k8s-deployment/values/badhouseplants/values.vaultwardentest.yaml

79 lines
2.1 KiB
YAML
Raw Normal View History

2024-07-15 19:12:53 +00:00
---
workload:
kind: Deployment
strategy:
type: RollingUpdate
containers:
vaultwarden:
mounts:
storage:
data:
path: /app/data/
extraVolumes:
logs:
path: /app/logs
envFrom:
- environment
- secrets
2024-07-13 20:21:59 +00:00
ingress:
2024-07-15 19:12:53 +00:00
main:
class: traefik
annotations:
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.global-static-ip-name: ""
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
rules:
- host: vaulttest.badhouseplants.net
http:
paths:
- backend:
service:
name: '{{ include "chart.fullname" $ }}'
port:
number: 8080
path: /
pathType: Prefix
tls:
- hosts:
- vaulttest.badhouseplants.net
secretName: vaulttest.badhouseplants.net
extraVolumes:
# -- Because by default the fs is read-only, we need to add an emtpy dir volume
logs:
emptyDir: {}
storage: {}
env:
environment:
enabled: true
sensitive: false
data:
DOMAIN: https://vaulttest.badhouseplants.net
SMTP_HOST: mail.badhouseplants.net
SMTP_SECURITY: "starttls"
SMTP_PORT: 587
SMTP_FROM: vaulttest@badhouseplants.net
SMTP_FROM_NAME: Vault Warden
SMTP_AUTH_MECHANISM: "Plain"
SMTP_ACCEPT_INVALID_HOSTNAMES: "false"
SMTP_ACCEPT_INVALID_CERTS: "false"
SMTP_DEBUG: false
DATA_FOLDER: /app/data/
ROCKET_PORT: 8080
SHOW_PASSWORD_HINT: true
SIGNUPS_ALLOWED: true
INVITATIONS_ALLOWED: true
SIGNUPS_DOMAINS_WHITELIST: "test.com"
SIGNUPS_VERIFY: false
WEB_VAULT_ENABLED: true
LOG_FILE: /app/logs/log.txt
LOG_LEVEL: info
DB_CONNECTION_RETRIES: 10
DATABASE_MAX_CONNS: 10
ORG_GROUPS_ENABLED: true
ORG_EVENTS_ENABLED: true
ORG_CREATION_USERS: ""