook" { + source = "./ebook2audiobook" + for_each = contains(local.active_modules, "ebook2audiobook") ? { ebook2audiobook = true } : {} + tls_secret_name = var.tls_secret_name +} module "rybbit" { source = "./rybbit" diff --git a/modules/kubernetes/servarr/aiostreams/main.tf b/modules/kubernetes/servarr/aiostreams/main.tf new file mode 100644 index 00000000..f59fa5d1 --- /dev/null +++ b/modules/kubernetes/servarr/aiostreams/main.tf @@ -0,0 +1,102 @@ +variable "tls_secret_name" {} +variable "aiostreams_database_connection_string" { type = string } + +resource "kubernetes_namespace" "aiostreams" { + metadata { + name = "aiostreams" + labels = { + "istio-injection" : "disabled" + } + } +} + +# resource "random_string" "random" { +# length = 50 +# lower = true +# } + +resource "kubernetes_deployment" "aiostreams" { + metadata { + name = "aiostreams" + namespace = kubernetes_namespace.aiostreams.metadata[0].name + labels = { + app = "aiostreams" + } + } + spec { + replicas = 1 + selector { + match_labels = { + app = "aiostreams" + } + } + template { + metadata { + labels = { + app = "aiostreams" + } + } + spec { + container { + image = "viren070/aiostreams:nightly" + name = "aiostreams" + port { + container_port = 3000 + } + env { + name = "BASE_URL" + value = "https://aiostreams.viktorbarzin.me" + } + env { + name = "SECRET_KEY" + value = substr(sha256(uuid()), 0, 64) + } + env { + name = "DATABASE_URI" + value = var.aiostreams_database_connection_string + } + volume_mount { + name = "data" + mount_path = "/app/data" + } + } + volume { + name = "data" + nfs { + server = "10.0.10.15" + path = "/mnt/main/servarr/aiostreams" + } + } + } + } + } +} + +resource "kubernetes_service" "aiostreams" { + metadata { + name = "aiostreams" + namespace = kubernetes_namespace.aiostreams.metadata[0].name + labels = { + "app" = "aiostreams" + } + } + + spec { + selector = { + app = "aiostreams" + } + port { + name = "http" + port = 80 + target_port = 3000 + } + } +} + +module "ingress" { + source = "../../ingress_factory" + namespace = kubernetes_namespace.aiostreams.metadata[0].name + name = "aiostreams" + tls_secret_name = var.tls_secret_name + # protected = true +} diff --git a/modules/kubernetes/servarr/listenarr/main.tf b/modules/kubernetes/servarr/listenarr/main.tf new file mode 100644 index 00000000..127c329c --- /dev/null +++ b/modules/kubernetes/servarr/listenarr/main.tf @@ -0,0 +1,88 @@ +variable "tls_secret_name" {} + + +resource "kubernetes_deployment" "listenarr" { + metadata { + name = "listenarr" + namespace = "servarr" + labels = { + app = "listenarr" + } + annotations = { + "reloader.stakater.com/search" = "true" + } + } + spec { + replicas = 1 + selector { + match_labels = { + app = "listenarr" + } + } + template { + metadata { + labels = { + app = "listenarr" + } + } + spec { + container { + image = "ghcr.io/therobbiedavis/listenarr:canary" + name = "listenarr" + + port { + container_port = 5000 + } + volume_mount { + name = "data" + mount_path = "/app/config" + } + } + volume { + name = "data" + nfs { + path = "/mnt/main/servarr/listenarr" + server = "10.0.10.15" + } + } + volume { + name = "downloads" + nfs { + path = "/mnt/main/servarr/downloads" + server = "10.0.10.15" + } + } + } + } + } +} + +resource "kubernetes_service" "listenarr" { + metadata { + name = "listenarr" + namespace = "servarr" + labels = { + app = "listenarr" + } + } + + spec { + selector = { + app = "listenarr" + } + port { + name = "http" + port = 80 + target_port = 5000 + } + } +} + + +module "ingress" { + source = "../../ingress_factory" + namespace = "servarr" + name = "listenarr" + tls_secret_name = var.tls_secret_name + protected = true +} diff --git a/modules/kubernetes/servarr/main.tf b/modules/kubernetes/servarr/main.tf index 7604b8d4..eaf5a0d1 100644 --- a/modules/kubernetes/servarr/main.tf +++ b/modules/kubernetes/servarr/main.tf @@ -1,4 +1,5 @@ variable "tls_secret_name" {} +variable "aiostreams_database_connection_string" { type = string } resource "kubernetes_namespace" "servarr" { metadata { @@ -18,15 +19,15 @@ module "tls_secret" { # tls_secret_name = var.tls_secret_name # } -# module "prowlarr" { -# source = "./prowlarr" -# tls_secret_name = var.tls_secret_name -# } +module "prowlarr" { + source = "./prowlarr" + tls_secret_name = var.tls_secret_name +} -# module "qbittorrent" { -# source = "./qbittorrent" -# tls_secret_name = var.tls_secret_name -# } +module "qbittorrent" { + source = "./qbittorrent" + tls_secret_name = var.tls_secret_name +} module "flaresolverr" { source = "./flaresolverr" @@ -42,3 +43,14 @@ module "flaresolverr" { # source = "./soulseek" # tls_secret_name = var.tls_secret_name # } + +module "listenarr" { + source = "./listenarr" + tls_secret_name = var.tls_secret_name +} + +module "aiostreams" { + source = "./aiostreams" + tls_secret_name = var.tls_secret_name + aiostreams_database_connection_string = var.aiostreams_database_connection_string +} diff --git a/terraform.tfstate b/terraform.tfstate index 7308fe1d..bad67a3c 100644 Binary files a/terraform.tfstate and b/terraform.tfstate differ diff --git a/terraform.tfvars b/terraform.tfvars index bff261db..83bfc178 100644 Binary files a/terraform.tfvars and b/terraform.tfvars differ