apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: qbittorrent namespace: download spec: interval: 5m chart: spec: chart: app-template version: 1.3.x sourceRef: kind: HelmRepository name: bjws-charts namespace: flux-system values: image: repository: lscr.io/linuxserver/qbittorrent tag: "4.5.4" # Metrics sidecar sidecars: gluetun: image: qmcgaw/gluetun:v3.36 env: - name: FIREWALL_VPN_INPUT_PORTS value: "40574" - name: FIREWALL_INPUT_PORTS value: "8080,17871" # 17871 is the prometheus exporter envFrom: - secretRef: name: qbittorrent-secrets securityContext: capabilities: add: - NET_ADMIN volumeMounts: - name: gluetun-tmp mountPath: /tmp/gluetun/ port-manager: image: git.seanomik.net/seanomik/gluetun-qbit-port-updater:v0.1.1 imagePullPolicy: Always env: PORT_UPD_QBITTORRENT_HOST: localhost PORT_UPD_QBITTORRENT_PORT: "8080" # safe to have in plain text since qbittorrent is exposed through authentik. PORT_UPD_QBITTORRENT_LOGIN: &qbitLogin admin PORT_UPD_QBITTORRENT_PASSWORD: &qbitPass adminadmin PORT_UPD_PORT_FILE: /tmp/gluetun/forwarded_port volumeMounts: - name: gluetun-tmp mountPath: /tmp/gluetun/ metrics: image: caseyscarborough/qbittorrent-exporter:v1.3.2 env: QBITTORRENT_BASE_URL: "http://localhost:8080" # safe to have in plain text since qbittorrent is exposed through authentik. QBITTORRENT_LOGIN: *qbitLogin QBITTORRENT_PASSWORD: *qbitPass ports: - name: metrics containerPort: 17871 env: TZ: America/New_York PGID: "10000" PUID: "10000" WEBUI_PORT: "8080" service: main: labels: app: qbittorrent-service ports: http: port: 8080 metrics: enabled: true port: 17871 protocol: HTTP ingress: main: enabled: true annotations: cert-manager.io/cluster-issuer: letsencrypt-production traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd hosts: - host: &host "qbit.${SECRET_NEW_DOMAIN}" paths: - path: / pathType: Prefix tls: - hosts: - *host secretName: wildcard-main-tls persistence: storage: enabled: true type: hostPath hostPath: /mnt/MainPool/Media/Torrents mountPath: /storage/Torrents config: enabled: true type: hostPath hostPath: /mnt/MainPool/Kubernetes/qbittorrent mountPath: /config cookies: enabled: true type: secret name: cookie-secret mountPath: /etc/tokens gluetun-tmp: enabled: true type: emptyDir resources: requests: cpu: 10m memory: 250Mi limits: memory: 6000Mi