fix(qbittorrent): switch to protonvpn, update gluetun sidecar
This commit is contained in:
parent
72a9a73bbc
commit
b608b8465f
|
@ -17,7 +17,7 @@ spec:
|
|||
values:
|
||||
image:
|
||||
repository: fireflyiii/core
|
||||
tag: version-6.0.26
|
||||
tag: version-6.0.30
|
||||
|
||||
envFrom:
|
||||
- secretRef:
|
||||
|
@ -27,19 +27,7 @@ spec:
|
|||
main:
|
||||
ports:
|
||||
http:
|
||||
port: &port 8080
|
||||
|
||||
probes:
|
||||
startup:
|
||||
custom: true
|
||||
spec:
|
||||
httpGet:
|
||||
path: /
|
||||
port: *port
|
||||
initialDelaySeconds: 60
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 5
|
||||
failureThreshold: 30
|
||||
port: 8080
|
||||
|
||||
ingress:
|
||||
main:
|
||||
|
@ -65,17 +53,3 @@ spec:
|
|||
accessMode: ReadWriteOnce
|
||||
size: 8Gi
|
||||
mountPath: /var/www/html/storage/upload
|
||||
|
||||
# podSecurityContext:
|
||||
# runAsNonRoot: true
|
||||
# runAsUser: 10000
|
||||
# runAsGroup: 10000
|
||||
# fsGroup: 10000
|
||||
# fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
# resources:
|
||||
# requests:
|
||||
# cpu: 1m
|
||||
# memory: 275Mi
|
||||
# limits:
|
||||
# memory: 500Mi
|
|
@ -1,7 +1,7 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
#- ./fireflyiii
|
||||
- ./fireflyiii
|
||||
- ./cdn
|
||||
- ./gitea
|
||||
#- ./dendron
|
||||
|
|
|
@ -22,12 +22,12 @@ spec:
|
|||
# Metrics sidecar
|
||||
sidecars:
|
||||
gluetun:
|
||||
image: qmcgaw/gluetun:v3.35
|
||||
image: qmcgaw/gluetun:v3.36
|
||||
env:
|
||||
- name: FIREWALL_VPN_INPUT_PORTS
|
||||
value: "40574"
|
||||
- name: FIREWALL_INPUT_PORTS
|
||||
value: "8080,17871"
|
||||
value: "8080,17871" # 17871 is the prometheus exporter
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: qbittorrent-secrets
|
||||
|
@ -35,12 +35,31 @@ spec:
|
|||
capabilities:
|
||||
add:
|
||||
- NET_ADMIN
|
||||
volumeMounts:
|
||||
- name: gluetun-tmp
|
||||
mountPath: /tmp/gluetun/
|
||||
|
||||
port-manager:
|
||||
image: git.seanomik.net/seanomik/gluetun-qbit-port-updater:v0.1.1
|
||||
imagePullPolicy: Always
|
||||
env:
|
||||
PORT_UPD_QBITTORRENT_HOST: localhost
|
||||
PORT_UPD_QBITTORRENT_PORT: "8080"
|
||||
# safe to have in plain text since qbittorrent is exposed through authentik.
|
||||
PORT_UPD_QBITTORRENT_LOGIN: &qbitLogin admin
|
||||
PORT_UPD_QBITTORRENT_PASSWORD: &qbitPass adminadmin
|
||||
PORT_UPD_PORT_FILE: /tmp/gluetun/forwarded_port
|
||||
volumeMounts:
|
||||
- name: gluetun-tmp
|
||||
mountPath: /tmp/gluetun/
|
||||
|
||||
metrics:
|
||||
image: caseyscarborough/qbittorrent-exporter:v1.3.2
|
||||
env:
|
||||
- name: QBITTORRENT_BASE_URL
|
||||
value: "http://localhost:8080"
|
||||
QBITTORRENT_BASE_URL: "http://localhost:8080"
|
||||
# safe to have in plain text since qbittorrent is exposed through authentik.
|
||||
QBITTORRENT_LOGIN: *qbitLogin
|
||||
QBITTORRENT_PASSWORD: *qbitPass
|
||||
ports:
|
||||
- name: metrics
|
||||
containerPort: 17871
|
||||
|
@ -98,6 +117,9 @@ spec:
|
|||
type: secret
|
||||
name: cookie-secret
|
||||
mountPath: /etc/tokens
|
||||
gluetun-tmp:
|
||||
enabled: true
|
||||
type: emptyDir
|
||||
|
||||
resources:
|
||||
requests:
|
||||
|
|
|
@ -4,61 +4,72 @@ metadata:
|
|||
name: qbittorrent-secrets
|
||||
namespace: download
|
||||
stringData:
|
||||
VPN_SERVICE_PROVIDER: ENC[AES256_GCM,data:8R4cNgGtXqw=,iv:Q5v2R8dFfoEMecm488ykKpAtrAkSf9Aw2TbQhJFKE0g=,tag:M61J8fTVPv6HUc6c+XKAoA==,type:str]
|
||||
OPENVPN_USER: ENC[AES256_GCM,data:6AN/ohElJYCof94Z7VZuqoNt,iv:ju4RUJO2GucB9nxLetaesIe7BS8GXwBh2CTRdRGqXZA=,tag:gZ0CexKMVRX+atCsADjQyQ==,type:str]
|
||||
OPENVPN_PASSWORD: ENC[AES256_GCM,data:3IXUzdSTkhBwJxwzOPY=,iv:LJveQfuDwJDcbIx3c8a9BV+dCQ5hfzjtVsG339Zjkgo=,tag:SaJwsCRgSSfz0nZt4AbFzQ==,type:str]
|
||||
SERVER_COUNTRIES: ENC[AES256_GCM,data:pyid,iv:gItcOstdlJ6t5uICxGHiEFjcz7pu+t62HBhja+mjaT8=,tag:4aNdJXDgyrWHa5LV0D5EfQ==,type:str]
|
||||
OPENVPN_CIPHERS: ENC[AES256_GCM,data:3hnA/9KL7+Xvano=,iv:zHT1mg57rudaJQQaXLNAQzbIduetE/RLy8W/kGTWGZU=,tag:JmdHDTsGzsymSkOD4DPQZw==,type:str]
|
||||
#ENC[AES256_GCM,data:kFKbnk5b5u4W6+RNeXCBEl0/9/pyIiVJMylujxzF6g==,iv:V46eLoZYOtXwaeM024jpB/Bf0J/w+pU6zgIQ6+zivPY=,tag:InrBZbzfo0LCOLmT1SZftg==,type:comment]
|
||||
#ENC[AES256_GCM,data:vSyBvDlFDcmiDEqIj53Ply/fP/6+cH0jjtS0sDIadF0T4v1Y+tkXOZK/xDtTkQ==,iv:iAAt9EYb9mFOtCrzJvSuw+XSBRcOKS/TDrEWL6VfttU=,tag:kcXjQNflSJNLyLN0Ado/Cw==,type:comment]
|
||||
#ENC[AES256_GCM,data:bFItZO2PhRvVUOHKFSGkcnN+0LhLPJQC9lea//e4MTHJuw==,iv:4re3gpzWBqH1OaRdMiuAx1WNCnBgQvmLtcemVmslnrw=,tag:F1oTifDf61DggEi9raR3yA==,type:comment]
|
||||
#ENC[AES256_GCM,data:P6L6Ddf8v6fn4UzJNhhRmv1DykHM3ilUOjfeRNjmnb9lzw5UzyG6P9t90XF/HxDGXv4=,iv:BWcN23aQu+jW+byy/M2VRNbCgfQBRfcxV4VEAL8LSR0=,tag:9c6gUhgdqhoK8JroOcz+VA==,type:comment]
|
||||
#ENC[AES256_GCM,data:ZVZM0vvuiTky9kBv7TcNKl0xCvVtFtULxqnnemzlrg==,iv:HaaAR0xiN8Lss8RoumaUCGfRxyJoJTVTAayHZ/vitGI=,tag:XMDl3T4rLz9NbHlkCOXL0g==,type:comment]
|
||||
#ENC[AES256_GCM,data:s6JYwUMPoK62524G8hcOxwTzhq7iBfSqqA==,iv:+IyjOdVrOyb224D5z5HEKpy9cnmAlLcjB9ZgaCS3DaA=,tag:f7mFWCMDbgI/AlB2GkBKHg==,type:comment]
|
||||
#ENC[AES256_GCM,data:HAB28P9Lh9PVfNhLce3IK6C0PqFnAvQ0bBPTmBC66rbrqSXzhvzF,iv:O/ee2fS1Q1PK9K9U+RHwBHd2UZdSVrw3mVS4lgnGsvU=,tag:/c7Dj+sL8RuaBq2exJ/eXA==,type:comment]
|
||||
VPN_SERVICE_PROVIDER: ENC[AES256_GCM,data:cxJUkG+M,iv:MISXrZPCX9gjd7uyYjvfZ6/hetCVJ8qihIf1tb7ZqgU=,tag:kSXnRIdVsf6eWxc2o7rkig==,type:str]
|
||||
VPN_TYPE: ENC[AES256_GCM,data:ov1gkA28jPcQ,iv:e9PQ0pT3NCsXQJ6ljtNyX2f1affBnVHYFst5S1Uq+nA=,tag:I4GM26sPnvy+a5AqJ9npLg==,type:str]
|
||||
VPN_ENDPOINT_IP: ENC[AES256_GCM,data:Z5CWT5izY6QSleq/7dw=,iv:XMlPatMEuDBM3UUQKXSbzAb05JEicXY5MZv6uwhE3YI=,tag:mud3Nvk6BQSDiv3LuW4JAA==,type:str]
|
||||
VPN_ENDPOINT_PORT: ENC[AES256_GCM,data:1t9FZ4c=,iv:X2clyyWPltvcg/PkGmYIytnLvImUW8ohD4JTuDdJ3Uo=,tag:I1NGPoQ3B1B94bcUay9A3g==,type:str]
|
||||
WIREGUARD_PUBLIC_KEY: ENC[AES256_GCM,data:FanrtxziYQNqPhA87rWbcTkK3EDKkmCFqtNIu9cTRtGdvNdbLfy0Qwf8v44=,iv:p4xgeWOPqW/5d0yNC4gJPlplAX6Owc2xPp77LPtRdPE=,tag:MJj2Nc50OV4odKwt+mEulA==,type:str]
|
||||
WIREGUARD_PRIVATE_KEY: ENC[AES256_GCM,data:kDZdUyyhm2yeuAzbD5XLnJZsdbN0DoLDnWgrp5Y37B2GA4PIvYSjwpZp500=,iv:i8w0luzzCMei+5JUj+6z1R7/Giy1Du8HfZnFCYcYz2M=,tag:pv5YXdImhD36ppyW9ans3Q==,type:str]
|
||||
WIREGUARD_ADDRESSES: ENC[AES256_GCM,data:u9I+AS0TVQu8d4Q=,iv:pLSLO8Esj3PBU1OiudEf1elKlPIYdtS0SJnUO/qpxog=,tag:GM/LS6Uv0MJeA60ro62AbA==,type:str]
|
||||
VPN_PORT_FORWARDING: ENC[AES256_GCM,data:ftg=,iv:CUeC3ShYGR1S0rYlcBP8U56+gP7cmyZECQYSJY6P9qI=,tag:8lEIJWNz4Smthaw0qXw8sA==,type:str]
|
||||
VPN_PORT_FORWARDING_PROVIDER: ENC[AES256_GCM,data:ZqyFgHgTAr1v,iv:zXwTtuGmvNHsOZ1YhfDNY6PUixTi3dFi/UcB9qTbWh4=,tag:JOAoXu275uhyeVIdhJxJfw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2023-09-14T00:27:42Z"
|
||||
mac: ENC[AES256_GCM,data:Xi5iY+lekGBZXq/d+Me7VYqegRMecBX97n5jwXQtmJfFGlkSNKzsDd3BNhQdzVFIXWub35iM9DqRi6ESTrrF21axhEG0NIRfyOgFvs2bFjvRqYbRD2N+IKkJFGohGG2oaMY0G3DFkAD1vlan0gEcRm1mytTtcMOfVnZVENyTdsM=,iv:ZlrnlnvvFDlYKECHdPLJ/oU6m8qFz1M6Z3+onZNQDU0=,tag:h4H/vVk9OUk49vfq3v7yRg==,type:str]
|
||||
lastmodified: "2023-12-13T23:08:56Z"
|
||||
mac: ENC[AES256_GCM,data:QDqeaz24ZbRSzQVBaaa2TgEudwtf076ZL+bKSliagZ5IKGTmXB1Diy3hGwqBZGz9VSAU8KtBYC4VgpnAFSWywy7G+lYtwrwmkTW7smqUSlfVOWcaHYEODORFSj1krxEzeUKR2ykwjtNz+4eAp9M8kTL7gc78k5As1gsrcS72hTk=,iv:84D0QpusZCtQ5xJx5lWljtxVFrvZLH9pwboXX0tOKhI=,tag:B9PAuWsIjtl76bwdepIiXA==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-06-19T18:35:06Z"
|
||||
enc: |
|
||||
- created_at: "2023-12-13T23:08:56Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAzKleRwoSoixAQ/+LSh/Pcu6Nvg4gon1CiT6yNrOriepFC94bRm35ia1rmhw
|
||||
NqqW40gjTFW1oR2rPV3fKDVozNiCIAxH+wFm8jTqpE9tFYWzSae3gq9ms8KTj8xi
|
||||
EEPX/U+s1a8QCvUC2z2Pg4i4i5+j+rNcmb0capm1zpIP51PfMgvREgdLRgEa8+vq
|
||||
w1h4dLMy+PERXepWZmv3b0VL9irjUHK3kHhBcTrMeL8AmPfHICBUs0zxzvlZsB3d
|
||||
8AIlvHmyuaJg2uae3HKcSWoCGQxFGGSfIgYNT20566GIHckg/hlSymxEw34sA7iR
|
||||
20X+58U7Tzm8ekGyr+y6VOuk0XmvSPSnegpvUFhhJG9r5equUmVJo7zeDwlFSDOd
|
||||
dxi2R0aBitCO7XnhGKvA/x9loyUhm5IekDh1fn5jBeGeBoGdm0zXmpxINH/T8hSp
|
||||
B7BcxhifxnctCRpMVpOLZcDRPzZPPqgGpnM4b8GCiy33T5wt6ufWOJh3JfRQAMpf
|
||||
PnFxPWZiRsbGYMC0+sGeOPOe9oYlhAmJroDn/zn7p5rYKWIYKWfQDnOBzaO6wB6r
|
||||
zG8bEFmj44ikfOTasBMTOtIdkrk33yxYvEUUqu5zDPE6I8hsmjMBQQIQMffyO0Ki
|
||||
Z9eXM/A7XtR5+12D2gEl/C8LP92T2MXFTo7T6WenPBt6D7exwP4NfmHotRRM1eXU
|
||||
aAEJAhD9Z79FLyo0CJwz4P9JDDzz2PBEqnkbxHD7UeNHdIg6kSJz6dRCZpAbixOs
|
||||
mvqyo1PQzwj1ihYdD0fmpUCoqrNYuW/nPes3wEv6JfU6Ez97RHaknHDlOtVs9cX0
|
||||
pNhiuu2eV0V9
|
||||
=vaBY
|
||||
hQIMAzKleRwoSoixAQ//XM/Pha1wEbtFtiWrTNL33Q3TqtpFOsNmWZ574SSmgEfC
|
||||
OlfdK1anH0kx6b8Jy02eJ61ZzGyqM1svuvGTxHqfZ92rIm+3tPfNCtLgSydlud76
|
||||
vy6AXVHZkgSrwtj8xUXf7cmHDVIVxzFlassOWq1OEAsLay71IJcYAd9ImuMTSGUh
|
||||
riBNap7rcMctbiHkomnswQxmMza10KXclXUE7HoOrdMK1+Zxpqhj+fS6Y5WOlRoa
|
||||
VAuYP+Tg1nOkjC27rB68aFEGfbcXRvuNSpuflusDFicIwNUZ5LPLZF483VD4LEi9
|
||||
VZETRpRGTmJ9ZFa6+QstHmY2Ky+/2Yrxd9YUURBoGglGlelbIn+vA8RQlqcCth7Y
|
||||
wqFOPNFJf0Ljduioz5jCmcK/eQRuquJKcKX91+XeJ3pNYK86ywcn7JrsKX4cUCWM
|
||||
ZY2+A8xdtpQxA9RQdObIV5DQEFBTnw+4RpVj8qP1kQvKg/7rvmU8mVyFec321BF/
|
||||
vZ4iVfwPuLbvXNsLl2yeD8pP3DlqemxKQrP/sNfRqqTq1sn6rr8xYk+fE+Vw8fHu
|
||||
OUKPNvr9hWrxAxeHmXu1vmJP9HtXjJor9Qnpa4puiQRrUtlHfOWRthmXdfoGbWlt
|
||||
VDM5kj+Kp3OSSmL3Kpb7BUugXrl3qLEs/KB4jIx7Z1UzRKiUIidg3FfNjs6PaKjU
|
||||
aAEJAhB1FKIv1m7toY6rMQ58gdoDXmnuTN92B3fNplAy8GfzYT67mV2Fr7ogVgqL
|
||||
hShXltEayPTRwpHWv7aHSEo2LscIy7THEbYVsWvbEdILLtIvIfpMQwufRG4H/+oy
|
||||
Htp1z9DAxjUg
|
||||
=sjhc
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 2CC2B3631D5C3393901335DB68F95C5D753EE1E5
|
||||
- created_at: "2023-06-19T18:35:06Z"
|
||||
enc: |
|
||||
- created_at: "2023-12-13T23:08:56Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAy5t8IMoPu4VAQ//fd7iSVur7i0ontjdR1BuC8mxaxd5grBm4VZpTidySOxU
|
||||
XvKlQ3eEaW5Ekt2aCDsTR0B8oHAxyiq9qjh9492i2nZJhdwZVMgmFuLcLr1YuVGs
|
||||
5j54Rig8Kf47VegFuppq/qR9Se240u5lMyngouU6+fDv7Nz2dkk+tmyvIvuXaXK2
|
||||
xr9coQ89gKTINOFle+dlf1lKam4nMRvnXF/FPoGzt2/T8QFGpRyT6gM4OO8ab+qb
|
||||
Qtw7CYSjX5bzLeo+Yphv6QArC3cyixQJD6CCxbcyyz6W5NOMWqakF3JlqBZvU2XK
|
||||
ypXg7d1884xPEZv6W2ENJ1fgtu88hbsLX/D8BWPGenRoYKAfLJanA+bt8XfCipg6
|
||||
aXYlkRRHkQuEKnZ8H7uEgYgp4IQv7Ae231GRBVXeLwSzX/TX7DpVDDcuyYyRJsV0
|
||||
FNF4/xpgJOhb4DSl5OW6pW3SDTAn/jtC1M0Rrx6dDSCgUUyFXYK+klsu0LXtDbvf
|
||||
e1kRpOrq9urpPnpqdTK0hE4qawWkuAc3CniFJ89zr4rlRdPLFychonr/ELWlt5Hs
|
||||
vyKiGJVj3nFwGzb/FGQm1lWts6j/a+tFSprneMh5hkrVDvIjd+qSLELacGZOkp1C
|
||||
sSMzkurhd3xHedQA261rXfOFxhooWMofFiUEp3CFCHC1n9IA1me2RxfcFu5x/kzU
|
||||
aAEJAhCgz5TIm8pQa1zQIE10FMCkQouhTeimyWOeQRcrZVFZZPQLOFxhUQwFxbtg
|
||||
B+gjo8q2XMq4szzKa6ZEp8C1Qkw9zOXWxmhjug/oGHlGwsh2BK5aAFlvGSkZf9yA
|
||||
yTDIrThWUe1w
|
||||
=lQX5
|
||||
hQIMAy5t8IMoPu4VAQ//UXW9kQwk+9tl6yC0BPHlOGyusDQySQThnq6aHtF0lLTh
|
||||
d57Ngz2d/4yV3ADCuDteT9NKqBpnFD5yndD01RfpfrC/LVIIUk3I0StDg1Rwb6/w
|
||||
Q/cfSUX0hJ0qSmR/Bd/zOVPBvGnNSQgu9h73pbjuRwqBYIjV557JB6kq68aAJbi8
|
||||
JvClBjwmdW8r/oraiCLbUXWPF8VHBPwSn210QPML0lRjN7rGtkR88hg+0OKgm9fw
|
||||
Hq51Hr6KvWCh0j6xa70TdHGmahVEqb0l/2LV3yw2WpS5G0A2aL2EWMECdPjS84eI
|
||||
8hK6oNF5sg5D3JwJd74FX+fXQxsRwzZO0B1Pf6Ea6ZYLkVb9wbDKDU30V+LxprLJ
|
||||
Y9WGnLeOoDZVYqMCgEVkzrdRo9LC3UeKQ7yMwXpMHPbNUVv5v9VUjpCfpAf4FNpl
|
||||
nTo1AYV5+Tqvb7XRMraIRR9AzaZ91HQAO/w23vpJCMB+jdcr5UgxhN0apqOAcZlt
|
||||
igpDnj0wRxa6GpHr6TkPx+YRRDoOzlCinot++udmFMsprz4MSz8KM8oiRsD9eM6X
|
||||
QIAR+n8MoyWAVNFGbnTEZqdkfI0VoTRg09BpryB36IEpxBpAq5fcL/w+dL34JROT
|
||||
n/pF7DyKfgtnbUQt6GIQO62Ld2F/Rtg2HkFt3qOw+YuEPnPBLVrtjlrUJbInWsbU
|
||||
aAEJAhB8OvYpr/HfGIZ5wIgG5MsdZ0bWXUOm8kXLnQKu6iNG2Y6ocKGKjzr7ILg5
|
||||
KBneXE+mIO+FkAmvuIcZZAHzaHgYAGxoet4qtVVF0JIz6FF2AMdpqf8ed+f1HIvm
|
||||
WqW5nFqKsDXZ
|
||||
=tLH9
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.7.3
|
||||
version: 3.8.1
|
||||
|
|
|
@ -67,5 +67,5 @@ spec:
|
|||
cpu: 1m
|
||||
memory: 14Mi
|
||||
|
||||
limits:
|
||||
memory: 50Mi
|
||||
# limits:
|
||||
# memory: 50Mi
|
Loading…
Reference in New Issue