slskd: controllers: main: type: deployment replicas: 1 strategy: Recreate pod: securityContext: fsGroup: 1000 fsGroupChangePolicy: OnRootMismatch affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app.kubernetes.io/name operator: In values: - qbittorrent topologyKey: kubernetes.io/hostname initContainers: init-sysctl: image: repository: busybox tag: 1.37.0@sha256:1487d0af5f52b4ba31c7e465126ee2123fe3f2305d638e7827681e7cf6c83d5e securityContext: privileged: True command: - /bin/sh args: - -ec - | sysctl -w net.ipv4.ip_forward=1; sysctl -w net.ipv6.conf.all.disable_ipv6=1 containers: main: image: repository: slskd/slskd tag: 0.24.5@sha256:17ef977563be206f3b5932080b1e23883b2cb39dc9010640f6f39b4eaec887e3 env: - name: TZ value: America/Chicago - name: PUID value: 1000 - name: PGID value: 1000 - name: SLSKD_UMASK value: 000 resources: requests: cpu: 100m memory: 330Mi gluetun: image: repository: ghcr.io/qdm12/gluetun tag: v3.41.1@sha256:1a5bf4b4820a879cdf8d93d7ef0d2d963af56670c9ebff8981860b6804ebc8ab lifecycle: postStart: exec: command: ["/bin/sh", "-c", "(ip rule del table 51820; ip -6 rule del table 51820) || true"] env: - name: VPN_SERVICE_PROVIDER value: airvpn - name: VPN_TYPE value: wireguard - name: WIREGUARD_PRIVATE_KEY valueFrom: secretKeyRef: name: slskd-wireguard-conf key: private-key - name: WIREGUARD_PRESHARED_KEY valueFrom: secretKeyRef: name: slskd-wireguard-conf key: preshared-key - name: WIREGUARD_ADDRESSES valueFrom: secretKeyRef: name: slskd-wireguard-conf key: addresses - name: FIREWALL_VPN_INPUT_PORTS valueFrom: secretKeyRef: name: slskd-wireguard-conf key: input-ports - name: FIREWALL_OUTBOUND_SUBNETS value: 192.168.1.0/24,10.244.0.0/16 - name: FIREWALL_INPUT_PORTS value: 5030,50300 - name: DNS_UPSTREAM_RESOLVER_TYPE value: dot - name: BLOCK_MALICIOUS value: "off" - name: HTTPPROXY value: "off" - name: SHADOWSOCKS value: "off" securityContext: privileged: true capabilities: add: - NET_ADMIN - SYS_MODULE probes: liveness: enabled: true custom: true spec: exec: command: - /gluetun-entrypoint - healthcheck failureThreshold: 5 initialDelaySeconds: 30 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 15 resources: limits: devic.es/tun: "1" requests: devic.es/tun: "1" service: main: controller: main ports: http: port: 5030 targetPort: 5030 serviceMonitor: main: selector: matchLabels: app.kubernetes.io/name: slskd app.kubernetes.io/instance: slskd serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}' endpoints: - port: http interval: 3m scrapeTimeout: 1m path: /metrics route: main: kind: HTTPRoute parentRefs: - group: gateway.networking.k8s.io kind: Gateway name: traefik-gateway namespace: traefik hostnames: - slskd.alexlebens.net rules: - backendRefs: - name: slskd port: 5030 matches: - path: type: PathPrefix value: / persistence: slskd-config: enabled: true type: secret name: slskd-config-secret advancedMounts: main: main: - path: /app/slskd.yml readOnly: true mountPropagation: None subPath: slskd.yml data: existingClaim: slskd-nfs-storage advancedMounts: main: main: - path: /mnt/store readOnly: false