add lidarr
This commit is contained in:
parent
1724f21938
commit
d4aec9b753
124
lidarr/deployment.yaml
Normal file
124
lidarr/deployment.yaml
Normal file
|
@ -0,0 +1,124 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: lidarr
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: lidarr
|
||||
namespace: lidarr
|
||||
spec:
|
||||
ingressClassName: haproxy
|
||||
rules:
|
||||
- host: lidarr.strudelline.net
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: lidarr
|
||||
port:
|
||||
name: http
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
namespace: lidarr
|
||||
name: lidarr
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: lidarr
|
||||
strategy:
|
||||
type: Recreate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: lidarr
|
||||
spec:
|
||||
terminationGracePeriodSeconds: 0
|
||||
restartPolicy: Always
|
||||
initContainers:
|
||||
- name: killswitch
|
||||
image: xjasonlyu/tun2socks:latest
|
||||
command: ["sh","-c"]
|
||||
args:
|
||||
- |
|
||||
iptables -t mangle -A POSTROUTING -o eth0 -d 172.16.0.0/12 -j ACCEPT
|
||||
iptables -t mangle -A POSTROUTING -o eth0 -d 10.0.0.0/8 -j ACCEPT
|
||||
iptables -t mangle -A POSTROUTING -o eth0 -d 192.168.0.0/16 -j ACCEPT
|
||||
iptables -t mangle -A POSTROUTING -o eth0 -j DROP
|
||||
securityContext:
|
||||
capabilities:
|
||||
add: ["NET_ADMIN","SYS_TIME"]
|
||||
volumes:
|
||||
- name: config
|
||||
persistentVolumeClaim:
|
||||
claimName: lidarr-config
|
||||
- name: dropbox
|
||||
nfs:
|
||||
server: 172.16.18.1
|
||||
path: /volume1/dropbox
|
||||
- name: music
|
||||
nfs:
|
||||
server: 172.16.18.1
|
||||
path: /volume1/music
|
||||
containers:
|
||||
- name: lidarr
|
||||
image: lscr.io/linuxserver/lidarr:latest
|
||||
env:
|
||||
- name: TZ
|
||||
value: America/Chicago
|
||||
- name: PUID
|
||||
value: "1029"
|
||||
- name: PGID
|
||||
value: "101"
|
||||
volumeMounts:
|
||||
- mountPath: /volume1/music
|
||||
name: music
|
||||
- mountPath: /volume1/dropbox
|
||||
name: dropbox
|
||||
- mountPath: /config
|
||||
name: config
|
||||
- name: vpn
|
||||
image: xjasonlyu/tun2socks:latest
|
||||
command: ["sh","-c"]
|
||||
args:
|
||||
- |
|
||||
mkdir -p /dev/net
|
||||
mknod /dev/net/tun c 10 200
|
||||
exec /entrypoint.sh
|
||||
env:
|
||||
- name: TUN
|
||||
value: tun0
|
||||
- name: PROXY
|
||||
value: socks5://172.16.17.180:1080
|
||||
- name: TUN_EXCLUDED_ROUTES
|
||||
value: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
|
||||
securityContext:
|
||||
capabilities:
|
||||
add: ["NET_ADMIN","SYS_TIME"]
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app: lidarr
|
||||
name: lidarr
|
||||
namespace: lidarr
|
||||
spec:
|
||||
ipFamilies:
|
||||
- IPv4
|
||||
ipFamilyPolicy: SingleStack
|
||||
ports:
|
||||
- name: http
|
||||
port: 8686
|
||||
protocol: TCP
|
||||
selector:
|
||||
app: lidarr
|
||||
sessionAffinity: None
|
||||
type: ClusterIP
|
39
lidarr/package-registry-secret.yaml
Normal file
39
lidarr/package-registry-secret.yaml
Normal file
|
@ -0,0 +1,39 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: "gitea-package-registry-secret"
|
||||
labels:
|
||||
app: "gitea"
|
||||
spec:
|
||||
secretStoreRef:
|
||||
name: bitwarden
|
||||
kind: ClusterSecretStore
|
||||
refreshInterval: "5m"
|
||||
target:
|
||||
template:
|
||||
type: kubernetes.io/dockerconfigjson
|
||||
engineVersion: v2
|
||||
data:
|
||||
.dockerconfigjson: |
|
||||
{
|
||||
"auths": {
|
||||
{{ .host | toJson }}: {
|
||||
"username": {{ .username | toJson }},
|
||||
"password": {{ .password | toJson }},
|
||||
"auth": {{ printf "%v:%v" .username .password | b64enc | toJson }}
|
||||
}
|
||||
}
|
||||
}
|
||||
data:
|
||||
- secretKey: username
|
||||
remoteRef:
|
||||
key: "gitea package registry token"
|
||||
property: username
|
||||
- secretKey: password
|
||||
remoteRef:
|
||||
key: "gitea package registry token"
|
||||
property: password
|
||||
- secretKey: host
|
||||
remoteRef:
|
||||
key: "gitea package registry token"
|
||||
property: host
|
14
lidarr/pvc.yaml
Normal file
14
lidarr/pvc.yaml
Normal file
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: lidarr-config
|
||||
namespace: lidarr
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
storageClassName: longhorn
|
||||
volumeMode: Filesystem
|
85
lidarr/youtube-downloader.yaml
Normal file
85
lidarr/youtube-downloader.yaml
Normal file
|
@ -0,0 +1,85 @@
|
|||
---
|
||||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
namespace: lidarr
|
||||
name: youtube-downloader
|
||||
spec:
|
||||
schedule: "0 1 * * *"
|
||||
concurrencyPolicy: Forbid
|
||||
jobTemplate:
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
affinity:
|
||||
podAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
- labelSelector:
|
||||
matchLabels:
|
||||
app: lidarr
|
||||
topologyKey: kubernetes.io/hostname
|
||||
restartPolicy: OnFailure
|
||||
initContainers:
|
||||
- name: killswitch
|
||||
image: xjasonlyu/tun2socks:latest
|
||||
command: ["sh","-c"]
|
||||
args:
|
||||
- |
|
||||
iptables -t mangle -A POSTROUTING -o eth0 -d 172.16.0.0/12 -j ACCEPT
|
||||
iptables -t mangle -A POSTROUTING -o eth0 -d 10.0.0.0/8 -j ACCEPT
|
||||
iptables -t mangle -A POSTROUTING -o eth0 -d 192.168.0.0/16 -j ACCEPT
|
||||
iptables -t mangle -A POSTROUTING -o eth0 -j DROP
|
||||
securityContext:
|
||||
capabilities:
|
||||
add: ["NET_ADMIN","SYS_TIME"]
|
||||
volumes:
|
||||
- name: config
|
||||
persistentVolumeClaim:
|
||||
claimName: lidarr-config
|
||||
- name: dropbox
|
||||
nfs:
|
||||
server: 172.16.18.1
|
||||
path: /volume1/dropbox
|
||||
- name: music
|
||||
nfs:
|
||||
server: 172.16.18.1
|
||||
path: /volume1/music
|
||||
securityContext:
|
||||
fsGroup: 101
|
||||
containers:
|
||||
- name: youtube-downloader
|
||||
image: git.strudelline.net/infra/lidarr-youtube-downloader:main
|
||||
env:
|
||||
- name: LIDARR_URL
|
||||
value: https://lidarr.strudelline.net
|
||||
- name: LIDARR_API_KEY
|
||||
value: f371b7b67584461085bf1004520f0fe8
|
||||
- name: LIDARR_DB
|
||||
value: /config/lidarr.db
|
||||
- name: LIDARR_MUSIC_PATH
|
||||
value: /volume1/music
|
||||
volumeMounts:
|
||||
- mountPath: /volume1/music
|
||||
name: music
|
||||
- mountPath: /volume1/dropbox
|
||||
name: dropbox
|
||||
- mountPath: /config
|
||||
name: config
|
||||
- name: vpn
|
||||
image: xjasonlyu/tun2socks:latest
|
||||
command: ["sh","-c"]
|
||||
args:
|
||||
- |
|
||||
mkdir -p /dev/net
|
||||
mknod /dev/net/tun c 10 200
|
||||
exec /entrypoint.sh
|
||||
env:
|
||||
- name: TUN
|
||||
value: tun0
|
||||
- name: PROXY
|
||||
value: socks5://172.16.17.180:1080
|
||||
- name: TUN_EXCLUDED_ROUTES
|
||||
value: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
|
||||
securityContext:
|
||||
capabilities:
|
||||
add: ["NET_ADMIN","SYS_TIME"]
|
Loading…
Reference in New Issue
Block a user