apiVersion: apps/v1 kind: Deployment metadata: name: qbittorrent-vpn spec: replicas: 1 selector: matchLabels: app: qbittorrent-vpn template: metadata: labels: app: qbittorrent-vpn spec: dnsPolicy: "None" dnsConfig: nameservers: - 1.1.1.1 - 8.8.8.8 containers: - name: openvpn image: dperson/openvpn-client resources: requests: cpu: "128m" memory: "128Mi" limits: cpu: "256m" memory: "512Mi" command: [ "openvpn", "--config", "/vpn/", # "--auth-user-pass", # "/vpn/credentials.conf", ] volumeMounts: - name: ovpn mountPath: /vpn/ subPath: # - name: ovpn-creds # Only needed if your ovpn file requires a login # mountPath: /vpn/credentials.conf # subPath: credentials.conf - name: tun mountPath: /dev/net/tun securityContext: privileged: true capabilities: add: ["NET_ADMIN"] - name: qbittorrent image: linuxserver/qbittorrent resources: requests: cpu: "256m" memory: "256Mi" limits: cpu: "500m" memory: "1Gi" env: - name: PUID value: "997" - name: PGID value: "997" - name: TZ value: "Europe/London" ports: - containerPort: 8080 # Web UI #- containerPort: 6881 # Torrent volumeMounts: - name: config mountPath: /config - name: downloads mountPath: /downloads volumes: - name: config persistentVolumeClaim: claimName: qbittorrent-vpn-config-pvc - name: downloads hostPath: path: type: Directory - name: ovpn #create with `kubectl create configmap ovpn-creds --from-file==` configMap: name: protonvpn-ovpn-config items: - key: path: # - name: ovpn-creds # configMap: # name: ovpn-creds # items: # - key: credentials.conf # path: credentials.conf - name: tun hostPath: path: /dev/net/tun type: "" --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: qbittorrent-vpn-config-pvc spec: accessModes: - ReadWriteOnce resources: requests: storage: 256Mi