--- # yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: sabnzbd spec: interval: 30m chart: spec: chart: app-template version: 3.6.0 sourceRef: kind: HelmRepository name: bjw-s namespace: flux-system install: remediation: retries: 3 upgrade: cleanupOnFail: true remediation: retries: 3 strategy: rollback dependsOn: - name: rook-ceph-cluster namespace: rook-ceph - name: volsync namespace: volsync-system values: controllers: sabnzbd: annotations: reloader.stakater.com/auto: "true" containers: app: image: repository: ghcr.io/onedr0p/sabnzbd tag: 4.4.1@sha256:4188d3c29c53de1018edcfd5dc2d0a0c7955b9a239b91ff6c859626abd3494dc env: TZ: America/Chicago SABNZBD__PORT: &port 80 SABNZBD__HOST_WHITELIST_ENTRIES: >- sabnzbd, sabnzbd.default, sabnzbd.default.svc, sabnzbd.default.svc.cluster, sabnzbd.default.svc.cluster.local, sabz.jahanson.tech, sabnzbd.jahanson.tech, sabnzbd.meerkat-dab.ts.net CROSS_SEED_ENABLED: true CROSS_SEED_HOST: cross-seed.qbittorrent.svc.cluster.local CROSS_SEED_PORT: 80 CROSS_SEED_SLEEP_INTERVAL: 30 PUSHOVER_ENABLED: true envFrom: - secretRef: name: sabnzbd-secret probes: liveness: &probes enabled: true custom: true spec: httpGet: path: /api?mode=version port: *port initialDelaySeconds: 0 periodSeconds: 10 timeoutSeconds: 1 failureThreshold: 3 readiness: *probes startup: enabled: false securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true capabilities: { drop: ["ALL"] } defaultPodOptions: securityContext: runAsNonRoot: true runAsUser: 568 runAsGroup: 568 fsGroup: 568 fsGroupChangePolicy: OnRootMismatch supplementalGroups: [10000] seccompProfile: { type: RuntimeDefault } affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchExpressions: - key: app.kubernetes.io/name operator: In values: ["qbittorrent"] topologyKey: kubernetes.io/hostname service: app: controller: sabnzbd ports: http: port: *port ingress: app: enabled: true className: internal-nginx hosts: - host: &host sabz.jahanson.tech paths: - path: / service: identifier: app port: http tls: - hosts: - *host tailscale: enabled: true className: tailscale hosts: - host: &host "{{ .Release.Name }}.meerkat-dab.ts.net" paths: - path: / service: identifier: app port: http tls: - hosts: - *host persistence: config: enabled: true existingClaim: sabnzbd tmp: type: emptyDir scripts: type: configMap name: sabnzbd-scripts defaultMode: 0775 globalMounts: - readOnly: true media: type: nfs server: 10.1.1.61 path: /eru/media globalMounts: - path: /data/nas-media