apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: qbittorrent namespace: download spec: interval: 5m chart: spec: chart: app-template version: 1.3.x sourceRef: kind: HelmRepository name: bjws-charts namespace: flux-system values: image: repository: lscr.io/linuxserver/qbittorrent tag: "4.5.4" # Metrics sidecar sidecars: gluetun: image: qmcgaw/gluetun:v3.35 env: - name: FIREWALL_VPN_INPUT_PORTS value: "40574" - name: FIREWALL_INPUT_PORTS value: "8080,17871" envFrom: - secretRef: name: qbittorrent-secrets securityContext: capabilities: add: - NET_ADMIN metrics: image: caseyscarborough/qbittorrent-exporter:v1.3.2 env: - name: QBITTORRENT_BASE_URL value: "http://localhost:8080" ports: - name: metrics containerPort: 17871 env: TZ: America/New_York PGID: "10000" PUID: "10000" WEBUI_PORT: "8080" service: main: labels: app: qbittorrent-service ports: http: port: 8080 metrics: enabled: true port: 17871 protocol: HTTP ingress: main: enabled: true annotations: cert-manager.io/cluster-issuer: letsencrypt-production traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd hosts: - host: &host "qbit.${SECRET_NEW_DOMAIN}" paths: - path: / pathType: Prefix tls: - hosts: - *host secretName: wildcard-main-tls persistence: storage: enabled: true type: hostPath hostPath: /mnt/MainPool/Media/Torrents mountPath: /storage/Torrents config: enabled: true type: hostPath hostPath: /mnt/MainPool/Kubernetes/qbittorrent mountPath: /config cookies: enabled: true type: secret name: cookie-secret mountPath: /etc/tokens resources: requests: cpu: 10m memory: 250Mi limits: memory: 6000Mi