apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: prowlarr namespace: download spec: interval: 5m chart: spec: chart: app-template version: 1.3.x sourceRef: kind: HelmRepository name: bjws-charts namespace: flux-system values: image: repository: ghcr.io/onedr0p/prowlarr-develop tag: "1.12.2.4211" # Metrics sidecar sidecars: exportarr: image: ghcr.io/onedr0p/exportarr:v1.6.0 args: - prowlarr ports: - name: metrics containerPort: 9000 env: - name: URL value: "http://localhost" - name: CONFIG value: "/config/config.xml" - name: PORT value: 9000 - name: ENABLE_ADDITIONAL_METRICS value: "true" - name: ENABLE_UNKNOWN_QUEUE_ITEMS value: "true" volumeMounts: - name: config mountPath: /config readOnly: true env: TZ: America/New_York service: main: labels: app: prowlarr-service ports: http: port: 9696 metrics: enabled: true port: 9000 protocol: HTTP probes: liveness: enabled: true custom: true spec: httpGet: path: /ping port: 9696 initialDelaySeconds: 0 periodSeconds: 10 timeoutSeconds: 1 failureThreshold: 3 startup: enabled: false ingress: main: enabled: true annotations: cert-manager.io/cluster-issuer: letsencrypt-production traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd hosts: - host: &host "prowlarr.${SECRET_NEW_DOMAIN}" paths: - path: / pathType: Prefix tls: - hosts: - *host secretName: wildcard-main-tls persistence: config: enabled: true type: hostPath hostPath: /mnt/MainPool/Kubernetes/prowlarr mountPath: /config podSecurityContext: runAsNonRoot: true runAsUser: 10000 runAsGroup: 10000 fsGroup: 10000 fsGroupChangePolicy: OnRootMismatch resources: requests: cpu: 2m memory: 150Mi limits: memory: 500Mi