diff --git a/media/qbittorrent/deployment.yaml b/media/qbittorrent/deployment.yaml index aec6a9b..8b5ab14 100644 --- a/media/qbittorrent/deployment.yaml +++ b/media/qbittorrent/deployment.yaml @@ -23,44 +23,24 @@ spec: - containerPort: 8080 name: http protocol: TCP - - containerPort: 6881 - name: udp - protocol: UDP - - containerPort: 6881 - name: tcp - protocol: TCP volumeMounts: - name: qbittorrent-config mountPath: /config - - mountPath: /data/downloads - name: data + - name: data + mountPath: /data/downloads subPath: downloads - - name: wireguard - image: lscr.io/linuxserver/wireguard:latest + - name: gluetun + image: qmcgaw/gluetun envFrom: - configMapRef: - name: wireguard-config - optional: false + name: gluetun-config securityContext: capabilities: add: - NET_ADMIN - - SYS_MODULE - privileged: true - ports: - - containerPort: 51820 - name: tun - protocol: UDP - lifecycle: - postStart: - exec: - command: ['cp', '/wireguard-secret/qbittorrent.conf', '/config/wg_confs/wg0.conf'] volumeMounts: - - name: wireguard-config - mountPath: /config - - name: wireguard-secret - readOnly: true - mountPath: /wireguard-secret + - name: wireguard-config-secret + mountPath: /gluetun/wireguard initContainers: - name: init-media-filesystem image: busybox @@ -78,14 +58,11 @@ spec: - name: qbittorrent-config persistentVolumeClaim: claimName: qbittorrent-config - - name: wireguard-config - persistentVolumeClaim: - claimName: wireguard-config - name: data persistentVolumeClaim: claimName: media-data - - name: wireguard-secret + - name: wireguard-config-secret secret: - secretName: wireguard-secret + secretName: wireguard-config-secret diff --git a/media/qbittorrent/gluetun-config.yaml b/media/qbittorrent/gluetun-config.yaml new file mode 100644 index 0000000..63a15d0 --- /dev/null +++ b/media/qbittorrent/gluetun-config.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: gluetun-config + namespace: media +data: + VPN_SERVICE_PROVIDER: custom + VPN_TYPE: wireguard + VPN_PORT_FORWARDING: on + VPN_PORT_FORWARDING_PROVIDER: protonvpn diff --git a/media/qbittorrent/pvc-wireguard-config.yaml b/media/qbittorrent/pvc-wireguard-config.yaml deleted file mode 100644 index e217773..0000000 --- a/media/qbittorrent/pvc-wireguard-config.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: wireguard-config - namespace: media -spec: - resources: - requests: - storage: 1Gi - storageClassName: longhorn - accessModes: - - ReadWriteOnce diff --git a/media/qbittorrent/wireguard-config-secret.yaml b/media/qbittorrent/wireguard-config-secret.yaml new file mode 100644 index 0000000..e4df204 --- /dev/null +++ b/media/qbittorrent/wireguard-config-secret.yaml @@ -0,0 +1,14 @@ +kind: SealedSecret +apiVersion: bitnami.com/v1alpha1 +metadata: + name: wireguard-config-secret + namespace: media + creationTimestamp: +spec: + template: + metadata: + name: wireguard-config-secret + namespace: media + creationTimestamp: + encryptedData: + wg0.conf: AgBl96INYxQD4Pr5dxYnRmUfhfgCT6v+R+anYAvk/ETJT6RbEF9AhFB7hOe0blxDxLo61R36P7vh9DpCSBP23JHVEZroIW6uT2M9l8hrGEgVcjZ59d7oCI+/OJnKsFJfBJsBvQRX5WFG25Mr0qXFFYtKVisP2uZrZa/vIZ1Cz16N89Lmbqy8CXSKP4R5M89KrqyH0q85J4kg9NtsZlh9mfWfelb96/BwbWVNuAP+dT3dvx/L0uWgvSj07ks8sxDVlBUJ5hccA3Z6Rg4x2x1tRl5sXFTuGmnkNYR6fFCiomt/YJCczRzF7hUgL3LLml8Sk33xlX8u7dNK0J8byYvEokSD3ZDxLsZLmFTgps3gj3yKa2Q8dRhXZp4o+OBUHT2DFyrNWdw0Km6EAMwJ13G3Lvmif2TXoronbYa8JA+mcV93LpOC1Aubj1QjFTkrK3/4u3DIPK0XmjXS6TeHLD5Rxx8VQIojwWeGTEJRCuvSE2vrxeqv1KQ2Q7OuOyFjAxxlpdVKBdXNnrYAg/yT0zTLZuNBeKRgCCykX0CM+sB/72f606i2ZNLqWI4NAivk99y19Yk7M+iw92qWecAfk1QwYwwdUKUZLqVOtYToHpOKAhZULYy1edTwRbZo+tx+BB1c0z1KVD6j3GiyjDifNME+h5PNLmQplMDHeKZd2mZxaEkwAe++brktnySKkxHxSOMizxkN2wVScqN7lwJfjswV3WOwGcl0V6XXGf59XP5qHDDIAfbYJN/2e//fw1ccYMNrhMFCt3eYvzufQLcCDGsSQxuJa69z4NQT6L4P5LwKCzIef79mJ3ZrTQXMsU55eg42AKPLsympV5GJ8UAYlviGd3n0quLb/LsG0HbnNhw+iHdQw6gtfQWxXI3pdBzx+d4Cel0nS8eyRriBPNHUYN91aJo+afFre/ADMNZq6aqW4eoUmgpHuIjkfVBkvRWQiDCLJjJvb4JcdgwxJUjzfGU3rLKX/G0cGHzXySMwZaojQS3cE0AzGMcSlybSDbEbeDtBKzDhJ4cE44Tv8qVGRyihScEE84dXeRdU8flz8i36jGbD7wA9ID80QfP8NhyU7HS+z9xhnzgo05FWbQun+E19RSXDfTg251s7UshT+/4y3XXU22aD2IoWTG+Qd6A5/KAXf02YGBkkDN1pz0ANKCvK1EdfOWe/42pKGYqaf/z+ diff --git a/media/qbittorrent/wireguard-config.yaml b/media/qbittorrent/wireguard-config.yaml deleted file mode 100644 index 05274fa..0000000 --- a/media/qbittorrent/wireguard-config.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: wireguard-config - namespace: media -data: - PUID: "1000" - PGID: "1000" diff --git a/media/qbittorrent/wireguard-secret.yaml b/media/qbittorrent/wireguard-secret.yaml deleted file mode 100644 index a4d8a1e..0000000 --- a/media/qbittorrent/wireguard-secret.yaml +++ /dev/null @@ -1,14 +0,0 @@ -kind: SealedSecret -apiVersion: bitnami.com/v1alpha1 -metadata: - name: wireguard-secret - namespace: media - creationTimestamp: -spec: - template: - metadata: - name: wireguard-secret - namespace: media - creationTimestamp: - encryptedData: - qbittorrent.conf: AgDOZEDPObCxcy62EMno7OffD9DVz2TVySgD3BR8MNq//vAbXkJszxoI2/4r/EhYSfiBem/4P+JZ9BBgscrh+FfE2yYkQdRx7RaQQgvy32l4xUyfzCuhz1mcpHhaNxdmSMgb8Jm9rf/Lw1lFZn0A7Te4tV21usw2L8+Rcz/dFseVUeiUhL0Hsawp1BtUH8fEFqseY6reRsYnHXt85uPDORiy8SaWKoJevgrzpBPLa/rf/d+Cnr5RJwCXV3q7q0e47fbKD7nVDkSIFsxF4Ar5D06d9mB+E/JMuXMRJL5tfLjCuk4H4QpF4jiXCF5p1HOzL2otElZeADJh/PRFMhRHAkvbfHhD73j5FM+RVeLBTImx9i3YW25SdDGNLeYdAUeua2x4nQwDSBxON9MtXi2sWqedwgusG7CPNStWSD5s7gZzEm6JkZvKb0mu5zoiUsdV7bJtskrL1GmFW2odcvvfi1gaff9iFOqsxm3jC5vXmsfUrIEMphmhNlrfj6i3x9UTIKETOSVsLAm1Wburq0johRiaEZ0zb2bfHEaNF60bl+XJioX98BCaW59h9yrdzotxmHB9bVcSZm1AWjhQ8s9V6Z6m84OlQ7HSZdg5jBiaTAPNLQ+halzGkqGvN67gv+i/r/OsKqbOeBHm5agdipK+hCOxHtkuGL9/G8oz2XtQNI7QMsDdOA6CmjxjMXXnu0lrxDWdGuS0RhTX41v4Gz0b8WxxFztY4Fzw+KcmMLgM47YQ8SChDOTYnpOhuQcNHCCU+9bgfj+p0kl0xr3tzEzJYqrw+ZewliELhlBjrr03SDiUIMpN0Mux++7oKFbPuwmt4stdHQ7VF896j2MPkcnfKF+pgyrHfUsZYlRSAQC0KuWmxU6AxkimVbm2jxkNbxYrFEkomNY47CXU6XLGT+HA/rWkmWK4mU+lFDchzvJPs0TksJ2mvCwrOHjip5S4m3k5PK1SdqqyFleLs85yEHICqyJAt3eBb/KT2WlPb8cQlu0lj1mG2aU40qdyd6/1jbD0Bc2elMrniQ17u5syKmIIE09ACGa7O7kv94jvnvzO1kafFrz/pJ8aLKIdBQlC7+Uw1wnsQHF5hxx426qpnqZ95hPxvpNpaC/cpTJAtH2H3kota4vlMN2I5/9LEPwuYxtYaE6Km06SHF67/kohx9h8PVDk5h920ewrrQNuKQnb