kub/cluster/apps/production/qbitty/qbitty.yaml

133 lines
3 KiB
YAML
Raw Permalink Normal View History

2024-07-06 20:59:46 -04:00
apiVersion: apps/v1
kind: Deployment
metadata:
name: qbitty
namespace: default
labels:
app: qbitty
spec:
replicas: 1
selector:
matchLabels:
app: qbitty
template:
metadata:
labels:
app: qbitty
spec:
containers:
- name: qbitty
2024-07-06 21:22:40 -04:00
image: binhex/arch-qbittorrentvpn:4.6.5-1-03
2024-07-06 20:59:46 -04:00
imagePullPolicy: IfNotPresent
env:
- name: PUID
value: "1000"
- name: PGID
value: "1000"
- name: TZ
value: America/New_York
- name: VPN_ENABLED
value: "yes"
- name: VPN_PROV
value: "protonvpn"
- name: VPN_CLIENT
value: "wireguard"
- name: VPN_USER
value: "mafyuh+pmp"
- name: STRICT_PORT_FORWARD
value: "yes"
- name: LAN_NETWORK
valueFrom:
secretKeyRef:
name: bw-sample-secret
key: b5c623c9-ba59-455b-bd68-b1a6000f18b1
- name: ENABLE_PRIVOXY
value: "yes"
- name: WEBUI_PORT
value: "49550"
- name: UMASK
value: "1000"
- name: DEBUG
value: "false"
resources:
requests:
2024-07-07 00:36:06 -04:00
memory: "256Mi"
2024-07-06 20:59:46 -04:00
cpu: "100m"
limits:
2024-07-07 00:36:06 -04:00
memory: "512Gi"
cpu: "200m"
2024-07-06 20:59:46 -04:00
volumeMounts:
- mountPath: /config
name: qbitty-config
- mountPath: /data
name: nas
securityContext:
capabilities:
add: ["NET_ADMIN"]
privileged: true
ports:
- containerPort: 49550
name: webui
protocol: TCP
volumes:
- name: nas
nfs:
path: /mnt/thePool/thePoolShare
server: 10.0.0.10
- name: qbitty-config
persistentVolumeClaim:
claimName: qbitty-config
- name: localtime
hostPath:
path: /etc/localtime
type: File
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: qbitty-config
namespace: default
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: longhorn
---
apiVersion: v1
kind: Service
metadata:
name: headless-qbitty
namespace: default
spec:
selector:
app: qbitty
ports:
- port: 49550
targetPort: 49550
protocol: TCP
type: ClusterIP
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: qbitty
namespace: default
annotations:
kubernetes.io/ingress.class: traefik-external
spec:
entryPoints:
- websecure
routes:
- match: Host(`qbitty.local.mafyuh.com`)
kind: Rule
services:
- name: headless-qbitty
port: 49550
middlewares:
- name: default-headers
tls:
secretName: local-mafyuh-com-production-tls