kubernetes/k8s-wheatley/qbittorrent/deployments.yaml

---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: qbittorrent
  namespace: qbittorrent
  labels:
    app: qbittorrent
spec:
  replicas: 1
  serviceName: qbittorrent
  selector:
    matchLabels:
      app: qbittorrent
  template:
    metadata:
      labels:
        app: qbittorrent
    spec:
      initContainers:
        - name: gluetun
          image: ghcr.io/qdm12/gluetun
          ports:
            - name: qbit-http
              containerPort: 8112
              protocol: TCP
          envFrom:
            - configMapRef:
                name: gluetun-envs
            - secretRef:
                name: gluetun-env-secrets
          volumeMounts:
            - mountPath: /dev/net/tun
              name: dev-tun
            - mountPath: /gluetun/wireguard
              name: gluetun-wgconfig
              readOnly: true
            - name: gluetun-scripts
              mountPath: /scripts
            - name: gluetun-tmp
              mountPath: /tmp/gluetun
          restartPolicy: Always
          lifecycle:
            postStart:
              exec:
                command:
                  [
                    "/bin/sh",
                    "-c",
                    "(ip rule del table 51820; ip -6 rule del table 51820) || true",
                  ]
          readinessProbe:
            exec:
              command:
                - sh
                - -c
                - "ping -c 1 9.9.9.9"
            initialDelaySeconds: 5
            periodSeconds: 3
            timeoutSeconds: 2
            failureThreshold: 3
          livenessProbe:
            exec:
              command:
                - sh
                - -c
                - "ping -c 1 9.9.9.9"
            initialDelaySeconds: 10
            periodSeconds: 15
            timeoutSeconds: 2
            failureThreshold: 3
          securityContext:
            seccompProfile:
              type: RuntimeDefault
            allowPrivilegeEscalation: true
            capabilities:
              drop:
                - "ALL"
              add:
                - "CHOWN"
                - "NET_ADMIN"
                - "NET_RAW"
      containers:
        - name: qbittorrent-nox
          image: docker.io/qbittorrentofficial/qbittorrent-nox
          imagePullPolicy: IfNotPresent
          envFrom:
            - configMapRef:
                name: qbittorrent-envs
          volumeMounts:
            - mountPath: /config
              name: qbittorrent-config
            - mountPath: /shared/media/downloads
              name: nfs-media-downloads
          securityContext:
            seccompProfile:
              type: RuntimeDefault
            runAsUser: 1000
            runAsGroup: 1000
            allowPrivilegeEscalation: false
            capabilities:
              drop:
                - "ALL"
        - name: unpackerr
          image: golift/unpackerr
          imagePullPolicy: IfNotPresent
          envFrom:
            - configMapRef:
                name: unpackerr-envs
            - secretRef:
                name: unpackerr-env-secrets
          volumeMounts:
            - mountPath: /shared/media/downloads
              name: nfs-media-downloads
          securityContext:
            seccompProfile:
              type: RuntimeDefault
            runAsUser: 1000
            runAsGroup: 1000
            allowPrivilegeEscalation: false
            capabilities:
              drop:
                - "ALL"
      volumes:
        - name: dev-tun
          hostPath:
            path: /dev/net/tun
            type: CharDevice
        - name: qbittorrent-config
          persistentVolumeClaim:
            claimName: qbittorrent-storage
        - name: gluetun-wgconfig
          secret:
            secretName: gluetun-wgconfig
        - name: gluetun-scripts
          configMap:
            name: gluetun-scripts
            defaultMode: 0755
        - name: gluetun-tmp
          emptyDir: {}
        - name: nfs-media-downloads
          persistentVolumeClaim:
            claimName: nfs-media-downloads
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`---`
			`apiVersion: apps/v1`
chore: Use StatefulSet for deployment with PVCs 2026-02-04 10:52:12 +01:00			`kind: StatefulSet`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`metadata:`
			`name: qbittorrent`
			`namespace: qbittorrent`
			`labels:`
			`app: qbittorrent`
			`spec:`
			`replicas: 1`
chore: Use StatefulSet for deployment with PVCs 2026-02-04 10:52:12 +01:00			`serviceName: qbittorrent`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`selector:`
			`matchLabels:`
			`app: qbittorrent`
			`template:`
			`metadata:`
			`labels:`
			`app: qbittorrent`
			`spec:`
			`initContainers:`
			`- name: gluetun`
chore: Define image versions in kustomization.yamls 2026-02-01 18:42:46 +01:00			`image: ghcr.io/qdm12/gluetun`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`ports:`
fix: Shorten portname 2026-05-09 20:14:02 +02:00			`- name: qbit-http`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`containerPort: 8112`
			`protocol: TCP`
			`envFrom:`
			`- configMapRef:`
			`name: gluetun-envs`
feat: Enable Gluetun API 2026-05-09 21:00:11 +02:00			`- secretRef:`
			`name: gluetun-env-secrets`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`volumeMounts:`
			`- mountPath: /dev/net/tun`
			`name: dev-tun`
feat: Add slskd 2026-05-09 20:10:51 +02:00			`- mountPath: /gluetun/wireguard`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`name: gluetun-wgconfig`
			`readOnly: true`
chore(gluetun): Rework port forward 2026-04-27 13:20:35 +02:00			`- name: gluetun-scripts`
			`mountPath: /scripts`
chore(qbittorrent): Add gluetun-tmp mount 2026-01-30 09:32:22 +01:00			`- name: gluetun-tmp`
			`mountPath: /tmp/gluetun`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`restartPolicy: Always`
fix(gluetun): Add ip rule del command to poststart 2026-04-02 09:13:18 +02:00			`lifecycle:`
			`postStart:`
			`exec:`
			`command:`
			`[`
			`"/bin/sh",`
			`"-c",`
			`"(ip rule del table 51820; ip -6 rule del table 51820) \|\| true",`
			`]`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`readinessProbe:`
			`exec:`
			`command:`
			`- sh`
			`- -c`
			`- "ping -c 1 9.9.9.9"`
			`initialDelaySeconds: 5`
			`periodSeconds: 3`
			`timeoutSeconds: 2`
			`failureThreshold: 3`
			`livenessProbe:`
			`exec:`
			`command:`
			`- sh`
			`- -c`
			`- "ping -c 1 9.9.9.9"`
			`initialDelaySeconds: 10`
			`periodSeconds: 15`
			`timeoutSeconds: 2`
			`failureThreshold: 3`
			`securityContext:`
			`seccompProfile:`
			`type: RuntimeDefault`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`drop:`
			`- "ALL"`
			`add:`
chore(qbittorrent): Add CHOWN capability to gluetun 2026-01-30 09:35:45 +01:00			`- "CHOWN"`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`- "NET_ADMIN"`
fix(gluetun): Add NET_RAW capability 2026-02-19 19:20:25 +01:00			`- "NET_RAW"`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`containers:`
			`- name: qbittorrent-nox`
chore: Define image versions in kustomization.yamls 2026-02-01 18:42:46 +01:00			`image: docker.io/qbittorrentofficial/qbittorrent-nox`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`imagePullPolicy: IfNotPresent`
			`envFrom:`
			`- configMapRef:`
			`name: qbittorrent-envs`
			`volumeMounts:`
			`- mountPath: /config`
			`name: qbittorrent-config`
chore(qbittorrent): Set pvc to downloads directory 2026-02-05 18:44:41 +01:00			`- mountPath: /shared/media/downloads`
refactor(nfs-media): Refactor into subdirectory PVCs 2026-05-14 15:50:02 +02:00			`name: nfs-media-downloads`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`securityContext:`
			`seccompProfile:`
			`type: RuntimeDefault`
			`runAsUser: 1000`
			`runAsGroup: 1000`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`drop:`
			`- "ALL"`
feat(qbittorrent): Add Unpackerr 2026-02-05 21:53:57 +01:00			`- name: unpackerr`
			`image: golift/unpackerr`
			`imagePullPolicy: IfNotPresent`
			`envFrom:`
			`- configMapRef:`
			`name: unpackerr-envs`
chore(qbittorrent): Use env vars for unpackerr config 2026-02-05 21:59:07 +01:00			`- secretRef:`
			`name: unpackerr-env-secrets`
feat(qbittorrent): Add Unpackerr 2026-02-05 21:53:57 +01:00			`volumeMounts:`
			`- mountPath: /shared/media/downloads`
refactor(nfs-media): Refactor into subdirectory PVCs 2026-05-14 15:50:02 +02:00			`name: nfs-media-downloads`
feat(qbittorrent): Add Unpackerr 2026-02-05 21:53:57 +01:00			`securityContext:`
			`seccompProfile:`
			`type: RuntimeDefault`
			`runAsUser: 1000`
			`runAsGroup: 1000`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`drop:`
			`- "ALL"`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`volumes:`
			`- name: dev-tun`
			`hostPath:`
			`path: /dev/net/tun`
			`type: CharDevice`
			`- name: qbittorrent-config`
			`persistentVolumeClaim:`
			`claimName: qbittorrent-storage`
			`- name: gluetun-wgconfig`
			`secret:`
			`secretName: gluetun-wgconfig`
chore(gluetun): Rework port forward 2026-04-27 13:20:35 +02:00			`- name: gluetun-scripts`
			`configMap:`
			`name: gluetun-scripts`
			`defaultMode: 0755`
chore(qbittorrent): Add gluetun-tmp mount 2026-01-30 09:32:22 +01:00			`- name: gluetun-tmp`
fix(qbittorrent): Use correct emptyDir property 2026-01-30 11:36:47 +01:00			`emptyDir: {}`
refactor(nfs-media): Refactor into subdirectory PVCs 2026-05-14 15:50:02 +02:00			`- name: nfs-media-downloads`
feat: Add qBittorrent 2026-01-29 13:57:32 +01:00			`persistentVolumeClaim:`
refactor(nfs-media): Refactor into subdirectory PVCs 2026-05-14 15:50:02 +02:00			`claimName: nfs-media-downloads`