From e029408a0840b9221bf52c96b47302083dbb0cad Mon Sep 17 00:00:00 2001 From: nold Date: Sat, 8 Apr 2023 14:46:07 +0200 Subject: [PATCH] add(qbittorrent) --- projects/downloader/project.yml | 14 +++ projects/downloader/values/qbittorrent.yaml | 111 ++++++++++++++++++++ 2 files changed, 125 insertions(+) create mode 100644 projects/downloader/values/qbittorrent.yaml diff --git a/projects/downloader/project.yml b/projects/downloader/project.yml index 016e2ab7..efb28f44 100644 --- a/projects/downloader/project.yml +++ b/projects/downloader/project.yml @@ -17,6 +17,20 @@ apps: include: - ingress-internal +- name: qbittorrent + # repoURL: https://lib42.github.io/charts + repoURL: https://github.com/lib42/charts + #chart: deluge + #targetRevision: 1.3.0 + targetRevision: add/qbittorrent + path: charts/qbittorrent + secrets: + - name: openvpn + fromApp: deluge + keys: + - VPN_AUTH + - vpnConfigfile + - name: youtubedl repoURL: https://k8s-at-home.com/charts/ chart: youtubedl-material diff --git a/projects/downloader/values/qbittorrent.yaml b/projects/downloader/values/qbittorrent.yaml new file mode 100644 index 00000000..95847503 --- /dev/null +++ b/projects/downloader/values/qbittorrent.yaml @@ -0,0 +1,111 @@ +--- +image: + repository: ghcr.io/onedr0p/qbittorrent + tag: 4.5.2 + +ingress: + main: + enabled: true + annotations: + cert-manager.io/cluster-issuer: "vault-issuer" + nginx.ingress.kubernetes.io/proxy-body-size: 50m + hosts: + - host: qbittorrent.dc + paths: + - path: / + pathType: Prefix + tls: + - secretName: qbittorrent-tls + hosts: + - qbittorrent.dc + +service: + main: + enabled: true + ports: + http: + port: 8080 + +podSecurityContext: + # Disable IPv6 support for gluetun: + sysctls: + - name: net.ipv6.conf.all.disable_ipv6 + value: "1" + fsGroup: 568 + fsGroupChangePolicy: "OnRootMismatch" + supplementalGroups: + - 100 + +persistence: + config: + enabled: true + mountPath: /config + size: 10M + + # for custom themes: + theme: + enabled: false + mountpath: /theme + type: emptyDir + + ## example used hostpath instead + downloads: + enabled: true + type: hostPath + hostPath: /data/media/torrent + mountPath: /downloads + + +## Install custom Theme +# initContainers: +# init-config: +# image: alpine/git +# args: +# - "clone" +# - "--depth" +# - "1" +# - "https://github.com/dracula/qbittorrent.git" +# - "/theme" +# volumeMounts: +# - name: theme +# mountPath: /theme +# securityContext: +# runAsNonRoot: true +# privileged: false +# readOnlyRootFilesystem: true +# allowPrivilegeEscalation: false +# capabilities: +# drop: +# - ALL + +## VPN +addons: + vpn: + enabled: true + + env: + VPN_SERVICE_PROVIDER: mullvad + VPN_TYPE: openvpn + WIREGUARD_ADDRESSES: 10.67.135.224/32 + + DNS_KEEP_NAMESERVER: "on" + DOT: "on" + FIREWALL: "on" + FIREWALL_INPUT_PORTS: "8080,8000" + FIREWALL_VPN_INPUT_PORTS: 61086 + + envFrom: + - secretRef: + name: wireguard-config + + securityContext: + capabilities: + add: + - NET_ADMIN + + livenessProbe: + httpGet: + path: /v1/openvpn/status + port: 8000 + initialDelaySeconds: 30 + periodSeconds: 30