diff --git a/clusters/cl01tl/applications/homepage/values.yaml b/clusters/cl01tl/applications/homepage/values.yaml index 6dbec636b..fcb8590ec 100644 --- a/clusters/cl01tl/applications/homepage/values.yaml +++ b/clusters/cl01tl/applications/homepage/values.yaml @@ -627,6 +627,12 @@ homepage: siteMonitor: http://slskd.slskd:5030 statusStyle: dot - Services (Servarr): + - qUI: + icon: https://raw.githubusercontent.com/autobrr/qui/8487c818886df9abb2b1456f43b54e0ba180a2bd/web/public/icons.svg + description: Qbitorrent UI + href: https://qui.alexlebens.net + siteMonitor: http://qui.qbittorrent:80 + statusStyle: dot - qBittorrent: icon: sh-qbittorrent.webp description: P2P Downloads diff --git a/clusters/cl01tl/platform/qbittorrent/Chart.yaml b/clusters/cl01tl/platform/qbittorrent/Chart.yaml index e5066c1ec..3a263b1d6 100644 --- a/clusters/cl01tl/platform/qbittorrent/Chart.yaml +++ b/clusters/cl01tl/platform/qbittorrent/Chart.yaml @@ -27,4 +27,4 @@ dependencies: repository: https://bjw-s-labs.github.io/helm-charts/ version: 4.3.0 icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/qbittorrent.png -appVersion: 5.1.0 +appVersion: 5.1.2 diff --git a/clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml b/clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml index acbbd67f7..050eabcc7 100644 --- a/clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml +++ b/clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml @@ -42,3 +42,33 @@ spec: key: /cl01tl/qbittorrent/qbit-manage metadataPolicy: None property: ntfy-url + +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: qui-oidc-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: qui-oidc-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: secret + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /authentik/oidc/qui + metadataPolicy: None + property: secret + - secretKey: key + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /authentik/oidc/qui + metadataPolicy: None + property: client diff --git a/clusters/cl01tl/platform/qbittorrent/templates/http-route.yaml b/clusters/cl01tl/platform/qbittorrent/templates/http-route.yaml index c742c407a..c938b7f16 100644 --- a/clusters/cl01tl/platform/qbittorrent/templates/http-route.yaml +++ b/clusters/cl01tl/platform/qbittorrent/templates/http-route.yaml @@ -26,3 +26,33 @@ spec: name: qbittorrent port: 8080 weight: 100 + +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: http-route-qui + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: http-route-qui + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - qui.alexlebens.net + rules: + - matches: + - path: + type: PathPrefix + value: / + backendRefs: + - group: '' + kind: Service + name: qui + port: 80 + weight: 100 diff --git a/clusters/cl01tl/platform/qbittorrent/templates/service-monitor.yaml b/clusters/cl01tl/platform/qbittorrent/templates/service-monitor.yaml index 2a47162ee..887c6d096 100644 --- a/clusters/cl01tl/platform/qbittorrent/templates/service-monitor.yaml +++ b/clusters/cl01tl/platform/qbittorrent/templates/service-monitor.yaml @@ -40,3 +40,25 @@ spec: app.kubernetes.io/service: qbittorrent-qbit-manage app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} + +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: qbittorrent-qui + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: qbittorrent-qui + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + endpoints: + - port: metrics + interval: 30s + scrapeTimeout: 15s + path: /metrics + selector: + matchLabels: + app.kubernetes.io/service: qbittorrent-qui + app.kubernetes.io/name: {{ .Release.Name }} + app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/clusters/cl01tl/platform/qbittorrent/values.yaml b/clusters/cl01tl/platform/qbittorrent/values.yaml index 875e2789d..f04948c0f 100644 --- a/clusters/cl01tl/platform/qbittorrent/values.yaml +++ b/clusters/cl01tl/platform/qbittorrent/values.yaml @@ -177,6 +177,40 @@ qbittorrent: requests: cpu: 10m memory: 128Mi + qui: + type: deployment + replicas: 1 + strategy: Recreate + revisionHistoryLimit: 3 + containers: + qui: + image: + repository: ghcr.io/autobrr/qui + tag: v1.4.0 + pullPolicy: IfNotPresent + env: + - name: QUI__METRICS_ENABLED + value: true + - name: QUI__OIDC_ENABLED + value: true + - name: QUI__OIDC_ISSUER + value: https://auth.alexlebens.dev/application/o/qui/ + - name: QUI__OIDC_CLIENT_ID + valueFrom: + secretKeyRef: + name: qui-oidc-secret + key: client + - name: QUI__OIDC_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: qui-oidc-secret + key: secret + - name: QUI__OIDC_DISABLE_BUILT_IN_LOGIN + value: false + resources: + requests: + cpu: 10m + memory: 128Mi service: main: controller: main @@ -201,6 +235,17 @@ qbittorrent: port: 8000 targetPort: 8000 protocol: HTTP + qui: + controller: qui + ports: + http: + port: 80 + targetPort: 7476 + protocol: HTTP + metrics: + port: 9074 + targetPort: 9074 + protocol: HTTP persistence: config: type: persistentVolumeClaim @@ -270,6 +315,16 @@ qbittorrent: qbit-manage: - path: /app/var readOnly: false + qui-config-data: + storageClass: ceph-block + accessMode: ReadWriteOnce + size: 1Gi + retain: true + advancedMounts: + qui: + iqui: + - path: /config + readOnly: false storage: type: persistentVolumeClaim existingClaim: qbittorrent-nfs-storage diff --git a/clusters/cl01tl/services/blocky/values.yaml b/clusters/cl01tl/services/blocky/values.yaml index 3b6ca590a..b82e31209 100644 --- a/clusters/cl01tl/services/blocky/values.yaml +++ b/clusters/cl01tl/services/blocky/values.yaml @@ -147,6 +147,7 @@ blocky: prometheus IN CNAME traefik-cl01tl prowlarr IN CNAME traefik-cl01tl qbittorrent IN CNAME traefik-cl01tl + qui IN CNAME traefik-cl01tl radarr IN CNAME traefik-cl01tl radarr-4k IN CNAME traefik-cl01tl radarr-anime IN CNAME traefik-cl01tl diff --git a/hosts/ps08rp/blocky/config.yml b/hosts/ps08rp/blocky/config.yml index f2e5a6eef..c81a910ad 100644 --- a/hosts/ps08rp/blocky/config.yml +++ b/hosts/ps08rp/blocky/config.yml @@ -123,6 +123,7 @@ customDNS: prometheus IN CNAME traefik-cl01tl prowlarr IN CNAME traefik-cl01tl qbittorrent IN CNAME traefik-cl01tl + qui IN CNAME traefik-cl01tl radarr IN CNAME traefik-cl01tl radarr-4k IN CNAME traefik-cl01tl radarr-anime IN CNAME traefik-cl01tl diff --git a/hosts/ps09rp/blocky/config.yml b/hosts/ps09rp/blocky/config.yml index f2e5a6eef..c81a910ad 100644 --- a/hosts/ps09rp/blocky/config.yml +++ b/hosts/ps09rp/blocky/config.yml @@ -123,6 +123,7 @@ customDNS: prometheus IN CNAME traefik-cl01tl prowlarr IN CNAME traefik-cl01tl qbittorrent IN CNAME traefik-cl01tl + qui IN CNAME traefik-cl01tl radarr IN CNAME traefik-cl01tl radarr-4k IN CNAME traefik-cl01tl radarr-anime IN CNAME traefik-cl01tl