Adding Prowlarr.
This commit is contained in:
parent
95cfc66168
commit
10b192a7b6
6 changed files with 267 additions and 0 deletions
|
@ -5,5 +5,6 @@ kind: Kustomization
|
|||
resources:
|
||||
# Flux-Kustomizations
|
||||
- ./jellyfin/ks.yaml
|
||||
- ./prowlarr/ks.yaml
|
||||
- ./sabnzbd/ks.yaml
|
||||
- ./qbittorrent/ks.yaml
|
||||
|
|
19
kubernetes/apps/default/prowlarr/app/externalsecret.yaml
Normal file
19
kubernetes/apps/default/prowlarr/app/externalsecret.yaml
Normal file
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: prowlarr
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: onepassword-connect
|
||||
target:
|
||||
name: prowlarr-secret
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
PROWLARR__API_KEY: "{{ .api_key }}"
|
||||
dataFrom:
|
||||
- extract:
|
||||
key: prowlarr
|
123
kubernetes/apps/default/prowlarr/app/helmrelease.yaml
Normal file
123
kubernetes/apps/default/prowlarr/app/helmrelease.yaml
Normal file
|
@ -0,0 +1,123 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: prowlarr
|
||||
spec:
|
||||
interval: 30m
|
||||
chart:
|
||||
spec:
|
||||
chart: app-template
|
||||
version: 2.5.0
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bjw-s
|
||||
namespace: flux-system
|
||||
install:
|
||||
remediation:
|
||||
retries: 3
|
||||
upgrade:
|
||||
cleanupOnFail: true
|
||||
remediation:
|
||||
retries: 3
|
||||
uninstall:
|
||||
keepHistory: false
|
||||
values:
|
||||
controllers:
|
||||
main:
|
||||
annotations:
|
||||
reloader.stakater.com/auto: "true"
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/prowlarr-develop
|
||||
tag: 1.12.2.4211@sha256:14fc79c3380bba72cd635dc6fa5949ac149c29f8a1afea8308ffe5490d0208f9
|
||||
env:
|
||||
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
||||
# Ref: https://github.com/dotnet/runtime/issues/9336
|
||||
COMPlus_EnableDiagnostics: "0"
|
||||
PROWLARR__INSTANCE_NAME: Prowlarr
|
||||
PROWLARR__PORT: &port 80
|
||||
PROWLARR__LOG_LEVEL: info
|
||||
PROWLARR__AUTHENTICATION_METHOD: External
|
||||
PROWLARR__THEME: dark
|
||||
TZ: America/Chicago
|
||||
PROWLARR__POSTGRES_HOST:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "${APP}-pguser-${DB_USER}"
|
||||
key: host
|
||||
PROWLARR__POSTGRES_PORT: "5432"
|
||||
PROWLARR__POSTGRES_USER:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "${APP}-pguser-${DB_USER}"
|
||||
key: user
|
||||
PROWLARR__POSTGRES_PASSWORD:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "${APP}-pguser-${DB_USER}"
|
||||
key: password
|
||||
PROWLARR__POSTGRES_MAIN_DB: prowlarr_main
|
||||
PROWLARR__POSTGRES_LOG_DB: prowlarr_log
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: prowlarr-secret
|
||||
|
||||
probes:
|
||||
liveness: &probes
|
||||
enabled: true
|
||||
custom: true
|
||||
spec:
|
||||
httpGet:
|
||||
path: /ping
|
||||
port: *port
|
||||
initialDelaySeconds: 0
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 1
|
||||
failureThreshold: 3
|
||||
readiness: *probes
|
||||
startup:
|
||||
enabled: false
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
readOnlyRootFilesystem: true
|
||||
capabilities: { drop: ["ALL"] }
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
limits:
|
||||
memory: 1Gi
|
||||
pod:
|
||||
securityContext:
|
||||
runAsUser: 568
|
||||
runAsGroup: 568
|
||||
runAsNonRoot: true
|
||||
fsGroup: 568
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
service:
|
||||
main:
|
||||
ports:
|
||||
http:
|
||||
port: *port
|
||||
ingress:
|
||||
main:
|
||||
enabled: true
|
||||
className: internal
|
||||
hosts:
|
||||
- host: &host "{{ .Release.Name }}.jahanson.tech"
|
||||
paths:
|
||||
- path: /
|
||||
service:
|
||||
name: main
|
||||
port: http
|
||||
tls:
|
||||
- hosts:
|
||||
- *host
|
||||
persistence:
|
||||
config:
|
||||
enabled: true
|
||||
type: emptyDir
|
||||
tmp:
|
||||
type: emptyDir
|
8
kubernetes/apps/default/prowlarr/app/kustomization.yaml
Normal file
8
kubernetes/apps/default/prowlarr/app/kustomization.yaml
Normal file
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./helmrelease.yaml
|
||||
- ./externalsecret.yaml
|
||||
- ./postgresCluster.yaml
|
87
kubernetes/apps/default/prowlarr/app/postgresCluster.yaml
Normal file
87
kubernetes/apps/default/prowlarr/app/postgresCluster.yaml
Normal file
|
@ -0,0 +1,87 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/postgres-operator.crunchydata.com/postgrescluster_v1beta1.json
|
||||
apiVersion: postgres-operator.crunchydata.com/v1beta1
|
||||
kind: PostgresCluster
|
||||
metadata:
|
||||
name: "${APP}"
|
||||
spec:
|
||||
postgresVersion: 16
|
||||
dataSource:
|
||||
pgbackrest:
|
||||
stanza: db
|
||||
configuration:
|
||||
- secret:
|
||||
name: pgo-s3-creds
|
||||
global:
|
||||
repo1-path: "/${APP}/repo1"
|
||||
repo1-s3-uri-style: path
|
||||
repo:
|
||||
name: repo1
|
||||
s3:
|
||||
bucket: "crunchy-postgres"
|
||||
endpoint: "s3.hsn.dev"
|
||||
region: "us-east-1"
|
||||
patroni:
|
||||
dynamicConfiguration:
|
||||
synchronous_mode: true
|
||||
postgresql:
|
||||
synchronous_commit: "on"
|
||||
pg_hba:
|
||||
- hostnossl all all 10.32.0.0/16 md5
|
||||
- hostssl all all all md5
|
||||
instances:
|
||||
- name: postgres
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: pgo-${APP}
|
||||
replicas: 2
|
||||
dataVolumeClaimSpec:
|
||||
storageClassName: local-hostpath
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 5Gi
|
||||
topologySpreadConstraints:
|
||||
- maxSkew: 1
|
||||
topologyKey: "kubernetes.io/hostname"
|
||||
whenUnsatisfiable: "DoNotSchedule"
|
||||
labelSelector:
|
||||
matchLabels:
|
||||
postgres-operator.crunchydata.com/cluster: ${APP}
|
||||
postgres-operator.crunchydata.com/data: postgres
|
||||
users:
|
||||
- name: "${DB_USER}"
|
||||
databases:
|
||||
- "prowlarr_main"
|
||||
- "prowlarr_logs"
|
||||
options: "SUPERUSER"
|
||||
password:
|
||||
type: AlphaNumeric
|
||||
backups:
|
||||
pgbackrest:
|
||||
configuration:
|
||||
- secret:
|
||||
name: pgo-s3-creds
|
||||
global:
|
||||
archive-push-queue-max: 4GiB
|
||||
repo1-retention-full: "14"
|
||||
repo1-retention-full-type: time
|
||||
repo1-path: "/${APP}/repo1"
|
||||
repo1-s3-uri-style: path
|
||||
manual:
|
||||
repoName: repo1
|
||||
options:
|
||||
- --type=full
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: pgo-${APP}-backup
|
||||
repos:
|
||||
- name: repo1
|
||||
schedules:
|
||||
full: "0 1 * * 0"
|
||||
differential: "0 1 * * 1-6"
|
||||
s3:
|
||||
bucket: "crunchy-postgres"
|
||||
endpoint: "s3.hsn.dev"
|
||||
region: "us-east-1"
|
29
kubernetes/apps/default/prowlarr/ks.yaml
Normal file
29
kubernetes/apps/default/prowlarr/ks.yaml
Normal file
|
@ -0,0 +1,29 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: &app prowlarr
|
||||
namespace: flux-system
|
||||
spec:
|
||||
targetNamespace: default
|
||||
commonMetadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: *app
|
||||
dependsOn:
|
||||
- name: crunchy-postgres-operator
|
||||
- name: external-secrets-stores
|
||||
path: ./kubernetes/apps/default/prowlarr/app
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: homelab
|
||||
wait: false
|
||||
interval: 30m
|
||||
retryInterval: 1m
|
||||
timeout: 5m
|
||||
postBuild:
|
||||
substitute:
|
||||
APP: *app
|
||||
DB_NAME: prowlarr
|
||||
DB_USER: prowlarr
|
Loading…
Reference in a new issue