mirror of
https://github.com/nold360/hive-apps
synced 2024-11-20 04:29:26 +00:00
135 lines
2.5 KiB
YAML
135 lines
2.5 KiB
YAML
---
|
|
image:
|
|
repository: lib42/deluge
|
|
tag: "2"
|
|
|
|
podSecurityContext:
|
|
fsGroup: 1000
|
|
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
|
|
ingress:
|
|
main:
|
|
enabled: true
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: "vault-issuer"
|
|
traefik.ingress.kubernetes.io/router.tls: 'true'
|
|
nginx.ingress.kubernetes.io/proxy-body-size: 50m
|
|
hosts:
|
|
- host: torrent.dc
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- secretName: torrent.dc-tls
|
|
hosts:
|
|
- torrent.dc
|
|
|
|
service:
|
|
main:
|
|
enabled: true
|
|
ports:
|
|
http:
|
|
port: 8112
|
|
|
|
env:
|
|
PUID: 1000
|
|
GUID: 1000
|
|
|
|
persistence:
|
|
config:
|
|
enabled: true
|
|
mountPath: /config
|
|
size: 10M
|
|
|
|
# use hostpath instead
|
|
downloads:
|
|
enabled: true
|
|
type: hostPath
|
|
hostPath: /data/torrent
|
|
mountPath: /downloads
|
|
|
|
tmp:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: /tmp
|
|
|
|
cache:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: /home/deluge/.cache
|
|
|
|
## VPN
|
|
addons:
|
|
vpn:
|
|
enabled: true
|
|
|
|
env:
|
|
VPN_SERVICE_PROVIDER: mullvad
|
|
VPN_TYPE: openvpn
|
|
WIREGUARD_ADDRESSES: 10.67.135.224/32
|
|
|
|
DNS_KEEP_NAMESERVER: "on"
|
|
DOT: "on"
|
|
FIREWALL: "on"
|
|
FIREWALL_INPUT_PORTS: "8112,8000"
|
|
FIREWALL_VPN_INPUT_PORTS: 61086
|
|
|
|
envFrom:
|
|
- secretRef:
|
|
name: wireguard-config
|
|
|
|
securityContext:
|
|
capabilities:
|
|
add:
|
|
- NET_ADMIN
|
|
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /v1/openvpn/status
|
|
port: 8000
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 30
|
|
|
|
initContainers:
|
|
init-config:
|
|
image: lib42/deluge:2
|
|
command: ["/bin/sh"]
|
|
args: [ "-c", "([ ! -f /config/core.conf ] && cp -v /defaults/core.conf /config/core.conf) || true"]
|
|
volumeMounts:
|
|
- name: config
|
|
mountPath: /config
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
|
|
additionalContainers:
|
|
deluge-daemon:
|
|
image: lib42/deluge:2
|
|
volumeMounts:
|
|
- name: config
|
|
mountPath: /config
|
|
- name: downloads
|
|
mountPath: /downloads
|
|
- name: cache
|
|
mountPath: /home/deluge/.cache
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|