--- # yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: sonarr spec: interval: 30m chart: spec: chart: app-template version: 2.5.0 sourceRef: kind: HelmRepository name: bjw-s namespace: flux-system install: remediation: retries: 3 upgrade: cleanupOnFail: true remediation: retries: 3 uninstall: keepHistory: false dependsOn: - name: rook-ceph-cluster namespace: rook-ceph values: controllers: main: annotations: reloader.stakater.com/auto: "true" containers: main: image: repository: ghcr.io/onedr0p/sonarr tag: 4.0.1.929@sha256:4d107b1f0bfa652195d1f4054bdceac271553cfcc397a7b8ceedbfa625cba0b8 env: # Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518 # Ref: https://github.com/dotnet/runtime/issues/9336 COMPlus_EnableDiagnostics: "0" PUSHOVER_DEBUG: "false" SONARR__AUTHENTICATION_METHOD: External SONARR__AUTHENTICATION_REQUIRED: DisabledForLocalAddresses SONARR__INSTANCE_NAME: Sonarr SONARR__PORT: &port 80 SONARR__LOG_LEVEL: info SONARR__THEME: dark SONARR__POSTGRES_MAIN_DB: sonarr_main SONARR__POSTGRES_LOG_DB: sonarr_logs SONARR__POSTGRES_HOST: valueFrom: secretKeyRef: name: "${APP}-pguser-${DB_USER}" key: host SONARR__POSTGRES_PORT: "5432" SONARR__POSTGRES_USER: valueFrom: secretKeyRef: name: "${APP}-pguser-${DB_USER}" key: user SONARR__POSTGRES_PASSWORD: valueFrom: secretKeyRef: name: "${APP}-pguser-${DB_USER}" key: password TZ: America/Chicago envFrom: - secretRef: name: sonarr-secret probes: liveness: &probes enabled: true custom: true spec: httpGet: path: /ping port: *port initialDelaySeconds: 0 periodSeconds: 10 timeoutSeconds: 1 failureThreshold: 3 readiness: *probes startup: enabled: false securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true capabilities: { drop: ["ALL"] } resources: requests: cpu: 10m limits: memory: 1Gi pod: securityContext: runAsUser: 568 runAsGroup: 568 runAsNonRoot: true fsGroup: 568 fsGroupChangePolicy: OnRootMismatch supplementalGroups: [10000] service: main: ports: http: port: *port ingress: main: enabled: true className: internal hosts: - host: &host "{{ .Release.Name }}.jahanson.tech" paths: - path: / service: name: main port: http tls: - hosts: - *host persistence: config: enabled: true existingClaim: sonarr pushover-notify: type: configMap name: sonarr-configmap defaultMode: 0775 globalMounts: - path: /scripts/pushover-notify.sh subPath: pushover-notify.sh readOnly: true tmp: type: emptyDir media: type: nfs server: 10.1.1.11 path: /volume1/Media globalMounts: - path: /data/nas-media