Initial checkin
This commit is contained in:
commit
4a84e156a5
|
@ -0,0 +1 @@
|
||||||
|
openvpn_secret.yml
|
|
@ -0,0 +1,6 @@
|
||||||
|
# transmission-openvpn k8s manifest
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
This deploys a transmission server that communicates via an openvpn VPN.
|
||||||
|
|
|
@ -0,0 +1,71 @@
|
||||||
|
{
|
||||||
|
"alt-speed-down": 50,
|
||||||
|
"alt-speed-enabled": false,
|
||||||
|
"alt-speed-time-begin": 540,
|
||||||
|
"alt-speed-time-day": 127,
|
||||||
|
"alt-speed-time-enabled": false,
|
||||||
|
"alt-speed-time-end": 1020,
|
||||||
|
"alt-speed-up": 50,
|
||||||
|
"bind-address-ipv4": "10.56.112.100",
|
||||||
|
"bind-address-ipv6": "::",
|
||||||
|
"blocklist-enabled": false,
|
||||||
|
"blocklist-url": "http://www.example.com/blocklist",
|
||||||
|
"cache-size-mb": 4,
|
||||||
|
"dht-enabled": true,
|
||||||
|
"download-dir": "/data/completed",
|
||||||
|
"download-queue-enabled": true,
|
||||||
|
"download-queue-size": 5,
|
||||||
|
"encryption": 1,
|
||||||
|
"idle-seeding-limit": 30,
|
||||||
|
"idle-seeding-limit-enabled": false,
|
||||||
|
"incomplete-dir": "/data/incomplete",
|
||||||
|
"incomplete-dir-enabled": true,
|
||||||
|
"lpd-enabled": false,
|
||||||
|
"message-level": 2,
|
||||||
|
"peer-congestion-algorithm": "",
|
||||||
|
"peer-id-ttl-hours": 6,
|
||||||
|
"peer-limit-global": 240,
|
||||||
|
"peer-limit-per-torrent": 60,
|
||||||
|
"peer-port": 40601,
|
||||||
|
"peer-port-random-high": 65535,
|
||||||
|
"peer-port-random-low": 49152,
|
||||||
|
"peer-port-random-on-start": false,
|
||||||
|
"peer-socket-tos": "default",
|
||||||
|
"pex-enabled": true,
|
||||||
|
"port-forwarding-enabled": false,
|
||||||
|
"preallocation": 1,
|
||||||
|
"prefetch-enabled": true,
|
||||||
|
"queue-stalled-enabled": true,
|
||||||
|
"queue-stalled-minutes": 30,
|
||||||
|
"ratio-limit": 1,
|
||||||
|
"ratio-limit-enabled": true,
|
||||||
|
"rename-partial-files": true,
|
||||||
|
"rpc-authentication-required": true,
|
||||||
|
"rpc-bind-address": "0.0.0.0",
|
||||||
|
"rpc-enabled": true,
|
||||||
|
"rpc-host-whitelist": "",
|
||||||
|
"rpc-host-whitelist-enabled": false,
|
||||||
|
"rpc-password": "{932af7257cc927693cb0e6fb67ec2a0df58185e1dmMIFFFT",
|
||||||
|
"rpc-port": 9091,
|
||||||
|
"rpc-url": "/transmission/",
|
||||||
|
"rpc-username": "transmission",
|
||||||
|
"rpc-whitelist": "127.0.0.1,::1",
|
||||||
|
"rpc-whitelist-enabled": false,
|
||||||
|
"scrape-paused-torrents-enabled": true,
|
||||||
|
"script-torrent-done-enabled": false,
|
||||||
|
"script-torrent-done-filename": "",
|
||||||
|
"seed-queue-enabled": false,
|
||||||
|
"seed-queue-size": 10,
|
||||||
|
"speed-limit-down": 100,
|
||||||
|
"speed-limit-down-enabled": false,
|
||||||
|
"speed-limit-up": 100,
|
||||||
|
"speed-limit-up-enabled": false,
|
||||||
|
"start-added-torrents": false,
|
||||||
|
"trash-original-torrent-files": false,
|
||||||
|
"umask": 2,
|
||||||
|
"upload-slots-per-torrent": 14,
|
||||||
|
"utp-enabled": false,
|
||||||
|
"watch-dir": "/data/watch",
|
||||||
|
"watch-dir-enabled": true,
|
||||||
|
"watch-dir-force-generic": false
|
||||||
|
}
|
|
@ -0,0 +1,16 @@
|
||||||
|
---
|
||||||
|
#############################################
|
||||||
|
# - creds for openvpn account
|
||||||
|
# - generate value using;
|
||||||
|
# echo -n '<text>' | base64
|
||||||
|
#############################################
|
||||||
|
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: openvpn-pass
|
||||||
|
namespace: k8stv
|
||||||
|
data:
|
||||||
|
OPENVPN_USERNAME: xxxxxxx
|
||||||
|
OPENVPN_PASSWORD: xxxxxxx
|
||||||
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
#!/bin/bash
|
||||||
|
##########################################################
|
||||||
|
#
|
||||||
|
# Script to encapsulate the k8s command to start up all
|
||||||
|
# torrents.
|
||||||
|
#
|
||||||
|
# Can be run from the host system, or any system that has
|
||||||
|
# kubectl set up to talk to the host.
|
||||||
|
#
|
||||||
|
##########################################################
|
||||||
|
|
||||||
|
kubectl --namespace k8stv exec -t deployment/transmission -- /usr/bin/transmission-remote localhost:9091 --auth transmission:transmission --torrent all --start
|
||||||
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
#!/bin/bash
|
||||||
|
##########################################################
|
||||||
|
#
|
||||||
|
# Script to encapsulate the k8s command to stop all
|
||||||
|
# torrents.
|
||||||
|
#
|
||||||
|
# Can be run from the host system, or any system that has
|
||||||
|
# kubectl set up to talk to the host.
|
||||||
|
#
|
||||||
|
##########################################################
|
||||||
|
|
||||||
|
kubectl --namespace k8stv exec -t deployment/transmission -- /usr/bin/transmission-remote localhost:9091 --auth transmission:transmission --torrent all --stop
|
||||||
|
|
|
@ -0,0 +1,96 @@
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: transmission
|
||||||
|
labels:
|
||||||
|
app: transmission
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: transmission
|
||||||
|
strategy:
|
||||||
|
type: Recreate
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: transmission
|
||||||
|
spec:
|
||||||
|
affinity:
|
||||||
|
nodeAffinity:
|
||||||
|
requiredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
nodeSelectorTerms:
|
||||||
|
- matchExpressions:
|
||||||
|
- key: beta.kubernetes.io/arch
|
||||||
|
operator: In
|
||||||
|
values:
|
||||||
|
- arm64
|
||||||
|
containers:
|
||||||
|
- name: transmission
|
||||||
|
image: haugene/transmission-openvpn
|
||||||
|
env:
|
||||||
|
- name: CREATE_TUN_DEVICE
|
||||||
|
value: "true"
|
||||||
|
- name: OPENVPN_PROVIDER
|
||||||
|
value: "PIA"
|
||||||
|
- name: OPENVPN_CONFIG
|
||||||
|
value: "ca_toronto"
|
||||||
|
- name: OPENVPN_OPTS
|
||||||
|
value: "--inactive 3600 --ping 10 --ping-exit 60"
|
||||||
|
- name: WEBPROXY_ENABLED
|
||||||
|
value: "false"
|
||||||
|
- name: LOCAL_NETWORK
|
||||||
|
value: "192.168.7.0/24"
|
||||||
|
- name: TRANSMISSION_RATIO_LIMIT
|
||||||
|
value: "1"
|
||||||
|
- name: TRANSMISSION_RATIO_LIMIT_ENABLED
|
||||||
|
value: "true"
|
||||||
|
- name: TRANSMISSION_RPC_USERNAME
|
||||||
|
value: "transmission"
|
||||||
|
- name: TRANSMISSION_RPC_PASSWORD
|
||||||
|
value: "transmission"
|
||||||
|
- name: TRANSMISSION_RPC_AUTHENTICATION_REQUIRED
|
||||||
|
value: "true"
|
||||||
|
- name: TRANSMISSION_RPC_WHITELIST_ENABLED
|
||||||
|
value: "false"
|
||||||
|
- name: TRANSMISSION_RPC_HOST_WHITELIST_ENABLED
|
||||||
|
value: "false"
|
||||||
|
- name: TRANSMISSION_START_ADDED_TORRENTS
|
||||||
|
value: "false"
|
||||||
|
- name: TZ
|
||||||
|
value: "America/Toronto"
|
||||||
|
- name: OPENVPN_USERNAME
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: openvpn-pass
|
||||||
|
key: OPENVPN_USERNAME
|
||||||
|
- name: OPENVPN_PASSWORD
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: openvpn-pass
|
||||||
|
key: OPENVPN_PASSWORD
|
||||||
|
ports:
|
||||||
|
- containerPort: 9091
|
||||||
|
volumeMounts:
|
||||||
|
- name: transmission-data
|
||||||
|
mountPath: /data
|
||||||
|
- name: tz-config
|
||||||
|
mountPath: /etc/localtime
|
||||||
|
securityContext:
|
||||||
|
capabilities:
|
||||||
|
add:
|
||||||
|
- NET_ADMIN
|
||||||
|
dnsConfig:
|
||||||
|
nameservers:
|
||||||
|
- 8.8.8.8
|
||||||
|
- 8.8.4.4
|
||||||
|
volumes:
|
||||||
|
- name: transmission-data
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: transmission-data-pvc
|
||||||
|
- name: tz-config
|
||||||
|
hostPath:
|
||||||
|
path: /usr/share/zoneinfo/EST5EDT
|
||||||
|
|
||||||
|
# EOF
|
|
@ -0,0 +1,21 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolume
|
||||||
|
metadata:
|
||||||
|
name: transmission-data-pv
|
||||||
|
labels:
|
||||||
|
name: transmission-data-pv
|
||||||
|
spec:
|
||||||
|
storageClassName: manual
|
||||||
|
capacity:
|
||||||
|
storage: 50Gi
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteOnce
|
||||||
|
mountOptions:
|
||||||
|
- hard
|
||||||
|
- nfsvers=4.0
|
||||||
|
nfs:
|
||||||
|
server: 192.168.7.11
|
||||||
|
path: "/volume1/k8s-storage/transmission-data"
|
||||||
|
|
||||||
|
# EOF
|
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: transmission-data-pvc
|
||||||
|
labels:
|
||||||
|
app: transmission
|
||||||
|
spec:
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteOnce
|
||||||
|
storageClassName: "manual"
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 50Gi
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
name: transmission-data-pv
|
||||||
|
|
||||||
|
# EOF
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: transmission
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
app: transmission
|
||||||
|
ports:
|
||||||
|
- protocol: TCP
|
||||||
|
port: 9091
|
||||||
|
targetPort: 9091
|
||||||
|
type: LoadBalancer
|
||||||
|
|
||||||
|
# EOF
|
Loading…
Reference in New Issue