From 557701bb28268d3c8517c99fbc843381d44e0bf7 Mon Sep 17 00:00:00 2001
From: Michael Thomson <mthomson@konradgroup.com>
Date: Thu, 7 Dec 2023 10:14:10 -0500
Subject: [PATCH] custom transmission deployment v1

---
 .../kustomization-transmission.yaml           | 18 ++++++
 .../namespaces/namespace-transmission.yaml    |  4 ++
 transmission/config.yaml                      | 13 ++++
 transmission/deployment.yaml                  | 60 +++++++++++++++++++
 transmission/dns-endpoint.yaml                | 12 ++++
 transmission/ingress.yaml                     | 26 ++++++++
 transmission/pvc-config.yaml                  | 12 ++++
 transmission/pvc-data.yaml                    | 12 ++++
 transmission/service.yaml                     | 14 +++++
 9 files changed, 171 insertions(+)
 create mode 100644 bootstrap/kustomizations/kustomization-transmission.yaml
 create mode 100644 bootstrap/namespaces/namespace-transmission.yaml
 create mode 100644 transmission/config.yaml
 create mode 100644 transmission/deployment.yaml
 create mode 100644 transmission/dns-endpoint.yaml
 create mode 100644 transmission/ingress.yaml
 create mode 100644 transmission/pvc-config.yaml
 create mode 100644 transmission/pvc-data.yaml
 create mode 100644 transmission/service.yaml

diff --git a/bootstrap/kustomizations/kustomization-transmission.yaml b/bootstrap/kustomizations/kustomization-transmission.yaml
new file mode 100644
index 0000000..caddbcb
--- /dev/null
+++ b/bootstrap/kustomizations/kustomization-transmission.yaml
@@ -0,0 +1,18 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: transmission
+  namespace: flux-system
+spec:
+  interval: 15m
+  path: ./transmission
+  prune: true # remove any elements later removed from the above path
+  timeout: 2m # if not set, this defaults to interval duration, which is 1h
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  healthChecks:
+    - apiVersion: apps/v1
+      kind: Deployment
+      name: transmission
+      namespace: transmission
diff --git a/bootstrap/namespaces/namespace-transmission.yaml b/bootstrap/namespaces/namespace-transmission.yaml
new file mode 100644
index 0000000..837aeb3
--- /dev/null
+++ b/bootstrap/namespaces/namespace-transmission.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: transmission
diff --git a/transmission/config.yaml b/transmission/config.yaml
new file mode 100644
index 0000000..05c462d
--- /dev/null
+++ b/transmission/config.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: transmission-config
+  namespace: transmission
+data:
+  OPENVPN_PROVIDER: PROTONVPN
+  OPENVPN_CONFIG: us.protonvpn.net.udp
+  OPENVPN_USERNAME: wSNJV3UTu7K8fxBV+pmp
+  OPENVPN_PASSWORD: fh7dwMzYzJGmHgTo5nTlirjaO0LANcUa
+  LOCAL_NETWORK: 10.0.0.0/8
+  OPENVPN_OPTS: --inactive 3600 --ping 10 --ping-exit 60
+  DISABLE_PORT_FORWARDER: false
diff --git a/transmission/deployment.yaml b/transmission/deployment.yaml
new file mode 100644
index 0000000..943e00d
--- /dev/null
+++ b/transmission/deployment.yaml
@@ -0,0 +1,60 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: transmission
+  namespace: transmission
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: transmission
+  strategy: Recreate
+  template:
+    metadata:
+      labels:
+        app: transmission
+    spec:
+      containers:
+        - image: haugene/transmission-openvpn
+          name: transmission
+          imagePullPolicy: Always
+          envFrom:
+            - configMapRef:
+              name: transmission-config
+              optional: false
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 10
+            periodSeconds: 2
+            successThreshold: 1
+            tcpSocket:
+              port: 9091
+            timeoutSeconds: 2
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 10
+            periodSeconds: 2
+            successThreshold: 2
+            tcpSocket:
+              port: 9091
+            timeoutSeconds: 2
+          securityContext:
+            allowPrivilegeEscalation: true
+            capabilities:
+              add:
+              - NET_ADMIN
+            privileged: true
+          volumeMounts:
+            - mountPath: /data
+              name: data
+            - mountPath: /config
+              name: config
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      volumes: 
+        - name: data
+          persistentVolumeClaim:
+            claimName: transmission-data
+        - name: config
+          persistentVolumeClaim:
+            claimName: transmission-config
diff --git a/transmission/dns-endpoint.yaml b/transmission/dns-endpoint.yaml
new file mode 100644
index 0000000..16c767f
--- /dev/null
+++ b/transmission/dns-endpoint.yaml
@@ -0,0 +1,12 @@
+apiVersion: externaldns.k8s.io/v1alpha1
+kind: DNSEndpoint
+metadata:
+  name: transmission-test.michaelthomson.dev
+  namespace: jellyfin
+spec:
+  endpoints:
+  - dnsName: transmission-test.michaelthomson.dev
+    recordTTL: 180
+    recordType: CNAME
+    targets:
+    - server.michaelthomson.dev
diff --git a/transmission/ingress.yaml b/transmission/ingress.yaml
new file mode 100644
index 0000000..2f56369
--- /dev/null
+++ b/transmission/ingress.yaml
@@ -0,0 +1,26 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: transmission
+  namespace: transmission
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
+    traefik.ingress.kubernetes.io/router.tls: "true"
+spec:
+  ingressClassName: traefik
+  rules:
+    - host: transmission-test.michaelthomson.dev
+      http:
+        paths:
+        - backend:
+            service:
+              name: transmission
+              port:
+                number: 9091
+          path: /
+          pathType: ImplementationSpecific
+  tls:
+    - hosts:
+        - transmission-test.michaelthomson.dev
+      secretName: letsencrypt-wildcard-cert-michaelthomson.dev
diff --git a/transmission/pvc-config.yaml b/transmission/pvc-config.yaml
new file mode 100644
index 0000000..93abc18
--- /dev/null
+++ b/transmission/pvc-config.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: transmission-config
+  namespace: transmission
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 1Gi
diff --git a/transmission/pvc-data.yaml b/transmission/pvc-data.yaml
new file mode 100644
index 0000000..190e097
--- /dev/null
+++ b/transmission/pvc-data.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: transmission-data
+  namespace: transmission
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 150Gi
diff --git a/transmission/service.yaml b/transmission/service.yaml
new file mode 100644
index 0000000..0f3c721
--- /dev/null
+++ b/transmission/service.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: transmission
+  namespace: transmission
+spec:
+  selector:
+    app: transmission
+  ports:
+  - port: 80
+    protocol: TCP
+    targetPort: 9091
+  sessionAffinity: None
+  type: ClusterIP