From 49928191b8618afd7a7ea4006fcbb438919ab859 Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Thu, 5 Sep 2024 05:01:24 -0500 Subject: [PATCH] add autobrr and omegabrr --- .../default/autobrr/app/externalsecret.yaml | 25 ++++++ .../apps/default/autobrr/app/helmrelease.yaml | 86 +++++++++++++++++++ .../default/autobrr/app/kustomization.yaml | 9 ++ kubernetes/apps/default/autobrr/ks.yaml | 27 ++++++ kubernetes/apps/default/kustomization.yaml | 2 + .../default/omegabrr/app/externalsecret.yaml | 55 ++++++++++++ .../default/omegabrr/app/helmrelease.yaml | 65 ++++++++++++++ .../default/omegabrr/app/kustomization.yaml | 8 ++ kubernetes/apps/default/omegabrr/ks.yaml | 26 ++++++ 9 files changed, 303 insertions(+) create mode 100644 kubernetes/apps/default/autobrr/app/externalsecret.yaml create mode 100644 kubernetes/apps/default/autobrr/app/helmrelease.yaml create mode 100644 kubernetes/apps/default/autobrr/app/kustomization.yaml create mode 100644 kubernetes/apps/default/autobrr/ks.yaml create mode 100644 kubernetes/apps/default/omegabrr/app/externalsecret.yaml create mode 100644 kubernetes/apps/default/omegabrr/app/helmrelease.yaml create mode 100644 kubernetes/apps/default/omegabrr/app/kustomization.yaml create mode 100644 kubernetes/apps/default/omegabrr/ks.yaml diff --git a/kubernetes/apps/default/autobrr/app/externalsecret.yaml b/kubernetes/apps/default/autobrr/app/externalsecret.yaml new file mode 100644 index 00000000..8447eaf5 --- /dev/null +++ b/kubernetes/apps/default/autobrr/app/externalsecret.yaml @@ -0,0 +1,25 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: autobrr +spec: + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-connect + target: + name: autobrr-secret + template: + engineVersion: v2 + data: + AUTOBRR__DATABASE_TYPE: postgres + AUTOBRR__POSTGRES_DATABASE: autobrr + AUTOBRR__POSTGRES_HOST: "postgres-primary-real.database.svc" + AUTOBRR__POSTGRES_USER: "{{ .AUTOBRR_POSTGRES_USER }}" + AUTOBRR__POSTGRES_PASS: "{{ .AUTOBRR_POSTGRES_PASSWORD }}" + AUTOBRR__POSTGRES_PORT: "5432" + AUTOBRR__SESSION_SECRET: "{{ .AUTOBRR_SESSION_SECRET }}" + dataFrom: + - extract: + key: autobrr diff --git a/kubernetes/apps/default/autobrr/app/helmrelease.yaml b/kubernetes/apps/default/autobrr/app/helmrelease.yaml new file mode 100644 index 00000000..05af59e3 --- /dev/null +++ b/kubernetes/apps/default/autobrr/app/helmrelease.yaml @@ -0,0 +1,86 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: autobrr +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 3.4.0 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + values: + controllers: + autobrr: + annotations: + reloader.stakater.com/auto: "true" + containers: + app: + image: + repository: ghcr.io/autobrr/autobrr + tag: v1.45.0@sha256:1e28bcfaf93a145f07da330a6c8990dd9d846c22dc2f6d1da52d24b4b9a0d585 + env: + AUTOBRR__CHECK_FOR_UPDATES: "false" + AUTOBRR__HOST: 0.0.0.0 + AUTOBRR__PORT: &port 80 + AUTOBRR__LOG_LEVEL: TRACE + envFrom: + - secretRef: + name: autobrr-secret + probes: + liveness: &probes + enabled: true + custom: true + spec: + httpGet: + path: /api/healthz/liveness + port: *port + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + readiness: *probes + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: { drop: ["ALL"] } + resources: + requests: + cpu: 10m + limits: + memory: 256Mi + defaultPodOptions: + securityContext: + runAsNonRoot: true + runAsUser: 568 + runAsGroup: 568 + seccompProfile: { type: RuntimeDefault } + service: + app: + controller: autobrr + ports: + http: + port: *port + ingress: + app: + className: internal-nginx + hosts: + - host: "{{ .Release.Name }}.jahanson.tech" + paths: + - path: / + service: + identifier: app + port: http diff --git a/kubernetes/apps/default/autobrr/app/kustomization.yaml b/kubernetes/apps/default/autobrr/app/kustomization.yaml new file mode 100644 index 00000000..3351d8da --- /dev/null +++ b/kubernetes/apps/default/autobrr/app/kustomization.yaml @@ -0,0 +1,9 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./externalsecret.yaml + - ./helmrelease.yaml +generatorOptions: + disableNameSuffixHash: true diff --git a/kubernetes/apps/default/autobrr/ks.yaml b/kubernetes/apps/default/autobrr/ks.yaml new file mode 100644 index 00000000..7eda4459 --- /dev/null +++ b/kubernetes/apps/default/autobrr/ks.yaml @@ -0,0 +1,27 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app autobrr + namespace: flux-system +spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: crunchy-postgres-operator-cluster + - name: external-secrets-stores + path: ./kubernetes/apps/default/autobrr/app + prune: true + sourceRef: + kind: GitRepository + name: theshire + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/apps/default/kustomization.yaml b/kubernetes/apps/default/kustomization.yaml index c0c1ae91..db60689b 100644 --- a/kubernetes/apps/default/kustomization.yaml +++ b/kubernetes/apps/default/kustomization.yaml @@ -18,3 +18,5 @@ resources: - ./tautulli/ks.yaml - ./redlib/ks.yaml - ./overseerr/ks.yaml + - ./autobrr/ks.yaml + - ./omegabrr/ks.yaml diff --git a/kubernetes/apps/default/omegabrr/app/externalsecret.yaml b/kubernetes/apps/default/omegabrr/app/externalsecret.yaml new file mode 100644 index 00000000..f0f1ae6d --- /dev/null +++ b/kubernetes/apps/default/omegabrr/app/externalsecret.yaml @@ -0,0 +1,55 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: omegabrr +spec: + refreshInterval: 5m + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-connect + target: + name: omegabrr-secret + template: + engineVersion: v2 + data: + config.yaml: | + server: + host: 0.0.0.0 + port: 80 + apiToken: {{ .OMEGABRR_API_KEY }} + clients: + autobrr: + host: http://autobrr.default.svc.cluster.local + apikey: {{ .AUTOBRR_API_KEY }} + arr: + - name: radarr + type: radarr + host: http://radarr.default.svc.cluster.local + apikey: {{ .radarr_api_key }} + filters: [2] + excludeAlternateTitles: true + - name: sonarr + type: sonarr + host: http://sonarr.default.svc.cluster.local + apikey: {{ .sonarr_api_key }} + filters: [3] + excludeAlternateTitles: true + dataFrom: + - extract: + key: omegabrr + - extract: + key: autobrr + - extract: + key: radarr + rewrite: + - regexp: + source: "(.*)" + target: "radarr_$1" + - extract: + key: sonarr + rewrite: + - regexp: + source: "(.*)" + target: "sonarr_$1" diff --git a/kubernetes/apps/default/omegabrr/app/helmrelease.yaml b/kubernetes/apps/default/omegabrr/app/helmrelease.yaml new file mode 100644 index 00000000..883b4956 --- /dev/null +++ b/kubernetes/apps/default/omegabrr/app/helmrelease.yaml @@ -0,0 +1,65 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: omegabrr +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 3.4.0 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + values: + controllers: + omegabrr: + annotations: + reloader.stakater.com/auto: "true" + containers: + app: + image: + repository: ghcr.io/autobrr/omegabrr + tag: v1.14.0@sha256:6f65c7967609746662815933ecc8168c8c25a3b82d909f49833fcce2b47ee052 + env: + TZ: America/Chicago + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: { drop: ["ALL"] } + resources: + requests: + cpu: 10m + limits: + memory: 256Mi + defaultPodOptions: + securityContext: + runAsNonRoot: true + runAsUser: 568 + runAsGroup: 568 + seccompProfile: { type: RuntimeDefault } + service: + app: + controller: omegabrr + ports: + http: + port: 80 + persistence: + config-file: + type: secret + name: omegabrr-secret + globalMounts: + - path: /config/config.yaml + subPath: config.yaml + readOnly: true diff --git a/kubernetes/apps/default/omegabrr/app/kustomization.yaml b/kubernetes/apps/default/omegabrr/app/kustomization.yaml new file mode 100644 index 00000000..85e530b3 --- /dev/null +++ b/kubernetes/apps/default/omegabrr/app/kustomization.yaml @@ -0,0 +1,8 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: default +resources: + - ./externalsecret.yaml + - ./helmrelease.yaml diff --git a/kubernetes/apps/default/omegabrr/ks.yaml b/kubernetes/apps/default/omegabrr/ks.yaml new file mode 100644 index 00000000..64d3b40a --- /dev/null +++ b/kubernetes/apps/default/omegabrr/ks.yaml @@ -0,0 +1,26 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app omegabrr + namespace: flux-system +spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: external-secrets-stores + path: ./kubernetes/apps/default/omegabrr/app + prune: true + sourceRef: + kind: GitRepository + name: theshire + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app