gregw

joined 1 year ago
[–] gregw@lemmy.gregw.us 1 points 11 months ago (1 children)

I know of a similar setup. Arr stack with qBittorrent and VPN on kubernetes. A bit different than yours in that the arr+qBit+VPN run in the same namespace. Here's how:

***
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: qbittorrent-ingress
  namespace: arr
spec:
  ingressClassName: nginx
  rules:
  - host: your.ho.st
    http:
     paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: qbittorrent
            port:
              number: 8080
***
kind: Service
apiVersion: v1
metadata:
  name: qbittorrent
  namespace: arr
spec:
  selector:
    app: qbittorrent
  ports:
  - protocol: TCP
    port: 8080
    targetPort: 8080
***
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: qbittorrent
  namespace: arr
spec:
  storageClassName: zfs
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1Ti
***
apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: arr
  name: qbittorrent
spec:
  replicas: 1
  selector:
    matchLabels:
      app: qbittorrent
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: qbittorrent
    spec:
      containers:
        - name: qbittorrent
          image: linuxserver/qbittorrent
          imagePullPolicy: Always
          volumeMounts:
            - mountPath: "/config"
              name: "volume"
            - mountPath: "/media"
              name: "media"
          env:
            - name: PUID
              value: "1000"
            - name: PGID
              value: "1000"
            - name: TZ
              value: "Etc/UTC"
          ports:
            - containerPort: 8080
        - name: gluetun
          image: qmcgaw/gluetun
          imagePullPolicy: Always
          securityContext:
            capabilities:
              add: ["NET_ADMIN"]
          volumeMounts:
            - mountPath: /dev/net/tun
              name: tun
          env:
            - name: VPN_SERVICE_PROVIDER
              value: "mullvad"
            - name: VPN_TYPE
              value: "wireguard"
            - name: WIREGUARD_PRIVATE_KEY
              value: "removed"
            - name: WIREGUARD_ADDRESSES
              value: "removed"
            - name: SERVER_CITIES
              value: "removed"
            - name: FIREWALL_INPUT_PORTS
              value: "8080"
            - name: TZ
              value: "Etc/UTC"
      restartPolicy: Always
      volumes:
        - name: volume
          persistentVolumeClaim:
            claimName: qbittorrent
        - name: media
          nfs:
            server: nfs.server.local
            path: /media
        - name: tun
          hostPath:
            path: /dev/net/tun

The relevant bit of the qBittorrent.conf:

[BitTorrent]
Session\Interface=tun0
Session\InterfaceName=tun0

Best of luck!

[–] gregw@lemmy.gregw.us 1 points 1 year ago

DigitalOcean is solid and cheap.

[–] gregw@lemmy.gregw.us 1 points 1 year ago

With my one user gsuite I setup a secondary domain in it so lemmy sends from no-reply@lemmy.gregw.us, not my main address, but lemmy still authenticates using my main address.

[–] gregw@lemmy.gregw.us 1 points 1 year ago

Curious what the final cause of death will be.

[–] gregw@lemmy.gregw.us 2 points 1 year ago

Another vote for Immich. It does a good job.

[–] gregw@lemmy.gregw.us 2 points 1 year ago (2 children)

I set up a smtp relay with gsuite for outgoing mail but don't think it is ideal; it is tied to my user. It was just expedient rather than preferred.

Totally looking forward to the answers here.