Skip to content

Commit

Permalink
Merge pull request #1068 from axeII/refactor/prowlarr
Browse files Browse the repository at this point in the history 
ref(prowlarr): migrates to apptmpl 2.6.0
  • Loading branch information
@axeII
axeII authored Mar 31, 2024
2 parents a955dfe + 8a7193d commit 3e3118e
Show file tree
Hide file tree
Showing 6 changed files with 119 additions and 84 deletions.
31 changes: 31 additions & 0 deletions kubernetes/apps/media/prowlarr/app/externalsecret.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: prowlarr
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: prowlarr-secret
creationPolicy: Owner
template:
engineVersion: v2
data:
PROWLARR__API_KEY: "{{ .PROWLARR_API_KEY }}"
# PROWLARR__POSTGRES_MAIN_DB: prowlarr_main
# PROWLARR__POSTGRES_LOG_DB: prowlarr_log
# PROWLARR__POSTGRES_HOST: &dbHost postgres-rw.databases.svc.cluster.local
# PROWLARR__POSTGRES_USER: &dbUser "{{ .PROWLARR_POSTGRES_USER }}"
# PROWLARR__POSTGRES_PASSWORD: &dbPass "{{ .PROWLARR_POSTGRES_PASS }}"
# INIT_POSTGRES_DBNAME: prowlarr_main prowlarr_log
# INIT_POSTGRES_HOST: *dbHost
# INIT_POSTGRES_USER: *dbUser
# INIT_POSTGRES_PASS: *dbPass
# INIT_POSTGRES_SUPER_PASS: "{{ .POSTGRES_SUPER_PASS }}"
dataFrom:
# - extract:
# key: cloudnative-pg
- extract:
key: prowlarr
130 changes: 82 additions & 48 deletions kubernetes/apps/media/prowlarr/app/helmrelease.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,78 +3,112 @@ apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: prowlarr
namespace: media
spec:
interval: 15m
interval: 30m
chart:
spec:
version: 1.5.1
chart: app-template
version: 2.6.0
sourceRef:
kind: HelmRepository
name: bjw-s-charts
namespace: flux-system
interval: 15m
install:
createNamespace: true
remediation:
retries: 5
retries: 3
upgrade:
cleanupOnFail: true
remediation:
retries: 5
retries: 3
values:
image:
repository: ghcr.io/onedr0p/prowlarr-nightly
tag: 1.15.0.4350@sha256:12c6c2ac023a4322af3a532b395c8f534a5130325be877a372ee9b5c481a0471
env:
TZ: "${TIMEZONE}"
PROWLARR__INSTANCE_NAME: Prowlarr
PROWLARR__PORT: &port 9696
PROWLARR__LOG_LEVEL: info
PROWLARR__ANALYTICS_ENABLED: "False"
service:
controllers:
main:
ports:
http:
port: *port
annotations:
reloader.stakater.com/auto: "true"
# TODO: Migrate to postgresql
# initContainers:
# init-db:
# image:
# repository: ghcr.io/onedr0p/postgres-init
# tag: 16
# envFrom: &envFrom
# - secretRef:
# name: prowlarr-secret
containers:
main:
image:
repository: ghcr.io/onedr0p/prowlarr-develop
tag: 1.15.0.4350@sha256:12c6c2ac023a4322af3a532b395c8f534a5130325be877a372ee9b5c481a0471
env:
COMPlus_EnableDiagnostics: 0
PROWLARR__AUTHENTICATION_METHOD: External
PROWLARR__AUTHENTICATION_REQUIRED: DisabledForLocalAddresses
PROWLARR__INSTANCE_NAME: Prowlarr
PROWLARR__PORT: &port 9696
PROWLARR__LOG_LEVEL: info
PROWLARR__THEME: dark
TZ: ${TIMEZONE}
envFrom:
- secretRef:
name: prowlarr-secret
probes:
liveness: &probes
enabled: true
custom: true
spec:
httpGet:
path: /ping
port: *port
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness: *probes
startup:
enabled: false
resources:
requests:
cpu: 10m
limits:
memory: 512Mi
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
pod:
securityContext:
runAsUser: 1000
runAsGroup: 1000
runAsNonRoot: true
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
ingress:
main:
enabled: true
ingressClassName: nginx
className: nginx
annotations:
gatus.io/enabled: "true"
hajimari.io/icon: "radar"
hajimari.io/group: "media"
gatus.io/enable: "true"
hajimari.io/icon: mdi:movie-search
hosts:
- host: &host-release "{{ .Release.Name }}.${SECRET_DOMAIN}"
paths:
- path: /
pathType: Prefix
- host: &host-custom "prowlarr.${SECRET_DOMAIN}"
- host: &host "{{ .Release.Name }}.${SECRET_DOMAIN}"
paths:
- path: /
pathType: Prefix
service:
name: main
port: http
tls:
- hosts:
- *host-release
- *host-custom
podSecurityContext:
runAsUser: 568
runAsGroup: 568
fsGroup: 568
fsGroupChangePolicy: "OnRootMismatch"
- *host
persistence:
config:
enabled: true
existingClaim: prowlarr-config-v1
nfs-nas-media:
enabled: true
existingClaim: media-nfs-share-pvc
mountPath: /media
readOnly: false
resources:
requests:
cpu: 10m
memory: 250Mi
limits:
memory: 2000Mi
tmp:
type: emptyDir
service:
main:
ports:
http:
port: *port
4 changes: 2 additions & 2 deletions kubernetes/apps/media/prowlarr/app/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./config-pvc.yaml
- ./pvc.yaml
- ./helmrelease.yaml
- ./secret.sops.yaml
- ./externalsecret.yaml
0 ...s/apps/media/prowlarr/app/config-pvc.yaml → kubernetes/apps/media/prowlarr/app/pvc.yaml
View file
File renamed without changes.
28 changes: 0 additions & 28 deletions kubernetes/apps/media/prowlarr/app/secret.sops.yaml
View file

This file was deleted.

10 changes: 4 additions & 6 deletions kubernetes/apps/media/prowlarr/ks.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,18 +5,16 @@ metadata:
name: cluster-apps-prowlarr
namespace: flux-system
spec:
targetNamespace: media
dependsOn:
- name: longhorn
- name: cluster-apps-external-secrets-stores
path: ./kubernetes/apps/media/prowlarr/app
prune: true
sourceRef:
kind: GitRepository
name: home-kubernetes
healthChecks:
- apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
name: prowlarr
namespace: media
wait: true
interval: 30m
retryInterval: 1m
timeout: 3m
timeout: 5m

0 comments on commit 3e3118e

Please sign in to comment.