sbbb/base/media/kustomization.yaml

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

namespace: media

resources:
  - namespace.yaml
  - vault-secrets.yaml
  - livekit-alertrules.yaml
  # livekit-servicemonitor.yaml disabled — LiveKit runs on hostNetwork and port 6789
  # is not reachable from Prometheus due to host firewall. Open port 6789 on the host
  # or add an iptables rule, then re-enable.

helmCharts:
  # helm repo add livekit https://helm.livekit.io
  # releaseName=livekit-server matches chart name → Helm deduplicates the prefix,
  # so resources are named `livekit-server` instead of `livekit-livekit-server`.
  - name: livekit-server
    repo: https://helm.livekit.io
    version: "1.9.0"
    releaseName: livekit-server
    namespace: media
    valuesFile: livekit-values.yaml

# The livekit-server chart does not set .Release.Namespace in its templates,
# so kustomize's namespace field doesn't inject it automatically.
# Patch namespace onto each chart-rendered resource explicitly.
patches:
  - patch: |
      - op: add
        path: /metadata/namespace
        value: media
    target:
      kind: Deployment
      name: livekit-server
  - patch: |
      - op: add
        path: /metadata/namespace
        value: media
    target:
      kind: Service
      name: livekit-server
  - patch: |
      - op: add
        path: /metadata/namespace
        value: media
    target:
      kind: Service
      name: livekit-server-turn
  - patch: |
      - op: add
        path: /metadata/namespace
        value: media
    target:
      kind: ConfigMap
      name: livekit-server