--- # Calibre System - Calibre + Calibre-web sharing the same library # Namespace apiVersion: v1 kind: Namespace metadata: name: calibre-system --- # Calibre Deployment (main desktop app with web GUI) apiVersion: apps/v1 kind: Deployment metadata: name: calibre namespace: calibre-system labels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre spec: replicas: 1 strategy: type: Recreate selector: matchLabels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre template: metadata: labels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre annotations: match-regex.version-checker.io/calibre: '^[0-9]{1,2}\.\d+\.\d+$' spec: containers: - name: calibre image: linuxserver/calibre:8.16.2 imagePullPolicy: IfNotPresent env: - name: PUID value: "1000" - name: PGID value: "1000" - name: TZ value: Europe/Budapest # KasmVNC authentication - name: CUSTOM_USER valueFrom: secretKeyRef: name: calibre-auth key: username - name: PASSWORD valueFrom: secretKeyRef: name: calibre-auth key: password ports: - name: http containerPort: 8080 protocol: TCP - name: https containerPort: 8181 protocol: TCP - name: webserver containerPort: 8081 protocol: TCP resources: requests: cpu: 100m memory: 512Mi limits: cpu: "2" memory: 4Gi livenessProbe: tcpSocket: port: http initialDelaySeconds: 120 periodSeconds: 60 timeoutSeconds: 10 failureThreshold: 5 readinessProbe: tcpSocket: port: http initialDelaySeconds: 60 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 volumeMounts: - name: config mountPath: /config - name: books mountPath: /books volumes: - name: config persistentVolumeClaim: claimName: calibre-config - name: books hostPath: path: /mnt/4_hdd/data/calibre type: DirectoryOrCreate --- # Calibre-web Deployment apiVersion: apps/v1 kind: Deployment metadata: name: calibre-web namespace: calibre-system labels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre-web app.kubernetes.io/version: 0.6.25-ls361 spec: replicas: 1 strategy: type: Recreate selector: matchLabels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre-web template: metadata: labels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre-web annotations: match-regex.version-checker.io/calibre-web: '^[0-2]\.\d+\.\d+$' spec: containers: - name: calibre-web image: linuxserver/calibre-web:0.6.25 imagePullPolicy: IfNotPresent env: - name: PUID value: "1000" - name: PGID value: "1000" - name: TZ value: Europe/Budapest # Enable calibre ebook-convert for format conversion - name: DOCKER_MODS value: linuxserver/mods:universal-calibre ports: - name: http containerPort: 8083 protocol: TCP resources: requests: cpu: 100m memory: 256Mi limits: cpu: "1" memory: 1Gi livenessProbe: httpGet: path: / port: http initialDelaySeconds: 60 periodSeconds: 30 timeoutSeconds: 10 failureThreshold: 5 readinessProbe: httpGet: path: / port: http initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 startupProbe: httpGet: path: / port: http periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 60 volumeMounts: - name: config mountPath: /config - name: books mountPath: /books readOnly: false volumes: - name: config persistentVolumeClaim: claimName: calibre-web-config - name: books hostPath: path: /mnt/4_hdd/data/calibre type: DirectoryOrCreate --- # Calibre Service (desktop GUI) apiVersion: v1 kind: Service metadata: name: calibre namespace: calibre-system labels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre app.kubernetes.io/version: v8.16.2-ls375 spec: type: ClusterIP ports: - name: http port: 8080 targetPort: http protocol: TCP - name: https port: 8181 targetPort: https protocol: TCP - name: webserver port: 8081 targetPort: webserver protocol: TCP selector: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre --- # Calibre-web Service apiVersion: v1 kind: Service metadata: name: calibre-web namespace: calibre-system labels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre-web app.kubernetes.io/version: 0.6.25-ls361 spec: type: ClusterIP ports: - name: http port: 8083 targetPort: http protocol: TCP selector: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre-web --- # Calibre Ingress (desktop GUI - for library management) apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: calibre namespace: calibre-system labels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre annotations: cert-manager.io/cluster-issuer: letsencrypt-prod external-dns.alpha.kubernetes.io/hostname: calibre.dooplex.hu,calibre.home nginx.ingress.kubernetes.io/proxy-body-size: "0" nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" nginx.ingress.kubernetes.io/proxy-send-timeout: "3600" nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/configuration-snippet: | set $geo_allowed 0; if ($remote_addr ~ "^192\.168\.") { set $geo_allowed 1; } if ($remote_addr ~ "^10\.") { set $geo_allowed 1; } if ($geoip2_country_code = "HU") { set $geo_allowed 1; } if ($geo_allowed = 0) { return 403 "Access restricted to Hungary"; } spec: ingressClassName: nginx-internal tls: - hosts: - calibre.dooplex.hu secretName: calibre-tls rules: - host: calibre.dooplex.hu http: paths: - path: / pathType: Prefix backend: service: name: calibre port: number: 8080 - host: calibre.home http: paths: - path: / pathType: Prefix backend: service: name: calibre port: number: 8080 --- # Calibre-web Ingress (reading interface) apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: calibre-web namespace: calibre-system labels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre-web annotations: cert-manager.io/cluster-issuer: letsencrypt-prod external-dns.alpha.kubernetes.io/hostname: books.dooplex.hu,books.home nginx.ingress.kubernetes.io/proxy-body-size: "0" nginx.ingress.kubernetes.io/proxy-read-timeout: "600" nginx.ingress.kubernetes.io/proxy-send-timeout: "600" nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/configuration-snippet: | set $geo_allowed 0; if ($remote_addr ~ "^192\.168\.") { set $geo_allowed 1; } if ($remote_addr ~ "^10\.") { set $geo_allowed 1; } if ($geoip2_country_code = "HU") { set $geo_allowed 1; } if ($geo_allowed = 0) { return 403 "Access restricted to Hungary"; } spec: ingressClassName: nginx-internal tls: - hosts: - books.dooplex.hu secretName: calibre-web-tls rules: - host: books.dooplex.hu http: paths: - path: / pathType: Prefix backend: service: name: calibre-web port: number: 8083 - host: books.home http: paths: - path: / pathType: Prefix backend: service: name: calibre-web port: number: 8083 --- # Calibre Config PVC apiVersion: v1 kind: PersistentVolumeClaim metadata: name: calibre-config namespace: calibre-system labels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre recurring-job-group.longhorn.io/needbackup: enabled recurring-job.longhorn.io/source: enabled spec: accessModes: - ReadWriteOnce storageClassName: longhorn resources: requests: storage: 2Gi --- # Calibre-web Config PVC apiVersion: v1 kind: PersistentVolumeClaim metadata: name: calibre-web-config namespace: calibre-system labels: app.kubernetes.io/instance: calibre app.kubernetes.io/name: calibre-web recurring-job-group.longhorn.io/needbackup: enabled recurring-job.longhorn.io/source: enabled spec: accessModes: - ReadWriteOnce storageClassName: longhorn resources: requests: storage: 1Gi