alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

fix key

Browse Source
This commit is contained in:
Alex Lebens
2025-02-17 17:18:45 -06:00
parent 483763c3e3
commit cdac2f69c1
18 changed files with 869 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
clusters/cl01tl/monitoring/kube-prometheus-stack/templates/external-secret.yaml
View File

@@ -18,7 +18,7 @@ spec:
remoteRef: remoteRef:
conversionStrategy: Default conversionStrategy: Default
decodingStrategy: None decodingStrategy: None
key: /discord/alertmanager key: /discord/webhook/alertmanager
metadataPolicy: None metadataPolicy: None
property: webhook property: webhook
- secretKey: pushover_token - secretKey: pushover_token

35
clusters/cl01tl/platform/authentik/Chart.yaml Normal file
View File

@@ -0,0 +1,35 @@
apiVersion: v2
name: authentik
version: 1.0.0
description: Authentik
keywords:
- authentik
- sso
- oidc
- ldap
- idp
- authentication
home: https://wiki.alexlebens.dev/doc/authentik-q2d4WDhqpe
sources:
- https://github.com/goauthentik/authentik
- https://github.com/cloudflare/cloudflared
- https://github.com/cloudnative-pg/cloudnative-pg
- https://github.com/goauthentik/helm
- https://github.com/alexlebens/helm-charts/tree/main/charts/cloudflared
- https://github.com/alexlebens/helm-charts/tree/main/charts/postgres-cluster
maintainers:
- name: alexlebens
dependencies:
- name: authentik
version: 2024.12.3
repository: https://charts.goauthentik.io/
- name: cloudflared
alias: cloudflared
repository: http://alexlebens.github.io/helm-charts
version: 1.13.0
- name: postgres-cluster
alias: postgres-17-cluster
version: 4.1.4
repository: http://alexlebens.github.io/helm-charts
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/authentik.png
appVersion: 2024.10.5

60
clusters/cl01tl/platform/authentik/templates/config-map.yaml Normal file
View File

@@ -0,0 +1,60 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: authentik-custom-css
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
data:
custom.css: |
/* Change sign button color */
.pf-c-button.pf-m-primary {
color: black;
background-color: white;
}
/* Remove background */
.pf-c-login__main {
background-color: rgba(3, 3, 3, 0.16);
}
/* Remove specific height */
.pf-c-brand {
height: auto;
}
/* Center text */
.pf-c-title {
text-align: center;
}
/* Match text field to login button */
.pf-c-form-control {
border-radius: 3px;
background-color: white;
color: black;
}
/* Force border color */
.pf-c-form-control {
border-color: white;
}
/* Use default cursor on this div */
.pf-c-form__label {
cursor: default;
}
/* Hide required asterik */
.pf-c-form__label-required {
display: none;
}
/* Change link color to white */
.a {
color: white;
}

80
clusters/cl01tl/platform/authentik/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,80 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: authentik-key-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: authentik-key-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: key
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/authentik/key
metadataPolicy: None
property: key
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: authentik-cloudflared-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: authentik-cloudflared-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: cf-tunnel-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cloudflare/tunnels/authentik
metadataPolicy: None
property: token
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: authentik-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: authentik-postgresql-17-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: database
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/postgres-backups
metadataPolicy: None
property: access
- secretKey: ACCESS_SECRET_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/postgres-backups
metadataPolicy: None
property: secret

32
clusters/cl01tl/platform/authentik/templates/ingress.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: authentik-local
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: authentik-local
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: letsencrypt-issuer
spec:
ingressClassName: traefik
tls:
- hosts:
- authentik.alexlebens.net
secretName: authentik-tls-secret
rules:
- host: authentik.alexlebens.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: authentik-server
port:
number: 80

83
clusters/cl01tl/platform/authentik/values.yaml Normal file
View File

@@ -0,0 +1,83 @@
authentik:
global:
env:
- name: AUTHENTIK_SECRET_KEY
valueFrom:
secretKeyRef:
name: authentik-key-secret
key: key
- name: AUTHENTIK_POSTGRESQL__HOST
valueFrom:
secretKeyRef:
name: authentik-postgresql-17-cluster-app
key: host
- name: AUTHENTIK_POSTGRESQL__NAME
valueFrom:
secretKeyRef:
name: authentik-postgresql-17-cluster-app
key: dbname
- name: AUTHENTIK_POSTGRESQL__USER
valueFrom:
secretKeyRef:
name: authentik-postgresql-17-cluster-app
key: user
- name: AUTHENTIK_POSTGRESQL__PASSWORD
valueFrom:
secretKeyRef:
name: authentik-postgresql-17-cluster-app
key: password
server:
name: server
replicas: 1
volumes:
- name: custom-css
configMap:
name: authentik-custom-css
volumeMounts:
- name: custom-css
mountPath: /web/dist/custom.css
subPath: custom.css
metrics:
enabled: true
serviceMonitor:
enabled: true
ingress:
enabled: true
ingressClassName: tailscale
annotations:
tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true"
hosts:
- auth-cl01tl
paths:
- /
tls:
- secretName: auth-cl01tl
hosts:
- auth-cl01tl
worker:
name: worker
replicas: 1
prometheus:
rules:
enabled: true
postgresql:
enabled: false
redis:
enabled: true
cloudflared:
existingSecretName: authentik-cloudflared-secret
postgres-17-cluster:
mode: standalone
cluster:
walStorage:
storageClass: local-path
storage:
storageClass: local-path
monitoring:
enabled: true
backup:
enabled: true
endpointURL: https://nyc3.digitaloceanspaces.com
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/authentik/authentik-postgresql-17-cluster
endpointCredentials: authentik-postgresql-17-cluster-backup-secret
backupIndex: 1

28
clusters/cl01tl/platform/qbittorrent/Chart.yaml Normal file
View File

@@ -0,0 +1,28 @@
apiVersion: v2
name: qbittorrent
version: 1.0.0
description: qBittorrent
keywords:
- qbittorrent
- downloads
- torrent
- vpn
- metrics
home: https://wiki.alexlebens.dev/doc/qbittorrent-5jBMHjtzCZ
sources:
- https://github.com/qbittorrent/qBittorrent
- https://github.com/qdm12/gluetun
- https://github.com/esanchezm/prometheus-qbittorrent-exporter
- https://docs.linuxserver.io/images/docker-qbittorrent/
- https://github.com/qdm12/gluetun/pkgs/container/gluetun
- https://hub.docker.com/r/esanchezm/prometheus-qbittorrent-exporter
- https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: qbittorrent
repository: https://bjw-s.github.io/helm-charts/
version: 3.6.1
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/qbittorrent.png
appVersion: 5.0.2

20
clusters/cl01tl/platform/qbittorrent/templates/config-map.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: glutun-update-script
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: glutun-update-script
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: gluetun
app.kubernetes.io/part-of: {{ .Release.Name }}
data:
update.sh: |
if ! command -v curl 2>&1 >/dev/null
then
echo "curl could not be found, installing";
apk add curl;
fi;
echo "updating port with $1";
curl -i -X POST -d "json={\"listen_port\": \"${1}\"}" "http://localhost:8080/api/v2/app/setPreferences";

48
clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,48 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: qbittorrent-auth
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-auth
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: admin-password
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/qbittorrent/auth
metadataPolicy: None
property: admin-password
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: qbittorrent-wireguard-conf
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-wireguard-conf
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: private-key
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/qbittorrent/config
metadataPolicy: None
property: private-key

40
clusters/cl01tl/platform/qbittorrent/templates/persistent-volume-claim.yaml Normal file
View File

@@ -0,0 +1,40 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: qbittorrent-config
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-config
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: qbittorrent-config
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: qbittorrent-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: qbittorrent-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi

52
clusters/cl01tl/platform/qbittorrent/templates/persistent-volume.yaml Normal file
View File

@@ -0,0 +1,52 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: qbittorrent-config
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-config
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Torrent/QBITTORRENT
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: qbittorrent-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac

21
clusters/cl01tl/platform/qbittorrent/templates/service-monitor.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: qbittorrent
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: qbittorrent
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
endpoints:
- port: metrics
interval: 30s
scrapeTimeout: 15s
path: /metrics
selector:
matchLabels:
app.kubernetes.io/name: qbittorrent
app.kubernetes.io/instance: {{ .Release.Name }}

164
clusters/cl01tl/platform/qbittorrent/values.yaml Normal file
View File

@@ -0,0 +1,164 @@
qbittorrent:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
initContainers:
init-sysctl:
image:
repository: busybox
tag: 1.37.0
pullPolicy: IfNotPresent
securityContext:
privileged: True
resources:
requests:
cpu: 100m
memory: 128Mi
command:
- /bin/sh
args:
- -ec
- |
sysctl -w net.ipv4.ip_forward=1;
sysctl -w net.ipv6.conf.all.disable_ipv6=1
containers:
qbittorrent:
image:
repository: ghcr.io/linuxserver/qbittorrent
tag: 5.0.2@sha256:00360a0160872bffeaea5e232acfdb086063be5f03e0cba48b129b7087cb7ba1
pullPolicy: IfNotPresent
env:
- name: TZ
value: US/Central
- name: PUID
value: "1000"
- name: PGID
value: "1000"
- name: UMASK_SET
value: "002"
- name: WEBUI_PORT
value: 8080
resources:
requests:
cpu: 500m
memory: 1Gi
gluetun:
image:
repository: ghcr.io/qdm12/gluetun
tag: v3.40.0@sha256:2b42bfa046757145a5155acece417b65b4443c8033fb88661a8e9dcf7fda5a00
pullPolicy: IfNotPresent
env:
- name: VPN_SERVICE_PROVIDER
value: protonvpn
- name: VPN_TYPE
value: wireguard
- name: WIREGUARD_PRIVATE_KEY
valueFrom:
secretKeyRef:
name: qbittorrent-wireguard-conf
key: private-key
- name: VPN_PORT_FORWARDING
value: "on"
- name: VPN_PORT_FORWARDING_UP_COMMAND
value: '/bin/sh -c "/gluetun/update.sh {{ printf "{{PORTS}}" }}"'
- name: PORT_FORWARD_ONLY
value: "on"
- name: FIREWALL_OUTBOUND_SUBNETS
value: 192.168.1.0/24,10.244.0.0/16
- name: FIREWALL_INPUT_PORTS
value: 8080,9022
- name: DOT
value: "off"
securityContext:
privileged: True
capabilities:
add:
- NET_ADMIN
- SYS_MODULE
resources:
limits:
squat.ai/tun: "1"
requests:
cpu: 10m
memory: 64Mi
exporter:
image:
repository: esanchezm/prometheus-qbittorrent-exporter
tag: v1.6.0
pullPolicy: IfNotPresent
env:
- name: QBITTORRENT_HOST
value: localhost
- name: QBITTORRENT_PORT
value: "8080"
- name: EXPORTER_PORT
value: "9022"
- name: EXPORTER_LOG_LEVEL
value: INFO
resources:
requests:
cpu: 10m
memory: 64Mi
serviceAccount:
create: true
service:
main:
controller: main
ports:
http:
port: 8080
targetPort: 8080
protocol: HTTP
health:
port: 9999
targetPort: 9999
protocol: HTTP
metrics:
port: 9022
targetPort: 9022
protocol: HTTP
ingress:
tailscale:
enabled: true
className: tailscale
hosts:
- host: qbittorrent-cl01tl
paths:
- path: /
pathType: Prefix
service:
name: qbittorrent
port: 8080
tls:
- hosts:
- qbittorrent-cl01tl
persistence:
config:
type: persistentVolumeClaim
existingClaim: qbittorrent-config
advancedMounts:
main:
qbittorrent:
- path: /config
readOnly: false
update-script:
enabled: true
type: configMap
name: glutun-update-script
defaultMode: 0755
advancedMounts:
main:
gluetun:
- path: /gluetun/update.sh
subPath: update.sh
storage:
type: persistentVolumeClaim
existingClaim: qbittorrent-nfs-storage
advancedMounts:
main:
qbittorrent:
- path: /mnt/store
readOnly: false

22
clusters/cl01tl/platform/unpackerr/Chart.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: v2
name: unpackerr
version: 1.0.0
description: Unpackerr
keywords:
- unpackerr
- archive
- servarr
home: https://wiki.alexlebens.dev/doc/unpackerr-ZCcVdSxo4s
sources:
- https://github.com/Unpackerr/unpackerr
- https://hub.docker.com/r/golift/unpackerr
- https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: unpackerr
repository: https://bjw-s.github.io/helm-charts/
version: 3.6.1
icon: https://avatars.githubusercontent.com/u/104323643?s=48&v=4
appVersion: 0.14.5

72
clusters/cl01tl/platform/unpackerr/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,72 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: unpackerr-key-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: unpackerr-key-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: UN_SONARR_0_API_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/sonarr4/key
metadataPolicy: None
property: key
- secretKey: UN_SONARR_1_API_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/sonarr4-4k/key
metadataPolicy: None
property: key
- secretKey: UN_SONARR_2_API_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/sonarr4-anime/key
metadataPolicy: None
property: key
- secretKey: UN_RADARR_0_API_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/radarr5/key
metadataPolicy: None
property: key
- secretKey: UN_RADARR_1_API_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/radarr5-4k/key
metadataPolicy: None
property: key
- secretKey: UN_RADARR_2_API_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/radarr5-anime/key
metadataPolicy: None
property: key
- secretKey: UN_RADARR_3_API_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/radarr5-standup/key
metadataPolicy: None
property: key
- secretKey: UN_LIDARR_0_API_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/lidarr2/key
metadataPolicy: None
property: key

19
clusters/cl01tl/platform/unpackerr/templates/persistent-volume-claim.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: unpackerr-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: unpackerr-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: unpackerr-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi

25
clusters/cl01tl/platform/unpackerr/templates/persistent-volume.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: unpackerr-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: unpackerr-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac

67
clusters/cl01tl/platform/unpackerr/values.yaml Normal file
View File

@@ -0,0 +1,67 @@
unpackerr:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: golift/unpackerr
tag: 0.14.5
pullPolicy: IfNotPresent
env:
- name: TZ
value: US/Central
- name: UN_WEBSERVER_METRICS
value: true
- name: UN_SONARR_0_URL
value: http://sonarr4.sonarr4:80
- name: UN_SONARR_0_PATHS_0
value: /mnt/store/Torrent/FINISHED/COMPLETED
- name: UN_SONARR_1_URL
value: http://sonarr4-4k.sonarr4-4k:80
- name: UN_SONARR_1_PATHS_0
value: /mnt/store/Torrent/FINISHED/COMPLETED
- name: UN_SONARR_2_URL
value: http://sonarr4-anime.sonarr4-anime:80
- name: UN_SONARR_2_PATHS_0
value: /mnt/store/Torrent/FINISHED/COMPLETED
- name: UN_RADARR_0_URL
value: http://radarr5.radarr5:80
- name: UN_RADARR_0_PATHS_0
value: /mnt/store/Torrent/FINISHED/COMPLETED
- name: UN_RADARR_1_URL
value: http://radarr5-4k.radarr5-4k:80
- name: UN_RADARR_1_PATHS_0
value: /mnt/store/Torrent/FINISHED/COMPLETED
- name: UN_RADARR_2_URL
value: http://radarr5-anime.radarr5-anime:80
- name: UN_RADARR_2_PATHS_0
value: /mnt/store/Torrent/FINISHED/COMPLETED
- name: UN_RADARR_3_URL
value: http://radarr5-standup.radarr5-standup:80
- name: UN_RADARR_3_PATHS_0
value: /mnt/store/Torrent/FINISHED/COMPLETED
- name: UN_LIDARR_0_URL
value: http://lidarr2.lidarr2:80
- name: UN_LIDARR_0_PATHS_0
value: /mnt/store/Torrent/FINISHED/COMPLETED
envFrom:
- secretRef:
name: unpackerr-key-secret
resources:
requests:
cpu: 10m
memory: 128Mi
serviceAccount:
create: true
persistence:
storage:
existingClaim: unpackerr-nfs-storage
advancedMounts:
main:
main:
- path: /mnt/store
readOnly: false