Initial checkin

.gitignore

@@ -0,0 +1 @@
+openvpn_secret.yml

README.md

@@ -0,0 +1,6 @@
+# transmission-openvpn k8s manifest
+
+## Introduction
+
+This deploys a transmission server that communicates via an openvpn VPN.
+

configs/transmission-data/transmission-home/settings.json

@@ -0,0 +1,71 @@
+{
+    "alt-speed-down": 50,
+    "alt-speed-enabled": false,
+    "alt-speed-time-begin": 540,
+    "alt-speed-time-day": 127,
+    "alt-speed-time-enabled": false,
+    "alt-speed-time-end": 1020,
+    "alt-speed-up": 50,
+    "bind-address-ipv4": "10.56.112.100",
+    "bind-address-ipv6": "::",
+    "blocklist-enabled": false,
+    "blocklist-url": "http://www.example.com/blocklist",
+    "cache-size-mb": 4,
+    "dht-enabled": true,
+    "download-dir": "/data/completed",
+    "download-queue-enabled": true,
+    "download-queue-size": 5,
+    "encryption": 1,
+    "idle-seeding-limit": 30,
+    "idle-seeding-limit-enabled": false,
+    "incomplete-dir": "/data/incomplete",
+    "incomplete-dir-enabled": true,
+    "lpd-enabled": false,
+    "message-level": 2,
+    "peer-congestion-algorithm": "",
+    "peer-id-ttl-hours": 6,
+    "peer-limit-global": 240,
+    "peer-limit-per-torrent": 60,
+    "peer-port": 40601,
+    "peer-port-random-high": 65535,
+    "peer-port-random-low": 49152,
+    "peer-port-random-on-start": false,
+    "peer-socket-tos": "default",
+    "pex-enabled": true,
+    "port-forwarding-enabled": false,
+    "preallocation": 1,
+    "prefetch-enabled": true,
+    "queue-stalled-enabled": true,
+    "queue-stalled-minutes": 30,
+    "ratio-limit": 1,
+    "ratio-limit-enabled": true,
+    "rename-partial-files": true,
+    "rpc-authentication-required": true,
+    "rpc-bind-address": "0.0.0.0",
+    "rpc-enabled": true,
+    "rpc-host-whitelist": "",
+    "rpc-host-whitelist-enabled": false,
+    "rpc-password": "{932af7257cc927693cb0e6fb67ec2a0df58185e1dmMIFFFT",
+    "rpc-port": 9091,
+    "rpc-url": "/transmission/",
+    "rpc-username": "transmission",
+    "rpc-whitelist": "127.0.0.1,::1",
+    "rpc-whitelist-enabled": false,
+    "scrape-paused-torrents-enabled": true,
+    "script-torrent-done-enabled": false,
+    "script-torrent-done-filename": "",
+    "seed-queue-enabled": false,
+    "seed-queue-size": 10,
+    "speed-limit-down": 100,
+    "speed-limit-down-enabled": false,
+    "speed-limit-up": 100,
+    "speed-limit-up-enabled": false,
+    "start-added-torrents": false,
+    "trash-original-torrent-files": false,
+    "umask": 2,
+    "upload-slots-per-torrent": 14,
+    "utp-enabled": false,
+    "watch-dir": "/data/watch",
+    "watch-dir-enabled": true,
+    "watch-dir-force-generic": false
+}

openvpn-secret.yml.tmpl

@@ -0,0 +1,16 @@
+---
+#############################################
+# - creds for openvpn account
+# - generate value using;
+#     echo -n '<text>' | base64
+#############################################
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: openvpn-pass
+  namespace: k8stv
+data:
+  OPENVPN_USERNAME: xxxxxxx
+  OPENVPN_PASSWORD: xxxxxxx
+

transmission-start-all.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+##########################################################
+#
+# Script to encapsulate the k8s command to start up all
+# torrents.
+#
+# Can be run from the host system, or any system that has
+# kubectl set up to talk to the host.
+#
+##########################################################
+
+kubectl --namespace k8stv exec -t deployment/transmission -- /usr/bin/transmission-remote localhost:9091 --auth transmission:transmission --torrent all --start
+

transmission-stop-all.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+##########################################################
+#
+# Script to encapsulate the k8s command to stop all
+# torrents.
+#
+# Can be run from the host system, or any system that has
+# kubectl set up to talk to the host.
+#
+##########################################################
+
+kubectl --namespace k8stv exec -t deployment/transmission -- /usr/bin/transmission-remote localhost:9091 --auth transmission:transmission --torrent all --stop
+

transmission_deployment.yml

@@ -0,0 +1,96 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: transmission
+  labels:
+    app: transmission
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: transmission
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: transmission
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: beta.kubernetes.io/arch
+                operator: In
+                values:
+                - arm64
+      containers:
+      - name: transmission
+        image: haugene/transmission-openvpn
+        env:
+        - name: CREATE_TUN_DEVICE
+          value: "true"
+        - name: OPENVPN_PROVIDER
+          value: "PIA"
+        - name: OPENVPN_CONFIG
+          value: "ca_toronto"
+        - name: OPENVPN_OPTS
+          value: "--inactive 3600 --ping 10 --ping-exit 60"
+        - name: WEBPROXY_ENABLED
+          value: "false"
+        - name: LOCAL_NETWORK
+          value: "192.168.7.0/24"
+        - name: TRANSMISSION_RATIO_LIMIT
+          value: "1"
+        - name: TRANSMISSION_RATIO_LIMIT_ENABLED
+          value: "true"
+        - name: TRANSMISSION_RPC_USERNAME
+          value: "transmission"
+        - name: TRANSMISSION_RPC_PASSWORD
+          value: "transmission"
+        - name: TRANSMISSION_RPC_AUTHENTICATION_REQUIRED
+          value: "true"
+        - name: TRANSMISSION_RPC_WHITELIST_ENABLED
+          value: "false"
+        - name: TRANSMISSION_RPC_HOST_WHITELIST_ENABLED
+          value: "false"
+        - name: TRANSMISSION_START_ADDED_TORRENTS
+          value: "false"
+        - name: TZ
+          value: "America/Toronto"
+        - name: OPENVPN_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: openvpn-pass
+              key: OPENVPN_USERNAME
+        - name: OPENVPN_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: openvpn-pass
+              key: OPENVPN_PASSWORD
+        ports:
+        - containerPort: 9091
+        volumeMounts:
+        - name: transmission-data
+          mountPath: /data
+        - name: tz-config
+          mountPath: /etc/localtime
+        securityContext:
+          capabilities:
+            add:
+              - NET_ADMIN
+      dnsConfig:
+        nameservers:
+          - 8.8.8.8
+          - 8.8.4.4
+      volumes:
+      - name: transmission-data
+        persistentVolumeClaim:
+          claimName: transmission-data-pvc
+      - name: tz-config
+        hostPath:
+          path: /usr/share/zoneinfo/EST5EDT
+
+# EOF

transmission_pv.yml

@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: transmission-data-pv
+  labels:
+    name: transmission-data-pv
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 50Gi
+  accessModes:
+    - ReadWriteOnce
+  mountOptions:
+    - hard
+    - nfsvers=4.0
+  nfs:
+    server: 192.168.7.11
+    path: "/volume1/k8s-storage/transmission-data"
+
+# EOF

transmission_pvc.yml

@@ -0,0 +1,19 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: transmission-data-pvc
+  labels:
+    app: transmission
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: "manual"
+  resources:
+    requests:
+      storage: 50Gi
+  selector:
+    matchLabels:
+      name: transmission-data-pv
+
+# EOF

transmission_svclb.yml

@@ -0,0 +1,15 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: transmission
+spec:
+  selector:
+    app: transmission
+  ports:
+    - protocol: TCP
+      port: 9091
+      targetPort: 9091
+  type: LoadBalancer
+
+# EOF