shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

⬆️ sonarr app-template v2

Browse Source
This commit is contained in:
auricom
2023-11-04 09:45:26 +01:00
parent b2bd47793f
commit e0023f8f8c
5 changed files with 87 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
kubernetes/apps/default/sonarr/app/externalsecret.yaml
View File

@@ -16,9 +16,23 @@ spec:
data: data:
# App # App
SONARR__API_KEY: "{{ .SONARR__API_KEY }}" SONARR__API_KEY: "{{ .SONARR__API_KEY }}"
SONARR__POSTGRES_HOST: &dbHost postgres-rw.default.svc.cluster.local
SONARR__POSTGRES_PORT: "5432"
SONARR__POSTGRES_USER: &dbUser "{{ .SONARR__POSTGRES_USER }}"
SONARR__POSTGRES_PASSWORD: &dbPass "{{ .SONARR__POSTGRES_PASSWORD }}"
SONARR__POSTGRES_MAIN_DB: sonarr_main
SONARR__POSTGRES_LOG_DB: sonarr_log
PUSHOVER_TOKEN: "{{ .PUSHOVER_API_TOKEN }}" PUSHOVER_TOKEN: "{{ .PUSHOVER_API_TOKEN }}"
PUSHOVER_USER_KEY: "{{ .PUSHOVER_USER_KEY }}" PUSHOVER_USER_KEY: "{{ .PUSHOVER_USER_KEY }}"
# Postgres Init
INIT_POSTGRES_DBNAME: sonarr_main sonarr_log
INIT_POSTGRES_HOST: *dbHost
INIT_POSTGRES_USER: *dbUser
INIT_POSTGRES_PASS: *dbPass
INIT_POSTGRES_SUPER_PASS: "{{ .POSTGRES_SUPER_PASS }}"
dataFrom: dataFrom:
- extract:
key: cloudnative-pg
- extract: - extract:
key: pushover key: pushover
- extract: - extract:

122
kubernetes/apps/default/sonarr/app/helmrelease.yaml
View File

@@ -10,7 +10,7 @@ spec:
chart: chart:
spec: spec:
chart: app-template chart: app-template
version: 1.5.1 version: 2.0.3
sourceRef: sourceRef:
kind: HelmRepository kind: HelmRepository
name: bjw-s name: bjw-s
@@ -27,25 +27,65 @@ spec:
uninstall: uninstall:
keepHistory: false keepHistory: false
values: values:
controller: defaultPodOptions:
annotations: securityContext:
reloader.stakater.com/auto: "true" runAsUser: 568
configmap.reloader.stakater.com/reload: sonarr-pushover runAsGroup: 568
image: fsGroup: 568
repository: ghcr.io/onedr0p/sonarr-develop fsGroupChangePolicy: OnRootMismatch
tag: 4.0.0.710@sha256:438f46db13f15df81159118a9f1d74ce7e2a46e9bd45024b2fa6aecae6036068 controllers:
env: main:
TZ: "${TIMEZONE}" annotations:
PUSHOVER_APP_URL: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}" reloader.stakater.com/auto: "true"
PUSHOVER_DEBUG: "false" configmap.reloader.stakater.com/reload: "sonarr-pushover"
PUSHOVER_PRIORITY: "0" initContainers:
SONARR__INSTANCE_NAME: Sonarr init-db:
SONARR__PORT: &port 8080 image:
SONARR__APPLICATION_URL: "https://{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}" repository: ghcr.io/auricom/postgres-init
SONARR__LOG_LEVEL: info tag: 15.4@sha256:83e1abf06be5741bdfb8cb53fc03a1ade6e6b5ec7b92a8aac0c69ba5dc7e51f0
envFrom: pullPolicy: IfNotPresent
- secretRef: envFrom: &envFrom
name: sonarr-secret - secretRef:
name: sonarr-secret
containers:
main:
image:
repository: ghcr.io/onedr0p/sonarr-develop
tag: 4.0.0.710@sha256:438f46db13f15df81159118a9f1d74ce7e2a46e9bd45024b2fa6aecae6036068
env:
TZ: "${TIMEZONE}"
PUSHOVER_APP_URL: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}"
PUSHOVER_DEBUG: "false"
PUSHOVER_PRIORITY: "0"
SONARR__AUTHENTICATION_METHOD: External
SONARR__AUTHENTICATION_REQUIRED: DisabledForLocalAddresses
SONARR__INSTANCE_NAME: Sonarr
SONARR__PORT: &port 8080
SONARR__APPLICATION_URL: "https://{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}"
SONARR__LOG_LEVEL: info
SONARR__THEME: dark
envFrom: *envFrom
probes:
liveness: &probes
enabled: true
custom: true
spec:
httpGet:
path: /ping
port: *port
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness: *probes
startup:
enabled: false
resources:
requests:
cpu: 10m
memory: 256M
limits:
memory: 1Gi
service: service:
main: main:
ports: ports:
@@ -54,57 +94,41 @@ spec:
ingress: ingress:
main: main:
enabled: true enabled: true
ingressClassName: "nginx" className: "nginx"
annotations: annotations:
auth.home.arpa/enabled: "true" auth.home.arpa/enabled: "true"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Accept-Encoding "";
sub_filter '</head>' '<link rel="stylesheet" type="text/css" href="https://theme-park.${SECRET_CLUSTER_DOMAIN}/css/base/sonarr/nord.css"></head>';
sub_filter_once on;
hajimari.io/icon: mdi:television-classic hajimari.io/icon: mdi:television-classic
hosts: hosts:
- host: *host - host: *host
paths: paths:
- path: / - path: /
pathType: Prefix service:
name: main
port: http
tls: tls:
- hosts: - hosts:
- *host - *host
podSecurityContext:
runAsUser: 568
runAsGroup: 568
fsGroup: 568
fsGroupChangePolicy: "OnRootMismatch"
supplementalGroups:
- 100
persistence: persistence:
config: config:
enabled: true enabled: true
existingClaim: sonarr-config type: emptyDir
mountPath: /config
downloads: downloads:
enabled: true
type: nfs type: nfs
server: "${LOCAL_LAN_TRUENAS}" server: "${LOCAL_LAN_TRUENAS}"
path: /mnt/storage/downloads path: /mnt/storage/downloads
mountPath: /mnt/storage/downloads globalMounts:
- path: /mnt/storage/downloads
video: video:
enabled: true
type: nfs type: nfs
server: "${LOCAL_LAN_TRUENAS}" server: "${LOCAL_LAN_TRUENAS}"
path: /mnt/storage/video path: /mnt/storage/video
mountPath: /mnt/storage/video globalMounts:
- path: /mnt/storage/video
scripts: scripts:
enabled: true
type: configMap type: configMap
name: sonarr-pushover name: sonarr-pushover
subPath: pushover-notify.sh
mountPath: /scripts/pushover-notify.sh
defaultMode: 0775 defaultMode: 0775
readOnly: true globalMounts:
resources: - path: /scripts/pushover-notify.sh
requests: subPath: pushover-notify.sh
cpu: 500m readOnly: true
memory: 500Mi
limits:
memory: 2000Mi

2
kubernetes/apps/default/sonarr/app/kustomization.yaml
View File

@@ -7,8 +7,6 @@ resources:
- ./externalsecret.yaml - ./externalsecret.yaml
- ./gatus.yaml - ./gatus.yaml
- ./helmrelease.yaml - ./helmrelease.yaml
- ./volsync.yaml
- ./volume.yaml
configMapGenerator: configMapGenerator:
- name: sonarr-pushover - name: sonarr-pushover
files: files:

49
kubernetes/apps/default/sonarr/app/volsync.yaml
View File

@@ -1,49 +0,0 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: sonarr-restic
namespace: default
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: sonarr-restic-secret
creationPolicy: Owner
template:
engineVersion: v2
data:
RESTIC_REPOSITORY: '{{ .REPOSITORY_TEMPLATE }}/sonarr'
RESTIC_PASSWORD: '{{ .RESTIC_PASSWORD }}'
AWS_ACCESS_KEY_ID: '{{ .AWS_ACCESS_KEY_ID }}'
AWS_SECRET_ACCESS_KEY: '{{ .AWS_SECRET_ACCESS_KEY }}'
dataFrom:
- extract:
key: volsync-restic-template
---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/volsync.backube/replicationsource_v1alpha1.json
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: sonarr
namespace: default
spec:
sourcePVC: sonarr-config
trigger:
schedule: "0 7 * * *"
restic:
copyMethod: Snapshot
pruneIntervalDays: 7
repository: sonarr-restic-secret
cacheCapacity: 2Gi
volumeSnapshotClassName: csi-ceph-blockpool
storageClassName: rook-ceph-block
moverSecurityContext:
runAsUser: 568
runAsGroup: 568
fsGroup: 568
retain:
daily: 7
within: 3d

17
kubernetes/apps/default/sonarr/app/volume.yaml
View File

@@ -1,17 +0,0 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonarr-config
namespace: default
labels:
app.kubernetes.io/name: &name sonarr
app.kubernetes.io/instance: *name
snapshot.home.arpa/enabled: "true"
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
storageClassName: rook-ceph-block