custom transmission deployment v1

bootstrap/kustomizations/kustomization-transmission.yaml

@@ -0,0 +1,18 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: transmission
+  namespace: flux-system
+spec:
+  interval: 15m
+  path: ./transmission
+  prune: true # remove any elements later removed from the above path
+  timeout: 2m # if not set, this defaults to interval duration, which is 1h
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  healthChecks:
+    - apiVersion: apps/v1
+      kind: Deployment
+      name: transmission
+      namespace: transmission

bootstrap/namespaces/namespace-transmission.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: transmission

transmission/config.yaml

@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: transmission-config
+  namespace: transmission
+data:
+  OPENVPN_PROVIDER: PROTONVPN
+  OPENVPN_CONFIG: us.protonvpn.net.udp
+  OPENVPN_USERNAME: wSNJV3UTu7K8fxBV+pmp
+  OPENVPN_PASSWORD: fh7dwMzYzJGmHgTo5nTlirjaO0LANcUa
+  LOCAL_NETWORK: 10.0.0.0/8
+  OPENVPN_OPTS: --inactive 3600 --ping 10 --ping-exit 60
+  DISABLE_PORT_FORWARDER: false

transmission/deployment.yaml

@@ -0,0 +1,60 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: transmission
+  namespace: transmission
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: transmission
+  strategy: Recreate
+  template:
+    metadata:
+      labels:
+        app: transmission
+    spec:
+      containers:
+        - image: haugene/transmission-openvpn
+          name: transmission
+          imagePullPolicy: Always
+          envFrom:
+            - configMapRef:
+              name: transmission-config
+              optional: false
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 10
+            periodSeconds: 2
+            successThreshold: 1
+            tcpSocket:
+              port: 9091
+            timeoutSeconds: 2
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 10
+            periodSeconds: 2
+            successThreshold: 2
+            tcpSocket:
+              port: 9091
+            timeoutSeconds: 2
+          securityContext:
+            allowPrivilegeEscalation: true
+            capabilities:
+              add:
+              - NET_ADMIN
+            privileged: true
+          volumeMounts:
+            - mountPath: /data
+              name: data
+            - mountPath: /config
+              name: config
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      volumes: 
+        - name: data
+          persistentVolumeClaim:
+            claimName: transmission-data
+        - name: config
+          persistentVolumeClaim:
+            claimName: transmission-config

transmission/dns-endpoint.yaml

@@ -0,0 +1,12 @@
+apiVersion: externaldns.k8s.io/v1alpha1
+kind: DNSEndpoint
+metadata:
+  name: transmission-test.michaelthomson.dev
+  namespace: jellyfin
+spec:
+  endpoints:
+  - dnsName: transmission-test.michaelthomson.dev
+    recordTTL: 180
+    recordType: CNAME
+    targets:
+    - server.michaelthomson.dev

transmission/ingress.yaml

@@ -0,0 +1,26 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: transmission
+  namespace: transmission
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
+    traefik.ingress.kubernetes.io/router.tls: "true"
+spec:
+  ingressClassName: traefik
+  rules:
+    - host: transmission-test.michaelthomson.dev
+      http:
+        paths:
+        - backend:
+            service:
+              name: transmission
+              port:
+                number: 9091
+          path: /
+          pathType: ImplementationSpecific
+  tls:
+    - hosts:
+        - transmission-test.michaelthomson.dev
+      secretName: letsencrypt-wildcard-cert-michaelthomson.dev

transmission/pvc-config.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: transmission-config
+  namespace: transmission
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 1Gi

transmission/pvc-data.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: transmission-data
+  namespace: transmission
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 150Gi

transmission/service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: transmission
+  namespace: transmission
+spec:
+  selector:
+    app: transmission
+  ports:
+  - port: 80
+    protocol: TCP
+    targetPort: 9091
+  sessionAffinity: None
+  type: ClusterIP