From f4e284cf783077fe4d1a536b94ae7bf067372ad7 Mon Sep 17 00:00:00 2001
From: alexlebens <alexanderlebens@gmail.com>
Date: Fri, 9 Aug 2024 11:43:25 -0500
Subject: [PATCH] update gluetun and use built in settinsg for vpn

---
 .../templates/external-secret.yaml            |  8 +++----
 .../cl01tl/platform/qbittorrent/values.yaml   | 24 +++++++++----------
 2 files changed, 15 insertions(+), 17 deletions(-)

diff --git a/clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml b/clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml
index cf95dcf38..bc8f2c9bf 100644
--- a/clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml
+++ b/clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml
@@ -19,7 +19,7 @@ spec:
         conversionStrategy: Default
         decodingStrategy: None
         key: /cl01tl/qbittorrent/auth
-        metadataPolicy: None        
+        metadataPolicy: None
         property: admin-password
 
 ---
@@ -39,10 +39,10 @@ spec:
     kind: ClusterSecretStore
     name: vault
   data:
-    - secretKey: wg0.conf
+    - secretKey: private-key
       remoteRef:
         conversionStrategy: Default
         decodingStrategy: None
         key: /cl01tl/qbittorrent/config
-        metadataPolicy: None        
-        property: wg0.conf
+        metadataPolicy: None
+        property: private-key
diff --git a/clusters/cl01tl/platform/qbittorrent/values.yaml b/clusters/cl01tl/platform/qbittorrent/values.yaml
index 4348ed6cc..5c3a62112 100644
--- a/clusters/cl01tl/platform/qbittorrent/values.yaml
+++ b/clusters/cl01tl/platform/qbittorrent/values.yaml
@@ -29,13 +29,22 @@ qbittorrent:
         gluetun:
           image:
             repository: ghcr.io/qdm12/gluetun
-            tag: v3.38.0
+            tag: v3.39.0
             pullPolicy: IfNotPresent
           env:
             - name: VPN_SERVICE_PROVIDER
-              value: custom
+              value: protonvpn
             - name: VPN_TYPE
               value: wireguard
+            - name: WIREGUARD_PRIVATE_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: qbittorrent-wireguard-conf
+                  key: private-key
+            - name: VPN_PORT_FORWARDING
+              value: "on"
+            - name: PORT_FORWARD_ONLY
+              value: "on"
             - name: FIREWALL_OUTBOUND_SUBNETS
               value: 192.168.1.0/24,10.244.0.0/16
             - name: FIREWALL_INPUT_PORTS
@@ -130,17 +139,6 @@ qbittorrent:
           qbittorrent:
             - path: /mnt/store
               readOnly: false
-    wireguard-config:
-      enabled: true
-      type: secret
-      name: qbittorrent-wireguard-conf
-      advancedMounts:
-        main:
-          gluetun:
-            - path: /gluetun/wireguard/wg0.conf
-              readOnly: true
-              mountPropagation: None
-              subPath: wg0.conf
     tunnel-device:
       enabled: true
       type: hostPath