From fe844b9d0476dbdf2ea0094aacc6160848fe642e Mon Sep 17 00:00:00 2001
From: Fishandchips321 <foxhawk42@gmail.com>
Date: Mon, 29 Dec 2025 16:20:27 +0000
Subject: [PATCH] Initial Commit

---
 .editorconfig               |  12 ++++
 FlareSolverr/deployment.yml |  22 ++++++++
 FlareSolverr/service.yml    |  10 ++++
 Jellyfin/Deployment.yml     |  50 +++++++++++++++++
 Jellyfin/Ingress.yml        |  22 ++++++++
 Jellyfin/Service.yml        |  11 ++++
 PrivoxyVPN/Deployment.yml   |  96 ++++++++++++++++++++++++++++++++
 PrivoxyVPN/Service.yml      |  19 +++++++
 Prowlarr/Deployment.yml     |  53 ++++++++++++++++++
 Prowlarr/Ingress.yml        |  22 ++++++++
 Prowlarr/Service.yml        |  11 ++++
 QBitTorrent/Deployment.yml  | 108 ++++++++++++++++++++++++++++++++++++
 QBitTorrent/Ingress.yml     |  22 ++++++++
 QBitTorrent/Service.yml     |  11 ++++
 Radarr/Deployment.yml       |  63 +++++++++++++++++++++
 Radarr/Ingress.yml          |  22 ++++++++
 Radarr/Service.yml          |  11 ++++
 Sonarr/Deployment.yml       |  63 +++++++++++++++++++++
 Sonarr/Ingress.yml          |  22 ++++++++
 Sonarr/Service.yml          |  11 ++++
 20 files changed, 661 insertions(+)
 create mode 100644 .editorconfig
 create mode 100644 FlareSolverr/deployment.yml
 create mode 100644 FlareSolverr/service.yml
 create mode 100644 Jellyfin/Deployment.yml
 create mode 100644 Jellyfin/Ingress.yml
 create mode 100644 Jellyfin/Service.yml
 create mode 100644 PrivoxyVPN/Deployment.yml
 create mode 100644 PrivoxyVPN/Service.yml
 create mode 100644 Prowlarr/Deployment.yml
 create mode 100644 Prowlarr/Ingress.yml
 create mode 100644 Prowlarr/Service.yml
 create mode 100644 QBitTorrent/Deployment.yml
 create mode 100644 QBitTorrent/Ingress.yml
 create mode 100644 QBitTorrent/Service.yml
 create mode 100644 Radarr/Deployment.yml
 create mode 100644 Radarr/Ingress.yml
 create mode 100644 Radarr/Service.yml
 create mode 100644 Sonarr/Deployment.yml
 create mode 100644 Sonarr/Ingress.yml
 create mode 100644 Sonarr/Service.yml

diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000..ebe51d3
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,12 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = false
+insert_final_newline = false
\ No newline at end of file
diff --git a/FlareSolverr/deployment.yml b/FlareSolverr/deployment.yml
new file mode 100644
index 0000000..2c1c624
--- /dev/null
+++ b/FlareSolverr/deployment.yml
@@ -0,0 +1,22 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: flaresolverr
+spec:
+  selector:
+    matchLabels:
+      app: flaresolverr
+  template:
+    metadata:
+      labels:
+        app: flaresolverr
+    spec:
+      containers:
+        - name: flaresolverr
+          image: ghcr.io/flaresolverr/flaresolverr:latest
+          resources:
+            limits:
+              memory: "512Mi"
+              cpu: "500m"
+          ports:
+            - containerPort: 8191
diff --git a/FlareSolverr/service.yml b/FlareSolverr/service.yml
new file mode 100644
index 0000000..a9804ec
--- /dev/null
+++ b/FlareSolverr/service.yml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: flaresolverr
+spec:
+  selector:
+    app: flaresolverr
+  ports:
+    - port: 8191
+      targetPort: 8191
diff --git a/Jellyfin/Deployment.yml b/Jellyfin/Deployment.yml
new file mode 100644
index 0000000..41ee6ce
--- /dev/null
+++ b/Jellyfin/Deployment.yml
@@ -0,0 +1,50 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: jellyfin
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: jellyfin
+  template:
+    metadata:
+      labels:
+        app: jellyfin
+    spec:
+      containers:
+        - name: jellyfin
+          image: jellyfin/jellyfin:latest
+          ports:
+            - containerPort: 8096
+          resources:
+            requests:
+              cpu: "500m"
+              memory: "256Mi"
+            limits:
+              cpu: "2"
+              memory: "2Gi"
+          volumeMounts:
+            - name: config
+              mountPath: /config
+            - name: media
+              mountPath: /media
+      volumes:
+        - name: config
+          persistentVolumeClaim:
+            claimName: jellyfin-config-pvc
+        - name: media
+          hostPath:
+            path: </Path/To/Jellyfin/Library>
+            type: Directory
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: jellyfin-config-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 128Mi
diff --git a/Jellyfin/Ingress.yml b/Jellyfin/Ingress.yml
new file mode 100644
index 0000000..a771a45
--- /dev/null
+++ b/Jellyfin/Ingress.yml
@@ -0,0 +1,22 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: jellyfin-ingress
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+spec:
+  tls:
+    - hosts:
+        - <Jellyfin URL>
+      secretName: jellyfin-tls
+  rules:
+    - host: <Jellyfin URL>
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: jellyfin
+                port:
+                  number: 80
diff --git a/Jellyfin/Service.yml b/Jellyfin/Service.yml
new file mode 100644
index 0000000..b059bcd
--- /dev/null
+++ b/Jellyfin/Service.yml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: jellyfin
+spec:
+  selector:
+    app: jellyfin
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8096
diff --git a/PrivoxyVPN/Deployment.yml b/PrivoxyVPN/Deployment.yml
new file mode 100644
index 0000000..fa9e597
--- /dev/null
+++ b/PrivoxyVPN/Deployment.yml
@@ -0,0 +1,96 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: privoxyvpn
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: privoxyvpn
+  template:
+    metadata:
+      labels:
+        app: privoxyvpn
+    spec:
+      containers:
+        - name: privoxyvpn
+          image: binhex/arch-privoxyvpn:latest
+          securityContext:
+            privileged: true
+          ports:
+            - containerPort: 8118
+            - containerPort: 9118
+          resources:
+            requests:
+              cpu: "250m"
+              memory: "512Mi"
+            limits:
+              cpu: "500m"
+              memory: "2Gi"
+          volumeMounts:
+            - name: config
+              mountPath: /config
+            - name: logs
+              mountPath: /logs
+            - name: ovpn
+              mountPath: /config/openvpn/<ovpn file>
+              subPath: <ovpn file name>
+            # - name: ovpn-creds # Only needed if your VPN requires a login with it's ovpn file
+            #   mountPath: /config/openvpn/credentials.conf
+            #   subPath: credentials.conf
+          env:
+            - name: VPN_ENABLED
+              value: "yes"
+            - name: VPN_PROV
+              value: <vpn provider>
+            - name: ENABLE_SOCKS
+              value: "yes"
+            - name: ENABLE_PRIVOXY
+              value: "yes"
+            - name: STRICT_PORT_FORWARD
+              value: "no"
+            - name: LAN_NETWORK
+              value: <LAN network address. e.g. "192.168.1.0/24"> # If using in minikube, set to the minikube network
+            - name: NAME_SERVERS
+              value: "8.8.8.8,8.8.4.4"
+      volumes:
+        - name: config
+          persistentVolumeClaim:
+            claimName: privoxyvpn-config-pvc
+        - name: logs
+          persistentVolumeClaim:
+            claimName: privoxyvpn-logs-pvc
+        - name: ovpn #create with `kubectl create configmap ovpn-creds --from-file=<ovpn file name>=<ovpn file name>`
+          configMap:
+            name: protonvpn-ovpn-config
+            items:
+              - key: <ovpn file name>
+                path: <ovpn file name>
+        # - name: ovpn-creds
+        #   configMap:
+        #     name: ovpn-creds
+        #     items:
+        #       - key: credentials.conf
+        #         path: credentials.conf
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: privoxyvpn-config-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100Mi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: privoxyvpn-logs-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 512Mi
diff --git a/PrivoxyVPN/Service.yml b/PrivoxyVPN/Service.yml
new file mode 100644
index 0000000..8a5c246
--- /dev/null
+++ b/PrivoxyVPN/Service.yml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: privoxyvpn
+spec:
+  selector:
+    app: privoxyvpn
+  ports:
+    - protocol: TCP
+      port: 8118
+      targetPort: 8118
+      nodePort: 30818
+      name: http-proxy
+    - protocol: TCP
+      port: 9118
+      targetPort: 9118
+      nodePort: 30819
+      name: socks-proxy
+  type: NodePort
diff --git a/Prowlarr/Deployment.yml b/Prowlarr/Deployment.yml
new file mode 100644
index 0000000..e9346fd
--- /dev/null
+++ b/Prowlarr/Deployment.yml
@@ -0,0 +1,53 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: prowlarr
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: prowlarr
+  template:
+    metadata:
+      labels:
+        app: prowlarr
+    spec:
+      containers:
+        - name: prowlarr
+          image: linuxserver/prowlarr:latest
+          ports:
+            - containerPort: 9696
+          env:
+            - name: PUID
+              value: "1000"
+            - name: PGID
+              value: "1000"
+            - name: TZ
+              value: "UTC"
+          resources:
+            limits:
+              memory: "512Mi"
+              cpu: "500m"
+            requests:
+              memory: "256Mi"
+              cpu: "250m"
+          volumeMounts:
+            - name: config
+              mountPath: /config
+      volumes:
+        - name: config
+          persistentVolumeClaim:
+            claimName: prowlarr-config-pvc
+        - name: privoxyvpn-config
+          emptyDir: {}
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: prowlarr-config-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 512Mi
diff --git a/Prowlarr/Ingress.yml b/Prowlarr/Ingress.yml
new file mode 100644
index 0000000..21a8ea7
--- /dev/null
+++ b/Prowlarr/Ingress.yml
@@ -0,0 +1,22 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: prowlarr
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+spec:
+  tls:
+    - hosts:
+        - <Prowlarr URL>
+      secretName: prowlarr-tls
+  rules:
+    - host: <Prowlarr URL>
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: prowlarr
+                port:
+                  number: 80
diff --git a/Prowlarr/Service.yml b/Prowlarr/Service.yml
new file mode 100644
index 0000000..f8b487e
--- /dev/null
+++ b/Prowlarr/Service.yml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: prowlarr
+spec:
+  selector:
+    app: prowlarr
+  ports:
+    - name: http
+      port: 80
+      targetPort: 9696
diff --git a/QBitTorrent/Deployment.yml b/QBitTorrent/Deployment.yml
new file mode 100644
index 0000000..cc12e6a
--- /dev/null
+++ b/QBitTorrent/Deployment.yml
@@ -0,0 +1,108 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: qbittorrent-vpn
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: qbittorrent-vpn
+  template:
+    metadata:
+      labels:
+        app: qbittorrent-vpn
+    spec:
+      dnsPolicy: "None"
+      dnsConfig:
+        nameservers:
+          - 1.1.1.1
+          - 8.8.8.8
+      containers:
+        - name: openvpn
+          image: dperson/openvpn-client
+          resources:
+            requests:
+              cpu: "128m"
+              memory: "128Mi"
+            limits:
+              cpu: "256m"
+              memory: "512Mi"
+          command: [
+              "openvpn",
+              "--config",
+              "/vpn/<ovpn file name>",
+              # "--auth-user-pass",
+              # "/vpn/credentials.conf",
+            ]
+          volumeMounts:
+            - name: ovpn
+              mountPath: /vpn/<ovpn file name>
+              subPath: <ovpn file name>
+            # - name: ovpn-creds # Only needed if your ovpn file requires a login
+            #   mountPath: /vpn/credentials.conf
+            #   subPath: credentials.conf
+            - name: tun
+              mountPath: /dev/net/tun
+          securityContext:
+            privileged: true
+            capabilities:
+              add: ["NET_ADMIN"]
+        - name: qbittorrent
+          image: linuxserver/qbittorrent
+          resources:
+            requests:
+              cpu: "256m"
+              memory: "256Mi"
+            limits:
+              cpu: "500m"
+              memory: "1Gi"
+          env:
+            - name: PUID
+              value: "997"
+            - name: PGID
+              value: "997"
+            - name: TZ
+              value: "Europe/London"
+          ports:
+            - containerPort: 8080 # Web UI
+            #- containerPort: 6881 # Torrent
+          volumeMounts:
+            - name: config
+              mountPath: /config
+            - name: downloads
+              mountPath: /downloads
+      volumes:
+        - name: config
+          persistentVolumeClaim:
+            claimName: qbittorrent-vpn-config-pvc
+        - name: downloads
+          hostPath:
+            path: </Path/To/Downloads>
+            type: Directory
+        - name: ovpn #create with `kubectl create configmap ovpn-creds --from-file=<ovpn file name>=<ovpn file name>`
+          configMap:
+            name: protonvpn-ovpn-config
+            items:
+              - key: <ovpn file name>
+                path: <ovpn file name>
+        # - name: ovpn-creds
+        #   configMap:
+        #     name: ovpn-creds
+        #     items:
+        #       - key: credentials.conf
+        #         path: credentials.conf
+        - name: tun
+          hostPath:
+            path: /dev/net/tun
+            type: ""
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: qbittorrent-vpn-config-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 256Mi
diff --git a/QBitTorrent/Ingress.yml b/QBitTorrent/Ingress.yml
new file mode 100644
index 0000000..d02411d
--- /dev/null
+++ b/QBitTorrent/Ingress.yml
@@ -0,0 +1,22 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: qbittorrent-vpn-ingress
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+spec:
+  tls:
+    - hosts:
+        - <qbittorrent URL>
+      secretName: qbittorrent-vpn-tls
+  rules:
+    - host: <qbittorrent URL>
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: qbittorrent-vpn
+                port:
+                  number: 8080
diff --git a/QBitTorrent/Service.yml b/QBitTorrent/Service.yml
new file mode 100644
index 0000000..a71d78c
--- /dev/null
+++ b/QBitTorrent/Service.yml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: qbittorrent-vpn
+spec:
+  selector:
+    app: qbittorrent-vpn
+  ports:
+    - protocol: TCP
+      port: 8080
+      targetPort: 8080
diff --git a/Radarr/Deployment.yml b/Radarr/Deployment.yml
new file mode 100644
index 0000000..b14dc45
--- /dev/null
+++ b/Radarr/Deployment.yml
@@ -0,0 +1,63 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: radarr
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: radarr
+  template:
+    metadata:
+      labels:
+        app: radarr
+    spec:
+      containers:
+        - name: radarr
+          image: linuxserver/radarr:latest
+          ports:
+            - containerPort: 7878
+          env:
+            - name: PUID
+              value: "997"
+            - name: PGID
+              value: "997"
+            - name: TZ
+              value: "UTC"
+          resources:
+            limits:
+              memory: "512Mi"
+              cpu: "500m"
+            requests:
+              memory: "256Mi"
+              cpu: "250m"
+          volumeMounts:
+            - name: config
+              mountPath: /config
+            - name: media
+              mountPath: /media
+            - name: downloads
+              mountPath: /downloads
+      volumes:
+        - name: config
+          persistentVolumeClaim:
+            claimName: radarr-config-pvc
+        - name: media
+          hostPath:
+            path: </Path/To/Media>
+            type: Directory
+        - name: downloads
+          hostPath:
+            path: </Path/To/Downloads>
+            type: Directory
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: radarr-config-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 512Mi
diff --git a/Radarr/Ingress.yml b/Radarr/Ingress.yml
new file mode 100644
index 0000000..9832d85
--- /dev/null
+++ b/Radarr/Ingress.yml
@@ -0,0 +1,22 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: radarr
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+spec:
+  tls:
+    - hosts:
+        - <Radarr URL>
+      secretName: radarr-tls
+  rules:
+    - host: <Radarr URL>
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: radarr
+                port:
+                  number: 80
diff --git a/Radarr/Service.yml b/Radarr/Service.yml
new file mode 100644
index 0000000..0f9686f
--- /dev/null
+++ b/Radarr/Service.yml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: radarr
+spec:
+  selector:
+    app: radarr
+  ports:
+    - name: http
+      port: 80
+      targetPort: 7878
diff --git a/Sonarr/Deployment.yml b/Sonarr/Deployment.yml
new file mode 100644
index 0000000..2a401c3
--- /dev/null
+++ b/Sonarr/Deployment.yml
@@ -0,0 +1,63 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: sonarr
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: sonarr
+  template:
+    metadata:
+      labels:
+        app: sonarr
+    spec:
+      containers:
+        - name: sonarr
+          image: linuxserver/sonarr:latest
+          ports:
+            - containerPort: 8989
+          resources:
+            requests:
+              cpu: "250m"
+              memory: "256Mi"
+            limits:
+              cpu: "500m"
+              memory: "1Gi"
+          volumeMounts:
+            - name: config
+              mountPath: /config
+            - name: media
+              mountPath: /media
+            - name: downloads
+              mountPath: /downloads
+          env:
+            - name: PUID
+              value: "997"
+            - name: PGID
+              value: "997"
+            - name: TZ
+              value: "UTC"
+      volumes:
+        - name: config
+          persistentVolumeClaim:
+            claimName: sonarr-config-pvc
+        - name: media
+          hostPath:
+            path: </Path/To/Media>
+            type: Directory
+        - name: downloads
+          hostPath:
+            path: <Path/To/Downloads>
+            type: Directory
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: sonarr-config-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 5Gi
diff --git a/Sonarr/Ingress.yml b/Sonarr/Ingress.yml
new file mode 100644
index 0000000..c614c2b
--- /dev/null
+++ b/Sonarr/Ingress.yml
@@ -0,0 +1,22 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: sonarr-ingress
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+spec:
+  tls:
+    - hosts:
+        - <Sonarr URL>
+      secretName: sonarr-tls
+  rules:
+    - host: <Sonarr URL>
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: sonarr
+                port:
+                  number: 80
diff --git a/Sonarr/Service.yml b/Sonarr/Service.yml
new file mode 100644
index 0000000..b55c86b
--- /dev/null
+++ b/Sonarr/Service.yml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: sonarr
+spec:
+  selector:
+    app: sonarr
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8989