alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 8 Actions Packages Projects Releases Wiki Activity

update gluetun and use built in settinsg for vpn

Browse Source
This commit is contained in:
Alex Lebens
2024-08-09 11:43:25 -05:00
parent 8096a7ccff
commit f4e284cf78
2 changed files with 15 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
clusters/cl01tl/platform/qbittorrent/templates/external-secret.yaml
View File

@@ -19,7 +19,7 @@ spec:
conversionStrategy: Default conversionStrategy: Default
decodingStrategy: None decodingStrategy: None
key: /cl01tl/qbittorrent/auth key: /cl01tl/qbittorrent/auth
metadataPolicy: None metadataPolicy: None
property: admin-password property: admin-password
--- ---
@@ -39,10 +39,10 @@ spec:
kind: ClusterSecretStore kind: ClusterSecretStore
name: vault name: vault
data: data:
- secretKey: wg0.conf - secretKey: private-key
remoteRef: remoteRef:
conversionStrategy: Default conversionStrategy: Default
decodingStrategy: None decodingStrategy: None
key: /cl01tl/qbittorrent/config key: /cl01tl/qbittorrent/config
metadataPolicy: None metadataPolicy: None
property: wg0.conf property: private-key

24
clusters/cl01tl/platform/qbittorrent/values.yaml
View File

@@ -29,13 +29,22 @@ qbittorrent:
gluetun: gluetun:
image: image:
repository: ghcr.io/qdm12/gluetun repository: ghcr.io/qdm12/gluetun
tag: v3.38.0 tag: v3.39.0
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: VPN_SERVICE_PROVIDER - name: VPN_SERVICE_PROVIDER
value: custom value: protonvpn
- name: VPN_TYPE - name: VPN_TYPE
value: wireguard value: wireguard
- name: WIREGUARD_PRIVATE_KEY
valueFrom:
secretKeyRef:
name: qbittorrent-wireguard-conf
key: private-key
- name: VPN_PORT_FORWARDING
value: "on"
- name: PORT_FORWARD_ONLY
value: "on"
- name: FIREWALL_OUTBOUND_SUBNETS - name: FIREWALL_OUTBOUND_SUBNETS
value: 192.168.1.0/24,10.244.0.0/16 value: 192.168.1.0/24,10.244.0.0/16
- name: FIREWALL_INPUT_PORTS - name: FIREWALL_INPUT_PORTS
@@ -130,17 +139,6 @@ qbittorrent:
qbittorrent: qbittorrent:
- path: /mnt/store - path: /mnt/store
readOnly: false readOnly: false
wireguard-config:
enabled: true
type: secret
name: qbittorrent-wireguard-conf
advancedMounts:
main:
gluetun:
- path: /gluetun/wireguard/wg0.conf
readOnly: true
mountPropagation: None
subPath: wg0.conf
tunnel-device: tunnel-device:
enabled: true enabled: true
type: hostPath type: hostPath