From 4a84e156a5162cfb8b9c47ece615d55941e4158a Mon Sep 17 00:00:00 2001 From: Radar231 Date: Sun, 1 Aug 2021 21:24:32 -0400 Subject: [PATCH] Initial checkin --- .gitignore | 1 + README.md | 6 ++ .../transmission-home/settings.json | 71 ++++++++++++++ openvpn-secret.yml.tmpl | 16 ++++ transmission-start-all.sh | 13 +++ transmission-stop-all.sh | 13 +++ transmission_deployment.yml | 96 +++++++++++++++++++ transmission_pv.yml | 21 ++++ transmission_pvc.yml | 19 ++++ transmission_svclb.yml | 15 +++ 10 files changed, 271 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 configs/transmission-data/transmission-home/settings.json create mode 100644 openvpn-secret.yml.tmpl create mode 100755 transmission-start-all.sh create mode 100755 transmission-stop-all.sh create mode 100644 transmission_deployment.yml create mode 100644 transmission_pv.yml create mode 100644 transmission_pvc.yml create mode 100644 transmission_svclb.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..6acb764 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +openvpn_secret.yml diff --git a/README.md b/README.md new file mode 100644 index 0000000..cb6f133 --- /dev/null +++ b/README.md @@ -0,0 +1,6 @@ +# transmission-openvpn k8s manifest + +## Introduction + +This deploys a transmission server that communicates via an openvpn VPN. + diff --git a/configs/transmission-data/transmission-home/settings.json b/configs/transmission-data/transmission-home/settings.json new file mode 100644 index 0000000..309308e --- /dev/null +++ b/configs/transmission-data/transmission-home/settings.json @@ -0,0 +1,71 @@ +{ + "alt-speed-down": 50, + "alt-speed-enabled": false, + "alt-speed-time-begin": 540, + "alt-speed-time-day": 127, + "alt-speed-time-enabled": false, + "alt-speed-time-end": 1020, + "alt-speed-up": 50, + "bind-address-ipv4": "10.56.112.100", + "bind-address-ipv6": "::", + "blocklist-enabled": false, + "blocklist-url": "http://www.example.com/blocklist", + "cache-size-mb": 4, + "dht-enabled": true, + "download-dir": "/data/completed", + "download-queue-enabled": true, + "download-queue-size": 5, + "encryption": 1, + "idle-seeding-limit": 30, + "idle-seeding-limit-enabled": false, + "incomplete-dir": "/data/incomplete", + "incomplete-dir-enabled": true, + "lpd-enabled": false, + "message-level": 2, + "peer-congestion-algorithm": "", + "peer-id-ttl-hours": 6, + "peer-limit-global": 240, + "peer-limit-per-torrent": 60, + "peer-port": 40601, + "peer-port-random-high": 65535, + "peer-port-random-low": 49152, + "peer-port-random-on-start": false, + "peer-socket-tos": "default", + "pex-enabled": true, + "port-forwarding-enabled": false, + "preallocation": 1, + "prefetch-enabled": true, + "queue-stalled-enabled": true, + "queue-stalled-minutes": 30, + "ratio-limit": 1, + "ratio-limit-enabled": true, + "rename-partial-files": true, + "rpc-authentication-required": true, + "rpc-bind-address": "0.0.0.0", + "rpc-enabled": true, + "rpc-host-whitelist": "", + "rpc-host-whitelist-enabled": false, + "rpc-password": "{932af7257cc927693cb0e6fb67ec2a0df58185e1dmMIFFFT", + "rpc-port": 9091, + "rpc-url": "/transmission/", + "rpc-username": "transmission", + "rpc-whitelist": "127.0.0.1,::1", + "rpc-whitelist-enabled": false, + "scrape-paused-torrents-enabled": true, + "script-torrent-done-enabled": false, + "script-torrent-done-filename": "", + "seed-queue-enabled": false, + "seed-queue-size": 10, + "speed-limit-down": 100, + "speed-limit-down-enabled": false, + "speed-limit-up": 100, + "speed-limit-up-enabled": false, + "start-added-torrents": false, + "trash-original-torrent-files": false, + "umask": 2, + "upload-slots-per-torrent": 14, + "utp-enabled": false, + "watch-dir": "/data/watch", + "watch-dir-enabled": true, + "watch-dir-force-generic": false +} diff --git a/openvpn-secret.yml.tmpl b/openvpn-secret.yml.tmpl new file mode 100644 index 0000000..a5c7f4c --- /dev/null +++ b/openvpn-secret.yml.tmpl @@ -0,0 +1,16 @@ +--- +############################################# +# - creds for openvpn account +# - generate value using; +# echo -n '' | base64 +############################################# + +apiVersion: v1 +kind: Secret +metadata: + name: openvpn-pass + namespace: k8stv +data: + OPENVPN_USERNAME: xxxxxxx + OPENVPN_PASSWORD: xxxxxxx + diff --git a/transmission-start-all.sh b/transmission-start-all.sh new file mode 100755 index 0000000..a3a350a --- /dev/null +++ b/transmission-start-all.sh @@ -0,0 +1,13 @@ +#!/bin/bash +########################################################## +# +# Script to encapsulate the k8s command to start up all +# torrents. +# +# Can be run from the host system, or any system that has +# kubectl set up to talk to the host. +# +########################################################## + +kubectl --namespace k8stv exec -t deployment/transmission -- /usr/bin/transmission-remote localhost:9091 --auth transmission:transmission --torrent all --start + diff --git a/transmission-stop-all.sh b/transmission-stop-all.sh new file mode 100755 index 0000000..c49b09b --- /dev/null +++ b/transmission-stop-all.sh @@ -0,0 +1,13 @@ +#!/bin/bash +########################################################## +# +# Script to encapsulate the k8s command to stop all +# torrents. +# +# Can be run from the host system, or any system that has +# kubectl set up to talk to the host. +# +########################################################## + +kubectl --namespace k8stv exec -t deployment/transmission -- /usr/bin/transmission-remote localhost:9091 --auth transmission:transmission --torrent all --stop + diff --git a/transmission_deployment.yml b/transmission_deployment.yml new file mode 100644 index 0000000..5f6a784 --- /dev/null +++ b/transmission_deployment.yml @@ -0,0 +1,96 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: transmission + labels: + app: transmission +spec: + replicas: 1 + selector: + matchLabels: + app: transmission + strategy: + type: Recreate + template: + metadata: + labels: + app: transmission + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: beta.kubernetes.io/arch + operator: In + values: + - arm64 + containers: + - name: transmission + image: haugene/transmission-openvpn + env: + - name: CREATE_TUN_DEVICE + value: "true" + - name: OPENVPN_PROVIDER + value: "PIA" + - name: OPENVPN_CONFIG + value: "ca_toronto" + - name: OPENVPN_OPTS + value: "--inactive 3600 --ping 10 --ping-exit 60" + - name: WEBPROXY_ENABLED + value: "false" + - name: LOCAL_NETWORK + value: "192.168.7.0/24" + - name: TRANSMISSION_RATIO_LIMIT + value: "1" + - name: TRANSMISSION_RATIO_LIMIT_ENABLED + value: "true" + - name: TRANSMISSION_RPC_USERNAME + value: "transmission" + - name: TRANSMISSION_RPC_PASSWORD + value: "transmission" + - name: TRANSMISSION_RPC_AUTHENTICATION_REQUIRED + value: "true" + - name: TRANSMISSION_RPC_WHITELIST_ENABLED + value: "false" + - name: TRANSMISSION_RPC_HOST_WHITELIST_ENABLED + value: "false" + - name: TRANSMISSION_START_ADDED_TORRENTS + value: "false" + - name: TZ + value: "America/Toronto" + - name: OPENVPN_USERNAME + valueFrom: + secretKeyRef: + name: openvpn-pass + key: OPENVPN_USERNAME + - name: OPENVPN_PASSWORD + valueFrom: + secretKeyRef: + name: openvpn-pass + key: OPENVPN_PASSWORD + ports: + - containerPort: 9091 + volumeMounts: + - name: transmission-data + mountPath: /data + - name: tz-config + mountPath: /etc/localtime + securityContext: + capabilities: + add: + - NET_ADMIN + dnsConfig: + nameservers: + - 8.8.8.8 + - 8.8.4.4 + volumes: + - name: transmission-data + persistentVolumeClaim: + claimName: transmission-data-pvc + - name: tz-config + hostPath: + path: /usr/share/zoneinfo/EST5EDT + +# EOF diff --git a/transmission_pv.yml b/transmission_pv.yml new file mode 100644 index 0000000..25b002c --- /dev/null +++ b/transmission_pv.yml @@ -0,0 +1,21 @@ +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: transmission-data-pv + labels: + name: transmission-data-pv +spec: + storageClassName: manual + capacity: + storage: 50Gi + accessModes: + - ReadWriteOnce + mountOptions: + - hard + - nfsvers=4.0 + nfs: + server: 192.168.7.11 + path: "/volume1/k8s-storage/transmission-data" + +# EOF diff --git a/transmission_pvc.yml b/transmission_pvc.yml new file mode 100644 index 0000000..c3f5c85 --- /dev/null +++ b/transmission_pvc.yml @@ -0,0 +1,19 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: transmission-data-pvc + labels: + app: transmission +spec: + accessModes: + - ReadWriteOnce + storageClassName: "manual" + resources: + requests: + storage: 50Gi + selector: + matchLabels: + name: transmission-data-pv + +# EOF diff --git a/transmission_svclb.yml b/transmission_svclb.yml new file mode 100644 index 0000000..4684339 --- /dev/null +++ b/transmission_svclb.yml @@ -0,0 +1,15 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: transmission +spec: + selector: + app: transmission + ports: + - protocol: TCP + port: 9091 + targetPort: 9091 + type: LoadBalancer + +# EOF