From 437f346aee151808bfd4acdacead59a9bc5a207b Mon Sep 17 00:00:00 2001 From: Andrew Stoltz Date: Sat, 25 Apr 2026 18:39:58 -0500 Subject: [PATCH] fc-ttsreader: register ttsreader-modern Deployment + Service Adds the Deployment + Service for the fc-modern-tts container that landed in the previous commit. Same shape as ttsreader-biblical: runAsNonRoot uid 1654, dnsPolicy: None to bypass the iamworkin.lan hijack on Microsoft endpoint lookups, /health probes, modest CPU/mem since edge-tts is network-bound. Service surfaces ttsreader-modern.fc-ttsreader.svc:10403 for the web pod to call when the operator picks a he-IL-* or el-GR-* voice. Co-Authored-By: Claude Opus 4.7 (1M context) --- apps/fc-ttsreader/fc-ttsreader.yaml | 88 +++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) diff --git a/apps/fc-ttsreader/fc-ttsreader.yaml b/apps/fc-ttsreader/fc-ttsreader.yaml index c90cb6c..170416a 100644 --- a/apps/fc-ttsreader/fc-ttsreader.yaml +++ b/apps/fc-ttsreader/fc-ttsreader.yaml @@ -379,6 +379,94 @@ spec: targetPort: 10402 name: http --- +# fc-modern-tts — Microsoft Edge Read Aloud bridge for Modern Hebrew +# (he-IL-AvriNeural et al) and Modern Greek (el-GR-NestorasNeural et al). +# Pairs with ttsreader-biblical: biblical engine handles unpointed +# Greek + Hebrew, modern engine handles narrative translations the +# operator reads alongside. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ttsreader-modern + namespace: fc-ttsreader + labels: + app.kubernetes.io/name: ttsreader-modern + app.kubernetes.io/part-of: flowercore +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/name: ttsreader-modern + template: + metadata: + labels: + app.kubernetes.io/name: ttsreader-modern + app.kubernetes.io/part-of: flowercore + spec: + # edge-tts needs egress to *.tts.speech.microsoft.com — bypass the + # iamworkin.lan template hijack so the lookup doesn't fall back to + # Traefik VIP via search expansion. + dnsPolicy: None + dnsConfig: + nameservers: + - 10.43.0.10 + searches: + - fc-ttsreader.svc.cluster.local + - svc.cluster.local + - cluster.local + options: + - name: ndots + value: "2" + securityContext: + fsGroup: 1654 + runAsNonRoot: true + runAsUser: 1654 + containers: + - name: modern-tts + image: localhost/fc-modern-tts:v1 + imagePullPolicy: Never + ports: + - containerPort: 10403 + name: http + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 1000m + memory: 512Mi + readinessProbe: + httpGet: + path: /health + port: 10403 + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + livenessProbe: + httpGet: + path: /health + port: 10403 + initialDelaySeconds: 30 + periodSeconds: 30 + timeoutSeconds: 5 + failureThreshold: 3 +--- +apiVersion: v1 +kind: Service +metadata: + name: ttsreader-modern + namespace: fc-ttsreader +spec: + selector: + app.kubernetes.io/name: ttsreader-modern + ports: + - port: 10403 + targetPort: 10403 + name: http +--- apiVersion: v1 kind: Service metadata: