# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: sonarr
namespace: download
spec:
interval: 5m
chart:
spec:
chart: app-template
version: 3.4.0
sourceRef:
kind: HelmRepository
name: bjws-charts
namespace: flux-system
values:
controllers:
sonarr:
initContainers:
init-db:
image:
repository: ghcr.io/onedr0p/postgres-init
tag: 16
env:
INIT_POSTGRES_DBNAME: &dbName sonarr_main
INIT_POSTGRES_HOST: &dbHost postgres16-rw.database.svc
INIT_POSTGRES_PORT: &dbPort "5432"
envFrom: &envFrom
- secretRef:
name: sonarr-secret
containers:
app:
image:
repository: ghcr.io/onedr0p/sonarr-develop
tag: 4.0.12.2825
envFrom: *envFrom
env:
TZ: America/New_York
SONARR__APP__INSTANCENAME: Sonarr
SONARR__APP__THEME: dark
SONARR__AUTH__METHOD: External
SONARR__AUTH__REQUIRED: DisabledForLocalAddresses
SONARR__LOG__DBENABLED: "False"
SONARR__LOG__LEVEL: info
SONARR__POSTGRES__HOST: *dbHost
SONARR__POSTGRES__PORT: *dbPort
SONARR__POSTGRES__MAINDB: *dbName
SONARR__SERVER__PORT: &port 8989
SONARR__UPDATE__BRANCH: develop
probes:
liveness: &probes
enabled: true
custom: true
spec:
httpGet:
path: /ping
port: *port
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness: *probes
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities: { drop: ["ALL"] }
resources:
requests:
memory: 100Mi
limits:
memory: 4Gi
exportarr:
image:
repository: ghcr.io/onedr0p/exportarr
tag: v2.0.1
args:
- sonarr
env:
- name: URL
value: "http://localhost"
- name: PORT
value: &metricsPort 9000
- name: ENABLE_ADDITIONAL_METRICS
value: "true"
- name: ENABLE_UNKNOWN_QUEUE_ITEMS
value: "true"
- name: API_KEY
secretKeyRef:
name: sonarr-secret
key: SONARR__AUTH__APIKEY
defaultPodOptions:
securityContext:
runAsNonRoot: true
runAsUser: 10000
runAsGroup: 10000
fsGroup: 10000
fsGroupChangePolicy: OnRootMismatch
service:
app:
controller: sonarr
ports:
http:
port: *port
metrics:
port: *metricsPort
protocol: HTTP
ingress:
app:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
hosts:
- host: "sonarr.${SECRET_NEW_DOMAIN}"
paths:
- path: /
service:
identifier: app
port: http
persistence:
config:
existingClaim: sonarr
globalMounts:
- path: /config
storage:
type: hostPath
hostPath: /mnt/MainPool/Media
advancedMounts:
sonarr: # controller name
app: # container name
- path: /storage