diff --git a/kubernetes/apps/default/kustomization.yaml b/kubernetes/apps/default/kustomization.yaml index 844bc78..7b637bd 100644 --- a/kubernetes/apps/default/kustomization.yaml +++ b/kubernetes/apps/default/kustomization.yaml @@ -9,3 +9,4 @@ resources: # - ./excalidraw/ks.yaml # - ./it-tools/ks.yaml - ./maintainerr/ks.yaml + - ./radarr/ks.yaml diff --git a/kubernetes/apps/default/radarr/app/externalsecret.yaml b/kubernetes/apps/default/radarr/app/externalsecret.yaml new file mode 100644 index 0000000..77a9f69 --- /dev/null +++ b/kubernetes/apps/default/radarr/app/externalsecret.yaml @@ -0,0 +1,28 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: radarr +spec: + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-connect + target: + name: radarr-secret + template: + engineVersion: v2 + data: + RADARR__AUTH__APIKEY: "{{ .api_key }}" + PUSHOVER_TOKEN: "{{ .radarr_token }}" + PUSHOVER_USER_KEY: "{{ .userkey_jahanson }}" + RADARR__POSTGRES__HOST: "postgres-primary-real.database.svc" + RADARR__POSTGRES__PORT: "5432" + RADARR__POSTGRES__USER: "{{ .RADARR_POSTGRES_USER }}" + RADARR__POSTGRES__PASSWORD: "{{ .RADARR_POSTGRES_PASSWORD }}" + RADARR__POSTGRES__MAINDB: radarr_main + dataFrom: + - extract: + key: pushover + - extract: + key: radarr diff --git a/kubernetes/apps/default/radarr/app/helmrelease.yaml b/kubernetes/apps/default/radarr/app/helmrelease.yaml new file mode 100644 index 0000000..9a206aa --- /dev/null +++ b/kubernetes/apps/default/radarr/app/helmrelease.yaml @@ -0,0 +1,117 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: radarr +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 3.4.0 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + strategy: rollback + values: + controllers: + radarr: + annotations: + reloader.stakater.com/auto: "true" + containers: + app: + image: + repository: ghcr.io/onedr0p/radarr-develop + tag: 5.10.0.9090 + env: + RADARR__APP__INSTANCENAME: Radarr + RADARR__APP__THEME: dark + RADARR__AUTH__METHOD: External + RADARR__AUTH__REQUIRED: DisabledForLocalAddresses + RADARR__LOG__DBENABLED: "False" + RADARR__LOG__LEVEL: info + RADARR__SERVER__PORT: &port 80 + RADARR__UPDATE__BRANCH: develop + TZ: America/Chicago + envFrom: + - secretRef: + name: radarr-secret + probes: + liveness: &probes + enabled: true + custom: true + spec: + httpGet: + path: /ping + port: *port + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + readiness: *probes + startup: + enabled: false + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: { drop: ["ALL"] } + resources: + requests: + cpu: 10m + limits: + memory: 16Gi + pod: + securityContext: + runAsUser: 568 + runAsGroup: 568 + runAsNonRoot: true + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + supplementalGroups: [10000] + service: + app: + controller: radarr + ports: + http: + port: *port + ingress: + app: + enabled: true + className: internal-nginx + hosts: + - host: &host "{{ .Release.Name }}.jahanson.tech" + paths: + - path: / + service: + identifier: app + port: http + tls: + - hosts: + - *host + persistence: + config: + enabled: true + existingClaim: radarr + tmp: + type: emptyDir + media: + type: nfs + server: 10.1.1.13 + path: /eru/media + globalMounts: + - path: /data/nas-media + sting-media: + type: nfs + server: 10.1.1.12 + path: /mnt/user/Media/ + globalMounts: + - path: /data/sting-media diff --git a/kubernetes/apps/default/radarr/app/kustomization.yaml b/kubernetes/apps/default/radarr/app/kustomization.yaml new file mode 100644 index 0000000..be13d2d --- /dev/null +++ b/kubernetes/apps/default/radarr/app/kustomization.yaml @@ -0,0 +1,8 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./externalsecret.yaml + - ./helmrelease.yaml + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/radarr/ks.yaml b/kubernetes/apps/default/radarr/ks.yaml new file mode 100644 index 0000000..30af62c --- /dev/null +++ b/kubernetes/apps/default/radarr/ks.yaml @@ -0,0 +1,34 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app radarr + namespace: flux-system +spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: crunchy-postgres-operator + - name: external-secrets-stores + - name: openebs + - name: volsync + path: ./kubernetes/apps/default/radarr/app + prune: true + sourceRef: + kind: GitRepository + name: theshire + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app + DB_NAME: radarr + DB_USER: radarr + VOLSYNC_CAPACITY: 15Gi + VOLSYNC_STORAGECLASS: ceph-block + VOLSYNC_SNAPSHOTCLASS: ceph-block