variable "tls_secret_name" { type = string sensitive = true } variable "slack_channel" { type = string } variable "nfs_server" { type = string } resource "kubernetes_manifest" "external_secret" { manifest = { apiVersion = "external-secrets.io/v1beta1" kind = "ExternalSecret" metadata = { name = "ytdlp-secrets" namespace = "ytdlp" } spec = { refreshInterval = "15m" secretStoreRef = { name = "vault-kv" kind = "ClusterSecretStore" } target = { name = "ytdlp-secrets" } dataFrom = [{ extract = { key = "ytdlp" } }] } } depends_on = [kubernetes_namespace.ytdlp] } variable "redis_host" { type = string } variable "ollama_host" { type = string } resource "kubernetes_namespace" "ytdlp" { metadata { name = "ytdlp" labels = { "istio-injection" : "disabled" tier = local.tiers.aux } } } module "tls_secret" { source = "../../modules/kubernetes/setup_tls_secret" namespace = kubernetes_namespace.ytdlp.metadata[0].name tls_secret_name = var.tls_secret_name } module "nfs_data" { source = "../../modules/kubernetes/nfs_volume" name = "ytdlp-data" namespace = kubernetes_namespace.ytdlp.metadata[0].name nfs_server = var.nfs_server nfs_path = "/mnt/main/ytdlp" } module "nfs_highlights_data" { source = "../../modules/kubernetes/nfs_volume" name = "ytdlp-highlights-data" namespace = kubernetes_namespace.ytdlp.metadata[0].name nfs_server = var.nfs_server nfs_path = "/mnt/main/ytdlp-highlights" } resource "kubernetes_deployment" "ytdlp" { # resource "kubernetes_daemonset" "technitium" { metadata { name = "ytdlp" namespace = kubernetes_namespace.ytdlp.metadata[0].name labels = { app = "ytdlp" tier = local.tiers.aux } annotations = { "diun.enable" = "true" } } spec { # strategy { # type = "Recreate" # } # replicas = 1 selector { match_labels = { app = "ytdlp" } } template { metadata { labels = { app = "ytdlp" } } spec { container { image = "tzahi12345/youtubedl-material:nightly" name = "ytdlp" resources { requests = { cpu = "25m" memory = "512Mi" } limits = { memory = "512Mi" } } port { container_port = 17442 } volume_mount { mount_path = "/app/appdata" name = "data" } volume_mount { mount_path = "/app/audio" name = "data" } volume_mount { mount_path = "/app/video" name = "data" } volume_mount { mount_path = "/app/users" name = "data" } volume_mount { mount_path = "/app/subscriptions" name = "data" } } volume { name = "data" persistent_volume_claim { claim_name = module.nfs_data.claim_name } } # } } } } } resource "kubernetes_service" "ytdlp" { metadata { name = "ytdlp" namespace = kubernetes_namespace.ytdlp.metadata[0].name labels = { "app" = "ytdlp" } } spec { selector = { app = "ytdlp" } port { name = "ytdlp" port = 80 target_port = 17442 protocol = "TCP" } } } module "ingress" { source = "../../modules/kubernetes/ingress_factory" namespace = kubernetes_namespace.ytdlp.metadata[0].name name = "ytdlp" tls_secret_name = var.tls_secret_name host = "yt" extra_annotations = { "gethomepage.dev/enabled" = "true" "gethomepage.dev/name" = "yt-dlp" "gethomepage.dev/description" = "Video downloader" "gethomepage.dev/icon" = "youtube-dl.png" "gethomepage.dev/group" = "Media & Entertainment" "gethomepage.dev/pod-selector" = "" } } # ---------------------- # yt-highlights service # ---------------------- resource "kubernetes_deployment" "yt_highlights" { metadata { name = "yt-highlights" namespace = kubernetes_namespace.ytdlp.metadata[0].name labels = { app = "yt-highlights" tier = local.tiers.aux } annotations = { "diun.enable" = "true" "reloader.stakater.com/auto" = "true" } } spec { replicas = 1 strategy { type = "Recreate" } selector { match_labels = { app = "yt-highlights" } } template { metadata { labels = { app = "yt-highlights" } } spec { node_selector = { "gpu" : "true" } toleration { key = "nvidia.com/gpu" value = "true" effect = "NoSchedule" } container { name = "yt-highlights" image = "viktorbarzin/yt-highlights:v20-20260127" image_pull_policy = "Always" port { container_port = 8000 } env { name = "ASR_MODEL" value = "large-v3" } env { name = "ASR_DEVICE" value = "cuda" } env { name = "OPENROUTER_MODEL" value = "deepseek/deepseek-r1-0528:free" } env { name = "OPENROUTER_API_KEY" value_from { secret_key_ref { name = "ytdlp-secrets" key = "openrouter_api_key" } } } env { name = "DATA_PATH" value = "/data" } env { name = "SLACK_BOT_TOKEN" value_from { secret_key_ref { name = "ytdlp-secrets" key = "slack_bot_token" } } } env { name = "SLACK_CHANNEL" value = var.slack_channel } env { name = "REDIS_URL" value = "redis://${var.redis_host}:6379/0" } # Store model cache on NFS to avoid ephemeral storage eviction env { name = "HF_HOME" value = "/data/cache/huggingface" } env { name = "TORCH_HOME" value = "/data/cache/torch" } # Ollama fallback for when OpenRouter models fail env { name = "OLLAMA_URL" value = "http://${var.ollama_host}:11434" } env { name = "OLLAMA_MODEL" value = "qwen2.5:14b" } volume_mount { name = "data" mount_path = "/data" } resources { limits = { "nvidia.com/gpu" = "1" } } liveness_probe { http_get { path = "/health" port = 8000 } initial_delay_seconds = 180 period_seconds = 60 timeout_seconds = 60 failure_threshold = 10 } } volume { name = "data" persistent_volume_claim { claim_name = module.nfs_highlights_data.claim_name } } } } } } resource "kubernetes_service" "yt_highlights" { metadata { name = "yt-highlights" namespace = kubernetes_namespace.ytdlp.metadata[0].name labels = { "app" = "yt-highlights" } } spec { selector = { app = "yt-highlights" } port { name = "http" port = 80 target_port = 8000 protocol = "TCP" } } } module "highlights_ingress" { source = "../../modules/kubernetes/ingress_factory" namespace = kubernetes_namespace.ytdlp.metadata[0].name name = "yt-highlights" tls_secret_name = var.tls_secret_name host = "yt-highlights" protected = true extra_annotations = { "gethomepage.dev/enabled" = "true" "gethomepage.dev/name" = "YT Highlights" "gethomepage.dev/description" = "AI video highlights" "gethomepage.dev/icon" = "youtube.png" "gethomepage.dev/group" = "Media & Entertainment" "gethomepage.dev/pod-selector" = "" } }