#!/bin/bash # # Media Stack Deployment Script # Deploys all components in the correct order # Supports optional VPN tunneling via Gluetun # set -e SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" NAMESPACE="media" USE_VPN=false # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color usage() { echo "Usage: $0 [OPTIONS]" echo "" echo "Options:" echo " --vpn Deploy qBittorrent, Prowlarr, and Dispatcharr with VPN sidecar" echo " --no-vpn Deploy without VPN (default)" echo " --help Show this help message" echo "" echo "Examples:" echo " $0 # Deploy without VPN" echo " $0 --vpn # Deploy with VPN tunneling" } log_info() { echo -e "${GREEN}[INFO]${NC} $1" } log_warn() { echo -e "${YELLOW}[WARN]${NC} $1" } log_error() { echo -e "${RED}[ERROR]${NC} $1" } log_vpn() { echo -e "${BLUE}[VPN]${NC} $1" } # Parse arguments while [[ $# -gt 0 ]]; do case $1 in --vpn) USE_VPN=true shift ;; --no-vpn) USE_VPN=false shift ;; --help) usage exit 0 ;; *) log_error "Unknown option: $1" usage exit 1 ;; esac done # Check if kubectl is available if ! command -v kubectl &> /dev/null; then log_error "kubectl not found. Please install kubectl first." exit 1 fi # Check cluster connectivity if ! kubectl cluster-info &> /dev/null; then log_error "Cannot connect to Kubernetes cluster. Check your kubeconfig." exit 1 fi # VPN-specific checks if [ "$USE_VPN" = true ]; then log_vpn "VPN mode enabled - checking prerequisites..." # Check if secret file has been modified if grep -q "YOUR_WIREGUARD_PRIVATE_KEY_HERE" "$SCRIPT_DIR/base/vpn/mullvad-secret.yaml"; then log_error "You must edit base/vpn/mullvad-secret.yaml with your Mullvad credentials!" echo "" echo "Steps to get your credentials:" echo "1. Go to https://mullvad.net/en/account/wireguard-config" echo "2. Generate a new WireGuard configuration" echo "3. Download the .conf file and extract:" echo " - PrivateKey → WIREGUARD_PRIVATE_KEY" echo " - Address (IPv4) → WIREGUARD_ADDRESSES" echo "" exit 1 fi log_vpn "Mullvad credentials found in secret file" fi log_info "Starting Media Stack deployment..." if [ "$USE_VPN" = true ]; then log_vpn "VPN tunneling will be enabled for: qBittorrent, Prowlarr, Dispatcharr" fi # Step 1: Create namespace log_info "Creating namespace..." kubectl apply -f "$SCRIPT_DIR/base/namespace.yaml" # Step 2: Create storage resources log_info "Creating storage resources (PVs)..." kubectl apply -f "$SCRIPT_DIR/base/nfs-storage.yaml" # Step 3: Create ConfigMaps log_info "Creating ConfigMap..." kubectl apply -f "$SCRIPT_DIR/base/configmap.yaml" if [ "$USE_VPN" = true ]; then log_vpn "Creating Gluetun VPN ConfigMap..." kubectl apply -f "$SCRIPT_DIR/base/vpn/gluetun-config.yaml" log_vpn "Creating qBittorrent init script ConfigMap..." kubectl apply -f "$SCRIPT_DIR/base/vpn/qbittorrent-init-configmap.yaml" log_vpn "Creating Mullvad VPN Secret..." kubectl apply -f "$SCRIPT_DIR/base/vpn/mullvad-secret.yaml" fi # Step 4: Create PVCs log_info "Creating Persistent Volume Claims..." kubectl apply -f "$SCRIPT_DIR/base/pvcs.yaml" # Wait for PVCs to bind log_info "Waiting for PVCs to bind..." sleep 5 kubectl get pvc -n "$NAMESPACE" # Step 5: Deploy applications if [ "$USE_VPN" = true ]; then log_vpn "Deploying Prowlarr with VPN sidecar..." kubectl apply -f "$SCRIPT_DIR/base/vpn/prowlarr-vpn.yaml" log_vpn "Deploying qBittorrent with VPN sidecar..." kubectl apply -f "$SCRIPT_DIR/base/vpn/qbittorrent-vpn.yaml" log_vpn "Deploying Dispatcharr with VPN sidecar..." kubectl apply -f "$SCRIPT_DIR/base/vpn/dispatcharr-vpn.yaml" else log_info "Deploying Prowlarr..." kubectl apply -f "$SCRIPT_DIR/base/prowlarr.yaml" log_info "Deploying qBittorrent..." kubectl apply -f "$SCRIPT_DIR/base/qbittorrent.yaml" log_info "Deploying Dispatcharr..." kubectl apply -f "$SCRIPT_DIR/base/dispatcharr.yaml" fi # These apps don't need VPN log_info "Deploying Sonarr..." kubectl apply -f "$SCRIPT_DIR/base/sonarr.yaml" log_info "Deploying Radarr..." kubectl apply -f "$SCRIPT_DIR/base/radarr.yaml" log_info "Deploying Lidarr..." kubectl apply -f "$SCRIPT_DIR/base/lidarr.yaml" log_info "Deploying Jellyfin..." kubectl apply -f "$SCRIPT_DIR/base/jellyfin.yaml" # Wait for deployments log_info "Waiting for all deployments to be ready..." sleep 10 # Show status echo "" log_info "Deployment complete! Checking status..." echo "" kubectl get deployments -n "$NAMESPACE" echo "" kubectl get pods -n "$NAMESPACE" echo "" kubectl get svc -n "$NAMESPACE" echo "" log_info "=============================================" log_info "Media Stack deployed successfully!" log_info "=============================================" echo "" if [ "$USE_VPN" = true ]; then log_vpn "VPN Status:" echo " The following services are tunneled through Mullvad VPN:" echo " - qBittorrent (all torrent traffic)" echo " - Prowlarr (indexer connections)" echo " - Dispatcharr (IPTV streams)" echo "" echo " To check VPN connectivity:" echo " kubectl logs -n media deployment/qbittorrent -c gluetun | grep -i 'ip'" echo "" echo " To verify your VPN IP:" echo " kubectl exec -n media deployment/qbittorrent -c qbittorrent -- curl -s ifconfig.me" echo "" fi log_info "Access your services at:" echo " Jellyfin: http://:30096" echo " Sonarr: http://:30989" echo " Radarr: http://:30878" echo " Lidarr: http://:30686" echo " Prowlarr: http://:30696" echo " qBittorrent: http://:30080" echo " Dispatcharr: http://:30191" echo "" log_warn "Remember to check qBittorrent logs for the temporary password:" echo " kubectl logs -n media deployment/qbittorrent -c qbittorrent | grep -i password" echo "" log_info "See README.md for post-deployment configuration steps."