--- image: repository: ghcr.io/onedr0p/qbittorrent tag: 4.5.2 ingress: main: enabled: true annotations: cert-manager.io/cluster-issuer: "vault-issuer" nginx.ingress.kubernetes.io/proxy-body-size: 50m hosts: - host: qbittorrent.dc paths: - path: / pathType: Prefix tls: - secretName: qbittorrent-tls hosts: - qbittorrent.dc service: main: enabled: true ports: http: port: 8080 podSecurityContext: # Disable IPv6 support for gluetun: sysctls: - name: net.ipv6.conf.all.disable_ipv6 value: "1" fsGroup: 568 fsGroupChangePolicy: "OnRootMismatch" supplementalGroups: - 100 persistence: config: enabled: true mountPath: /config size: 10M # for custom themes: theme: enabled: false mountpath: /theme type: emptyDir ## example used hostpath instead downloads: enabled: true type: hostPath hostPath: /data/media/torrent mountPath: /downloads ## Install custom Theme # initContainers: # init-config: # image: alpine/git # args: # - "clone" # - "--depth" # - "1" # - "https://github.com/dracula/qbittorrent.git" # - "/theme" # volumeMounts: # - name: theme # mountPath: /theme # securityContext: # runAsNonRoot: true # privileged: false # readOnlyRootFilesystem: true # allowPrivilegeEscalation: false # capabilities: # drop: # - ALL ## VPN addons: vpn: enabled: true env: VPN_SERVICE_PROVIDER: mullvad VPN_TYPE: openvpn WIREGUARD_ADDRESSES: 10.67.135.224/32 DNS_KEEP_NAMESERVER: "on" DOT: "on" FIREWALL: "on" FIREWALL_INPUT_PORTS: "8080,8000" FIREWALL_VPN_INPUT_PORTS: 61086 envFrom: - secretRef: name: wireguard-config securityContext: capabilities: add: - NET_ADMIN livenessProbe: httpGet: path: /v1/openvpn/status port: 8000 initialDelaySeconds: 30 periodSeconds: 30