theshire/kubernetes/apps/qbittorrent/qbittorrent/tools/helmrelease.yaml

144 lines
4.1 KiB
YAML

---
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: qbtools
spec:
interval: 30m
chart:
spec:
chart: app-template
version: 3.5.1
sourceRef:
kind: HelmRepository
name: bjw-s
namespace: flux-system
install:
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
strategy: rollback
retries: 3
dependsOn:
- name: qbittorrent
namespace: qbittorrent
values:
controllers:
tagging:
type: cronjob
cronjob: &cronJobSpec
schedule: "@hourly"
timeZone: &timeZone America/Chicago
concurrencyPolicy: Forbid
successfulJobsHistory: 1
failedJobsHistory: 1
initContainers:
tagging: &container
image:
repository: ghcr.io/buroa/qbtools
tag: v0.19.11@sha256:a133bd7f02ecb9ea0111a4016724f33404136c41295217f163991910e1d2784c
env:
TZ: *timeZone
POD_NAMESPACE:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
args: [
"tagging",
"--added-on",
"--expired",
"--last-activity",
"--sites",
"--unregistered",
"--server", "qbittorrent.$(POD_NAMESPACE).svc.cluster.local",
"--port", "80",
"--config", "/config/config.yaml"
]
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities: { drop: ["ALL"] }
resources:
requests:
cpu: 25m
limits:
memory: 256M
containers:
unregistered:
<<: *container
args: [
"prune",
"--exclude-category", "manual",
"--exclude-category", "music",
"--exclude-tag", "added:24h",
"--include-tag", "unregistered",
# "--dry-run",
"--server", "qbittorrent.$(POD_NAMESPACE).svc.cluster.local",
"--port", "80"
]
expired:
<<: *container
args: [
"prune",
"--exclude-category", "manual",
"--exclude-category", "music",
"--include-tag", "expired", # defined in config.yaml
# "--dry-run",
"--server", "qbittorrent.$(POD_NAMESPACE).svc.cluster.local",
"--port", "80"
]
pod:
restartPolicy: OnFailure
orphaned:
type: cronjob
cronjob:
<<: *cronJobSpec
schedule: "@daily"
containers:
app:
<<: *container
args: [
"orphaned",
"--exclude-pattern", "*_unpackerred*",
"--exclude-pattern", "*/manual/*",
# "--dry-run",
"--server", "qbittorrent.$(POD_NAMESPACE).svc.cluster.local",
"--port", "80"
]
pod:
restartPolicy: OnFailure
reannounce:
containers:
app:
<<: *container
args: [
"reannounce",
"--process-seeding",
"--server", "qbittorrent.$(POD_NAMESPACE).svc.cluster.local",
"--port", "80"
]
defaultPodOptions:
securityContext:
runAsNonRoot: true
runAsUser: 568
runAsGroup: 568
seccompProfile: { type: RuntimeDefault }
persistence:
secret-file:
type: secret
name: qbtools-secret
globalMounts:
- path: /config/config.yaml
subPath: config.yaml
readOnly: true
media:
type: nfs
server: 10.1.1.61
path: /eru/media
advancedMounts:
orphaned:
app:
- path: /data/nas-media