qbittorrent: controllers: main: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 initContainers: init-sysctl: image: repository: busybox tag: 1.36.1 pullPolicy: IfNotPresent securityContext: privileged: True resources: requests: cpu: 100m memory: 128Mi command: - /bin/sh args: - -ec - | sysctl -w net.ipv4.ip_forward=1; sysctl -w net.ipv6.conf.all.disable_ipv6=1 containers: qbittorrent: image: repository: ghcr.io/linuxserver/qbittorrent tag: 4.6.6-r0-ls347@sha256:1e0c0ffcd63a0f92d39fcaa796d284f5659112f8137fe2a5391c04fa7c5cf134 pullPolicy: IfNotPresent env: - name: TZ value: US/Central - name: PUID value: "1000" - name: PGID value: "1000" - name: UMASK_SET value: "002" - name: WEBUI_PORT value: 8080 resources: requests: cpu: 200m memory: 1Gi gluetun: image: repository: ghcr.io/qdm12/gluetun tag: v3.39.0 pullPolicy: IfNotPresent env: - name: VPN_SERVICE_PROVIDER value: protonvpn - name: VPN_TYPE value: wireguard - name: WIREGUARD_PRIVATE_KEY valueFrom: secretKeyRef: name: qbittorrent-wireguard-conf key: private-key - name: VPN_PORT_FORWARDING value: "on" - name: PORT_FORWARD_ONLY value: "on" - name: FIREWALL_OUTBOUND_SUBNETS value: 192.168.1.0/24,10.244.0.0/16 - name: FIREWALL_INPUT_PORTS value: 8080,9022 - name: DOT value: "off" securityContext: privileged: True capabilities: add: - NET_ADMIN - SYS_MODULE resources: requests: cpu: 100m memory: 128Mi exporter: image: repository: esanchezm/prometheus-qbittorrent-exporter tag: v1.5.1 pullPolicy: IfNotPresent env: - name: QBITTORRENT_HOST value: localhost - name: QBITTORRENT_PORT value: "8080" - name: EXPORTER_PORT value: "9022" - name: QBITTORRENT_USER value: admin - name: QBITTORRENT_PASS valueFrom: secretKeyRef: name: qbittorrent-auth key: admin-password - name: EXPORTER_LOG_LEVEL value: INFO resources: requests: cpu: 100m memory: 128Mi serviceAccount: create: true service: main: controller: main ports: http: port: 8080 targetPort: 8080 protocol: HTTP health: port: 9999 targetPort: 9999 protocol: HTTP metrics: port: 9022 targetPort: 9022 protocol: HTTP ingress: # main: # className: traefik # annotations: # traefik.ingress.kubernetes.io/router.entrypoints: websecure # traefik.ingress.kubernetes.io/router.tls: "true" # cert-manager.io/cluster-issuer: letsencrypt-issuer # hosts: # - host: qbittorrent.alexlebens.net # paths: # - path: / # pathType: Prefix # service: # name: qbittorrent # port: 8080 # tls: # - secretName: qbittorrent-secret-tls # hosts: # - qbittorrent.alexlebens.net tailscale: enabled: true className: tailscale hosts: - host: qbittorrent-cl01tl paths: - path: / pathType: Prefix service: name: qbittorrent port: 8080 tls: - hosts: - qbittorrent-cl01tl persistence: config: type: persistentVolumeClaim existingClaim: qbittorrent-config advancedMounts: main: qbittorrent: - path: /config readOnly: false storage: type: persistentVolumeClaim existingClaim: qbittorrent-nfs-storage advancedMounts: main: qbittorrent: - path: /mnt/store readOnly: false tunnel-device: enabled: true type: hostPath hostPath: /dev/net/tun advancedMounts: main: gluetun: - path: /dev/net/tun readOnly: false