From 0642d7ec6fd0e5d7ba14086d3f230b8ef9cfe8e1 Mon Sep 17 00:00:00 2001
From: Matt Reeves <admin@mafyuh.io>
Date: Sat, 6 Jul 2024 20:59:46 -0400
Subject: [PATCH] testing qbitty

---
 cluster/apps/production/qbitty/qbitty.yaml | 133 +++++++++++++++++++++
 1 file changed, 133 insertions(+)
 create mode 100644 cluster/apps/production/qbitty/qbitty.yaml

diff --git a/cluster/apps/production/qbitty/qbitty.yaml b/cluster/apps/production/qbitty/qbitty.yaml
new file mode 100644
index 0000000..b577a97
--- /dev/null
+++ b/cluster/apps/production/qbitty/qbitty.yaml
@@ -0,0 +1,133 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: qbitty
+  namespace: default
+  labels:
+    app: qbitty
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: qbitty
+  template:
+    metadata:
+      labels:
+        app: qbitty
+    spec:
+      containers:
+        - name: qbitty
+          image: docker.mafyuh.xyz/binhex/arch-qbittorrentvpn:4.6.5-1-03
+          imagePullPolicy: IfNotPresent
+          env:
+            - name: PUID
+              value: "1000"
+            - name: PGID
+              value: "1000"
+            - name: TZ
+              value: America/New_York
+            - name: VPN_ENABLED
+              value: "yes"
+            - name: VPN_PROV
+              value: "protonvpn"
+            - name: VPN_CLIENT
+              value: "wireguard"
+            - name: VPN_USER
+              value: "mafyuh+pmp"
+            - name: STRICT_PORT_FORWARD
+              value: "yes"
+            - name: LAN_NETWORK
+              valueFrom:
+                secretKeyRef:
+                  name: bw-sample-secret
+                  key: b5c623c9-ba59-455b-bd68-b1a6000f18b1
+            - name: ENABLE_PRIVOXY
+              value: "yes"
+            - name: WEBUI_PORT
+              value: "49550"
+            - name: UMASK
+              value: "1000"
+            - name: DEBUG
+              value: "false"
+          resources:
+            requests:
+              memory: "512Mi"
+              cpu: "100m"
+            limits:
+              memory: "1Gi"
+              cpu: "100m"
+          volumeMounts:
+            - mountPath: /config
+              name: qbitty-config
+            - mountPath: /data
+              name: nas
+              readOnly: true
+          securityContext:
+            capabilities:
+              add: ["NET_ADMIN"]
+            privileged: true
+          ports:
+            - containerPort: 49550
+              name: webui
+              protocol: TCP
+      volumes:
+        - name: nas
+          nfs:
+            path: /mnt/thePool/thePoolShare
+            server: 10.0.0.10
+        - name: qbitty-config
+          persistentVolumeClaim:
+            claimName: qbitty-config
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+            type: File
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: qbitty-config
+  namespace: default
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+  storageClassName: longhorn
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: headless-qbitty
+  namespace: default
+spec:
+  selector:
+    app: qbitty
+  ports:
+    - port: 49550
+      targetPort: 49550
+      protocol: TCP
+  type: ClusterIP
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: qbitty
+  namespace: default
+  annotations: 
+    kubernetes.io/ingress.class: traefik-external
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`qbitty.local.mafyuh.com`)
+      kind: Rule
+      services:
+        - name: headless-qbitty
+          port: 49550
+      middlewares:
+        - name: default-headers
+  tls:
+    secretName: local-mafyuh-com-production-tls
+