From 02c99a4308faf726e0238da850f0c7651bd6b850 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Sun, 2 Mar 2025 23:04:20 -0600 Subject: [PATCH] add qbitorrent --- .../cl01tl/platform/qbittorrent/Chart.yaml | 28 +++ .../qbittorrent/templates/config-map.yaml | 20 +++ .../templates/external-secret.yaml | 23 +++ .../qbittorrent/templates/namespace.yaml | 8 + .../templates/persistent-volume-claim.yaml | 40 +++++ .../templates/persistent-volume.yaml | 52 ++++++ .../templates/service-monitor.yaml | 21 +++ .../cl01tl/platform/qbittorrent/values.yaml | 164 ++++++++++++++++++ clusters/cl01tl/platform/unpackerr/Chart.yaml | 22 +++ .../unpackerr/templates/external-secret.yaml | 72 ++++++++ .../templates/persistent-volume-claim.yaml | 19 ++ .../templates/persistent-volume.yaml | 25 +++ .../cl01tl/platform/unpackerr/values.yaml | 67 +++++++ 13 files changed, 561 insertions(+) create mode 100644 clusters/cl01tl/platform/qbittorrent/Chart.yaml create mode 100644 clusters/cl01tl/platform/qbittorrent/templates/config-map.yaml create mode 100644 clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml create mode 100644 clusters/cl01tl/platform/qbittorrent/templates/namespace.yaml create mode 100644 clusters/cl01tl/platform/qbittorrent/templates/persistent-volume-claim.yaml create mode 100644 clusters/cl01tl/platform/qbittorrent/templates/persistent-volume.yaml create mode 100644 clusters/cl01tl/platform/qbittorrent/templates/service-monitor.yaml create mode 100644 clusters/cl01tl/platform/qbittorrent/values.yaml create mode 100644 clusters/cl01tl/platform/unpackerr/Chart.yaml create mode 100644 clusters/cl01tl/platform/unpackerr/templates/external-secret.yaml create mode 100644 clusters/cl01tl/platform/unpackerr/templates/persistent-volume-claim.yaml create mode 100644 clusters/cl01tl/platform/unpackerr/templates/persistent-volume.yaml create mode 100644 clusters/cl01tl/platform/unpackerr/values.yaml diff --git a/clusters/cl01tl/platform/qbittorrent/Chart.yaml b/clusters/cl01tl/platform/qbittorrent/Chart.yaml new file mode 100644 index 000000000..dc3e115c6 --- /dev/null +++ b/clusters/cl01tl/platform/qbittorrent/Chart.yaml @@ -0,0 +1,28 @@ +apiVersion: v2 +name: qbittorrent +version: 1.0.0 +description: qBittorrent +keywords: + - qbittorrent + - downloads + - torrent + - vpn + - metrics +home: https://wiki.alexlebens.dev/doc/qbittorrent-5jBMHjtzCZ +sources: + - https://github.com/qbittorrent/qBittorrent + - https://github.com/qdm12/gluetun + - https://github.com/esanchezm/prometheus-qbittorrent-exporter + - https://docs.linuxserver.io/images/docker-qbittorrent/ + - https://github.com/qdm12/gluetun/pkgs/container/gluetun + - https://hub.docker.com/r/esanchezm/prometheus-qbittorrent-exporter + - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template +maintainers: + - name: alexlebens +dependencies: + - name: app-template + alias: qbittorrent + repository: https://bjw-s.github.io/helm-charts/ + version: 3.7.1 +icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/qbittorrent.png +appVersion: 5.0.2 diff --git a/clusters/cl01tl/platform/qbittorrent/templates/config-map.yaml b/clusters/cl01tl/platform/qbittorrent/templates/config-map.yaml new file mode 100644 index 000000000..ec5c95806 --- /dev/null +++ b/clusters/cl01tl/platform/qbittorrent/templates/config-map.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: glutun-update-script + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: glutun-update-script + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: gluetun + app.kubernetes.io/part-of: {{ .Release.Name }} +data: + update.sh: | + if ! command -v curl 2>&1 >/dev/null + then + echo "curl could not be found, installing"; + apk add curl; + fi; + echo "updating port with $1"; + curl -i -X POST -d "json={\"listen_port\": \"${1}\"}" "http://localhost:8080/api/v2/app/setPreferences"; diff --git a/clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml b/clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml new file mode 100644 index 000000000..afa2f8621 --- /dev/null +++ b/clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml @@ -0,0 +1,23 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: qbittorrent-wireguard-conf + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: qbittorrent-wireguard-conf + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: private-key + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /protonvpn/conf/cl01tl + metadataPolicy: None + property: private-key diff --git a/clusters/cl01tl/platform/qbittorrent/templates/namespace.yaml b/clusters/cl01tl/platform/qbittorrent/templates/namespace.yaml new file mode 100644 index 000000000..b1b75cd6f --- /dev/null +++ b/clusters/cl01tl/platform/qbittorrent/templates/namespace.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: qbittorrent + labels: + pod-security.kubernetes.io/audit: privileged + pod-security.kubernetes.io/enforce: privileged + pod-security.kubernetes.io/warn: privileged diff --git a/clusters/cl01tl/platform/qbittorrent/templates/persistent-volume-claim.yaml b/clusters/cl01tl/platform/qbittorrent/templates/persistent-volume-claim.yaml new file mode 100644 index 000000000..1ffe67f2a --- /dev/null +++ b/clusters/cl01tl/platform/qbittorrent/templates/persistent-volume-claim.yaml @@ -0,0 +1,40 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: qbittorrent-config + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: qbittorrent-config + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: storage + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + volumeName: qbittorrent-config + storageClassName: nfs-client + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: qbittorrent-nfs-storage + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: {{ .Release.Name }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: storage + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + volumeName: qbittorrent-nfs-storage + storageClassName: nfs-client + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi diff --git a/clusters/cl01tl/platform/qbittorrent/templates/persistent-volume.yaml b/clusters/cl01tl/platform/qbittorrent/templates/persistent-volume.yaml new file mode 100644 index 000000000..d228daca4 --- /dev/null +++ b/clusters/cl01tl/platform/qbittorrent/templates/persistent-volume.yaml @@ -0,0 +1,52 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: qbittorrent-config + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: qbittorrent-config + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: storage + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + persistentVolumeReclaimPolicy: Retain + storageClassName: nfs-client + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + nfs: + path: /volume2/Storage/Torrent/QBITTORRENT + server: synologybond.alexlebens.net + mountOptions: + - vers=4 + - minorversion=1 + - noac + +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: qbittorrent-nfs-storage + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: qbittorrent-nfs-storage + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: storage + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + persistentVolumeReclaimPolicy: Retain + storageClassName: nfs-client + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + nfs: + path: /volume2/Storage + server: synologybond.alexlebens.net + mountOptions: + - vers=4 + - minorversion=1 + - noac diff --git a/clusters/cl01tl/platform/qbittorrent/templates/service-monitor.yaml b/clusters/cl01tl/platform/qbittorrent/templates/service-monitor.yaml new file mode 100644 index 000000000..2e788707a --- /dev/null +++ b/clusters/cl01tl/platform/qbittorrent/templates/service-monitor.yaml @@ -0,0 +1,21 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: qbittorrent + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: qbittorrent + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + endpoints: + - port: metrics + interval: 30s + scrapeTimeout: 15s + path: /metrics + selector: + matchLabels: + app.kubernetes.io/name: qbittorrent + app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/clusters/cl01tl/platform/qbittorrent/values.yaml b/clusters/cl01tl/platform/qbittorrent/values.yaml new file mode 100644 index 000000000..9a840e6c5 --- /dev/null +++ b/clusters/cl01tl/platform/qbittorrent/values.yaml @@ -0,0 +1,164 @@ +qbittorrent: + controllers: + main: + type: deployment + replicas: 1 + strategy: Recreate + revisionHistoryLimit: 3 + initContainers: + init-sysctl: + image: + repository: busybox + tag: 1.37.0 + pullPolicy: IfNotPresent + securityContext: + privileged: True + resources: + requests: + cpu: 100m + memory: 128Mi + command: + - /bin/sh + args: + - -ec + - | + sysctl -w net.ipv4.ip_forward=1; + sysctl -w net.ipv6.conf.all.disable_ipv6=1 + containers: + qbittorrent: + image: + repository: ghcr.io/linuxserver/qbittorrent + tag: 5.0.4@sha256:81a71641d2ee65fbecfabf3388f0d6b7b053e7266658b1fb7efee8900d06f010 + pullPolicy: IfNotPresent + env: + - name: TZ + value: US/Central + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: UMASK_SET + value: "002" + - name: WEBUI_PORT + value: 8080 + resources: + requests: + cpu: 500m + memory: 1Gi + gluetun: + image: + repository: ghcr.io/qdm12/gluetun + tag: v3.40.0@sha256:2b42bfa046757145a5155acece417b65b4443c8033fb88661a8e9dcf7fda5a00 + pullPolicy: IfNotPresent + env: + - name: VPN_SERVICE_PROVIDER + value: protonvpn + - name: VPN_TYPE + value: wireguard + - name: WIREGUARD_PRIVATE_KEY + valueFrom: + secretKeyRef: + name: qbittorrent-wireguard-conf + key: private-key + - name: VPN_PORT_FORWARDING + value: "on" + - name: VPN_PORT_FORWARDING_UP_COMMAND + value: '/bin/sh -c "/gluetun/update.sh {{ printf "{{PORTS}}" }}"' + - name: PORT_FORWARD_ONLY + value: "on" + - name: FIREWALL_OUTBOUND_SUBNETS + value: 192.168.1.0/24,10.244.0.0/16 + - name: FIREWALL_INPUT_PORTS + value: 8080,9022 + - name: DOT + value: "off" + securityContext: + privileged: True + capabilities: + add: + - NET_ADMIN + - SYS_MODULE + resources: + limits: + squat.ai/tun: "1" + requests: + cpu: 10m + memory: 64Mi + exporter: + image: + repository: esanchezm/prometheus-qbittorrent-exporter + tag: v1.6.0 + pullPolicy: IfNotPresent + env: + - name: QBITTORRENT_HOST + value: localhost + - name: QBITTORRENT_PORT + value: "8080" + - name: EXPORTER_PORT + value: "9022" + - name: EXPORTER_LOG_LEVEL + value: INFO + resources: + requests: + cpu: 10m + memory: 64Mi + serviceAccount: + create: true + service: + main: + controller: main + ports: + http: + port: 8080 + targetPort: 8080 + protocol: HTTP + health: + port: 9999 + targetPort: 9999 + protocol: HTTP + metrics: + port: 9022 + targetPort: 9022 + protocol: HTTP + ingress: + tailscale: + enabled: true + className: tailscale + hosts: + - host: qbittorrent-cl01tl + paths: + - path: / + pathType: Prefix + service: + name: qbittorrent + port: 8080 + tls: + - hosts: + - qbittorrent-cl01tl + persistence: + config: + type: persistentVolumeClaim + existingClaim: qbittorrent-config + advancedMounts: + main: + qbittorrent: + - path: /config + readOnly: false + update-script: + enabled: true + type: configMap + name: glutun-update-script + defaultMode: 0755 + advancedMounts: + main: + gluetun: + - path: /gluetun/update.sh + subPath: update.sh + storage: + type: persistentVolumeClaim + existingClaim: qbittorrent-nfs-storage + advancedMounts: + main: + qbittorrent: + - path: /mnt/store + readOnly: false diff --git a/clusters/cl01tl/platform/unpackerr/Chart.yaml b/clusters/cl01tl/platform/unpackerr/Chart.yaml new file mode 100644 index 000000000..7234580a1 --- /dev/null +++ b/clusters/cl01tl/platform/unpackerr/Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v2 +name: unpackerr +version: 1.0.0 +description: Unpackerr +keywords: + - unpackerr + - archive + - servarr +home: https://wiki.alexlebens.dev/doc/unpackerr-ZCcVdSxo4s +sources: + - https://github.com/Unpackerr/unpackerr + - https://hub.docker.com/r/golift/unpackerr + - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template +maintainers: + - name: alexlebens +dependencies: + - name: app-template + alias: unpackerr + repository: https://bjw-s.github.io/helm-charts/ + version: 3.7.1 +icon: https://avatars.githubusercontent.com/u/104323643?s=48&v=4 +appVersion: 0.14.5 diff --git a/clusters/cl01tl/platform/unpackerr/templates/external-secret.yaml b/clusters/cl01tl/platform/unpackerr/templates/external-secret.yaml new file mode 100644 index 000000000..5a114caff --- /dev/null +++ b/clusters/cl01tl/platform/unpackerr/templates/external-secret.yaml @@ -0,0 +1,72 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: unpackerr-key-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: unpackerr-key-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: UN_SONARR_0_API_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/sonarr4/key + metadataPolicy: None + property: key + - secretKey: UN_SONARR_1_API_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/sonarr4-4k/key + metadataPolicy: None + property: key + - secretKey: UN_SONARR_2_API_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/sonarr4-anime/key + metadataPolicy: None + property: key + - secretKey: UN_RADARR_0_API_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/radarr5/key + metadataPolicy: None + property: key + - secretKey: UN_RADARR_1_API_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/radarr5-4k/key + metadataPolicy: None + property: key + - secretKey: UN_RADARR_2_API_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/radarr5-anime/key + metadataPolicy: None + property: key + - secretKey: UN_RADARR_3_API_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/radarr5-standup/key + metadataPolicy: None + property: key + - secretKey: UN_LIDARR_0_API_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/lidarr2/key + metadataPolicy: None + property: key diff --git a/clusters/cl01tl/platform/unpackerr/templates/persistent-volume-claim.yaml b/clusters/cl01tl/platform/unpackerr/templates/persistent-volume-claim.yaml new file mode 100644 index 000000000..6718f0752 --- /dev/null +++ b/clusters/cl01tl/platform/unpackerr/templates/persistent-volume-claim.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: unpackerr-nfs-storage + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: unpackerr-nfs-storage + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: storage + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + volumeName: unpackerr-nfs-storage + storageClassName: nfs-client + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi diff --git a/clusters/cl01tl/platform/unpackerr/templates/persistent-volume.yaml b/clusters/cl01tl/platform/unpackerr/templates/persistent-volume.yaml new file mode 100644 index 000000000..bff4dd12b --- /dev/null +++ b/clusters/cl01tl/platform/unpackerr/templates/persistent-volume.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: unpackerr-nfs-storage + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: unpackerr-nfs-storage + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: storage + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + persistentVolumeReclaimPolicy: Retain + storageClassName: nfs-client + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + nfs: + path: /volume2/Storage + server: synologybond.alexlebens.net + mountOptions: + - vers=4 + - minorversion=1 + - noac diff --git a/clusters/cl01tl/platform/unpackerr/values.yaml b/clusters/cl01tl/platform/unpackerr/values.yaml new file mode 100644 index 000000000..9ccad5edd --- /dev/null +++ b/clusters/cl01tl/platform/unpackerr/values.yaml @@ -0,0 +1,67 @@ +unpackerr: + controllers: + main: + type: deployment + replicas: 1 + strategy: Recreate + revisionHistoryLimit: 3 + containers: + main: + image: + repository: golift/unpackerr + tag: 0.14.5 + pullPolicy: IfNotPresent + env: + - name: TZ + value: US/Central + - name: UN_WEBSERVER_METRICS + value: true + - name: UN_SONARR_0_URL + value: http://sonarr4.sonarr4:80 + - name: UN_SONARR_0_PATHS_0 + value: /mnt/store/Torrent/FINISHED/COMPLETED + - name: UN_SONARR_1_URL + value: http://sonarr4-4k.sonarr4-4k:80 + - name: UN_SONARR_1_PATHS_0 + value: /mnt/store/Torrent/FINISHED/COMPLETED + - name: UN_SONARR_2_URL + value: http://sonarr4-anime.sonarr4-anime:80 + - name: UN_SONARR_2_PATHS_0 + value: /mnt/store/Torrent/FINISHED/COMPLETED + - name: UN_RADARR_0_URL + value: http://radarr5.radarr5:80 + - name: UN_RADARR_0_PATHS_0 + value: /mnt/store/Torrent/FINISHED/COMPLETED + - name: UN_RADARR_1_URL + value: http://radarr5-4k.radarr5-4k:80 + - name: UN_RADARR_1_PATHS_0 + value: /mnt/store/Torrent/FINISHED/COMPLETED + - name: UN_RADARR_2_URL + value: http://radarr5-anime.radarr5-anime:80 + - name: UN_RADARR_2_PATHS_0 + value: /mnt/store/Torrent/FINISHED/COMPLETED + - name: UN_RADARR_3_URL + value: http://radarr5-standup.radarr5-standup:80 + - name: UN_RADARR_3_PATHS_0 + value: /mnt/store/Torrent/FINISHED/COMPLETED + - name: UN_LIDARR_0_URL + value: http://lidarr2.lidarr2:80 + - name: UN_LIDARR_0_PATHS_0 + value: /mnt/store/Torrent/FINISHED/COMPLETED + envFrom: + - secretRef: + name: unpackerr-key-secret + resources: + requests: + cpu: 10m + memory: 128Mi + serviceAccount: + create: true + persistence: + storage: + existingClaim: unpackerr-nfs-storage + advancedMounts: + main: + main: + - path: /mnt/store + readOnly: false