alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 3 Actions Activity

migrate
Some checks failed
lint-test-helm / helm-lint (push) Successful in 11s
Details
renovate / renovate (push) Successful in 1m18s
Details
render-manifests / render-manifests-helm (push) Failing after 2m22s
Details

Browse Source
This commit is contained in:
Alex Lebens
2025-12-01 20:50:19 -06:00
parent 6da426af29
commit b52d76cc58
207 changed files with 294 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
clusters/cl01tl/helm/qbittorrent/Chart.lock Normal file
View File

@@ -0,0 +1,6 @@
dependencies:
- name: app-template
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.4.0
digest: sha256:b30af09e68e423bcecb84644d716fc98fc04556bd2bef45a315b0b0941dd7035
generated: "2025-12-01T20:27:01.953075-06:00"

30
clusters/cl01tl/helm/qbittorrent/Chart.yaml Normal file
View File

@@ -0,0 +1,30 @@
apiVersion: v2
name: qbittorrent
version: 1.0.0
description: qBittorrent
keywords:
- qbittorrent
- downloads
- torrent
- vpn
- metrics
home: https://wiki.alexlebens.dev/s/832cd960-0ae1-4637-873a-d83c4c24b911
sources:
- https://github.com/qbittorrent/qBittorrent
- https://github.com/qdm12/gluetun
- https://github.com/esanchezm/prometheus-qbittorrent-exporter
- https://github.com/StuffAnThings/qbit_manage
- https://docs.linuxserver.io/images/docker-qbittorrent/
- https://github.com/qdm12/gluetun/pkgs/container/gluetun
- https://hub.docker.com/r/esanchezm/prometheus-qbittorrent-exporter
- https://github.com/stuffanthings/qbit_manage/pkgs/container/qbit_manage
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: qbittorrent
repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.4.0
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/qbittorrent.png
appVersion: 5.1.2

186
clusters/cl01tl/helm/qbittorrent/templates/config-map.yaml Normal file
View File

@@ -0,0 +1,186 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: glutun-update-script
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: glutun-update-script
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
data:
update.sh: |
if ! command -v curl 2>&1 >/dev/null
then
echo "curl could not be found, installing";
apk add curl;
fi;
echo "updating port with $1";
curl -i -X POST -d "json={\"listen_port\": \"${1}\"}" "http://localhost:8080/api/v2/app/setPreferences";
---
apiVersion: v1
kind: ConfigMap
metadata:
name: qbit-manage-config
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbit-manage-config
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
data:
config.yml: |
# Please refer to the link below for more details on how to set up the configuration file
# https://github.com/StuffAnThings/qbit_manage/wiki/Config-Setup
commands:
dry_run: false
recheck: true
cat_update: true
tag_update: true
rem_unregistered: true
tag_tracker_error: true
rem_orphaned: true
tag_nohardlinks: false
share_limits: true
skip_qb_version_check: true
skip_cleanup: false
qbt:
host: qbittorrent.qbittorrent:8080
user:
pass:
settings:
force_auto_tmm: true
tracker_error_tag: tracker-error
share_limits_tag: share-limit
share_limits_min_seeding_time_tag: seed-time-not-reached
cat_filter_completed: false
share_limits_filter_completed: false
rem_unregistered_filter_completed: false
cat_update_all: true
disable_qbt_default_share_limits: true
tag_stalled_torrents: true
nohardlinks_tag: no-hardlinks
stalled_tag: stalled
share_limits_min_num_seeds_tag: min-seeds-not-reached
share_limits_last_active_tag: last-active-not-reached
tag_nohardlinks_filter_completed: true
force_auto_tmm_ignore_tags: []
rem_unregistered_ignore_list: []
directory:
root_dir: /mnt/store/Torrent/
recycle_bin: /qbittorrent/Trash
torrents_dir: /qbittorrent/qBittorrent/BT_backup
orphaned_dir: /qbittorrent/Orphaned
cat:
lidarr: /mnt/store/Torrent/FINISHED/LIDARR
prowlarr: /mnt/store/Torrent/FINISHED/SAVE
radarr: /mnt/store/Torrent/FINISHED/RADARR
radarr-4k: /mnt/store/Torrent/FINISHED/RADARR4K
radarr-anime: /mnt/store/Torrent/FINISHED/RADARRANIME
radarr-standup: /mnt/store/Torrent/FINISHED/RADARRSTANDUP
sonarr: /mnt/store/Torrent/FINISHED/SONARR
sonarr-4k: /mnt/store/Torrent/FINISHED/SONARR4K
sonarr-anime: /mnt/store/Torrent/FINISHED/SONARRANIME
-< ZIM: /mnt/store/Kiwix
-< SAVE: /mnt/store/Torrent/FINISHED/SAVE
-< IMPORT: /mnt/store/Torrent/FINISHED/IMPORT
-< COMPLETED: /mnt/store/Torrent/FINISHED/COMPLETED
tracker:
alpharatio.cc:
tag: AlphaRatio
avistaz:
tag: Avistaz
cathode-ray.tube:
tag: CathodeRayTube
mvgroup.org:
tag: MVGroup
torrentleech|tleechreload:
tag: TorrentLeech
archive.org:
tag: InternetArchive
openzim.org:
tag: Zim
coppersurfer.tk|arenabg.com|explodie.org|tfile.co|1337x.org|zer0day.to|i2p.rocks|ccc.de|nwps.ws|opentrackr.org:
tag: Other
share_limits:
private:
priority: 1
include_any_tags:
- AlphaRatio
- TorrentLeech
categories:
- -< COMPLETED
max_ratio: 2.0
min_seeding_time: 14d
max_seeding_time: 30d
min_num_seeds: 2
last_active: 3d
cleanup: true
# save:
# priority: 2
# categories:
# - -< SAVE
# max_ratio: 2.0
# min_seeding_time: 14d
# max_seeding_time: 30d
# min_num_seeds: 2
# last_active: 30d
# cleanup: false
# zim:
# priority: 3
# categories:
# - -< ZIM
# max_ratio: 2.0
# min_seeding_time: 14d
# max_seeding_time: 30d
# min_num_seeds: 2
# last_active: 30d
# cleanup: false
default:
priority: 999
include_any_tags:
- Other
categories:
- -< COMPLETED
max_seeding_time: 3d
limit_upload_speed: 100
cleanup: true
recyclebin:
enabled: true
empty_after_x_days: 7
save_torrents: true
split_by_category: true
orphaned:
empty_after_x_days: 30
exclude_patterns:
- /mnt/store/Torrent/QBITTORRENT/*
- /mnt/store/Torrent/TORRENT/*
- /mnt/store/Torrent/DOWNLOADING/*
- '**/.DS_Store'
- '**/Thumbs.db'
- '**/@eaDir'
- '**/*.!qB'
- '**/*_unpackerred'
max_orphaned_files_to_delete: 50
# apprise:
# api_url: http://localhost:8000/notify
# notify_url: ""
#
# webhooks:
# error: apprise
# run_start: apprise
# run_end: apprise
# function:
# rem_orphaned: apprise
# cleanup_dirs: apprise
# tag_tracker_error:
# share_limits:

74
clusters/cl01tl/helm/qbittorrent/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,74 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: qbittorrent-wireguard-conf
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-wireguard-conf
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: private-key
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /protonvpn/conf/cl01tl
metadataPolicy: None
property: private-key
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: qbittorrent-qbit-manage-config
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-qbit-manage-config
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: ntfy-url
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/qbittorrent/qbit-manage
metadataPolicy: None
property: ntfy-url
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: qui-oidc-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qui-oidc-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: secret
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/qui
metadataPolicy: None
property: secret
- secretKey: client
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/qui
metadataPolicy: None
property: client

58
clusters/cl01tl/helm/qbittorrent/templates/http-route.yaml Normal file
View File

@@ -0,0 +1,58 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http-route-qbittorrent
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: http-route-qbittorrent
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- qbittorrent.alexlebens.net
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- group: ''
kind: Service
name: qbittorrent
port: 8080
weight: 100
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http-route-qui
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: http-route-qui
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- qui.alexlebens.net
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- group: ''
kind: Service
name: qbittorrent-qui
port: 80
weight: 100

11
clusters/cl01tl/helm/qbittorrent/templates/namespace.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v1
kind: Namespace
metadata:
name: qbittorrent
labels:
app.kubernetes.io/name: qbittorrent
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/warn: privileged

36
clusters/cl01tl/helm/qbittorrent/templates/persistent-volume-claim.yaml Normal file
View File

@@ -0,0 +1,36 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: qbittorrent-config
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-config
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: qbittorrent-config
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: qbittorrent-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: qbittorrent-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi

48
clusters/cl01tl/helm/qbittorrent/templates/persistent-volume.yaml Normal file
View File

@@ -0,0 +1,48 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: qbittorrent-config
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-config
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Torrent/QBITTORRENT
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: qbittorrent-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac

64
clusters/cl01tl/helm/qbittorrent/templates/service-monitor.yaml Normal file
View File

@@ -0,0 +1,64 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: qbittorrent
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
endpoints:
- port: metrics
interval: 30s
scrapeTimeout: 15s
path: /metrics
selector:
matchLabels:
app.kubernetes.io/service: qbittorrent
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: qbittorrent-apprise
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-apprise
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
endpoints:
- port: apprise
interval: 30s
scrapeTimeout: 15s
path: /metrics
selector:
matchLabels:
app.kubernetes.io/service: qbittorrent-qbit-manage
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: qbittorrent-qui
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-qui
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
endpoints:
- port: metrics
interval: 30s
scrapeTimeout: 15s
path: /metrics
selector:
matchLabels:
app.kubernetes.io/service: qbittorrent-qui
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}

349
clusters/cl01tl/helm/qbittorrent/values.yaml Normal file
View File

@@ -0,0 +1,349 @@
qbittorrent:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
initContainers:
init-sysctl:
image:
repository: busybox
tag: 1.37.0
pullPolicy: IfNotPresent
securityContext:
privileged: True
resources:
requests:
cpu: 10m
memory: 128Mi
command:
- /bin/sh
args:
- -ec
- |
sysctl -w net.ipv4.ip_forward=1;
sysctl -w net.ipv6.conf.all.disable_ipv6=1
containers:
qbittorrent:
image:
repository: ghcr.io/linuxserver/qbittorrent
tag: 5.1.4@sha256:a2eedc99b4876916943bd33e7c415efc448f6b514aa39b4f98c1e6472a717301
pullPolicy: IfNotPresent
env:
- name: TZ
value: US/Central
- name: PUID
value: "1000"
- name: PGID
value: "1000"
- name: UMASK_SET
value: "002"
- name: WEBUI_PORT
value: 8080
- name: DOCKER_MODS
value: ghcr.io/themepark-dev/theme.park:qbittorrent
- name: TP_COMMUNITY_THEME
value: true
- name: TP_THEME
value: catppuccin-mocha
resources:
requests:
cpu: 500m
memory: 1Gi
gluetun:
image:
repository: ghcr.io/qdm12/gluetun
tag: v3.40.3@sha256:ef4a44819a60469682c7b5e69183e6401171891feaa60186652d292c59e41b30
pullPolicy: IfNotPresent
env:
- name: VPN_SERVICE_PROVIDER
value: protonvpn
- name: VPN_TYPE
value: wireguard
- name: WIREGUARD_PRIVATE_KEY
valueFrom:
secretKeyRef:
name: qbittorrent-wireguard-conf
key: private-key
- name: VPN_PORT_FORWARDING
value: "on"
- name: VPN_PORT_FORWARDING_UP_COMMAND
value: '/bin/sh -c "/gluetun/update.sh {{ printf "{{PORTS}}" }}"'
- name: PORT_FORWARD_ONLY
value: "on"
- name: FIREWALL_OUTBOUND_SUBNETS
value: 192.168.1.0/24,10.244.0.0/16
- name: FIREWALL_INPUT_PORTS
value: 8080,9022
- name: DOT
value: "off"
securityContext:
privileged: True
capabilities:
add:
- NET_ADMIN
- SYS_MODULE
resources:
limits:
devic.es/tun: "1"
requests:
devic.es/tun: "1"
cpu: 10m
memory: 64Mi
exporter:
image:
repository: esanchezm/prometheus-qbittorrent-exporter
tag: v1.6.0
pullPolicy: IfNotPresent
env:
- name: QBITTORRENT_HOST
value: localhost
- name: QBITTORRENT_PORT
value: "8080"
- name: EXPORTER_PORT
value: "9022"
- name: EXPORTER_LOG_LEVEL
value: INFO
resources:
requests:
cpu: 10m
memory: 64Mi
qbit-manage:
type: deployment
annotations:
reloader.stakater.com/auto: "true"
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
initContainers:
init-copy-config:
image:
repository: busybox
tag: 1.37.0
pullPolicy: IfNotPresent
resources:
requests:
cpu: 10m
memory: 128Mi
command:
- /bin/sh
- -ec
- |
cp /config/config.yml /app/config/config.yml
containers:
qbit-manage:
image:
repository: ghcr.io/stuffanthings/qbit_manage
tag: v4.6.4
pullPolicy: IfNotPresent
env:
- name: TZ
value: US/Central
- name: QBT_SCHEDULE
value: 0 * * * *
- name: QBT_STARTUP_DELAY
value: 360
- name: QBT_CONFIG_DIR
value: /app/config/
- name: QBT_LOGFILE
value: /app/var/activity.log
- name: QBT_LOG_LEVEL
value: INFO
resources:
requests:
cpu: 10m
memory: 64Mi
apprise-api:
image:
repository: caronc/apprise
tag: 1.2.6
pullPolicy: IfNotPresent
env:
- name: TZ
value: US/Central
- name: PGID
value: "1000"
- name: PUID
value: "1000"
- name: APPRISE_STORAGE_MODE
value: memory
- name: APPRISE_STATEFUL_MODE
value: disabled
- name: APPRISE_WORKER_COUNT
value: 1
- name: APPRISE_STATELESS_URLS
valueFrom:
secretKeyRef:
name: qbittorrent-qbit-manage-config
key: ntfy-url
resources:
requests:
cpu: 10m
memory: 128Mi
qui:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
qui:
image:
repository: ghcr.io/autobrr/qui
tag: v1.7.0
pullPolicy: IfNotPresent
env:
- name: QUI__METRICS_ENABLED
value: true
- name: QUI__METRICS_HOST
value: 0.0.0.0
- name: QUI__METRICS_PORT
value: 9074
- name: QUI__OIDC_ENABLED
value: true
- name: QUI__OIDC_ISSUER
value: https://auth.alexlebens.dev/application/o/qui/
- name: QUI__OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: qui-oidc-secret
key: client
- name: QUI__OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: qui-oidc-secret
key: secret
- name: QUI__OIDC_REDIRECT_URL
value: https://qui.alexlebens.net/api/auth/oidc/callback
- name: QUI__OIDC_DISABLE_BUILT_IN_LOGIN
value: false
resources:
requests:
cpu: 10m
memory: 128Mi
service:
main:
controller: main
forceRename: qbittorrent
ports:
http:
port: 8080
targetPort: 8080
protocol: HTTP
health:
port: 9999
targetPort: 9999
protocol: HTTP
metrics:
port: 9022
targetPort: 9022
protocol: HTTP
qbit-manage:
controller: qbit-manage
ports:
apprise:
port: 8000
targetPort: 8000
protocol: HTTP
qui:
controller: qui
ports:
http:
port: 80
targetPort: 7476
protocol: HTTP
metrics:
port: 9074
targetPort: 9074
protocol: HTTP
persistence:
config:
type: persistentVolumeClaim
existingClaim: qbittorrent-config
advancedMounts:
main:
qbittorrent:
- path: /config
readOnly: false
qbit-manage:
qbit-manage:
- path: /qbittorrent
readOnly: false
theme-data:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 1Gi
retain: true
advancedMounts:
main:
qbittorrent:
- path: /themepark
readOnly: false
update-script:
enabled: true
type: configMap
name: glutun-update-script
defaultMode: 0755
advancedMounts:
main:
gluetun:
- path: /gluetun/update.sh
subPath: update.sh
qbit-manage-config-data:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 1Gi
retain: true
advancedMounts:
qbit-manage:
init-copy-config:
- path: /app/config
readOnly: false
qbit-manage:
- path: /app/config
readOnly: false
qbit-manage-config:
enabled: true
type: configMap
name: qbit-manage-config
advancedMounts:
qbit-manage:
init-copy-config:
- path: /config/config.yml
readOnly: true
mountPropagation: None
subPath: config.yml
qbit-manage:
- path: /config/config.yml
readOnly: true
mountPropagation: None
subPath: config.yml
qbit-manage-config-var:
type: emptyDir
advancedMounts:
qbit-manage:
qbit-manage:
- path: /app/var
readOnly: false
qui-config-data:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 1Gi
retain: true
advancedMounts:
qui:
qui:
- path: /config
readOnly: false
storage:
type: persistentVolumeClaim
existingClaim: qbittorrent-nfs-storage
advancedMounts:
main:
qbittorrent:
- path: /mnt/store
readOnly: false
qbit-manage:
qbit-manage:
- path: /mnt/store
readOnly: false