shortcuts:
  hostname: vaulttest.badhouseplants.net
ext-database:
  enabled: true
  name: vaultwardentest-postgres16
  instance: postgres16
  credentials:
    DATABASE_URL: "{{ .Protocol }}://{{ .Username }}:{{ .Password }}@{{ .Hostname }}:{{ .Port }}/{{ .Database }}"
workload:
  kind: Deployment
  strategy:
    type: RollingUpdate
  containers:
    vaultwarden:
      mounts:
        storage:
          data:
            path: /app/data/
        extraVolumes:
          logs:
            path: /app/logs
      envFrom:
        - environment
        - secrets
        - secretRef:
            name: vaultwardentest-postgres16-creds
ingress:
  main:
    class: traefik
    annotations:
      kubernetes.io/ingress.class: traefik
      traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
      kubernetes.io/tls-acme: "true"
      kubernetes.io/ingress.allow-http: "false"
      kubernetes.io/ingress.global-static-ip-name: ""
      cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
    rules:
      - host: vaulttest.badhouseplants.net
        http:
          paths:
            - backend:
                service:
                  name: '{{ include "chart.fullname" $ }}-main'
                  port:
                    number: 8080
              path: /
              pathType: Prefix
    tls:
      - hosts:
          - vaulttest.badhouseplants.net
        secretName: vaulttest.badhouseplants.net
extraVolumes:
  logs:
    emptyDir: {}

storage:
  data:
    annotations:
      volume.kubernetes.io/selected-node: yekaterinburg
    accessModes:
      - ReadWriteOnce
env:
  environment:
    enabled: true
    sensitive: false
    data:
      DOMAIN: https://vaulttest.badhouseplants.net
      #SMTP_HOST: mail.badhouseplants.net
      #SMTP_SECURITY: "starttls"
      #SMTP_PORT: 587
      #SMTP_FROM: vaulttest@badhouseplants.net
      #SMTP_FROM_NAME: Vault Warden
      #SMTP_AUTH_MECHANISM: "Plain"
      #SMTP_ACCEPT_INVALID_HOSTNAMES: "false"
      #SMTP_ACCEPT_INVALID_CERTS: "false"
      #SMTP_DEBUG: false
      DATA_FOLDER: /app/data/
      ROCKET_PORT: 8080
      SHOW_PASSWORD_HINT: true
      SIGNUPS_ALLOWED: true
      INVITATIONS_ALLOWED: true
      SIGNUPS_DOMAINS_WHITELIST: "test.com"
      SIGNUPS_VERIFY: false
      WEB_VAULT_ENABLED: true
      LOG_FILE: /app/logs/log.txt
      LOG_LEVEL: debug
      DB_CONNECTION_RETRIES: 10
      DATABASE_MAX_CONNS: 10
      ORG_GROUPS_ENABLED: true
      ORG_EVENTS_ENABLED: true
      ORG_CREATION_USERS: ""