mthomson/fleet-infra
1
0
Fork 0
mirror of https://github.com/michaelthomson0797/fleet-infra.git synced 2026-02-04 13:09:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

gluetun

Browse Source
This commit is contained in:
Michael Thomson
2023-12-20 10:36:00 -05:00
parent 66ad1f2389
commit e657c0ce50
6 changed files with 33 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
media/qbittorrent/deployment.yaml
View File

@@ -23,44 +23,24 @@ spec:
- containerPort: 8080 - containerPort: 8080
name: http name: http
protocol: TCP protocol: TCP
- containerPort: 6881
name: udp
protocol: UDP
- containerPort: 6881
name: tcp
protocol: TCP
volumeMounts: volumeMounts:
- name: qbittorrent-config - name: qbittorrent-config
mountPath: /config mountPath: /config
- mountPath: /data/downloads - name: data
name: data mountPath: /data/downloads
subPath: downloads subPath: downloads
- name: wireguard - name: gluetun
image: lscr.io/linuxserver/wireguard:latest image: qmcgaw/gluetun
envFrom: envFrom:
- configMapRef: - configMapRef:
name: wireguard-config name: gluetun-config
optional: false
securityContext: securityContext:
capabilities: capabilities:
add: add:
- NET_ADMIN - NET_ADMIN
- SYS_MODULE
privileged: true
ports:
- containerPort: 51820
name: tun
protocol: UDP
lifecycle:
postStart:
exec:
command: ['cp', '/wireguard-secret/qbittorrent.conf', '/config/wg_confs/wg0.conf']
volumeMounts: volumeMounts:
- name: wireguard-config - name: wireguard-config-secret
mountPath: /config mountPath: /gluetun/wireguard
- name: wireguard-secret
readOnly: true
mountPath: /wireguard-secret
initContainers: initContainers:
- name: init-media-filesystem - name: init-media-filesystem
image: busybox image: busybox
@@ -78,14 +58,11 @@ spec:
- name: qbittorrent-config - name: qbittorrent-config
persistentVolumeClaim: persistentVolumeClaim:
claimName: qbittorrent-config claimName: qbittorrent-config
- name: wireguard-config
persistentVolumeClaim:
claimName: wireguard-config
- name: data - name: data
persistentVolumeClaim: persistentVolumeClaim:
claimName: media-data claimName: media-data
- name: wireguard-secret - name: wireguard-config-secret
secret: secret:
secretName: wireguard-secret secretName: wireguard-config-secret

10
media/qbittorrent/gluetun-config.yaml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: gluetun-config
namespace: media
data:
VPN_SERVICE_PROVIDER: custom
VPN_TYPE: wireguard
VPN_PORT_FORWARDING: on
VPN_PORT_FORWARDING_PROVIDER: protonvpn

12
media/qbittorrent/pvc-wireguard-config.yaml
View File

@@ -1,12 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: wireguard-config
namespace: media
spec:
resources:
requests:
storage: 1Gi
storageClassName: longhorn
accessModes:
- ReadWriteOnce

14
media/qbittorrent/wireguard-config-secret.yaml Normal file
View File

@@ -0,0 +1,14 @@
kind: SealedSecret
apiVersion: bitnami.com/v1alpha1
metadata:
name: wireguard-config-secret
namespace: media
creationTimestamp:
spec:
template:
metadata:
name: wireguard-config-secret
namespace: media
creationTimestamp:
encryptedData:
wg0.conf: AgBl96INYxQD4Pr5dxYnRmUfhfgCT6v+R+anYAvk/ETJT6RbEF9AhFB7hOe0blxDxLo61R36P7vh9DpCSBP23JHVEZroIW6uT2M9l8hrGEgVcjZ59d7oCI+/OJnKsFJfBJsBvQRX5WFG25Mr0qXFFYtKVisP2uZrZa/vIZ1Cz16N89Lmbqy8CXSKP4R5M89KrqyH0q85J4kg9NtsZlh9mfWfelb96/BwbWVNuAP+dT3dvx/L0uWgvSj07ks8sxDVlBUJ5hccA3Z6Rg4x2x1tRl5sXFTuGmnkNYR6fFCiomt/YJCczRzF7hUgL3LLml8Sk33xlX8u7dNK0J8byYvEokSD3ZDxLsZLmFTgps3gj3yKa2Q8dRhXZp4o+OBUHT2DFyrNWdw0Km6EAMwJ13G3Lvmif2TXoronbYa8JA+mcV93LpOC1Aubj1QjFTkrK3/4u3DIPK0XmjXS6TeHLD5Rxx8VQIojwWeGTEJRCuvSE2vrxeqv1KQ2Q7OuOyFjAxxlpdVKBdXNnrYAg/yT0zTLZuNBeKRgCCykX0CM+sB/72f606i2ZNLqWI4NAivk99y19Yk7M+iw92qWecAfk1QwYwwdUKUZLqVOtYToHpOKAhZULYy1edTwRbZo+tx+BB1c0z1KVD6j3GiyjDifNME+h5PNLmQplMDHeKZd2mZxaEkwAe++brktnySKkxHxSOMizxkN2wVScqN7lwJfjswV3WOwGcl0V6XXGf59XP5qHDDIAfbYJN/2e//fw1ccYMNrhMFCt3eYvzufQLcCDGsSQxuJa69z4NQT6L4P5LwKCzIef79mJ3ZrTQXMsU55eg42AKPLsympV5GJ8UAYlviGd3n0quLb/LsG0HbnNhw+iHdQw6gtfQWxXI3pdBzx+d4Cel0nS8eyRriBPNHUYN91aJo+afFre/ADMNZq6aqW4eoUmgpHuIjkfVBkvRWQiDCLJjJvb4JcdgwxJUjzfGU3rLKX/G0cGHzXySMwZaojQS3cE0AzGMcSlybSDbEbeDtBKzDhJ4cE44Tv8qVGRyihScEE84dXeRdU8flz8i36jGbD7wA9ID80QfP8NhyU7HS+z9xhnzgo05FWbQun+E19RSXDfTg251s7UshT+/4y3XXU22aD2IoWTG+Qd6A5/KAXf02YGBkkDN1pz0ANKCvK1EdfOWe/42pKGYqaf/z+

8
media/qbittorrent/wireguard-config.yaml
View File

@@ -1,8 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: wireguard-config
namespace: media
data:
PUID: "1000"
PGID: "1000"

14
media/qbittorrent/wireguard-secret.yaml
View File

@@ -1,14 +0,0 @@
kind: SealedSecret
apiVersion: bitnami.com/v1alpha1
metadata:
name: wireguard-secret
namespace: media
creationTimestamp:
spec:
template:
metadata:
name: wireguard-secret
namespace: media
creationTimestamp:
encryptedData:
qbittorrent.conf: AgDOZEDPObCxcy62EMno7OffD9DVz2TVySgD3BR8MNq//vAbXkJszxoI2/4r/EhYSfiBem/4P+JZ9BBgscrh+FfE2yYkQdRx7RaQQgvy32l4xUyfzCuhz1mcpHhaNxdmSMgb8Jm9rf/Lw1lFZn0A7Te4tV21usw2L8+Rcz/dFseVUeiUhL0Hsawp1BtUH8fEFqseY6reRsYnHXt85uPDORiy8SaWKoJevgrzpBPLa/rf/d+Cnr5RJwCXV3q7q0e47fbKD7nVDkSIFsxF4Ar5D06d9mB+E/JMuXMRJL5tfLjCuk4H4QpF4jiXCF5p1HOzL2otElZeADJh/PRFMhRHAkvbfHhD73j5FM+RVeLBTImx9i3YW25SdDGNLeYdAUeua2x4nQwDSBxON9MtXi2sWqedwgusG7CPNStWSD5s7gZzEm6JkZvKb0mu5zoiUsdV7bJtskrL1GmFW2odcvvfi1gaff9iFOqsxm3jC5vXmsfUrIEMphmhNlrfj6i3x9UTIKETOSVsLAm1Wburq0johRiaEZ0zb2bfHEaNF60bl+XJioX98BCaW59h9yrdzotxmHB9bVcSZm1AWjhQ8s9V6Z6m84OlQ7HSZdg5jBiaTAPNLQ+halzGkqGvN67gv+i/r/OsKqbOeBHm5agdipK+hCOxHtkuGL9/G8oz2XtQNI7QMsDdOA6CmjxjMXXnu0lrxDWdGuS0RhTX41v4Gz0b8WxxFztY4Fzw+KcmMLgM47YQ8SChDOTYnpOhuQcNHCCU+9bgfj+p0kl0xr3tzEzJYqrw+ZewliELhlBjrr03SDiUIMpN0Mux++7oKFbPuwmt4stdHQ7VF896j2MPkcnfKF+pgyrHfUsZYlRSAQC0KuWmxU6AxkimVbm2jxkNbxYrFEkomNY47CXU6XLGT+HA/rWkmWK4mU+lFDchzvJPs0TksJ2mvCwrOHjip5S4m3k5PK1SdqqyFleLs85yEHICqyJAt3eBb/KT2WlPb8cQlu0lj1mG2aU40qdyd6/1jbD0Bc2elMrniQ17u5syKmIIE09ACGa7O7kv94jvnvzO1kafFrz/pJ8aLKIdBQlC7+Uw1wnsQHF5hxx426qpnqZ95hPxvpNpaC/cpTJAtH2H3kota4vlMN2I5/9LEPwuYxtYaE6Km06SHF67/kohx9h8PVDk5h920ewrrQNuKQnb