apiVersion: v1 kind: Template labels: template: rtorrent message: See https://github.com/nmasse-itix/OpenShift-Docker-Images/tree/master/rtorrent for more details. metadata: annotations: description: |- An rtorrent packaging for OpenShift. openshift.io/display-name: rtorrent tags: instant-app template.openshift.io/documentation-url: https://github.com/nmasse-itix/OpenShift-Docker-Images/tree/master/rtorrent template.openshift.io/long-description: An rtorrent packaging for OpenShift. template.openshift.io/provider-display-name: Nicolas Massé template.openshift.io/support-url: https://github.com/nmasse-itix/OpenShift-Docker-Images/issues name: rtorrent objects: - apiVersion: v1 kind: PersistentVolumeClaim metadata: name: rtorrent-download labels: template: rtorrent spec: accessModes: - ReadWriteOnce resources: requests: storage: ${DOWNLOAD_VOLUME_SIZE} - apiVersion: v1 kind: PersistentVolumeClaim metadata: name: rtorrent-incoming labels: template: rtorrent spec: accessModes: - ReadWriteOnce resources: requests: storage: ${INCOMING_VOLUME_SIZE} - kind: ConfigMap apiVersion: v1 metadata: name: rtorrent-config labels: template: rtorrent data: custom.rc: | # Maximum and minimum number of peers to connect to per torrent. #min_peers = 40 #max_peers = 100 # Same as above but for seeding completed torrents (-1 = same as downloading) #min_peers_seed = 10 #max_peers_seed = 50 # Maximum number of simultanious uploads per torrent. #max_uploads = 15 # Global upload and download rate in KiB. "0" for unlimited. download_rate = 0 upload_rate = 0 # Close torrents when diskspace is low. #schedule = low_diskspace,5,60,close_low_diskspace=1024M # The ip address reported to the tracker. ip = ${NODE_IP_ADDRESS} #ip = rakshasa.no # The ip address the listening socket and outgoing connections is # bound to. #bind = 127.0.0.1 #bind = rakshasa.no # Start opening ports at a random position within the port range. #port_random = no # Check hash for finished torrents. Might be usefull until the bug is # fixed that causes lack of diskspace not to be properly reported. #check_hash = no # Set whether the client should try to connect to UDP trackers. use_udp_trackers = yes # Alternative calls to bind and ip that should handle dynamic ip's. #schedule = ip_tick,0,1800,ip=rakshasa #schedule = bind_tick,0,1800,bind=rakshasa # Encryption options, set to none (default) or any combination of the following: # allow_incoming, try_outgoing, require, require_RC4, enable_retry, prefer_plaintext # # The example value allows incoming encrypted connections, starts unencrypted # outgoing connections but retries with encryption if they fail, preferring # plaintext to RC4 encryption after the encrypted handshake # # encryption = allow_incoming,enable_retry,prefer_plaintext # Enable DHT support for trackerless torrents or when all trackers are down. # May be set to "disable" (completely disable DHT), "off" (do not start DHT), # "auto" (start and stop DHT as needed), or "on" (start DHT immediately). # The default is "off". For DHT to work, a session directory must be defined. # dht = auto # Enable peer exchange (for torrents not marked private) # peer_exchange = yes - apiVersion: v1 kind: ImageStream metadata: labels: build: rtorrent template: rtorrent name: rtorrent - apiVersion: v1 kind: BuildConfig metadata: name: rtorrent labels: build: rtorrent template: rtorrent spec: successfulBuildsHistoryLimit: 1 failedBuildsHistoryLimit: 1 nodeSelector: null output: to: kind: ImageStreamTag name: rtorrent:latest postCommit: {} resources: {} runPolicy: Serial source: git: uri: ${GIT_REPO} type: Git contextDir: rtorrent strategy: dockerStrategy: dockerfilePath: Dockerfile.rtorrent from: kind: ImageStreamTag name: ${BASE_IMAGE_STREAM_TAG} namespace: ${BASE_IMAGE_STREAM_NAMESPACE} type: Docker triggers: - type: ConfigChange - type: ImageChange - apiVersion: v1 kind: ImageStream metadata: labels: build: filebrowser template: rtorrent name: filebrowser - apiVersion: v1 kind: BuildConfig metadata: name: filebrowser labels: build: filebrowser template: rtorrent spec: successfulBuildsHistoryLimit: 1 failedBuildsHistoryLimit: 1 nodeSelector: null output: to: kind: ImageStreamTag name: filebrowser:latest postCommit: {} resources: {} runPolicy: Serial source: git: uri: ${GIT_REPO} type: Git contextDir: rtorrent strategy: dockerStrategy: env: - name: FILEBROWSER_RELEASE value: "${FILEBROWSER_RELEASE}" dockerfilePath: Dockerfile.filebrowser from: kind: ImageStreamTag name: ${BASE_IMAGE_STREAM_TAG} namespace: ${BASE_IMAGE_STREAM_NAMESPACE} type: Docker triggers: - type: ConfigChange - type: ImageChange - apiVersion: v1 kind: DeploymentConfig metadata: labels: app: rtorrent template: rtorrent name: rtorrent spec: replicas: 1 selector: app: rtorrent deploymentconfig: rtorrent strategy: activeDeadlineSeconds: 21600 resources: {} type: Recreate template: metadata: creationTimestamp: null labels: app: rtorrent deploymentconfig: rtorrent template: rtorrent spec: serviceAccountName: rtorrent containers: # First container: the rtorrent daemon - name: rtorrent-daemon image: " " imagePullPolicy: IfNotPresent ports: - name: bittorrent-tcp containerPort: 6890 protocol: TCP - name: bittorrent-udp containerPort: 6890 protocol: UDP - name: dht containerPort: 6881 protocol: UDP env: # We need to make rtorrent believe it has a valid term - name: TERM value: xterm resources: {} securityContext: {} terminationMessagePath: /dev/termination-log volumeMounts: - mountPath: /torrent/download name: rtorrent-download - mountPath: /torrent/incoming name: rtorrent-incoming - mountPath: /torrent/session name: rtorrent-session - mountPath: /etc/rtorrent name: rtorrent-config # Second container: the file browser - name: filebrowser image: " " imagePullPolicy: IfNotPresent ports: - name: http containerPort: 8080 protocol: TCP env: {} resources: {} securityContext: {} terminationMessagePath: /dev/termination-log volumeMounts: - mountPath: /torrent/download name: rtorrent-download - mountPath: /torrent/incoming name: rtorrent-incoming # Third container: the OAuth Proxy - name: prom-proxy image: "${PROXY_IMAGE}" imagePullPolicy: IfNotPresent ports: - containerPort: 8443 name: web args: - -provider=openshift - -https-address=:8443 - -http-address= - -email-domain=* - -upstream=http://localhost:8080 - -client-id=system:serviceaccount:${NAMESPACE}:rtorrent - '-openshift-sar={"resource": "namespaces", "verb": "get", "resourceName": "${NAMESPACE}", "namespace": "${NAMESPACE}"}' - '-openshift-delegate-urls={"/": {"resource": "namespaces", "verb": "get", "resourceName": "${NAMESPACE}", "namespace": "${NAMESPACE}"}}' - -tls-cert=/etc/tls/private/tls.crt - -tls-key=/etc/tls/private/tls.key - -client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token - -cookie-secret-file=/etc/proxy/secrets/session_secret - -openshift-ca=/etc/pki/tls/cert.pem - -openshift-ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt volumeMounts: - mountPath: /etc/tls/private name: proxy-tls - mountPath: /etc/proxy/secrets name: proxy-secrets dnsPolicy: ClusterFirst terminationGracePeriodSeconds: 30 restartPolicy: Always volumes: - name: rtorrent-download persistentVolumeClaim: claimName: rtorrent-download - name: rtorrent-incoming persistentVolumeClaim: claimName: rtorrent-incoming - name: rtorrent-session emptyDir: - name: rtorrent-config configMap: name: rtorrent-config - name: proxy-secrets secret: secretName: rtorrent-proxy - name: proxy-tls secret: secretName: rtorrent-tls test: false triggers: - type: ConfigChange - type: ImageChange imageChangeParams: automatic: true containerNames: - rtorrent-daemon from: kind: ImageStreamTag name: rtorrent:latest - type: ImageChange imageChangeParams: automatic: true containerNames: - filebrowser from: kind: ImageStreamTag name: filebrowser:latest - apiVersion: v1 kind: Service metadata: labels: app: rtorrent template: rtorrent name: rtorrent spec: ports: - name: bittorrent-tcp nodePort: 6890 protocol: TCP port: 6890 - name: bittorrent-udp nodePort: 6890 protocol: UDP port: 6890 - name: dht nodePort: 6881 protocol: UDP port: 6881 selector: app: rtorrent deploymentconfig: rtorrent sessionAffinity: None type: NodePort - apiVersion: v1 kind: Service metadata: labels: app: rtorrent template: rtorrent name: rtorrent-filebrowser annotations: service.alpha.openshift.io/serving-cert-secret-name: rtorrent-tls spec: ports: - name: filebrowser-oauthproxy port: 8443 protocol: TCP selector: app: rtorrent deploymentconfig: rtorrent sessionAffinity: None type: ClusterIP - apiVersion: v1 kind: Route metadata: labels: app: rtorrent template: rtorrent name: rtorrent-filebrowser spec: port: targetPort: filebrowser-oauthproxy to: kind: Service name: rtorrent-filebrowser weight: 100 wildcardPolicy: None tls: termination: reencrypt - apiVersion: v1 kind: Secret metadata: name: rtorrent-proxy namespace: "${NAMESPACE}" labels: template: rtorrent stringData: session_secret: "${SESSION_SECRET}=" - apiVersion: v1 kind: ServiceAccount metadata: name: rtorrent namespace: ${NAMESPACE} labels: template: rtorrent annotations: serviceaccounts.openshift.io/oauth-redirectreference.filebrowser: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"rtorrent-filebrowser"}}' secrets: ## ## Template Parameters ## parameters: - description: The GIT repository to use. displayName: GIT Repo URL name: GIT_REPO value: https://github.com/nmasse-itix/OpenShift-Docker-Images.git required: true - description: The OpenShift Namespace where the RHEL/CentOS ImageStream resides. displayName: RHEL/CentOS ImageStream Namespace name: BASE_IMAGE_STREAM_NAMESPACE value: openshift required: true - description: Name of the ImageStreamTag to be used for the RHEL/CentOS image. displayName: RHEL/CentOS ImageStreamTag name: BASE_IMAGE_STREAM_TAG value: rhel7:latest required: true - description: The size of the volume storing the downloaded files name: DOWNLOAD_VOLUME_SIZE value: "50Gi" required: true - description: The size of the volume storing the torrent files name: INCOMING_VOLUME_SIZE value: "512Mi" required: true - description: The FileBrowser release to use name: FILEBROWSER_RELEASE value: "v1.7.0" required: true - description: The IP Address of the node running rtorrent name: NODE_IP_ADDRESS required: true - description: The Docker image to use for the OAuth Proxy. displayName: OAuth Proxy image name: PROXY_IMAGE value: openshift3/oauth-proxy:v3.11 - description: The session secret for the proxy name: SESSION_SECRET generate: expression from: "[a-zA-Z0-9]{43}" - description: The namespace to instantiate this template under. Defaults to 'rtorrent'. name: NAMESPACE value: rtorrent