apps: qbittorrent + jellyfin
diff --git a/charts/jellyfin/.helmignore b/charts/jellyfin/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/charts/jellyfin/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/jellyfin/Chart.yaml b/charts/jellyfin/Chart.yaml
new file mode 100644
index 0000000..e0ba9ca
--- /dev/null
+++ b/charts/jellyfin/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+name: jellyfin
+description: A Helm chart to deploy Jellyfin media server on PCloud
+type: application
+version: 0.0.1
+appVersion: "0.0.1"
diff --git a/charts/jellyfin/templates/deploy.yaml b/charts/jellyfin/templates/deploy.yaml
new file mode 100644
index 0000000..f98a56e
--- /dev/null
+++ b/charts/jellyfin/templates/deploy.yaml
@@ -0,0 +1,138 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: jellyfin
+ namespace: {{ .Release.Namespace }}
+spec:
+ type: ClusterIP
+ selector:
+ app: jellyfin
+ ports:
+ - name: http
+ port: 80
+ targetPort: http
+ protocol: TCP
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: ingress
+ namespace: {{ .Release.Namespace }}
+spec:
+ ingressClassName: {{ .Values.ingress.className }}
+ tls:
+ - hosts:
+ - {{ .Values.ingress.domain }}
+ rules:
+ - host: {{ .Values.ingress.domain }}
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: jellyfin
+ port:
+ name: http
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: jellyfin
+ namespace: {{ .Release.Namespace }}
+spec:
+ selector:
+ matchLabels:
+ app: jellyfin
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: jellyfin
+ spec:
+ volumes:
+ - name: data
+ persistentVolumeClaim:
+ claimName: qbittorrent-data
+ - name: config
+ persistentVolumeClaim:
+ claimName: jellyfin-config
+ - name: cache
+ persistentVolumeClaim:
+ claimName: jellyfin-cache
+ containers:
+ - name: jellyfin
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ env:
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: spec.nodeName
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.name
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ ports:
+ - name: http
+ containerPort: 8096
+ protocol: TCP
+ volumeMounts:
+ - name: data
+ mountPath: /data/media
+ readOnly: true
+ - name: config
+ mountPath: /config
+ readOnly: false
+ - name: cache
+ mountPath: /cache
+ readOnly: false
+ resources:
+ requests:
+ # memory: "10Mi"
+ cpu: "2500m"
+ # limits:
+ # memory: "20Mi"
+ # cpu: "100m"
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: qbittorrent-data
+spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 10Gi
+ volumeName: qbittorrent-data
+ storageClassName: ""
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: jellyfin-config
+spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: {{ .Values.storage.configSize }}
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: jellyfin-cache
+spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: {{ .Values.storage.configSize }}
diff --git a/charts/jellyfin/templates/pv.yaml b/charts/jellyfin/templates/pv.yaml
new file mode 100644
index 0000000..a0eef6f
--- /dev/null
+++ b/charts/jellyfin/templates/pv.yaml
@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: qbittorrent-data
+spec:
+ capacity:
+ storage: 1000Gi
+ accessModes:
+ - ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
+ mountOptions:
+ - dir_mode=0777
+ - file_mode=0777
+ - vers=3.0
+ csi:
+ driver: smb.csi.k8s.io
+ readOnly: false
+ volumeHandle: {{ .Values.pcloudInstanceId }}-qbittorrent-data
+ volumeAttributes:
+ source: "//samba.lekva-app-torrent.svc.cluster.local/share"
+ nodeStageSecretRef:
+ name: qbittorrent-samba-creds
+ namespace: lekva-app-jellyfin
diff --git a/charts/jellyfin/values.yaml b/charts/jellyfin/values.yaml
new file mode 100644
index 0000000..00d0e92
--- /dev/null
+++ b/charts/jellyfin/values.yaml
@@ -0,0 +1,11 @@
+pcloudInstanceId: example
+image:
+ repository: jellyfin/jellyfin
+ tag: latest
+ pullPolicy: IfNotPresent
+ingress:
+ className: example-ingress-private
+ domain: jellyfin.p.example.com
+storage:
+ configSize: 10Gi
+ cacheSize: 20Gi
diff --git a/charts/qbittorrent/.helmignore b/charts/qbittorrent/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/charts/qbittorrent/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/qbittorrent/Chart.yaml b/charts/qbittorrent/Chart.yaml
new file mode 100644
index 0000000..9124fba
--- /dev/null
+++ b/charts/qbittorrent/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+name: utorrent
+description: A Helm chart to run uTorrent server on PCloud
+type: application
+version: 0.0.1
+appVersion: "0.0.1"
diff --git a/charts/qbittorrent/templates/deploy.yaml b/charts/qbittorrent/templates/deploy.yaml
new file mode 100644
index 0000000..505c577
--- /dev/null
+++ b/charts/qbittorrent/templates/deploy.yaml
@@ -0,0 +1,88 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: torrent
+ namespace: {{ .Release.Namespace }}
+spec:
+ type: ClusterIP
+ selector:
+ app: torrent
+ ports:
+ - name: http
+ port: 80
+ targetPort: http
+ protocol: TCP
+ - name: bittorrent-tcp
+ port: {{ .Values.bittorrent.port }}
+ targetPort: bittorrent
+ protocol: TCP
+ - name: bittorrent-udp
+ port: {{ .Values.bittorrent.port }}
+ targetPort: bittorrent
+ protocol: UDP
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: ingress
+ namespace: {{ .Release.Namespace }}
+spec:
+ ingressClassName: {{ .Values.ingress.className }}
+ tls:
+ - hosts:
+ - {{ .Values.ingress.domain }}
+ rules:
+ - host: {{ .Values.ingress.domain }}
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: torrent
+ port:
+ name: http
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: torrent
+ namespace: {{ .Release.Namespace }}
+spec:
+ selector:
+ matchLabels:
+ app: torrent
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: torrent
+ spec:
+ volumes:
+ - name: data
+ persistentVolumeClaim:
+ claimName: data
+ containers:
+ - name: torrent
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ ports:
+ - name: http
+ containerPort: {{ .Values.webui.port }}
+ protocol: TCP
+ - name: bittorrent
+ containerPort: {{ .Values.bittorrent.port }}
+ volumeMounts:
+ - name: data
+ mountPath: /downloads
+ readOnly: false
+ # command:
+ # - torrent
+ # - --port=8080
+ # resources:
+ # requests:
+ # memory: "10Mi"
+ # cpu: "10m"
+ # limits:
+ # memory: "20Mi"
+ # cpu: "100m"
diff --git a/charts/qbittorrent/templates/pvc.yaml b/charts/qbittorrent/templates/pvc.yaml
new file mode 100644
index 0000000..77f42c3
--- /dev/null
+++ b/charts/qbittorrent/templates/pvc.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: data
+ namespace: {{ .Release.Namespace }}
+spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: {{ .Values.storage.size }}
diff --git a/charts/qbittorrent/templates/samba-creds.yaml b/charts/qbittorrent/templates/samba-creds.yaml
new file mode 100644
index 0000000..48d07d8
--- /dev/null
+++ b/charts/qbittorrent/templates/samba-creds.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: qbittorrent-samba-creds
+ annotations:
+ kubed.appscode.com/sync: "pcloud-instance-id={{ .Values.pcloudInstanceId }}"
+type: Opaque
+data:
+ username: {{ .Values.samba.creds.username | b64enc }}
+ password: {{ .Values.samba.creds.password | b64enc }}
diff --git a/charts/qbittorrent/templates/samba.yaml b/charts/qbittorrent/templates/samba.yaml
new file mode 100644
index 0000000..e34b8e4
--- /dev/null
+++ b/charts/qbittorrent/templates/samba.yaml
@@ -0,0 +1,79 @@
+kind: Service
+apiVersion: v1
+metadata:
+ name: samba
+ labels:
+ app: samba
+spec:
+ type: LoadBalancer # ClusterIP
+ selector:
+ app: samba
+ ports:
+ - port: 445
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: samba
+ namespace: {{ .Release.Namespace }}
+spec:
+ selector:
+ matchLabels:
+ app: samba
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: samba
+ spec:
+ affinity:
+ podAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchExpressions:
+ - key: app
+ operator: In
+ values:
+ - torrent
+ topologyKey: "kubernetes.io/hostname"
+ volumes:
+ - name: data
+ persistentVolumeClaim:
+ claimName: data
+ containers:
+ - name: samba
+ image: {{ .Values.samba.image.repository }}:{{ .Values.samba.image.tag }}
+ imagePullPolicy: {{ .Values.samba.image.pullPolicy }}
+ env:
+ - name: PERMISSIONS
+ value: "0777"
+ - name: USERNAME
+ valueFrom:
+ secretKeyRef:
+ name: qbittorrent-samba-creds
+ key: username
+ - name: PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: qbittorrent-samba-creds
+ key: password
+ ports:
+ - containerPort: 139
+ - containerPort: 445
+ volumeMounts:
+ - name: data
+ mountPath: /data
+ readOnly: false
+ args:
+ - -u
+ - $(USERNAME);$(PASSWORD)
+ - -s
+ - share;/data/;yes;no;no;all;none
+ - -p
+ # resources:
+ # requests:
+ # memory: "10Mi"
+ # cpu: "10m"
+ # limits:
+ # memory: "20Mi"
+ # cpu: "100m"
diff --git a/charts/qbittorrent/values.yaml b/charts/qbittorrent/values.yaml
new file mode 100644
index 0000000..4895dbc
--- /dev/null
+++ b/charts/qbittorrent/values.yaml
@@ -0,0 +1,22 @@
+pcloudInstanceId: example
+image:
+ repository: lscr.io/linuxserver/qbittorrent
+ tag: latest
+ pullPolicy: IfNotPresent
+ingress:
+ className: example-private
+ domain: utorrent.p.example.com
+webui:
+ port: 8080
+bittorrent:
+ port: 6881
+storage:
+ size: 100Gi
+samba:
+ image:
+ repository: dperson/samba
+ tag: latest
+ pullPolicy: IfNotPresent
+ creds:
+ username: foo
+ password: bar
diff --git a/core/installer/app.go b/core/installer/app.go
index 9e3cb29..ccdbe97 100644
--- a/core/installer/app.go
+++ b/core/installer/app.go
@@ -7,6 +7,19 @@
Templates []*template.Template
}
+func CreateAllApps(tmpls *template.Template) []App {
+ return []App{
+ CreateAppIngressPrivate(tmpls),
+ CreateAppCoreAuth(tmpls),
+ CreateAppVaultwarden(tmpls),
+ CreateAppMatrix(tmpls),
+ CreateAppPihole(tmpls),
+ CreateAppMaddy(tmpls),
+ CreateAppQBittorrent(tmpls),
+ CreateAppJellyfin(tmpls),
+ }
+}
+
func CreateAppIngressPrivate(tmpls *template.Template) App {
return App{
"ingress-private",
@@ -64,3 +77,21 @@
},
}
}
+
+func CreateAppQBittorrent(tmpls *template.Template) App {
+ return App{
+ "qbittorrent",
+ []*template.Template{
+ tmpls.Lookup("qbittorrent.yaml"),
+ },
+ }
+}
+
+func CreateAppJellyfin(tmpls *template.Template) App {
+ return App{
+ "jellyfin",
+ []*template.Template{
+ tmpls.Lookup("jellyfin.yaml"),
+ },
+ }
+}
diff --git a/core/installer/main.go b/core/installer/main.go
index e9ec79b..8c006ba 100644
--- a/core/installer/main.go
+++ b/core/installer/main.go
@@ -75,14 +75,7 @@
if err != nil {
log.Fatal(err)
}
- apps := []App{
- CreateAppIngressPrivate(tmpls),
- CreateAppCoreAuth(tmpls),
- CreateAppVaultwarden(tmpls),
- CreateAppMatrix(tmpls),
- CreateAppPihole(tmpls),
- CreateAppMaddy(tmpls),
- }
+ apps := CreateAllApps(tmpls)
for _, a := range apps {
if a.Name == installFlags.appName {
for _, t := range a.Templates {
diff --git a/core/installer/values-tmpl/jellyfin.yaml b/core/installer/values-tmpl/jellyfin.yaml
new file mode 100644
index 0000000..d68109a
--- /dev/null
+++ b/core/installer/values-tmpl/jellyfin.yaml
@@ -0,0 +1,22 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: jellyfin
+ namespace: {{ .Values.NamespacePrefix }}app-jellyfin
+spec:
+ chart:
+ spec:
+ chart: charts/jellyfin
+ sourceRef:
+ kind: GitRepository
+ name: pcloud
+ namespace: {{ .Values.Id }}
+ dependsOn:
+ - name: namespaces
+ namespace: {{ .Values.Id }}
+ interval: 1m0s
+ values:
+ pcloudInstanceId: {{ .Values.Id }}
+ ingress:
+ className: {{ .Values.Id }}-ingress-private
+ domain: jellyfin.p.{{ .Values.Domain }}
diff --git a/core/installer/values-tmpl/qbittorrent.yaml b/core/installer/values-tmpl/qbittorrent.yaml
new file mode 100644
index 0000000..0eaf507
--- /dev/null
+++ b/core/installer/values-tmpl/qbittorrent.yaml
@@ -0,0 +1,32 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: qbittorrent
+ namespace: {{ .Values.NamespacePrefix }}app-torrent # TODO(giolekva): qbittorrent
+spec:
+ chart:
+ spec:
+ chart: charts/qbittorrent
+ sourceRef:
+ kind: GitRepository
+ name: pcloud
+ namespace: {{ .Values.Id }}
+ dependsOn:
+ - name: namespaces
+ namespace: {{ .Values.Id }}
+ interval: 1m0s
+ values:
+ pcloudInstanceId: {{ .Values.Id }}
+ image:
+ repository: lscr.io/linuxserver/qbittorrent
+ tag: latest
+ pullPolicy: IfNotPresent
+ ingress:
+ className: {{ .Values.Id }}-ingress-private
+ domain: torrent.p.{{ .Values.Domain }}
+ webui:
+ port: 8080
+ bittorrent:
+ port: 6881
+ storage:
+ size: 1Ti
diff --git a/helmfile/infra/helmfile.yaml b/helmfile/infra/helmfile.yaml
index e7690ff..0d19bb4 100644
--- a/helmfile/infra/helmfile.yaml
+++ b/helmfile/infra/helmfile.yaml
@@ -13,6 +13,8 @@
url: https://charts.longhorn.io
- name: ory
url: https://k8s.ory.sh/helm/charts
+- name: csi-driver-smb
+ url: https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts
helmDefaults:
tillerless: true
@@ -59,8 +61,11 @@
controllerValue: k8s.io/{{ .Values.name }}-ingress-public
config:
proxy-body-size: 100M
+ - udp:
+ 6881: "lekva-app-torrent:torrent:6881" # TODO(giolekva): namespace
- tcp:
25: {{ .Values.name }}-mail-gateway/maddy:25
+ 6881: "lekva-app-torrent:torrent:6881" # TODO(giolekva): namespace
- name: kubed
chart: appscode/kubed
version: v0.12.0
@@ -207,6 +212,10 @@
repository: giolekva/nebula-web
tag: latest
pullPolicy: Always
+- name: csi-driver-smb
+ chart: csi-driver-smb/csi-driver-smb
+ version: v1.5.0
+ namespace: pcloud-csi-driver-smb
environments:
prod: