Adding Prowlarr.

This commit is contained in:
Joseph Hanson 2024-01-27 15:26:38 -06:00
parent 95cfc66168
commit 10b192a7b6
6 changed files with 267 additions and 0 deletions

View file

@ -5,5 +5,6 @@ kind: Kustomization
resources:
# Flux-Kustomizations
- ./jellyfin/ks.yaml
- ./prowlarr/ks.yaml
- ./sabnzbd/ks.yaml
- ./qbittorrent/ks.yaml

View file

@ -0,0 +1,19 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: prowlarr
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: prowlarr-secret
template:
engineVersion: v2
data:
PROWLARR__API_KEY: "{{ .api_key }}"
dataFrom:
- extract:
key: prowlarr

View file

@ -0,0 +1,123 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: prowlarr
spec:
interval: 30m
chart:
spec:
chart: app-template
version: 2.5.0
sourceRef:
kind: HelmRepository
name: bjw-s
namespace: flux-system
install:
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
retries: 3
uninstall:
keepHistory: false
values:
controllers:
main:
annotations:
reloader.stakater.com/auto: "true"
containers:
main:
image:
repository: ghcr.io/onedr0p/prowlarr-develop
tag: 1.12.2.4211@sha256:14fc79c3380bba72cd635dc6fa5949ac149c29f8a1afea8308ffe5490d0208f9
env:
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
# Ref: https://github.com/dotnet/runtime/issues/9336
COMPlus_EnableDiagnostics: "0"
PROWLARR__INSTANCE_NAME: Prowlarr
PROWLARR__PORT: &port 80
PROWLARR__LOG_LEVEL: info
PROWLARR__AUTHENTICATION_METHOD: External
PROWLARR__THEME: dark
TZ: America/Chicago
PROWLARR__POSTGRES_HOST:
valueFrom:
secretKeyRef:
name: "${APP}-pguser-${DB_USER}"
key: host
PROWLARR__POSTGRES_PORT: "5432"
PROWLARR__POSTGRES_USER:
valueFrom:
secretKeyRef:
name: "${APP}-pguser-${DB_USER}"
key: user
PROWLARR__POSTGRES_PASSWORD:
valueFrom:
secretKeyRef:
name: "${APP}-pguser-${DB_USER}"
key: password
PROWLARR__POSTGRES_MAIN_DB: prowlarr_main
PROWLARR__POSTGRES_LOG_DB: prowlarr_log
envFrom:
- secretRef:
name: prowlarr-secret
probes:
liveness: &probes
enabled: true
custom: true
spec:
httpGet:
path: /ping
port: *port
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness: *probes
startup:
enabled: false
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities: { drop: ["ALL"] }
resources:
requests:
cpu: 10m
limits:
memory: 1Gi
pod:
securityContext:
runAsUser: 568
runAsGroup: 568
runAsNonRoot: true
fsGroup: 568
fsGroupChangePolicy: OnRootMismatch
service:
main:
ports:
http:
port: *port
ingress:
main:
enabled: true
className: internal
hosts:
- host: &host "{{ .Release.Name }}.jahanson.tech"
paths:
- path: /
service:
name: main
port: http
tls:
- hosts:
- *host
persistence:
config:
enabled: true
type: emptyDir
tmp:
type: emptyDir

View file

@ -0,0 +1,8 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./helmrelease.yaml
- ./externalsecret.yaml
- ./postgresCluster.yaml

View file

@ -0,0 +1,87 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/postgres-operator.crunchydata.com/postgrescluster_v1beta1.json
apiVersion: postgres-operator.crunchydata.com/v1beta1
kind: PostgresCluster
metadata:
name: "${APP}"
spec:
postgresVersion: 16
dataSource:
pgbackrest:
stanza: db
configuration:
- secret:
name: pgo-s3-creds
global:
repo1-path: "/${APP}/repo1"
repo1-s3-uri-style: path
repo:
name: repo1
s3:
bucket: "crunchy-postgres"
endpoint: "s3.hsn.dev"
region: "us-east-1"
patroni:
dynamicConfiguration:
synchronous_mode: true
postgresql:
synchronous_commit: "on"
pg_hba:
- hostnossl all all 10.32.0.0/16 md5
- hostssl all all all md5
instances:
- name: postgres
metadata:
labels:
app.kubernetes.io/name: pgo-${APP}
replicas: 2
dataVolumeClaimSpec:
storageClassName: local-hostpath
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
topologySpreadConstraints:
- maxSkew: 1
topologyKey: "kubernetes.io/hostname"
whenUnsatisfiable: "DoNotSchedule"
labelSelector:
matchLabels:
postgres-operator.crunchydata.com/cluster: ${APP}
postgres-operator.crunchydata.com/data: postgres
users:
- name: "${DB_USER}"
databases:
- "prowlarr_main"
- "prowlarr_logs"
options: "SUPERUSER"
password:
type: AlphaNumeric
backups:
pgbackrest:
configuration:
- secret:
name: pgo-s3-creds
global:
archive-push-queue-max: 4GiB
repo1-retention-full: "14"
repo1-retention-full-type: time
repo1-path: "/${APP}/repo1"
repo1-s3-uri-style: path
manual:
repoName: repo1
options:
- --type=full
metadata:
labels:
app.kubernetes.io/name: pgo-${APP}-backup
repos:
- name: repo1
schedules:
full: "0 1 * * 0"
differential: "0 1 * * 1-6"
s3:
bucket: "crunchy-postgres"
endpoint: "s3.hsn.dev"
region: "us-east-1"

View file

@ -0,0 +1,29 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: &app prowlarr
namespace: flux-system
spec:
targetNamespace: default
commonMetadata:
labels:
app.kubernetes.io/name: *app
dependsOn:
- name: crunchy-postgres-operator
- name: external-secrets-stores
path: ./kubernetes/apps/default/prowlarr/app
prune: true
sourceRef:
kind: GitRepository
name: homelab
wait: false
interval: 30m
retryInterval: 1m
timeout: 5m
postBuild:
substitute:
APP: *app
DB_NAME: prowlarr
DB_USER: prowlarr