nik/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add K3s agent playbook and related configurations; include JDownloader and qBittorrent manifests

Browse Source
This commit is contained in:
Nik Afiq 2026-03-06 19:49:18 +09:00
parent 926543ba5c
commit 4129089d09
7 changed files with 242 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.env.example
View File

@ -1,3 +1,6 @@
# Porkbun API credentials
PORKBUN_API_KEY=pk1_your_key_here
PORKBUN_SECRET_API_KEY=sk1_your_key_here
PORKBUN_SECRET_API_KEY=sk1_your_key_here
# K3s node token for agent join
K3S_NODE_TOKEN=your_token_here

15
ansible/playbooks/join-debian-agent.yaml Normal file
View File

@ -0,0 +1,15 @@
---
# Run: ansible-playbook ansible/playbooks/join-debian-agent.yaml -K -e "k3s_node_token=$K3S_NODE_TOKEN"
# Requires: K3S_NODE_TOKEN in .env
#
# What this does:
# - Joins Debian as a K3s agent node
# - Labels it as node-role=storage
- name: Join Debian as K3s agent
hosts: debian
become: true
gather_facts: true
roles:
- k3s-agent

4
ansible/roles/k3s-agent/defaults/main.yaml Normal file
View File

@ -0,0 +1,4 @@
---
k3s_version: v1.32.2+k3s1
k3s_server_url: https://192.168.7.77:6443
k3s_node_token: "" # pass via -e or vault

26
ansible/roles/k3s-agent/tasks/main.yaml Normal file
View File

@ -0,0 +1,26 @@
---
- name: Download and install K3s agent
ansible.builtin.shell:
cmd: >
curl -sfL https://get.k3s.io |
INSTALL_K3S_VERSION={{ k3s_version }}
K3S_URL={{ k3s_server_url }}
K3S_TOKEN={{ k3s_node_token }}
sh -
creates: /usr/local/bin/k3s
- name: Ensure K3s agent service is running
ansible.builtin.service:
name: k3s-agent
state: started
enabled: true
become: true
- name: Label node as storage
ansible.builtin.shell:
cmd: >
k3s kubectl label node nik-debian
node-role=storage --overwrite
delegate_to: minisforum
become: true
changed_when: false

85
manifests/jdownloader.yaml Normal file
View File

@ -0,0 +1,85 @@
# JDownloader + jd-bridge
# Apply: kubectl apply -f manifests/jdownloader.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: jdownloader
namespace: downloads
spec:
replicas: 1
selector:
matchLabels:
app: jdownloader
template:
metadata:
labels:
app: jdownloader
spec:
nodeSelector:
node-role: storage
containers:
- name: jdownloader
image: jlesage/jdownloader-2:latest
ports:
- containerPort: 5800
env:
- name: USER_ID
value: "1000"
- name: GROUP_ID
value: "1000"
- name: TZ
value: "Asia/Tokyo"
volumeMounts:
- name: config
mountPath: /config
- name: dl
mountPath: /output
volumes:
- name: config
hostPath:
path: /data/jdownloader
type: DirectoryOrCreate
- name: dl
hostPath:
path: /mnt/storage/dl
type: Directory
---
apiVersion: v1
kind: Service
metadata:
name: jdownloader
namespace: downloads
spec:
selector:
app: jdownloader
ports:
- name: web
port: 80
targetPort: 5800
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jdownloader
namespace: downloads
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: internal-ca-issuer
spec:
ingressClassName: traefik
tls:
- secretName: jdownloader-tls
hosts:
- jdownloader.home.arpa
rules:
- host: jdownloader.home.arpa
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jdownloader
port:
number: 80

105
manifests/qbittorrent.yaml Normal file
View File

@ -0,0 +1,105 @@
# qBittorrent
# Apply: kubectl apply -f manifests/qbittorrent.yaml
apiVersion: v1
kind: Namespace
metadata:
name: downloads
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: qbittorrent-config
namespace: downloads
annotations:
helm.sh/resource-policy: keep
spec:
accessModes:
- ReadWriteOnce
storageClassName: local-path
resources:
requests:
storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: qbittorrent
namespace: downloads
spec:
replicas: 1
selector:
matchLabels:
app: qbittorrent
template:
metadata:
labels:
app: qbittorrent
spec:
nodeSelector:
node-role: storage
containers:
- name: qbittorrent
image: lscr.io/linuxserver/qbittorrent:latest
ports:
- containerPort: 8080
env:
- name: PUID
value: "1000"
- name: PGID
value: "1000"
- name: TZ
value: "Asia/Tokyo"
- name: WEBUI_PORT
value: "8080"
volumeMounts:
- name: config
mountPath: /config
- name: torrents
mountPath: /torrents
volumes:
- name: config
persistentVolumeClaim:
claimName: qbittorrent-config
- name: torrents
hostPath:
path: /mnt/storage/torrents
type: Directory
---
apiVersion: v1
kind: Service
metadata:
name: qbittorrent
namespace: downloads
spec:
selector:
app: qbittorrent
ports:
- port: 80
targetPort: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: qbittorrent
namespace: downloads
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: internal-ca-issuer
spec:
ingressClassName: traefik
tls:
- secretName: qbittorrent-tls
hosts:
- qbittorrent.home.arpa
rules:
- host: qbittorrent.home.arpa
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: qbittorrent
port:
number: 80

4
values/pihole.yaml
View File

@ -74,4 +74,6 @@ dnsmasq:
- address=/home.arpa/192.168.7.77
- address=/nik4nao.home.arpa/192.168.7.183
- address=/dashy.home.arpa/192.168.7.77
- address=/jellyfin.home.arpa/192.168.7.77
- address=/jellyfin.home.arpa/192.168.7.77
- address=/qbittorrent.home.arpa/192.168.7.77
- address=/jdownloader.home.arpa/192.168.7.77