79 lines
2.1 KiB
YAML
79 lines
2.1 KiB
YAML
workload:
|
|
kind: Deployment
|
|
strategy:
|
|
type: RollingUpdate
|
|
containers:
|
|
vaultwarden:
|
|
mounts:
|
|
storage:
|
|
data:
|
|
path: /app/data/
|
|
extraVolumes:
|
|
logs:
|
|
path: /app/logs
|
|
envFrom:
|
|
- environment
|
|
- secrets
|
|
ingress:
|
|
main:
|
|
class: traefik
|
|
annotations:
|
|
kubernetes.io/ingress.class: traefik
|
|
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
|
|
kubernetes.io/tls-acme: "true"
|
|
kubernetes.io/ingress.allow-http: "false"
|
|
kubernetes.io/ingress.global-static-ip-name: ""
|
|
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
|
rules:
|
|
- host: vaulttest2.badhouseplants.net
|
|
http:
|
|
paths:
|
|
- backend:
|
|
service:
|
|
name: '{{ include "chart.fullname" $ }}'
|
|
port:
|
|
number: 8080
|
|
path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- hosts:
|
|
- vaulttest2.badhouseplants.net
|
|
secretName: vaulttest2.badhouseplants.net
|
|
extraVolumes:
|
|
# -- Because by default the fs is read-only, we need to add an emtpy dir volume
|
|
logs:
|
|
emptyDir: {}
|
|
storage:
|
|
data:
|
|
storageClassName: openebs-hostpath
|
|
env:
|
|
environment:
|
|
enabled: true
|
|
sensitive: false
|
|
data:
|
|
DOMAIN: https://vaulttest2.badhouseplants.net
|
|
SMTP_HOST: mail.badhouseplants.net
|
|
SMTP_SECURITY: "starttls"
|
|
SMTP_PORT: 587
|
|
SMTP_FROM: vaulttest@badhouseplants.net
|
|
SMTP_FROM_NAME: Vault Warden
|
|
SMTP_AUTH_MECHANISM: "Plain"
|
|
SMTP_ACCEPT_INVALID_HOSTNAMES: "false"
|
|
SMTP_ACCEPT_INVALID_CERTS: "false"
|
|
SMTP_DEBUG: false
|
|
DATA_FOLDER: /app/data/
|
|
ROCKET_PORT: 8080
|
|
SHOW_PASSWORD_HINT: true
|
|
SIGNUPS_ALLOWED: true
|
|
INVITATIONS_ALLOWED: true
|
|
SIGNUPS_DOMAINS_WHITELIST: "test.com"
|
|
SIGNUPS_VERIFY: false
|
|
WEB_VAULT_ENABLED: true
|
|
LOG_FILE: /app/logs/log.txt
|
|
LOG_LEVEL: info
|
|
DB_CONNECTION_RETRIES: 10
|
|
DATABASE_MAX_CONNS: 10
|
|
ORG_GROUPS_ENABLED: true
|
|
ORG_EVENTS_ENABLED: true
|
|
ORG_CREATION_USERS: ""
|