From 0c6f9c21369cea3ac7c92389a34edeef605fbc9d Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Fri, 23 Aug 2024 09:37:21 -0500 Subject: [PATCH] update cross-seed, remove old code --- .../qbittorrent/app/externalsecret.yaml | 25 +++----- .../qbittorrent/app/helmrelease.yaml | 63 +++++-------------- .../qbittorrent/app/kustomization.yaml | 6 ++ .../qbittorrent/app/resources/cross-seed.sh | 32 ++++++++++ 4 files changed, 59 insertions(+), 67 deletions(-) create mode 100644 kubernetes/apps/qbittorrent/qbittorrent/app/resources/cross-seed.sh diff --git a/kubernetes/apps/qbittorrent/qbittorrent/app/externalsecret.yaml b/kubernetes/apps/qbittorrent/qbittorrent/app/externalsecret.yaml index 51ccfff..288892c 100644 --- a/kubernetes/apps/qbittorrent/qbittorrent/app/externalsecret.yaml +++ b/kubernetes/apps/qbittorrent/qbittorrent/app/externalsecret.yaml @@ -11,21 +11,10 @@ spec: name: onepassword-connect target: name: qbittorrent-secret - creationPolicy: Owner - data: - - secretKey: WIREGUARD_ENDPOINT_IP - remoteRef: - key: ProtonVPN - property: qbittorrent_vpn_endpoint_ip - - secretKey: WIREGUARD_PUBLIC_KEY - remoteRef: - key: ProtonVPN - property: qbittorrent_wireguard_public_key - - secretKey: WIREGUARD_PRIVATE_KEY - remoteRef: - key: ProtonVPN - property: qbittorrent_wireguard_private_key - - secretKey: WIREGUARD_ADDRESSES - remoteRef: - key: ProtonVPN - property: qbittorrent_wireguard_addresses + template: + engineVersion: v2 + data: + CROSS_SEED_API_KEY: "{{ .CROSS_SEED_API_KEY }}" + dataFrom: + - extract: + key: cross-seed diff --git a/kubernetes/apps/qbittorrent/qbittorrent/app/helmrelease.yaml b/kubernetes/apps/qbittorrent/qbittorrent/app/helmrelease.yaml index bad0387..9d8e733 100644 --- a/kubernetes/apps/qbittorrent/qbittorrent/app/helmrelease.yaml +++ b/kubernetes/apps/qbittorrent/qbittorrent/app/helmrelease.yaml @@ -48,8 +48,12 @@ spec: QBT_Preferences__WebUI__AuthSubnetWhitelist: |- 10.244.0.0/16, 10.1.2.0/24 QBT_Preferences__WebUI__LocalHostAuth: false - # QBT_BitTorrent__Session__Interface: wg0 - # QBT_BitTorrent__Session__InterfaceName: wg0 + CROSS_SEED_HOST: cross-seed.qbittorrent.svc.cluster.local + CROSS_SEED_PORT: 80 + CROSS_SEED_SLEEP_INTERVAL: 0 + envFrom: + - secretRef: + name: qbittorrent-secret resources: requests: cpu: 49m @@ -66,53 +70,6 @@ spec: drop: - ALL - # gluetun: - # image: - # repository: ghcr.io/qdm12/gluetun - # tag: latest@sha256:fb448a2eb8755b68106a386d1e5a78c781bf28a0eea0fb712824cd2dc0ec19a7 - # env: - # VPN_SERVICE_PROVIDER: custom - # VPN_TYPE: wireguard - # VPN_INTERFACE: wg0 - # WIREGUARD_ENDPOINT_PORT: 51820 - # VPN_PORT_FORWARDING: on - # VPN_PORT_FORWARDING_PROVIDER: protonvpn - # FIREWALL_INPUT_PORTS: *port - # FIREWALL_OUTBOUND_SUBNETS: 10.32.0.0/16 # Allow access to k8s subnets - # envFrom: - # - secretRef: - # name: qbittorrent-secret - # securityContext: - # # until I can debug the issues on talos 1.8. - # privileged: true - # capabilities: - # add: - # - NET_ADMIN - # drop: - # - ALL - - # port-forward: - # image: - # repository: ghcr.io/bjw-s/gluetun-qb-port-sync - # tag: v0.0.2 - # env: - # GLUETUN_CONTROL_SERVER_HOST: localhost - # GLUETUN_CONTROL_SERVER_PORT: 8000 - # QBITTORRENT_HOST: localhost - # QBITTORRENT_WEBUI_PORT: *port - # CRON_ENABLED: true - # CRON_SCHEDULE: "*/5 * * * *" - # LOG_TIMESTAMP: false - # securityContext: - # runAsUser: 568 - # runAsGroup: 568 - # runAsNonRoot: true - # allowPrivilegeEscalation: false - # readOnlyRootFilesystem: false - # capabilities: - # drop: - # - ALL - service: app: controller: *app @@ -145,6 +102,14 @@ spec: persistence: config: existingClaim: qbittorrent + scripts: + type: configMap + name: qbittorrent-scripts + defaultMode: 0775 + globalMounts: + - path: /scripts/cross-seed.sh + subPath: cross-seed.sh + readOnly: true media: type: nfs server: 10.1.1.11 diff --git a/kubernetes/apps/qbittorrent/qbittorrent/app/kustomization.yaml b/kubernetes/apps/qbittorrent/qbittorrent/app/kustomization.yaml index 8ad2376..0f2d15c 100644 --- a/kubernetes/apps/qbittorrent/qbittorrent/app/kustomization.yaml +++ b/kubernetes/apps/qbittorrent/qbittorrent/app/kustomization.yaml @@ -6,5 +6,11 @@ resources: - ./externalsecret.yaml - ./helmrelease.yaml - ../../../../templates/volsync +configMapGenerator: + - name: qbittorrent-scripts + files: + - cross-seed.sh=./resources/cross-seed.sh generatorOptions: disableNameSuffixHash: true + annotations: + kustomize.toolkit.fluxcd.io/substitute: disabled diff --git a/kubernetes/apps/qbittorrent/qbittorrent/app/resources/cross-seed.sh b/kubernetes/apps/qbittorrent/qbittorrent/app/resources/cross-seed.sh new file mode 100644 index 0000000..34fc5bb --- /dev/null +++ b/kubernetes/apps/qbittorrent/qbittorrent/app/resources/cross-seed.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash + +export CROSS_SEED_HOST=${CROSS_SEED_HOST:-cross-seed.default.svc.cluster.local} +export CROSS_SEED_PORT=${CROSS_SEED_PORT:-80} +export CROSS_SEED_API_KEY=${CROSS_SEED_API_KEY:-unset} +export CROSS_SEED_SLEEP_INTERVAL=${CROSS_SEED_SLEEP_INTERVAL:-30} + +SEARCH_PATH=$1 + +# Update permissions on the search path +chmod -R 750 "${SEARCH_PATH}" + +# Search for cross-seed +response=$( + curl \ + --silent \ + --output /dev/null \ + --write-out "%{http_code}" \ + --request POST \ + --data-urlencode "path=${SEARCH_PATH}" \ + --header "X-Api-Key: ${CROSS_SEED_API_KEY}" \ + "http://${CROSS_SEED_HOST}:${CROSS_SEED_PORT}/api/webhook" +) + +if [[ "${response}" != "204" ]]; then + printf "Failed to search cross-seed for '%s'\n" "${SEARCH_PATH}" + exit 1 +fi + +printf "Successfully searched cross-seed for '%s'\n" "${SEARCH_PATH}" + +sleep "${CROSS_SEED_SLEEP_INTERVAL}"