feat(sonarr): update app-template for sonarr, start migration to postgres
This commit is contained in:
parent
06bf3d569a
commit
751b6d2e76
|
@ -6,7 +6,7 @@ resources:
|
||||||
- ./qbittorrent
|
- ./qbittorrent
|
||||||
- ./qbit-manage
|
- ./qbit-manage
|
||||||
- ./radarr/ks.yaml
|
- ./radarr/ks.yaml
|
||||||
- ./sonarr
|
- ./sonarr/ks.yaml
|
||||||
- ./prowlarr
|
- ./prowlarr
|
||||||
- ./bazarr
|
- ./bazarr
|
||||||
- ./readarr
|
- ./readarr
|
||||||
|
|
|
@ -0,0 +1,123 @@
|
||||||
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
||||||
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
|
kind: HelmRelease
|
||||||
|
metadata:
|
||||||
|
name: sonarr
|
||||||
|
namespace: download
|
||||||
|
spec:
|
||||||
|
interval: 5m
|
||||||
|
chart:
|
||||||
|
spec:
|
||||||
|
chart: app-template
|
||||||
|
version: 3.4.0
|
||||||
|
sourceRef:
|
||||||
|
kind: HelmRepository
|
||||||
|
name: bjws-charts
|
||||||
|
namespace: flux-system
|
||||||
|
|
||||||
|
values:
|
||||||
|
controllers:
|
||||||
|
main:
|
||||||
|
pod:
|
||||||
|
securityContext:
|
||||||
|
runAsNonRoot: true
|
||||||
|
runAsUser: 10000
|
||||||
|
runAsGroup: 10000
|
||||||
|
fsGroup: 10000
|
||||||
|
fsGroupChangePolicy: OnRootMismatch
|
||||||
|
|
||||||
|
containers:
|
||||||
|
sonarr:
|
||||||
|
image:
|
||||||
|
repository: ghcr.io/onedr0p/sonarr-develop
|
||||||
|
tag: 4.0.9.2457
|
||||||
|
envFrom:
|
||||||
|
- secretRef:
|
||||||
|
name: sonarr-secret
|
||||||
|
env:
|
||||||
|
TZ: America/New_York
|
||||||
|
SONARR__APP__INSTANCENAME: Sonarr
|
||||||
|
SONARR__APP__THEME: dark
|
||||||
|
SONARR__AUTH_METHOD: External
|
||||||
|
SONARR__AUTH__REQUIRED: DisabledForLocalAddresses
|
||||||
|
SONARR__LOG__DBENABLED: "False"
|
||||||
|
SONARR__LOG__LEVEL: info
|
||||||
|
SONARR__SERVER__PORT: &port 7878
|
||||||
|
SONARR__UPDATE__BRANCH: develop
|
||||||
|
SONARR__POSTGRES__HOST: postgresql.database.svc
|
||||||
|
SONARR__POSTGRES__PORT: "5432"
|
||||||
|
SONARR__POSTGRES__MAINDB: sonarr_main
|
||||||
|
probes:
|
||||||
|
liveness: &probes
|
||||||
|
enabled: true
|
||||||
|
custom: true
|
||||||
|
spec:
|
||||||
|
httpGet:
|
||||||
|
path: /ping
|
||||||
|
port: *port
|
||||||
|
initialDelaySeconds: 0
|
||||||
|
periodSeconds: 10
|
||||||
|
timeoutSeconds: 1
|
||||||
|
failureThreshold: 3
|
||||||
|
readiness: *probes
|
||||||
|
securityContext:
|
||||||
|
allowPrivilegeEscalation: false
|
||||||
|
readOnlyRootFilesystem: true
|
||||||
|
capabilities: { drop: ["ALL"] }
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
memory: 100Mi
|
||||||
|
limits:
|
||||||
|
memory: 4Gi
|
||||||
|
|
||||||
|
exportarr:
|
||||||
|
image:
|
||||||
|
repository: ghcr.io/onedr0p/exportarr
|
||||||
|
tag: v2.0.1
|
||||||
|
args:
|
||||||
|
- sonarr
|
||||||
|
env:
|
||||||
|
URL: "http://localhost"
|
||||||
|
CONFIG: "/config/config.xml"
|
||||||
|
PORT: &metricsPort 9000
|
||||||
|
ENABLE_ADDITIONAL_METRICS : "true"
|
||||||
|
ENABLE_UNKNOWN_QUEUE_ITEMS: "true"
|
||||||
|
|
||||||
|
ingress:
|
||||||
|
main:
|
||||||
|
annotations:
|
||||||
|
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||||
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||||
|
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
|
||||||
|
|
||||||
|
hosts:
|
||||||
|
- host: "sonarr.${SECRET_NEW_DOMAIN}"
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
service:
|
||||||
|
identifier: main
|
||||||
|
port: http
|
||||||
|
|
||||||
|
service:
|
||||||
|
main:
|
||||||
|
controller: main
|
||||||
|
|
||||||
|
ports:
|
||||||
|
http:
|
||||||
|
port: *port
|
||||||
|
metrics:
|
||||||
|
port: *metricsPort
|
||||||
|
protocol: HTTP
|
||||||
|
|
||||||
|
persistence:
|
||||||
|
config:
|
||||||
|
existingClaim: sonarr
|
||||||
|
globalMounts:
|
||||||
|
- path: /config
|
||||||
|
storage:
|
||||||
|
type: hostPath
|
||||||
|
hostPath: /mnt/MainPool/Media
|
||||||
|
advancedMounts:
|
||||||
|
main: # controller name
|
||||||
|
sonarr: # container name
|
||||||
|
- path: /storage
|
|
@ -1,5 +1,7 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
|
- ./pvc.yaml
|
||||||
|
- ./secret.sops.yaml
|
||||||
- ./helm-release.yaml
|
- ./helm-release.yaml
|
||||||
- ./sonarr-exportarr-metrics.yaml
|
- ./sonarr-exportarr-metrics.yaml
|
|
@ -0,0 +1,10 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: sonarr
|
||||||
|
spec:
|
||||||
|
accessModes: ["ReadWriteOnce"]
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 15Gi
|
||||||
|
storageClassName: openebs-zfs-mainpool
|
|
@ -0,0 +1,73 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: sonarr-secret
|
||||||
|
namespace: download
|
||||||
|
stringData:
|
||||||
|
SONARR__AUTH__APIKEY: ENC[AES256_GCM,data:Z0TKYOp2veBJ/ctC3z1ooj/b8J1p7ewUWX7ItIFWcpA=,iv:oY+k9x+BZxsGW5oAmNncApU+6M6YUx1q+pXDMldsg0M=,tag:lBJHGeSHw8IKS2nSFP/0aA==,type:str]
|
||||||
|
SONARR__POSTGRES__USER: ENC[AES256_GCM,data:vdcAhdIh,iv:tCRA3HFh6G7GUPpt5jFuqunaSRFiD90+b857vrt7tys=,tag:k02ojbFwZi6iufAOP2Fvjg==,type:str]
|
||||||
|
SONARR__POSTGRES__PASSWORD: ENC[AES256_GCM,data:0uqO/FMm3b/DXtthjBLI7HXoujqpjCvs66yTbzuAiDM=,iv:E/FP0rDmFQPlAM00hOGR3lB4WW22W7XezSKYGfStUGM=,tag:cC+IOkw6Oqzz8iFoTrZq1Q==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age: []
|
||||||
|
lastmodified: "2024-10-15T21:30:43Z"
|
||||||
|
mac: ENC[AES256_GCM,data:cX94qYBsvl4+cUOrEI6xSpHY/mlQAvk4d6Q5KyRE1QaqX/pau0zJEzczaF4j9UvWGfl7dm5xuR0mrSldwRBg6M/lA6B8xxIACXaCNxdDBj2pmwOCROi6v78BLtB5P7E8Y+wwoQzVxEQQnOQDIFQJ/mMmy+D6a9BmJ5ulneEeouc=,iv:aZf9GZXAOeU3Z3oq2rQ1P6fW8TMKVHwJXjn2CpZHNjg=,tag:wK0iU+FRJylxmYl5qcq4xg==,type:str]
|
||||||
|
pgp:
|
||||||
|
- created_at: "2024-10-15T21:30:43Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMAwAAAAAAAAAAAQ/+J4pyPCDaePFBF+1IgYzwaefDpRFAkP0kNzHObPZL1vUD
|
||||||
|
4GM3dQTqN8Ay8NoBAasq/dNKzDSjOvMTShZO2YXQJoA8019Q6yZhgc+l1B7bnB+W
|
||||||
|
6tDz5Rtlu+gbJWngvyLFkUhFCmOQ6UyQHKPpC2iObrNj3Rb9ZxxxVTCRa2n6/2g3
|
||||||
|
Bp2lRAIESK/cWxmQbus8PZnzphIAmfwEijot5tQjQy7Virhz4xMiqbxvuWowA2zk
|
||||||
|
X5PY5dHv+l7p+3Ckr7qbOGA/oAxbvFvL3hzLlE0xYj6sXdgWY5a5yqXhbxDtSQ8u
|
||||||
|
rT0QxtDtt3lPie0e4w+f/cxNURw4yitb7IzGFhwvyPi+7eRfzgAaQHndffFv9RM8
|
||||||
|
26la2JeamyXCQgUOJF7EGBD6Ix6fZJE8mHF80yerlC27unZ75Rac7ckxq9GYpKia
|
||||||
|
tdyrU8OrV+f9uUdEyNCeD6wuZrxuKyyL6f+zQs6uj+zzaLYg3/p8iZLgT5HsxBLs
|
||||||
|
dMRVnCEvCWyYd9OJrOLVld9qrvbmuypLuPOUQpTYt9WrC5SxfMPkQQYNnXEGcI0K
|
||||||
|
n2s4eSv4tFOQw4xjRH4hl1H678faXen83F9ScOXWyHpqE54fFCCMAJV6NXMWKByv
|
||||||
|
9l/Rz81+J8kd1wQ4+CcJslsVM06XpwEPPRM9xunxwxPWB2wZQYCF9mQitRmnIliF
|
||||||
|
AgwDAAAAAAAAAAABD/0YtuvVooC7OW45KsL7rJwRMJOryjkJmffl5ocjyU6aicQw
|
||||||
|
MRjD+d8xa3WUsVbCnSYHQATpAltPrKLybi1MpneRk3j7b6kAz8iJaawEcgTUiM3H
|
||||||
|
h6SjtrwCpjNSI7RN3eRAUyxDtdrrvR5P1ynfmMHUWnuQjXlYcBZqtnA/THWOIGnC
|
||||||
|
joEixpi7e2RlAUzFuG2+Mlux2nLdtO+YcGI2ta9qHHp1O1+46HxvYO982dFRTuLq
|
||||||
|
VAHJcdROw1eNBCvwK2n27mKBMo9kfQMLrcUyO8PZqZyxEIimsHM4aQbYp8NvxAtx
|
||||||
|
LuveKR3s60VjC7gHIqfWJw/fqPlv73V/ONwwruC/2WSzZSfZ0C1Z7LPJt84wqbXz
|
||||||
|
7+t7St0R+u4cJ+Vim/XXRpTQOX+xnfO3UZu9Nwszm144uWdkt/5L9zGGLPnYBmPy
|
||||||
|
eAfhcSz7S0xe9qBM1LWXQHqQ3U1U0cSlizE87oYrJgfYCRQ4CsT3MOWEhwfFpd9E
|
||||||
|
wLLXOgCLiFIw77OUBNa4Rcg/v6oYrHKf2UKklOtt6QrqcnVnZT2l2bTUaWupD0Rl
|
||||||
|
lq0/sadpV8FsYtIS1EQ6j7EVvAOZNEdC6L090CQ7bnPiwQyHdS3b6J49RE55TcOP
|
||||||
|
n743wfZNcmqEeV0ooUkGoW6r5q0jvaUBrTbVpJszktps9uBybO5qgqobjdexUtRo
|
||||||
|
AQkCEIda5ST1hWg6TgORmRI2cHqUdw+b4dMy74l3a1RZpBPHyKPbP9e7J98BGm7C
|
||||||
|
XAyNC9vgDwjfp+BwHzPjfA3KtXZDjg2Gu5PFU3cdWWlWhLSreG1+mtsjWjXGAKq+
|
||||||
|
GN4DyUYIF60=
|
||||||
|
=DCkn
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
|
||||||
|
- created_at: "2024-10-15T21:30:43Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMAwAAAAAAAAAAAQ//bqiURh1qRFK0fbL6E7UlU9wIw0Q2jkGQ+FF4gYKTTTtr
|
||||||
|
XdBS+CTBYLlTTpEGMMCSRJJsfOAXVUVRzpgopDt8Imhckqdx4/+I9VVsd6urEkOA
|
||||||
|
MyYXaKc2dY9rQjFj4kKB0vcEJ+tqZ8BrpMktUdt+3/g8QdgTWEfzv2inKi2OsrHQ
|
||||||
|
RevUJpM2FgBjR6f+JbsrbnOuEfYw0B9uD6otBre88HM2uECfEvuu+jMtPbA3X4YZ
|
||||||
|
J7UcmEsiH5oHxIFXNBvJiRQJycbrXwMWaU8m6IkbuADua2dcjsu9kYvPyM5OB1xX
|
||||||
|
f/3UIUa+UFTgS47GadXV/r8Voychp8mo9KflmY+7A66oxnmBo3hSYj83vBKiK+QP
|
||||||
|
qL78M9OSITicDeLYidDRUg5f+J3Ybc9O9duj5w8O/bS4LXWkD8B+9wiytbL80gkV
|
||||||
|
SU8TIat0f0U52ygZH72F60hdXsHoFTfUVD61nrtbIUwDTsS0A6se/5leXrI+23uq
|
||||||
|
boJU5Sz/Q0vzybOUeFjKU40r23D1mYsBqxDoD6LoMwAuZjd//T6yx5ZIVdp8kE5s
|
||||||
|
MMycUsDLAy7jmbsZvG2QmRgaRiTKvKLcvrWeYLrGHsrcExO5sbDDzLjeC61B3tSb
|
||||||
|
X3GUVg+9aOPPoUVB/COG1554F4l2Bbq9aYA9/Uw1tFZGWC9WjCRa3z/HMQQHm4vU
|
||||||
|
aAEJAhAgzTiHxfIdJmKQxVlkdME8Orw11Xo3hdbee9j9qx75+TkPifuNSkUIxKon
|
||||||
|
ufOAcIGDynnUpqD/xStmwCqS3uqpVEy6PGIfXTls34+nLPDWJ4wQ71P3v3kSHLYY
|
||||||
|
Q7jW3gYe3ohw
|
||||||
|
=xHcO
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
||||||
|
encrypted_regex: ^(data|stringData)$
|
||||||
|
version: 3.9.1
|
|
@ -1,120 +0,0 @@
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
||||||
kind: HelmRelease
|
|
||||||
metadata:
|
|
||||||
name: sonarr
|
|
||||||
namespace: download
|
|
||||||
spec:
|
|
||||||
interval: 5m
|
|
||||||
chart:
|
|
||||||
spec:
|
|
||||||
chart: app-template
|
|
||||||
version: 1.3.x
|
|
||||||
sourceRef:
|
|
||||||
kind: HelmRepository
|
|
||||||
name: bjws-charts
|
|
||||||
namespace: flux-system
|
|
||||||
|
|
||||||
values:
|
|
||||||
image:
|
|
||||||
repository: ghcr.io/onedr0p/sonarr-develop
|
|
||||||
tag: "4.0.9.2457"
|
|
||||||
|
|
||||||
# Metrics sidecar
|
|
||||||
sidecars:
|
|
||||||
exportarr:
|
|
||||||
image: ghcr.io/onedr0p/exportarr:v2.0.1
|
|
||||||
args:
|
|
||||||
- sonarr
|
|
||||||
ports:
|
|
||||||
- name: metrics
|
|
||||||
containerPort: 9000
|
|
||||||
env:
|
|
||||||
- name: URL
|
|
||||||
value: "http://localhost"
|
|
||||||
- name: CONFIG
|
|
||||||
value: "/config/config.xml"
|
|
||||||
- name: PORT
|
|
||||||
value: 9000
|
|
||||||
- name: ENABLE_ADDITIONAL_METRICS
|
|
||||||
value: "true"
|
|
||||||
- name: ENABLE_UNKNOWN_QUEUE_ITEMS
|
|
||||||
value: "true"
|
|
||||||
volumeMounts:
|
|
||||||
- name: config
|
|
||||||
mountPath: /config
|
|
||||||
readOnly: true
|
|
||||||
|
|
||||||
env:
|
|
||||||
TZ: America/New_York
|
|
||||||
SONARR__AUTHENTICATION_METHOD: "External"
|
|
||||||
|
|
||||||
service:
|
|
||||||
main:
|
|
||||||
labels:
|
|
||||||
app: sonarr-service
|
|
||||||
|
|
||||||
ports:
|
|
||||||
http:
|
|
||||||
port: 8989
|
|
||||||
|
|
||||||
metrics:
|
|
||||||
enabled: true
|
|
||||||
port: 9000
|
|
||||||
protocol: HTTP
|
|
||||||
|
|
||||||
probes:
|
|
||||||
liveness:
|
|
||||||
enabled: true
|
|
||||||
custom: true
|
|
||||||
spec:
|
|
||||||
httpGet:
|
|
||||||
path: /ping
|
|
||||||
port: 8989
|
|
||||||
initialDelaySeconds: 0
|
|
||||||
periodSeconds: 10
|
|
||||||
timeoutSeconds: 1
|
|
||||||
failureThreshold: 3
|
|
||||||
startup:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
ingress:
|
|
||||||
main:
|
|
||||||
enabled: true
|
|
||||||
annotations:
|
|
||||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
|
||||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
||||||
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
|
|
||||||
hosts:
|
|
||||||
- host: &host "sonarr.${SECRET_NEW_DOMAIN}"
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
pathType: Prefix
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- *host
|
|
||||||
|
|
||||||
persistence:
|
|
||||||
config:
|
|
||||||
enabled: true
|
|
||||||
type: hostPath
|
|
||||||
hostPath: /mnt/MainPool/Kubernetes/sonarr
|
|
||||||
mountPath: /config
|
|
||||||
storage:
|
|
||||||
enabled: true
|
|
||||||
type: hostPath
|
|
||||||
hostPath: /mnt/MainPool/Media
|
|
||||||
mountPath: /storage
|
|
||||||
|
|
||||||
podSecurityContext:
|
|
||||||
runAsNonRoot: true
|
|
||||||
runAsUser: 10000
|
|
||||||
runAsGroup: 10000
|
|
||||||
fsGroup: 10000
|
|
||||||
fsGroupChangePolicy: OnRootMismatch
|
|
||||||
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 2m
|
|
||||||
memory: 350Mi
|
|
||||||
limits:
|
|
||||||
memory: 2500Mi
|
|
|
@ -0,0 +1,28 @@
|
||||||
|
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||||
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||||
|
kind: Kustomization
|
||||||
|
metadata:
|
||||||
|
name: sonarr
|
||||||
|
namespace: flux-system
|
||||||
|
spec:
|
||||||
|
timeout: 5m
|
||||||
|
interval: 10m
|
||||||
|
targetNamespace: download
|
||||||
|
path: ./kubernetes/main/apps/download/sonarr/app
|
||||||
|
prune: true
|
||||||
|
sourceRef:
|
||||||
|
kind: GitRepository
|
||||||
|
name: home-cluster
|
||||||
|
decryption:
|
||||||
|
provider: sops
|
||||||
|
secretRef:
|
||||||
|
name: sops-gpg
|
||||||
|
dependsOn:
|
||||||
|
- name: openebs
|
||||||
|
- name: openebs-sc
|
||||||
|
postBuild:
|
||||||
|
substituteFrom:
|
||||||
|
- kind: ConfigMap
|
||||||
|
name: cluster-settings
|
||||||
|
- kind: Secret
|
||||||
|
name: cluster-secrets
|
Loading…
Reference in New Issue