├── examples
    ├── openvpn-secret.yaml
    ├── transmision-svc.yaml
    ├── transmission-ingress.yaml
    ├── transmission-config.yaml
    └── transmission-deployment.yaml
├── .gitignore
└── README.md


/examples/openvpn-secret.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | data:
3 |   OPENVPN_USERNAME: username
4 |   OPENVPN_PASSWORD: password
5 | kind: Secret
6 | metadata:
7 |   name: vpn-creds
8 |   namespace: transmission
9 | type: Opaque


--------------------------------------------------------------------------------
/examples/transmision-svc.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: transmission
 5 |   namespace: transmission
 6 | spec:
 7 |   selector:
 8 |     app:  transmission
 9 |   ports:
10 |   - port: 9091
11 |     protocol: TCP
12 |     targetPort: 9091
13 |   sessionAffinity: None
14 |   type: ClusterIP
15 | 


--------------------------------------------------------------------------------
/examples/transmission-ingress.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: extensions/v1beta1
 2 | kind: Ingress
 3 | metadata:
 4 |   annotations:
 5 |     nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8
 6 |   name: transmission
 7 |   namespace: transmission
 8 | spec:
 9 |   rules:
10 |   - host: transmission.domain.tld
11 |     http:
12 |       paths:
13 |       - backend:
14 |           serviceName: transmission
15 |           servicePort: 9091
16 | 


--------------------------------------------------------------------------------
/examples/transmission-config.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ConfigMap
 3 | metadata:
 4 |   name: transmission-config
 5 |   namespace: transmission
 6 | data:
 7 |   LOCAL_NETWORK: 10.0.0.0/8
 8 |   OPENVPN_CONFIG: CA Vancouver
 9 |   OPENVPN_OPTS: --inactive 3600 --ping 10 --ping-exit 60
10 |   OPENVPN_PROVIDER: PIA
11 |   TRANSMISSION_DOWNLOAD_QUEUE_SIZE: "4"
12 |   TRANSMISSION_RATIO_LIMIT: "2"
13 |   TRANSMISSION_RATIO_LIMIT_ENABLED: "true"
14 |   TRANSMISSION_SPEED_LIMIT_DOWN: "10000"
15 |   TRANSMISSION_SPEED_LIMIT_DOWN_ENABLED: "true"
16 |   TRANSMISSION_SPEED_LIMIT_UP: "1000"
17 |   TRANSMISSION_SPEED_LIMIT_UP_ENABLED: "true"
18 |   WEBPROXY_ENABLED: "false"
19 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
  1 | # Byte-compiled / optimized / DLL files
  2 | __pycache__/
  3 | *.py[cod]
  4 | *$py.class
  5 | 
  6 | # C extensions
  7 | *.so
  8 | 
  9 | # Distribution / packaging
 10 | .Python
 11 | build/
 12 | develop-eggs/
 13 | dist/
 14 | downloads/
 15 | eggs/
 16 | .eggs/
 17 | lib/
 18 | lib64/
 19 | parts/
 20 | sdist/
 21 | var/
 22 | wheels/
 23 | *.egg-info/
 24 | .installed.cfg
 25 | *.egg
 26 | MANIFEST
 27 | 
 28 | # PyInstaller
 29 | #  Usually these files are written by a python script from a template
 30 | #  before PyInstaller builds the exe, so as to inject date/other infos into it.
 31 | *.manifest
 32 | *.spec
 33 | 
 34 | # Installer logs
 35 | pip-log.txt
 36 | pip-delete-this-directory.txt
 37 | 
 38 | # Unit test / coverage reports
 39 | htmlcov/
 40 | .tox/
 41 | .coverage
 42 | .coverage.*
 43 | .cache
 44 | nosetests.xml
 45 | coverage.xml
 46 | *.cover
 47 | .hypothesis/
 48 | .pytest_cache/
 49 | 
 50 | # Translations
 51 | *.mo
 52 | *.pot
 53 | 
 54 | # Django stuff:
 55 | *.log
 56 | local_settings.py
 57 | db.sqlite3
 58 | 
 59 | # Flask stuff:
 60 | instance/
 61 | .webassets-cache
 62 | 
 63 | # Scrapy stuff:
 64 | .scrapy
 65 | 
 66 | # Sphinx documentation
 67 | docs/_build/
 68 | 
 69 | # PyBuilder
 70 | target/
 71 | 
 72 | # Jupyter Notebook
 73 | .ipynb_checkpoints
 74 | 
 75 | # pyenv
 76 | .python-version
 77 | 
 78 | # celery beat schedule file
 79 | celerybeat-schedule
 80 | 
 81 | # SageMath parsed files
 82 | *.sage.py
 83 | 
 84 | # Environments
 85 | .env
 86 | .venv
 87 | env/
 88 | venv/
 89 | ENV/
 90 | env.bak/
 91 | venv.bak/
 92 | 
 93 | # Spyder project settings
 94 | .spyderproject
 95 | .spyproject
 96 | 
 97 | # Rope project settings
 98 | .ropeproject
 99 | 
100 | # mkdocs documentation
101 | /site
102 | 
103 | # mypy
104 | .mypy_cache/
105 | .idea


--------------------------------------------------------------------------------
/examples/transmission-deployment.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apps/v1beta2
 2 | kind: Deployment
 3 | metadata:
 4 |   name: transmission
 5 |   namespace: transmission
 6 | spec:
 7 |   progressDeadlineSeconds: 600
 8 |   replicas: 1
 9 |   revisionHistoryLimit: 10
10 |   selector:
11 |     matchLabels:
12 |       app: transmission
13 |   strategy:
14 |     type: Recreate
15 |   template:
16 |     metadata:
17 |       labels:
18 |         app: transmission
19 |     spec:
20 |       containers:
21 |       - envFrom:
22 |         - configMapRef:
23 |             name: transmission-config
24 |             optional: false
25 |         - secretRef:
26 |             name: vpn-creds
27 |             optional: false
28 |         image: haugene/transmission-openvpn
29 |         imagePullPolicy: Always
30 |         livenessProbe:
31 |           failureThreshold: 3
32 |           initialDelaySeconds: 10
33 |           periodSeconds: 2
34 |           successThreshold: 1
35 |           tcpSocket:
36 |             port: 9091
37 |           timeoutSeconds: 2
38 |         name: transmission
39 |         readinessProbe:
40 |           failureThreshold: 3
41 |           initialDelaySeconds: 10
42 |           periodSeconds: 2
43 |           successThreshold: 2
44 |           tcpSocket:
45 |             port: 9091
46 |           timeoutSeconds: 2
47 |         resources:
48 |           limits:
49 |             memory: 2000Mi
50 |         securityContext:
51 |           allowPrivilegeEscalation: true
52 |           capabilities:
53 |             add:
54 |             - NET_ADMIN
55 |           privileged: true
56 |         volumeMounts:
57 |         - mountPath: /data
58 |           name: data
59 |         - mountPath: /dev/net/tun
60 |           name: tunnel
61 |         - mountPath: /etc/localtime
62 |           name: localtime
63 |           readOnly: true
64 |       restartPolicy: Always
65 |       terminationGracePeriodSeconds: 30
66 |       volumes:
67 |       - name: data
68 |         nfs:
69 |           path: /Transmission
70 |           server: nfs-server
71 |       - hostPath:
72 |           path: /dev/net/tun
73 |           type: ""
74 |         name: tunnel
75 |       - hostPath:
76 |           path: /etc/localtime
77 |           type: ""
78 |         name: localtime
79 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Transmission with openvpn on Kubernetes
 2 | 
 3 | The files here are intended to be a reference point for setting up transmission with openvpn
 4 |  on a kubernetes cluster. I provide these as-is, with less absolute zero support. If you'd like 
 5 |  to make an improvement to the resources or documentation, PRs are certainly welcome. 
 6 |  
 7 | This setup uses the [haugene/transmission-openvpn](https://github.com/haugene/docker-transmission-openvpn) docker 
 8 | image which has over 10 million downloads on docker hub. I have found to be quite stable and have been using for 
 9 | at least a year. You can find documentation (worth reading) for that project in their 
10 | [github repo](https://github.com/haugene/docker-transmission-openvpn). 
11 | 
12 | ## Using these examples
13 | 
14 | **Applying the examples here as-is will not work.**
15 | 
16 | I've scrubbed out configuration unique to the two clusters I'm running transmission in. You'll need to look through 
17 | the examples and edit where appropriate. This example uses a central NFS server to host all Transmission data. 
18 | you could of course use any other volume type available in your cluster. The ingress example does not configure TLS
19 |  and is restricted to a local IP subnet. 
20 | 
21 | Some specific things you should adjust or confirm for your purposes:
22 | 
23 | * Ingress
24 |   * Hostname
25 |   * Service Name 
26 |   * IP restrictions 
27 | * Service
28 |   * Name
29 |   * Type
30 | * Deployment
31 |   * Secret name
32 |   * Config name
33 |   * data volume type, server, path
34 | * Config
35 |   * openvpn provider (see docs [here](https://github.com/haugene/docker-transmission-openvpn))
36 |   * local network 
37 |   * openvpn config
38 | * Secret (will need to be base64 encoded)
39 |   * username
40 |   * password
41 |   
42 |   
43 | 
44 | 
45 | ## FAQ
46 | 
47 | 
48 | #### Have you considered making this a helm chart?
49 | 
50 | Briefly. Not going to. I don't have the time to maintain a helm chart for this. I only provide this in hopes 
51 | of saving someone time by having a working example to consult. 
52 | 
53 | #### Are there other ways to do this? 
54 | 
55 | Yes. 
56 | 
57 | #### Can you help me install this on my cluster? 
58 | 
59 | No. 
60 | 
61 | #### It doesn't work. 
62 | 
63 | Ok. 
64 | 
65 | #### I used these examples, can I make a tweak to make it easier for the next person to use? 
66 | 
67 | Absolutely. PRs are welcome. 


--------------------------------------------------------------------------------