alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Activity
Files
ca4495094de57b404e14c5de4286354c3f491e73
infrastructure/clusters/cl01tl/manifests/qbittorrent/Deployment-qbittorrent-main.yaml

168 lines
5.3 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: qbittorrent-main
labels:
app.kubernetes.io/controller: main
app.kubernetes.io/instance: qbittorrent
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: qbittorrent
helm.sh/chart: qbittorrent-4.6.2
namespace: qbittorrent
spec:
revisionHistoryLimit: 3
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/controller: main
app.kubernetes.io/name: qbittorrent
app.kubernetes.io/instance: qbittorrent
template:
metadata:
annotations:
checksum/secrets: 545cc0ac43a8c257917ff35f6fed45976eaefcbaed5d63bbd60d3b932dc71794
labels:
app.kubernetes.io/controller: main
app.kubernetes.io/instance: qbittorrent
app.kubernetes.io/name: qbittorrent
spec:
enableServiceLinks: false
serviceAccountName: qbittorrent
automountServiceAccountToken: true
securityContext:
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
hostIPC: false
hostNetwork: false
hostPID: false
dnsPolicy: ClusterFirst
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- slskd
topologyKey: kubernetes.io/hostname
initContainers:
- args:
- -ec
- |
sysctl -w net.ipv4.ip_forward=1;
sysctl -w net.ipv6.conf.all.disable_ipv6=1
command:
- /bin/sh
image: busybox:1.37.0@sha256:1487d0af5f52b4ba31c7e465126ee2123fe3f2305d638e7827681e7cf6c83d5e
name: init-sysctl
securityContext:
privileged: true
containers:
- env:
- name: QBITTORRENT_HOST
value: localhost
- name: QBITTORRENT_PORT
value: "8080"
- name: EXPORTER_PORT
value: "9022"
- name: EXPORTER_LOG_LEVEL
value: INFO
image: esanchezm/prometheus-qbittorrent-exporter:v1.6.0@sha256:482df65e7f39f2c0a65f32693e6d5f930edf7b244589a60e446ccc5ee6d17211
name: exporter
- env:
- name: VPN_SERVICE_PROVIDER
value: protonvpn
- name: VPN_TYPE
value: wireguard
- name: WIREGUARD_PRIVATE_KEY
valueFrom:
secretKeyRef:
key: private-key
name: protonvpn-wireguard-conf
- name: FIREWALL_OUTBOUND_SUBNETS
value: 192.168.1.0/24,10.244.0.0/16,10.96.0.0/16
- name: FIREWALL_INPUT_PORTS
value: 8080,9022
- name: VPN_PORT_FORWARDING
value: "on"
- name: VPN_PORT_FORWARDING_UP_COMMAND
value: /bin/sh -c "/gluetun/update.sh {{PORTS}}"
- name: DNS_UPSTREAM_RESOLVER_TYPE
value: dot
- name: BLOCK_MALICIOUS
value: "off"
- name: HTTPPROXY
value: "off"
- name: SHADOWSOCKS
value: "off"
image: ghcr.io/qdm12/gluetun:latest@sha256:725d3e51091dde4ca43e3e3f26e2e6d3d0ccc66821e92d505c3da04958f7d472
lifecycle:
postStart:
exec:
command:
- /bin/sh
- -c
- (ip rule del table 51820; ip -6 rule del table 51820) || true
livenessProbe:
exec:
command:
- /gluetun-entrypoint
- healthcheck
failureThreshold: 5
initialDelaySeconds: 30
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 15
name: gluetun
resources:
limits:
devic.es/tun: "1"
requests:
devic.es/tun: "1"
securityContext:
capabilities:
add:
- NET_ADMIN
- SYS_MODULE
privileged: true
volumeMounts:
- mountPath: /gluetun/update.sh
name: update-script
subPath: update.sh
- env:
- name: TZ
value: America/Chicago
- name: PUID
value: "1000"
- name: PGID
value: "1000"
- name: UMASK_SET
value: "002"
- name: WEBUI_PORT
value: "8080"
image: ghcr.io/linuxserver/qbittorrent:5.1.4-r2-ls448@sha256:a89108b1bf43de072a35a59a3ee41b97b564538faae5cbb3f6c803aa7f5fd9f7
name: qbittorrent
resources:
requests:
cpu: 500m
memory: 1Gi
volumeMounts:
- mountPath: /config/qBittorrent
name: config-data
- mountPath: /mnt/store
name: storage
volumes:
- name: config-data
persistentVolumeClaim:
claimName: qbittorrent-config-data
- name: storage
persistentVolumeClaim:
claimName: qbittorrent-nfs-storage
- configMap:
defaultMode: 493
name: glutun-update-script
name: update-script
Reference in New Issue View Git Blame Copy Permalink