diff --git a/kubernetes/apps/production/arr/qbitty/kustomization.yaml b/kubernetes/apps/production/arr/qbitty/kustomization.yaml
index e6d191a7..5f7a4f41 100644
--- a/kubernetes/apps/production/arr/qbitty/kustomization.yaml
+++ b/kubernetes/apps/production/arr/qbitty/kustomization.yaml
@@ -3,5 +3,4 @@ kind: Kustomization
resources:
- deployment.yaml
- service.yaml
- - ingress.yaml
- - qbitty-secrets.yaml
\ No newline at end of file
+ - ingress.yaml
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/radarr/helmrelease.yaml b/kubernetes/apps/production/arr/radarr/helmrelease.yaml
index 39fd46ea..20d5c983 100644
--- a/kubernetes/apps/production/arr/radarr/helmrelease.yaml
+++ b/kubernetes/apps/production/arr/radarr/helmrelease.yaml
@@ -31,6 +31,8 @@ spec:
radarr:
enabled: true
type: statefulset
+ annotations:
+ reloader.stakater.com/auto: "true"
replicas: 1
@@ -76,10 +78,10 @@ spec:
resources:
requests:
- cpu: 50m
- memory: 200Mi
+ cpu: 25m
+ memory: 100Mi
limits:
- memory: 400Mi
+ memory: 250Mi
service:
app:
diff --git a/kubernetes/apps/production/arr/recyclarr/configmap.yaml b/kubernetes/apps/production/arr/recyclarr/configmap.yaml
deleted file mode 100644
index 8cfe5bf9..00000000
--- a/kubernetes/apps/production/arr/recyclarr/configmap.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: recyclarr-config
- namespace: arr
-data:
- recyclarr.yaml: ENC[AES256_GCM,data:D4bpnWJa3G9zk6lWuRZJQzJPKlRCvufCSlVByamCFAcZmQuMkC+YpQ05irMXJq+q0Hg7u5sQ2j7rDNfw12ZKjnpqa16d16OVqWzCLDavoNXUaP38jT96e7BYp0Tfh1OmUbNiCiMcgHdWXQNQGmxF9Hz5PKzvw/oWLkWT7PrR/wL2X35Jfoo3j+dZR0QhkH2hm4r+kFrWRk9TlmR7xnSjtIMZfVLbEpA8llHFXOJdaeo+IiXoUlJkxV0ikxO7i4lABAuHMFTHgJfQQhMcpwZaveuYtLpTQAU89NXrs8Iqs12P1WpwfYox3w9VTj0jsI0Cx4n5OhTxndLt2VQ2exXijfWWbjlO4LcKJ40fyPn6aB1EtpnDdq3OUreOYj+T7usFPGP3LKB4/s75poHYL6uGhCnRv1hCuCnHFrSGP5luYej6Pi7p2cTIv9UT4fcB7lDhqo7lod+TC1jOyQXjYYettDDCbAl7gaEdruteY0utqVV1ieYcGdPvq/p/G2fAndXqOUx5H/WlPTllxjiTkPOH8sT+HiEbqoXTp/9Gp43twmFOJxcqPqzV+vdxsmhe2/9+OzIN/nwAAGeqIyHNSmMsKV/lFT4bgAcRIkjD1ZwOMysk0D6RNdNa966Jm2X5S+IaSIRNcwuYDGtQEt9JrT3eEoUogLkYR2w69debLsqTE0PAV0QzoDPx6RdPAu/VsN95lGpLm0dSMpqXOFY7LbHUZ59wfI/akvgu0rhWyowcBNGuwgHAP45w/+XNE32cVjHvrj5f4S+j5ZWh5+POBhsmeyCVhjYrD+TWmy2/wzIgeOgIIsuw+Me4q1J75grrCupPZcw0YDKwyCSgQ01uz1BCUF97iC4Hxv7LvYS82b7PLq622/doQr52njO1NHF5jRxN+eb7wwDReE/iRFMVz2DrXG0BTApv5SMLcidw1dAiaNpFnM5/vgNV0jiMmSTuh6gcw7d/W2azsRV1jUjj/OPjT6hUUnNtOYDm0L6mAhjbta5ABtEEAkhPVCHLQILdrYM8d/+n2Bc0QesMRY/tLxzNszQjf31Eq+jPCB3TCaXqkl7IPQzGuozpa0XXzFg850H+mrjLedKB4/ilURyke0NXwX73R+Grmq2SYogiCvT7aqxwPBIAXHxuMAj8byukyoSvrw7m67TSEcDTZDU1cD/WD/amsMRH+P++8xknZ8EqYuEPB6DrRnxiJxBQBFmHG0batIHB2lc7Za3wobjTPpqiYW5+FmdLmEGlyB1CUplyfuB3Q7Gu+ImxfgdWXFeZXwh5tkFFZIRCTOIWFKrKCMIsGMiqJ2Cwh2Jp+mvOARO3aNWbuLRhG/EOYAqeuwHaG+/W4+oy3qzjIBAq2hcX7FSmutPhyO+suRiaKUcQc9wZh90+hlbt5u2fqdaMcV+0NhDLAkya3jXc6m9d0hhuH07Ows6XyoXpk/deYGVgwu4rmIu7Avo+loHiLz7NArzi4t1+nYKPwJjO+tWRCIggwwYgUKblTLuEZOw9pcJcjA63xpfXgU2hy9Ohn1TMxd/rSfad1VM+I6cjtH2DkLuhFuPOvX2ZhoIDcWyFlgiT13tU744bZE0pAGMR8BAG2bxqzCP5JkfV2ztx3ofyWUqvDSd8b+1Vj4SExNPw8BuYDvAGjm5h2CtX7IvdIeK0al1i8PpqRLLeUy6RF5L//qPn3uDRN97U7NDPZPtySh0tsfzL8CMRZ5VaYANRsZUm31729t09qL0kTnODip2S94Cyrp+yFikjYkhvmAHi2yxH0dtou4CrOiU5Um2CpL0HKH71ABUoe473IAD2qyEhINJJpZdCqGps307z7pMXf8pU618Wp6uxk1qCuaS+eP4PUzErPLTCickZ7hdVOMLPWoJQUMEO39IoHM1tIQPQmbra68RPPcAJpxwJqikF5tspDeWgRWzF6487niIfSZ7yfiqjovr7MAScbz53KfMjZ4C+Rto8yZPWzAEuVT9e8ukRbts0lY3e8JcNo3QFksvs7n84gOsF80embgMaNjr8mBEtDHpVcXcl8pV0/Ty5fCN/VGzet65SWbEcjSnf6xumzEBcmGQemO4biBtCh5cgosUWmt67CUwIMzs5cvDK+gkstwsuLPVTTnA4Q1FPcz5hyYZmOlQkaY5EILB7+WXGLHE8bJGmDK+QqWwE8vnKNoA8hezx+3uA5KE9THWfTQIvPz3AU9qoZ8GOLYhhqwfoMirAlSZxygWHPkEROWU5sM8UTdepombDPcqV+TN7JbYgM4ZLwk4btzBzyZwWCApilNUc3MJs3eWyZ2PPKoq+dmkRAEkv9z6m80NaaMCK8zDZ4FnClf9W2TBPtya+j2L8Nb5FZpLc4w1qZro1ANCgHzActRMhn7IeGyaOmRMKxxQtAzJtB1JoeDpSyrvjFkaX4/nRQ+G+EGtp04M0wTQC1sz2Wr+rWu7NBBwvIu+w872OMfKIUC1ViUIwUYPllJn5cADWhr7kGVeWM0EuYyzn3VZoBPKZoRJ6zRz/2r0IBTiRZB9iQzizkn5qOVw0toxWLCRsxdG4nNFa2WA44sd02YNQICnDwHmibt6B/Dta25WA4lp8NIXrKSMEjH/EfENiG7aU5xOGIxe3uTFqzRUmRWDndZT29H2gjDEDcrGSFQhCXb1gXVqmo9KVIvlLl66NI1J0gYM36VR2PbGrHzz0PFs8AOzzrHz6KO2RM9VCb2v3ae1l4WC7g14kZJiU8YqztCzaRG4tLw0ruZuU+sMQ3qGYA0xicyHFC6Ypdwl0L/jqpzNsOSiY9ppxyzNfO8ecC0rWhDy/nCSKPKtkzCjfnJEXNeo01htuQ8a0yLwfy6FIJAgZB1Oki8bHJyTnIQZhKNoeLhJqn9KXv2znf9+KM4Of8A1CwdohWOFzvMRb7aF5kbDIjrJz7/5WfK38L7qHSEgqQ4/kJQmnKebrN+Br4ZqB0ulxKCBGxcD+BEr6sUXd9X1UV0FnLagGNdwHbDje3U6od0nrrDoA7ScJhEuq+rpSRIxwFTXU47XqC7zwwuVamXBHtyLWHuoogPl/zDM9MsY/HwiRD3rMmf8aDuPG2k83Dz86Dp99gz5v9d6My0bRT5xkumzB3EHdkrBs79SRiXleV2ssr7aWIoWE3FePnkFKQyo+6Mq2+DuKE1fqSPmlpDYxmWPopmE1+EY+f4+F9TmomVfWq58pgQ3gUuqpKMEm6PgDR1T0jsg4ULx0xdgY5C2Dy4zTGEYd2playQJ5KXd7UaGhs2ypSBjGMVBCdDZ+WUzOtPmOxwrw3e/R38jTb6jGIAkSzkD+atc2MQd9QHfUbir7Gr/mSwHehf5+tGxQqFPjfIGOg2Ei3pDLU8BlaGpnSNyJlPxFfb+bnsxDjUu+jFSZQ+XUCVd5V4i3M68mBL10LDMJeIKriRRHh9gaAk0rM25C2VSAq7NP6TbSLsNKDuWLjsWwPgTIDZgPIvnDKWJp7TcQWtxbDQRbjo1wvQlrCjsZEk1AcjOcbIUUtsiCUyUbQOqiMGHYkFFi0Sfa/krg6Fl8nX7g/9NuqbL27iknAflc6tL+A/i2KaBm1IRAAaDvpJCUUVGBpyDnMkJSBWgcfa6B0JXuCnSFCGop8/J0V9mphZJdHWdrFu+P6sh831PDu4zFousoFFxLiTNlmBtW8n4DjQ2eNFV/VZDcNGmhqz7GakvyOiXfMuo2xBoKyQx3hmhVl4wKggrwGxnUoLH/to9Rqehu5DJPakMe5FmtlJSH6X5TAEfMAOuwoamDL+jCQXbcNX69vKhZa8pRlDn7PwoHyn9fjf3hxVpoDb8DDsuI8iSf9Kxv6YwLg0dOSlGzVbKZMZ3T+rV2R0oQU8Zk2i0lwFUOox0+hXmcMSO/DohBhPEwqbIuyiDeO99374xl0jaHEFkcx6UmK8F0oYZ2xa32es5XVt2TGxXvTQE1oHfRdMhLdqSd7NSs1rxkraJye4R62vdgLTdarTVMV7lteIbExWGqbcJCH30f212fU9eCaFBYh+M+dztCNQ4FncBYoBraglUnTFLAVwfHfHa9OaL+GTy0jffG80YpiiKG8Q5ziHkU66I33s49EciujA66iTxPEgttbxcj9+oYVi1y/oFYIDGqJWDCPl8VsJQDt9hNxbuxxc8LGbCzxYDN/FPA/rqU4LjCX+NMHZ+uq1BsW6ICYXITaNqo4oLH1LRSjRomNqAwmSLDCQl7An3idB6cJIGsH0qJlFlybYbURLcMaIIkIKehwPQ5CZMVfd6VXFujvN0tO1w1gVgXbvjZdGPSjpqC4Dmm0w943YDstBpmTYDLX+riFx9cxLY/xbeAeD4bZcwtC69caeiWqslqcPCGgw7dyKnIK8WZCEit9bJkyTFIm8nAW24gaSLvsWYT82nHztSy6JjdK0z6LqEzHCLy1lX/16ENOniFSzAQ+kSitoChsB/bvEGCbESkzQfnavZ+Cu9a7NxEUmU8ZCIEi7j931NU,iv:MNFSIXsPuQ3CywzPoAoPl6FBzsGCZ6OsONglOgsM2GU=,tag:SpT2Zw++/GQKnUpN9QJ9eA==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age:
- - recipient: age18z6wevr8ze5azvq7nfty3l29s7887l8n5mefr64avhlthtr4uvnqw90nfs
- enc: |
- -----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXdFNKV1NaYlI1d2VlUWZs
- NklOMWZFM3gvWXQzMnE1TEFvTDJuNzFtMjBVCkRCVUFyRHpvSnZtTW1xa3hQR2J4
- Uk8zdzFWWTVQdFp0ODFCT0hGdm0yR1EKLS0tIFhIN1VCbDFjSXdNZEREeENleHJX
- a3Z1SmJzVm1Md01lUG5xWFR0aW01TkUKcr0cBmPFVut3VRit/TaNp+OjWGJXSd/c
- /gRuSMYbjlABn76BEMmZ6V1spaXYvyzvMj4LOVaBX59O0TVTph7RJw==
- -----END AGE ENCRYPTED FILE-----
- lastmodified: "2025-02-09T21:59:12Z"
- mac: ENC[AES256_GCM,data:4zdv1F5410iK5nt/5TYNMsA4P+/BCJuvcxLY+93dB1sXxfbEEMJFsRl/D9hRbLoyGd0TU26vho+fyDuphYYZfNaKQS7sR9C5yDo0wuWylnqcjtEKH1a4RP8FXBtFeIGXLRkKpHodjN+9BThzPH1NRaQTXCPXX7WyrqvkuIvqviA=,iv:/LoKrYdftll09XWmY88paOjx2bODzTvV61B2nbBGq5k=,tag:ZwkVsd3huR8/8PIawRb6cg==,type:str]
- pgp: []
- encrypted_regex: ^(data|stringData|api_key)$
- version: 3.9.4
diff --git a/kubernetes/apps/production/arr/recyclarr/deployment.yaml b/kubernetes/apps/production/arr/recyclarr/deployment.yaml
deleted file mode 100644
index 7a642101..00000000
--- a/kubernetes/apps/production/arr/recyclarr/deployment.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: recyclarr
- namespace: arr
- labels:
- app: recyclarr
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: recyclarr
- template:
- metadata:
- labels:
- app: recyclarr
- spec:
- dnsPolicy: "None"
- dnsConfig:
- nameservers:
- - 8.8.8.8
- - 1.1.1.1
- containers:
- - name: recyclarr
- image: ghcr.io/recyclarr/recyclarr:7.4.0
- imagePullPolicy: IfNotPresent
- env:
- - name: LOG_LEVEL
- value: "info"
- resources:
- requests:
- memory: "100Mi"
- cpu: "50m"
- limits:
- memory: "125Mi"
- cpu: "75m"
- volumeMounts:
- - name: recyclarr-config-volume
- mountPath: /config/recyclarr.yaml
- subPath: recyclarr.yaml
- volumes:
- - name: recyclarr-config-volume
- configMap:
- name: recyclarr-config
diff --git a/kubernetes/apps/production/arr/recyclarr/helmrelease.yaml b/kubernetes/apps/production/arr/recyclarr/helmrelease.yaml
new file mode 100644
index 00000000..8b620ba4
--- /dev/null
+++ b/kubernetes/apps/production/arr/recyclarr/helmrelease.yaml
@@ -0,0 +1,93 @@
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+ name: &app recyclarr
+spec:
+ interval: 15m
+ chart:
+ spec:
+ chart: app-template
+ version: 3.7.1
+ interval: 30m
+ sourceRef:
+ kind: HelmRepository
+ name: bjw-s
+ namespace: flux-system
+
+ install:
+ remediation:
+ retries: 3
+
+ upgrade:
+ remediation:
+ retries: 3
+
+ values:
+ global:
+ fullnameOverride: *app
+ namespace: arr
+
+ controllers:
+ recyclarr:
+ enabled: true
+ type: cronjob
+ annotations:
+ reloader.stakater.com/auto: "true"
+ cronjob:
+ concurrencyPolicy: Forbid
+ schedule: "0 2 * * 1"
+ startingDeadlineSeconds: 30
+ successfulJobsHistory: 1
+ failedJobsHistory: 1
+ backoffLimit: 1
+
+ pod:
+ securityContext:
+ runAsUser: &context 65534
+ runAsGroup: *context
+ fsGroup: *context
+ fsGroupChangePolicy: "OnRootMismatch"
+
+ containers:
+ app:
+ image:
+ repository: ghcr.io/recyclarr/recyclarr
+ tag: 7.4.1
+ command: ["/app/recyclarr/recyclarr"]
+ args: ["sync"]
+ env:
+ TZ: ${TZ}
+ SONARR_API_KEY:
+ valueFrom:
+ secretKeyRef:
+ name: recyclarr-secrets
+ key: SONARR_API_KEY
+ RADARR_API_KEY:
+ valueFrom:
+ secretKeyRef:
+ name: recyclarr-secrets
+ key: RADARR_API_KEY
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ resources:
+ requests:
+ cpu: 5m
+ memory: 36Mi
+ limits:
+ memory: 200Mi
+
+ persistence:
+ config-file:
+ type: configMap
+ name: recyclarr-config
+ globalMounts:
+ - path: /config/recyclarr.yml
+ subPath: recyclarr.yml
+ readOnly: true
+ config:
+ type: emptyDir
+ globalMounts:
+ - path: /config
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/recyclarr/kustomization.yaml b/kubernetes/apps/production/arr/recyclarr/kustomization.yaml
index be2846a2..46fe261d 100644
--- a/kubernetes/apps/production/arr/recyclarr/kustomization.yaml
+++ b/kubernetes/apps/production/arr/recyclarr/kustomization.yaml
@@ -1,5 +1,10 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- - deployment.yaml
- - configmap.yaml
\ No newline at end of file
+ - helmrelease.yaml
+configMapGenerator:
+ - name: recyclarr-cm
+ files:
+ - recyclarr.yml=./recyclarr.yml
+generatorOptions:
+ disableNameSuffixHash: true
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/recyclarr/recyclarr.yml b/kubernetes/apps/production/arr/recyclarr/recyclarr.yml
new file mode 100644
index 00000000..38d6e4da
--- /dev/null
+++ b/kubernetes/apps/production/arr/recyclarr/recyclarr.yml
@@ -0,0 +1,96 @@
+sonarr:
+ series:
+ base_url: https://sonarr.local.mafyuh.dev
+ api_key: !secret SONARR_API_KEY
+
+ delete_old_custom_formats: true
+ replace_existing_custom_formats: true
+
+ include:
+ - template: sonarr-v4-custom-formats-web-1080p
+ - template: sonarr-v4-quality-profile-web-1080p
+
+ # quality_profiles:
+ # - name: WEB-DL (1080p)
+ # reset_unmatched_scores:
+ # enabled: true
+ # upgrade:
+ # allowed: true
+ # until_quality: WEBDL-1080p
+ # until_score: 10000
+ # min_format_score: 1
+ # qualities:
+ # - WEBDL-1080p
+ # - WEBRip-1080p
+ # - HDTV-1080p
+
+ custom_formats:
+ - trash_ids:
+ - 32b367365729d530ca1c124a0b180c64 # Bad Dual Groups
+ - ed38b889b31be83fda192888e2286d83 # BR-DISK
+ - e1a997ddb54e3ecbfe06341ad323c458 # Obfuscated
+ - dc98083864ea246d05a42df0d05f81cc # x265 (720/1080p)
+ - 1b3994c551cbb92a2c781af061f4ab44 # Scene
+ assign_scores_to:
+ - name: WEB-DL (1080p)
+ score: -10000
+
+radarr:
+ radarr_main:
+ base_url: https://radarr.local.mafyuh.dev
+ api_key: !secret RADARR_API_KEY
+
+ # Custom Format Configuration
+ delete_old_custom_formats: true
+ replace_existing_custom_formats: true
+
+ include:
+ - template: radarr-quality-definition-movie
+ - template: radarr-quality-profile-hd-bluray-web
+ - template: radarr-custom-formats-hd-bluray-web
+ - template: radarr-quality-definition-movie
+ - template: radarr-quality-profile-uhd-bluray-web
+ - template: radarr-custom-formats-uhd-bluray-web
+
+ # quality_profiles:
+ # - name: HD Bluray + WEB
+ # min_format_score: 0
+ # reset_unmatched_scores:
+ # enabled: true
+ # qualities:
+ # - WEBDL-1080p
+ # - Bluray-1080p
+ # - name: UHD Bluray + WEB
+ # reset_unmatched_scores:
+ # enabled: true
+ # qualities:
+ # - WEBDL-2160p
+ # - Bluray-2160p
+ # - WEBDL-1080p # Ensuring `until_quality` exists in the list
+
+ custom_formats:
+ - trash_ids:
+ - b6832f586342ef70d9c128d40c07b872 # Bad Dual Groups
+ - 90cedc1fea7ea5d11298bebd3d1d3223 # EVO (no WEBDL)
+ - ae9b7c9ebde1f3bd336a8cbd1ec4c5e5 # No-RlsGroup
+ - 7357cf5161efbf8c4d5d0c30b4815ee2 # Obfuscated
+ - 5c44f52a8714fdd79bb4d98e2673be1f # Retags
+ - f537cf427b64c38c8e36298f657e4828 # Scene
+ assign_scores_to:
+ - name: HD Bluray + WEB
+ - trash_ids:
+ - eecf3a857724171f968a66cb5719e152 # IMAX
+ - 9f6cbff8cfe4ebbc1bde14c7b7bec0de # IMAX ENHANCED
+ - c53085ddbd027d9624b320627748612f # DV HDR10+
+ - e23edd2482476e595fb990b12e7c609c # DV HDR10
+ - 58d6a88f13e2db7f5059c41047876f00 # DV
+ - 55d53828b9d81cbe20b02efd00aa0efd # DV HLG
+ - a3e19f8f627608af0211acd02bf89735 # DV SDR
+ - b974a6cd08c1066250f1f177d7aa1225 # HDR10+
+ - dfb86d5941bc9075d6af23b09c2aeecd # HDR10
+ - e61e28db95d22bedcadf030b8f156d96 # HDR
+ - 2a4d9069cc1fe3242ff9bdaebed239bb # HDR Undefined
+ - 08d6d8834ad9ec87b1dc7ec8148e7a1f # PQ
+ - 9364dd386c9b4a1100dde8264690add7 # HLG
+ assign_scores_to:
+ - name: UHD Bluray + WEB
diff --git a/kubernetes/apps/production/arr/sabnzbd/deployment.yaml b/kubernetes/apps/production/arr/sabnzbd/deployment.yaml
deleted file mode 100644
index 2929dcf9..00000000
--- a/kubernetes/apps/production/arr/sabnzbd/deployment.yaml
+++ /dev/null
@@ -1,68 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: sabnzbd
- namespace: arr
- labels:
- app: sabnzbd
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: sabnzbd
- template:
- metadata:
- labels:
- app: sabnzbd
- spec:
- containers:
- - name: sabnzbd
- image: ghcr.io/linuxserver/sabnzbd@sha256:84126d58ac2b50261efe7f83a36adfd790617ef729639f626b0c1114157b86de
- imagePullPolicy: IfNotPresent
- env:
- - name: PUID
- value: "1000"
- - name: PGID
- value: "1000"
- - name: TZ
- value: America/New_York
- resources:
- requests:
- memory: "1024Mi"
- cpu: "500m"
- limits:
- memory: "4Gi"
- cpu: "2000m"
- volumeMounts:
- - mountPath: /config
- name: sabnzbd-config
- - mountPath: /data
- name: nas
- - mountPath: /incomplete
- name: sabnzbd-incomplete
- volumes:
- - name: nas
- nfs:
- path: /mnt/thePool/thePoolShare
- server: 10.0.0.10
- - name: sabnzbd-config
- persistentVolumeClaim:
- claimName: sabnzbd-config
- - name: sabnzbd-incomplete
- emptyDir:
- sizeLimit: 100Gi
- nodeSelector:
- kubernetes.io/hostname: master3
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: sabnzbd-config
- namespace: arr
-spec:
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 2Gi
- storageClassName: longhorn
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/sabnzbd/helmrelease.yaml b/kubernetes/apps/production/arr/sabnzbd/helmrelease.yaml
new file mode 100644
index 00000000..087cf4ef
--- /dev/null
+++ b/kubernetes/apps/production/arr/sabnzbd/helmrelease.yaml
@@ -0,0 +1,114 @@
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+ name: &app sabnzbd
+ namespace: arr
+spec:
+ interval: 15m
+ chart:
+ spec:
+ chart: app-template
+ version: 3.7.1
+ interval: 30m
+ sourceRef:
+ kind: HelmRepository
+ name: bjw-s
+ namespace: flux-system
+
+ install:
+ remediation:
+ retries: 3
+ upgrade:
+ remediation:
+ retries: 3
+
+ values:
+ global:
+ fullnameOverride: *app
+ namespace: arr
+
+ controllers:
+ sabnzbd:
+ enabled: true
+ type: statefulset
+ annotations:
+ reloader.stakater.com/auto: "true"
+
+ replicas: 1
+
+ statefulset:
+ volumeClaimTemplates:
+ - name: config
+ accessMode: ReadWriteMany
+ size: 500Mi
+ storageClass: longhorn
+ globalMounts:
+ - path: /config
+
+ pod:
+ securityContext:
+ runAsUser: 65534
+ runAsGroup: &group 65534
+ fsGroup: *group
+ fsGroupChangePolicy: "OnRootMismatch"
+
+ containers:
+ app:
+ image:
+ repository: ghcr.io/onedr0p/sabnzbd
+ tag: 4.4.1
+ pullPolicy: IfNotPresent
+ env:
+ TZ: "${TZ}"
+ SABNZBD__PORT: &port 8080
+
+ probes:
+ liveness:
+ enabled: false
+
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+
+ resources:
+ requests:
+ cpu: 20m
+ memory: 200Mi
+ limits:
+ memory: 4000Mi
+
+ service:
+ app:
+ primary: true
+ controller: sabnzbd
+ ports:
+ http:
+ port: *port
+
+ ingress:
+ internal:
+ enabled: true
+ className: nginx
+ hosts:
+ - host: "sabnzbd.${LOCAL_DOMAIN}"
+ paths:
+ - path: /
+ pathType: Prefix
+ service:
+ identifier: app
+ port: http
+ tls:
+ - hosts:
+ - "sabnzbd.${LOCAL_DOMAIN}"
+ secretName: local-mafyuh-dev-production-tls
+
+ persistence:
+ data:
+ enabled: true
+ type: nfs
+ server: "${NAS_IP}"
+ path: /mnt/thePool/thePoolShare
+ globalMounts:
+ - path: /data
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/sabnzbd/ingress.yaml b/kubernetes/apps/production/arr/sabnzbd/ingress.yaml
deleted file mode 100644
index 35cbaa0b..00000000
--- a/kubernetes/apps/production/arr/sabnzbd/ingress.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: sabnzbd
- namespace: arr
-spec:
- ingressClassName: nginx
- rules:
- - host: "sab.local.mafyuh.dev"
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: headless-sabnzbd
- port:
- number: 8080
- tls:
- - hosts:
- - "sab.local.mafyuh.dev"
- secretName: local-mafyuh-dev-production-tls
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/sabnzbd/kustomization.yaml b/kubernetes/apps/production/arr/sabnzbd/kustomization.yaml
index 5f7a4f41..4377f60f 100644
--- a/kubernetes/apps/production/arr/sabnzbd/kustomization.yaml
+++ b/kubernetes/apps/production/arr/sabnzbd/kustomization.yaml
@@ -1,6 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- - deployment.yaml
- - service.yaml
- - ingress.yaml
\ No newline at end of file
+ - helmrelease.yaml
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/sabnzbd/service.yaml b/kubernetes/apps/production/arr/sabnzbd/service.yaml
deleted file mode 100644
index a1f7e723..00000000
--- a/kubernetes/apps/production/arr/sabnzbd/service.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: headless-sabnzbd
- namespace: arr
-spec:
- selector:
- app: sabnzbd
- ports:
- - port: 8080
- targetPort: 8080
- protocol: TCP
- type: ClusterIP
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/sonarr/deployment.yaml b/kubernetes/apps/production/arr/sonarr/deployment.yaml
deleted file mode 100644
index 5ac6c7cc..00000000
--- a/kubernetes/apps/production/arr/sonarr/deployment.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: sonarr
- namespace: arr
- labels:
- app: sonarr
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: sonarr
- template:
- metadata:
- labels:
- app: sonarr
- spec:
- securityContext:
- runAsUser: 65534
- runAsGroup: 65534
- fsGroup: 65534
- fsGroupChangePolicy: OnRootMismatch
- containers:
- - name: sonarr
- image: ghcr.io/onedr0p/sonarr:rolling@sha256:004aa9dc8e670e28b3ee2dc65b3b850ea3bd5a45d3c5ce5068bc4d45583c1770
- imagePullPolicy: IfNotPresent
- resources:
- requests:
- memory: 512Mi
- cpu: 75m
- limits:
- memory: 1024Mi
- cpu: 150m
- volumeMounts:
- - mountPath: /config
- name: sonarr-config
- - mountPath: /data
- name: nas
- volumes:
- - name: nas
- nfs:
- path: /mnt/thePool/thePoolShare
- server: 10.0.0.10
- - name: sonarr-config
- persistentVolumeClaim:
- claimName: sonarr-config
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: sonarr-config
- namespace: arr
-spec:
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 3Gi
- storageClassName: longhorn
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/sonarr/helmrelease.yaml b/kubernetes/apps/production/arr/sonarr/helmrelease.yaml
new file mode 100644
index 00000000..7b0a62f7
--- /dev/null
+++ b/kubernetes/apps/production/arr/sonarr/helmrelease.yaml
@@ -0,0 +1,118 @@
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+ name: &app sonarr
+ namespace: arr
+spec:
+ interval: 15m
+ chart:
+ spec:
+ chart: app-template
+ version: 3.7.1
+ interval: 30m
+ sourceRef:
+ kind: HelmRepository
+ name: bjw-s
+ namespace: flux-system
+
+ install:
+ remediation:
+ retries: 3
+ upgrade:
+ remediation:
+ retries: 3
+
+ values:
+ global:
+ fullnameOverride: *app
+ namespace: arr
+
+ controllers:
+ sonarr:
+ enabled: true
+ type: statefulset
+ annotations:
+ reloader.stakater.com/auto: "true"
+
+ replicas: 1
+
+ statefulset:
+ volumeClaimTemplates:
+ - name: config
+ accessMode: ReadWriteMany
+ size: 3Gi
+ storageClass: longhorn
+ globalMounts:
+ - path: /config
+
+ pod:
+ securityContext:
+ runAsUser: 65534
+ runAsGroup: &group 65534
+ fsGroup: *group
+ fsGroupChangePolicy: "OnRootMismatch"
+
+ containers:
+ app:
+ image:
+ repository: ghcr.io/onedr0p/sonarr
+ tag: 5.18.4.9674
+ pullPolicy: IfNotPresent
+ env:
+ TZ: "${TZ}"
+ SONARR__INSTANCE_NAME: *app
+ SONARR__PORT: &port 8989
+ SONARR__APPLICATION_URL: "https://sonarr.${LOCAL_DOMAIN}"
+ SONARR__THEME: dark
+ SONARR__LOG_LEVEL: info
+
+ probes:
+ liveness:
+ enabled: false
+
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+
+ resources:
+ requests:
+ cpu: 50m
+ memory: 200Mi
+ limits:
+ memory: 400Mi
+
+ service:
+ app:
+ primary: true
+ controller: sonarr
+ ports:
+ http:
+ port: *port
+
+ ingress:
+ internal:
+ enabled: true
+ className: nginx
+ hosts:
+ - host: "sonarr.${LOCAL_DOMAIN}"
+ paths:
+ - path: /
+ pathType: Prefix
+ service:
+ identifier: app
+ port: http
+ tls:
+ - hosts:
+ - "sonarr.${LOCAL_DOMAIN}"
+ secretName: local-mafyuh-dev-production-tls
+
+ persistence:
+ data:
+ enabled: true
+ type: nfs
+ server: "${NAS_IP}"
+ path: /mnt/thePool/thePoolShare
+ globalMounts:
+ - path: /data
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/sonarr/ingress.yaml b/kubernetes/apps/production/arr/sonarr/ingress.yaml
deleted file mode 100644
index 78230aa4..00000000
--- a/kubernetes/apps/production/arr/sonarr/ingress.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: sonarr
- namespace: arr
-spec:
- ingressClassName: nginx
- rules:
- - host: "sonarr.local.mafyuh.dev"
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: headless-sonarr
- port:
- number: 8989
- tls:
- - hosts:
- - "sonarr.local.mafyuh.dev"
- secretName: local-mafyuh-dev-production-tls
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/sonarr/kustomization.yaml b/kubernetes/apps/production/arr/sonarr/kustomization.yaml
index 5f7a4f41..4377f60f 100644
--- a/kubernetes/apps/production/arr/sonarr/kustomization.yaml
+++ b/kubernetes/apps/production/arr/sonarr/kustomization.yaml
@@ -1,6 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- - deployment.yaml
- - service.yaml
- - ingress.yaml
\ No newline at end of file
+ - helmrelease.yaml
\ No newline at end of file
diff --git a/kubernetes/apps/production/arr/sonarr/service.yaml b/kubernetes/apps/production/arr/sonarr/service.yaml
deleted file mode 100644
index 34d1760a..00000000
--- a/kubernetes/apps/production/arr/sonarr/service.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: headless-sonarr
- namespace: arr
-spec:
- selector:
- app: sonarr
- ports:
- - port: 8989
- targetPort: 8989
- protocol: TCP
- type: ClusterIP
\ No newline at end of file
diff --git a/kubernetes/apps/production/kustomization.yaml b/kubernetes/apps/production/kustomization.yaml
index 807da4d1..879ad9b4 100644
--- a/kubernetes/apps/production/kustomization.yaml
+++ b/kubernetes/apps/production/kustomization.yaml
@@ -6,4 +6,5 @@ resources:
- cert-manager/
- longhorn/
- nginx/
- - reflector/
\ No newline at end of file
+ - reflector/
+ - reloader/
\ No newline at end of file
diff --git a/kubernetes/apps/production/reloader/helmrelease.yaml b/kubernetes/apps/production/reloader/helmrelease.yaml
new file mode 100644
index 00000000..8bbb260d
--- /dev/null
+++ b/kubernetes/apps/production/reloader/helmrelease.yaml
@@ -0,0 +1,33 @@
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+ name: &app reloader
+spec:
+ interval: 15m
+ chart:
+ spec:
+ chart: reloader
+ version: 1.2.1
+ interval: 30m
+ sourceRef:
+ kind: HelmRepository
+ name: stakater
+ namespace: flux-system
+
+ install:
+ remediation:
+ retries: 3
+ upgrade:
+ remediation:
+ retries: 3
+
+ values:
+ fullnameOverride: *app
+
+ resources:
+ requests:
+ cpu: 15m
+ memory: 64M
+ limits:
+ cpu: 15m
+ memory: 64M
\ No newline at end of file
diff --git a/kubernetes/apps/production/reloader/kustomization.yaml b/kubernetes/apps/production/reloader/kustomization.yaml
new file mode 100644
index 00000000..4377f60f
--- /dev/null
+++ b/kubernetes/apps/production/reloader/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+ - helmrelease.yaml
\ No newline at end of file
diff --git a/kubernetes/cluster/production/charts/reloader-chart.yaml b/kubernetes/cluster/production/charts/reloader-chart.yaml
new file mode 100644
index 00000000..66577999
--- /dev/null
+++ b/kubernetes/cluster/production/charts/reloader-chart.yaml
@@ -0,0 +1,10 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+ name: stakater
+ namespace: flux-system
+spec:
+ interval: 30m
+ url: https://stakater.github.io/stakater-charts
+ timeout: 3m
diff --git a/kubernetes/secrets/kustomization.yaml b/kubernetes/secrets/kustomization.yaml
index 39ebed17..934156d6 100644
--- a/kubernetes/secrets/kustomization.yaml
+++ b/kubernetes/secrets/kustomization.yaml
@@ -3,4 +3,5 @@ kind: Kustomization
resources:
- cluster-config.yaml
- qbitty-secrets.yaml
- - cluster-secrets.yaml
\ No newline at end of file
+ - cluster-secrets.yaml
+ - recyclarr.yaml
\ No newline at end of file
diff --git a/kubernetes/secrets/recyclarr.yaml b/kubernetes/secrets/recyclarr.yaml
new file mode 100644
index 00000000..759eb4d3
--- /dev/null
+++ b/kubernetes/secrets/recyclarr.yaml
@@ -0,0 +1,29 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: recyclarr-secrets
+ namespace: arr
+type: Opaque
+stringData:
+ RADARR_APT_KEY: ENC[AES256_GCM,data:ExNCoY5kWoUbZBxNnmCrFFfOa0bx2BD/koqX0EskCMM=,iv:BiphcBweetjC9NZgHN9RGois1r3HAiqvTotZbjs9ViE=,tag:EIXUZhcJXPJNdVsJGklAoQ==,type:str]
+ SONARR_API_KEY: ENC[AES256_GCM,data:0BwoubBRAUJCF65SsWmQcpMfT1KYZI5AmUjk,iv:59lCryBCqgQM44XAqDo/70hJGB4+TO5PUfsxhyXz9s4=,tag:bdMJLRR2D5IeyXdc8hmlCg==,type:str]
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age:
+ - recipient: age18z6wevr8ze5azvq7nfty3l29s7887l8n5mefr64avhlthtr4uvnqw90nfs
+ enc: |
+ -----BEGIN AGE ENCRYPTED FILE-----
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLVWtGNHBNcCtIUDd0ZHNS
+ K2lNMlFSMzlVRU1BUTNyWVdCTDh2UmY4VUJzCkk4Y1ZDcy8vTG84eTh6eXg0eWpO
+ SFZqRjFrdjl6dWpJbTg3UnhNZ2JTOGsKLS0tIGRoT1cyK0phNXVwZEJ0M3VDcEpj
+ KzdOczVjakovQlE1TkF4VUJORk5IdWsKx12AioJfcpmzCAbI+RwrJW1607YYsQbf
+ N8EKX70kyhdlwyCMDwr7B0+eFAWsJAjsR+2Z91peXCxlfeVXu28eFQ==
+ -----END AGE ENCRYPTED FILE-----
+ lastmodified: "2025-02-18T04:52:45Z"
+ mac: ENC[AES256_GCM,data:kdkPp/yJTRdGE++jjDti0ZV18UvQPvHC2Zmuovdhax0PwltcNL4xNXWK+3ZNuy5k2uRcfM6tRf6JEID/0WRedJCUZ3X0VhF1QJB/1/5ZgVvvpq0CVdufCOOQtMl0Y+2zAE7RCug4DI9PpB1Ud5V7uc/RTem2D4p2ebXr4SMJz7w=,iv:lbQsBStxyd1jzdeI7dESDrpgZibymUYw69yTGL9aiqc=,tag:2giVCBtX2x8kjo0aTG6TEQ==,type:str]
+ pgp: []
+ encrypted_regex: ^(data|stringData)$
+ version: 3.9.4