# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: sabnzbd namespace: download spec: interval: 5m chart: spec: chart: app-template version: 3.1.0 sourceRef: kind: HelmRepository name: bjws-charts namespace: flux-system values: controllers: main: pod: securityContext: runAsNonRoot: true # runAsGroup: 10000 # runAsUser: 10000 # fsGroup: 10000 # fsGroupChangePolicy: "OnRootMismatch" containers: app: image: repository: lscr.io/linuxserver/sabnzbd tag: 4.3.2 env: PGID: 10000 PUID: 10000 metrics: image: repository: msroest/sabnzbd_exporter tag: 0.1.73 env: - name: SABNZBD_BASEURLS value: http://localhost:8080 - name: SABNZBD_APIKEYS valueFrom: secretKeyRef: name: sabnzbd-apikey key: apikey service: app: controller: main ports: http: port: 8080 metrics: port: 9387 protocol: HTTP serviceMonitor: app: enabled: true serviceName: sabnzbd labels: release: kube-prometheus-stack endpoints: - port: metrics scheme: http path: /metrics interval: 3m scrapeTimeout: 1m ingress: main: annotations: cert-manager.io/cluster-issuer: letsencrypt-production traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd hosts: - host: &host "usenet.${SECRET_NEW_DOMAIN}" paths: - path: / service: identifier: app port: http tls: - hosts: - *host persistence: storage: type: hostPath hostPath: /mnt/MainPool/Media/Usenet globalMounts: - path: /storage/Usenet config: type: hostPath hostPath: /mnt/MainPool/Kubernetes/sabnzbd advancedMounts: main: # controller name app: # container name - path: /config