From 1fe836c4f00d9aaec3bebc52ab890d48e4fed375 Mon Sep 17 00:00:00 2001 From: RNRod Date: Sun, 16 Jul 2023 21:52:44 +0200 Subject: [PATCH] add bitwarden --- badhouseplants/helmfile.yaml | 5 +++ badhouseplants/values/secrets.bitwarden.yaml | 22 ++++++++++++ badhouseplants/values/values.bitwarden.yaml | 37 ++++++++++++++++++++ releases.yaml | 9 +++++ repositories.yaml | 2 ++ 5 files changed, 75 insertions(+) create mode 100644 badhouseplants/values/secrets.bitwarden.yaml create mode 100644 badhouseplants/values/values.bitwarden.yaml diff --git a/badhouseplants/helmfile.yaml b/badhouseplants/helmfile.yaml index 9cd43ab..c9bfb1a 100644 --- a/badhouseplants/helmfile.yaml +++ b/badhouseplants/helmfile.yaml @@ -57,6 +57,11 @@ releases: namespace: monitoring-system createNamespace: false + - <<: *bitwarden + installed: true + namespace: bitwarden-application + createNamespace: true + bases: - ../environments.yaml - ../repositories.yaml diff --git a/badhouseplants/values/secrets.bitwarden.yaml b/badhouseplants/values/secrets.bitwarden.yaml new file mode 100644 index 0000000..2a865a3 --- /dev/null +++ b/badhouseplants/values/secrets.bitwarden.yaml @@ -0,0 +1,22 @@ +env: + ADMIN_TOKEN: ENC[AES256_GCM,data:ea2lgOEYMi8Dsvun00YZR3PCE3ycNC4Mpe+xye9YL5CTtnyrDwV9Tw==,iv:28Tcn1/qIquS4jCNBTtspB9c+5U3Ut1zoY6gIez8fcs=,tag:POmhoUY3t4w+iTJKK2eHVQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKL3M4VWJBQzZQdHRDcXVw + VWIwcjd0Zm44V01DTW1aV2FhV1QvT2hpcUVZClJ2dHdvcDYxalEvMXB2a1F1WlRy + K1VOYmg4cWprSHpLSVJVK1lYVXR5cWMKLS0tIGJ3bHNIZE9zR3RuZmpmMlZBQ1Qr + dzNYMlRnUDIxK2padTRCSzR4UUpWQjQKxex3RqZGU7ekdNC3qIiqdFs7d7a0Pxa1 + amLsaNnBfJ3OqjuD8atF2iCAXy1Q2BcXunkWi3wbzHb/DgYly3n9OQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-07-16T18:40:43Z" + mac: ENC[AES256_GCM,data:tbPAgDQGA8MPnG5mIZLfvsOKdSkpOTK1Oy7uIQJ3DsNtBIt9vSO+vYxNjvfjAHyB6vE1cfx8zJkRcUw8kPh485jOxsM9G1ms/sjZKyJwsJbMjiqxs5zs0E4X9sqpJWiIhILBreZ8IopK4hCd2uLvhoV/HPxW8FV/HnHoCQ5p2Do=,iv:FtgTWFdkxCPOsNiJQWWIUmwYgh5rqRcbM/ToShcSODY=,tag:yc54xWHdq4KnSNxT9breOQ==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3 \ No newline at end of file diff --git a/badhouseplants/values/values.bitwarden.yaml b/badhouseplants/values/values.bitwarden.yaml new file mode 100644 index 0000000..b959319 --- /dev/null +++ b/badhouseplants/values/values.bitwarden.yaml @@ -0,0 +1,37 @@ +--- +image: + repository: vaultwarden/server + tag: 1.28.1 + +istio: + enabled: true + istio: + - name: bitwarden-http + gateway: badhouseplants-net + kind: http + hostname: bitwarden.badhouseplants.net + service: bitwarden-vaultwarden + port: 80 + + # pathType is only for k8s >= 1.1= + pathType: Prefix + +env: + + SIGNUPS_ALLOWED: false + DOMAIN: "https://bitwarden.badhouseplants.net" + # YUBICO_CLIENT_ID + # YUBICO_SECRET_KEY + # DATA_FOLDER + # DATABASE_URL + # ATTACHMENTS_FOLDER + # ICON_CACHE_FOLDER + # ROCKET_LIMITS + # ROCKET_WORKERS + WEB_VAULT_ENABLED: true + +persistence: + enabled: true + accessMode: ReadWriteOnce + size: 800Mi + storageClass: longhorn \ No newline at end of file diff --git a/releases.yaml b/releases.yaml index 58d1d84..e7dd71a 100644 --- a/releases.yaml +++ b/releases.yaml @@ -267,3 +267,12 @@ templates: - template: default-env-secrets - template: ext-istio-resource - template: ext-certificate + + bitwarden: &bitwarden + name: bitwarden + chart: bitwarden/vaultwarden + version: 0.1.7 + inherit: + - template: default-env-values + - template: default-env-secrets + - template: ext-istio-resource \ No newline at end of file diff --git a/repositories.yaml b/repositories.yaml index cef712f..8a7e150 100644 --- a/repositories.yaml +++ b/repositories.yaml @@ -32,3 +32,5 @@ repositories: url: https://prometheus-community.github.io/helm-charts - name: grafana url: https://grafana.github.io/helm-charts + - name: bitwarden + url: https://constin.github.io/vaultwarden-helm/ \ No newline at end of file