Initial checkin
This commit is contained in:
commit
4a84e156a5
|
@ -0,0 +1 @@
|
|||
openvpn_secret.yml
|
|
@ -0,0 +1,6 @@
|
|||
# transmission-openvpn k8s manifest
|
||||
|
||||
## Introduction
|
||||
|
||||
This deploys a transmission server that communicates via an openvpn VPN.
|
||||
|
|
@ -0,0 +1,71 @@
|
|||
{
|
||||
"alt-speed-down": 50,
|
||||
"alt-speed-enabled": false,
|
||||
"alt-speed-time-begin": 540,
|
||||
"alt-speed-time-day": 127,
|
||||
"alt-speed-time-enabled": false,
|
||||
"alt-speed-time-end": 1020,
|
||||
"alt-speed-up": 50,
|
||||
"bind-address-ipv4": "10.56.112.100",
|
||||
"bind-address-ipv6": "::",
|
||||
"blocklist-enabled": false,
|
||||
"blocklist-url": "http://www.example.com/blocklist",
|
||||
"cache-size-mb": 4,
|
||||
"dht-enabled": true,
|
||||
"download-dir": "/data/completed",
|
||||
"download-queue-enabled": true,
|
||||
"download-queue-size": 5,
|
||||
"encryption": 1,
|
||||
"idle-seeding-limit": 30,
|
||||
"idle-seeding-limit-enabled": false,
|
||||
"incomplete-dir": "/data/incomplete",
|
||||
"incomplete-dir-enabled": true,
|
||||
"lpd-enabled": false,
|
||||
"message-level": 2,
|
||||
"peer-congestion-algorithm": "",
|
||||
"peer-id-ttl-hours": 6,
|
||||
"peer-limit-global": 240,
|
||||
"peer-limit-per-torrent": 60,
|
||||
"peer-port": 40601,
|
||||
"peer-port-random-high": 65535,
|
||||
"peer-port-random-low": 49152,
|
||||
"peer-port-random-on-start": false,
|
||||
"peer-socket-tos": "default",
|
||||
"pex-enabled": true,
|
||||
"port-forwarding-enabled": false,
|
||||
"preallocation": 1,
|
||||
"prefetch-enabled": true,
|
||||
"queue-stalled-enabled": true,
|
||||
"queue-stalled-minutes": 30,
|
||||
"ratio-limit": 1,
|
||||
"ratio-limit-enabled": true,
|
||||
"rename-partial-files": true,
|
||||
"rpc-authentication-required": true,
|
||||
"rpc-bind-address": "0.0.0.0",
|
||||
"rpc-enabled": true,
|
||||
"rpc-host-whitelist": "",
|
||||
"rpc-host-whitelist-enabled": false,
|
||||
"rpc-password": "{932af7257cc927693cb0e6fb67ec2a0df58185e1dmMIFFFT",
|
||||
"rpc-port": 9091,
|
||||
"rpc-url": "/transmission/",
|
||||
"rpc-username": "transmission",
|
||||
"rpc-whitelist": "127.0.0.1,::1",
|
||||
"rpc-whitelist-enabled": false,
|
||||
"scrape-paused-torrents-enabled": true,
|
||||
"script-torrent-done-enabled": false,
|
||||
"script-torrent-done-filename": "",
|
||||
"seed-queue-enabled": false,
|
||||
"seed-queue-size": 10,
|
||||
"speed-limit-down": 100,
|
||||
"speed-limit-down-enabled": false,
|
||||
"speed-limit-up": 100,
|
||||
"speed-limit-up-enabled": false,
|
||||
"start-added-torrents": false,
|
||||
"trash-original-torrent-files": false,
|
||||
"umask": 2,
|
||||
"upload-slots-per-torrent": 14,
|
||||
"utp-enabled": false,
|
||||
"watch-dir": "/data/watch",
|
||||
"watch-dir-enabled": true,
|
||||
"watch-dir-force-generic": false
|
||||
}
|
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
#############################################
|
||||
# - creds for openvpn account
|
||||
# - generate value using;
|
||||
# echo -n '<text>' | base64
|
||||
#############################################
|
||||
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: openvpn-pass
|
||||
namespace: k8stv
|
||||
data:
|
||||
OPENVPN_USERNAME: xxxxxxx
|
||||
OPENVPN_PASSWORD: xxxxxxx
|
||||
|
|
@ -0,0 +1,13 @@
|
|||
#!/bin/bash
|
||||
##########################################################
|
||||
#
|
||||
# Script to encapsulate the k8s command to start up all
|
||||
# torrents.
|
||||
#
|
||||
# Can be run from the host system, or any system that has
|
||||
# kubectl set up to talk to the host.
|
||||
#
|
||||
##########################################################
|
||||
|
||||
kubectl --namespace k8stv exec -t deployment/transmission -- /usr/bin/transmission-remote localhost:9091 --auth transmission:transmission --torrent all --start
|
||||
|
|
@ -0,0 +1,13 @@
|
|||
#!/bin/bash
|
||||
##########################################################
|
||||
#
|
||||
# Script to encapsulate the k8s command to stop all
|
||||
# torrents.
|
||||
#
|
||||
# Can be run from the host system, or any system that has
|
||||
# kubectl set up to talk to the host.
|
||||
#
|
||||
##########################################################
|
||||
|
||||
kubectl --namespace k8stv exec -t deployment/transmission -- /usr/bin/transmission-remote localhost:9091 --auth transmission:transmission --torrent all --stop
|
||||
|
|
@ -0,0 +1,96 @@
|
|||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: transmission
|
||||
labels:
|
||||
app: transmission
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: transmission
|
||||
strategy:
|
||||
type: Recreate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: transmission
|
||||
spec:
|
||||
affinity:
|
||||
nodeAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
nodeSelectorTerms:
|
||||
- matchExpressions:
|
||||
- key: beta.kubernetes.io/arch
|
||||
operator: In
|
||||
values:
|
||||
- arm64
|
||||
containers:
|
||||
- name: transmission
|
||||
image: haugene/transmission-openvpn
|
||||
env:
|
||||
- name: CREATE_TUN_DEVICE
|
||||
value: "true"
|
||||
- name: OPENVPN_PROVIDER
|
||||
value: "PIA"
|
||||
- name: OPENVPN_CONFIG
|
||||
value: "ca_toronto"
|
||||
- name: OPENVPN_OPTS
|
||||
value: "--inactive 3600 --ping 10 --ping-exit 60"
|
||||
- name: WEBPROXY_ENABLED
|
||||
value: "false"
|
||||
- name: LOCAL_NETWORK
|
||||
value: "192.168.7.0/24"
|
||||
- name: TRANSMISSION_RATIO_LIMIT
|
||||
value: "1"
|
||||
- name: TRANSMISSION_RATIO_LIMIT_ENABLED
|
||||
value: "true"
|
||||
- name: TRANSMISSION_RPC_USERNAME
|
||||
value: "transmission"
|
||||
- name: TRANSMISSION_RPC_PASSWORD
|
||||
value: "transmission"
|
||||
- name: TRANSMISSION_RPC_AUTHENTICATION_REQUIRED
|
||||
value: "true"
|
||||
- name: TRANSMISSION_RPC_WHITELIST_ENABLED
|
||||
value: "false"
|
||||
- name: TRANSMISSION_RPC_HOST_WHITELIST_ENABLED
|
||||
value: "false"
|
||||
- name: TRANSMISSION_START_ADDED_TORRENTS
|
||||
value: "false"
|
||||
- name: TZ
|
||||
value: "America/Toronto"
|
||||
- name: OPENVPN_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: openvpn-pass
|
||||
key: OPENVPN_USERNAME
|
||||
- name: OPENVPN_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: openvpn-pass
|
||||
key: OPENVPN_PASSWORD
|
||||
ports:
|
||||
- containerPort: 9091
|
||||
volumeMounts:
|
||||
- name: transmission-data
|
||||
mountPath: /data
|
||||
- name: tz-config
|
||||
mountPath: /etc/localtime
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- NET_ADMIN
|
||||
dnsConfig:
|
||||
nameservers:
|
||||
- 8.8.8.8
|
||||
- 8.8.4.4
|
||||
volumes:
|
||||
- name: transmission-data
|
||||
persistentVolumeClaim:
|
||||
claimName: transmission-data-pvc
|
||||
- name: tz-config
|
||||
hostPath:
|
||||
path: /usr/share/zoneinfo/EST5EDT
|
||||
|
||||
# EOF
|
|
@ -0,0 +1,21 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: transmission-data-pv
|
||||
labels:
|
||||
name: transmission-data-pv
|
||||
spec:
|
||||
storageClassName: manual
|
||||
capacity:
|
||||
storage: 50Gi
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
mountOptions:
|
||||
- hard
|
||||
- nfsvers=4.0
|
||||
nfs:
|
||||
server: 192.168.7.11
|
||||
path: "/volume1/k8s-storage/transmission-data"
|
||||
|
||||
# EOF
|
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: transmission-data-pvc
|
||||
labels:
|
||||
app: transmission
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
storageClassName: "manual"
|
||||
resources:
|
||||
requests:
|
||||
storage: 50Gi
|
||||
selector:
|
||||
matchLabels:
|
||||
name: transmission-data-pv
|
||||
|
||||
# EOF
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: transmission
|
||||
spec:
|
||||
selector:
|
||||
app: transmission
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 9091
|
||||
targetPort: 9091
|
||||
type: LoadBalancer
|
||||
|
||||
# EOF
|
Loading…
Reference in New Issue