Use the library for vaultwarden (#4)
Reviewed-on: https://git.badhouseplants.net/softplayer/softplayer-apps/pulls/4
This commit is contained in:
parent
8a0cf86d26
commit
5629800c2f
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,2 +1,3 @@
|
||||
bin
|
||||
custom
|
||||
*.tgz
|
@ -70,6 +70,7 @@ steps:
|
||||
--password $REGISTRY_PASSWORD
|
||||
- |
|
||||
for chart in $(find charts -maxdepth 1 -mindepth 1 -type d); do
|
||||
helm dependency update $chart
|
||||
helm package $chart -d chart-packages;
|
||||
done
|
||||
- |
|
||||
|
@ -1,6 +1,6 @@
|
||||
dependencies:
|
||||
- name: softplayer-lib-workload
|
||||
repository: oci://git.badhouseplants.net/softplayer
|
||||
version: 0.2.0
|
||||
digest: sha256:e6bf909ead48b331a49921e1cf504791fb5ec0a80561d797ae06c7a44ad8a9cd
|
||||
generated: "2024-07-15T08:45:21.509772+02:00"
|
||||
version: 0.2.1
|
||||
digest: sha256:a3a4a69717a3549841454a0e27a1a9114ea8a03543caf5c0c9a184d5a98f36b4
|
||||
generated: "2024-07-15T19:51:29.734002+02:00"
|
||||
|
@ -2,7 +2,7 @@ apiVersion: v2
|
||||
name: mealie
|
||||
description: A Helm chart for running Mealie
|
||||
type: application
|
||||
version: 0.1.0
|
||||
version: 0.2.0
|
||||
appVersion: v1.10.2
|
||||
maintainers:
|
||||
- name: allanger
|
||||
@ -10,7 +10,7 @@ maintainers:
|
||||
url: https://badhouseplants.net
|
||||
dependencies:
|
||||
- name: softplayer-lib-workload
|
||||
version: 0.2.0
|
||||
version: 0.2.1
|
||||
repository: oci://git.badhouseplants.net/softplayer
|
||||
annotations:
|
||||
allowed_workload_kinds: "Deployment"
|
||||
|
Binary file not shown.
@ -2,6 +2,5 @@
|
||||
{{ include "lib.service" . }}
|
||||
{{ include "lib.ingress" . }}
|
||||
{{ include "lib.config.env" . }}
|
||||
{{ include "lib.config.files" . }}
|
||||
{{ include "lib.pvc" . }}
|
||||
{{ include "lib.raw" . }}
|
||||
|
@ -66,6 +66,7 @@ storage:
|
||||
- ReadWriteOnce
|
||||
env:
|
||||
environment:
|
||||
enabled: true
|
||||
sensitive: false
|
||||
data:
|
||||
ALLOW_SIGNUP: true
|
||||
@ -77,10 +78,11 @@ env:
|
||||
BASE_URL: https://mealie.softplayer.com
|
||||
DB_ENGINE: postgres
|
||||
secrets:
|
||||
enabled: true
|
||||
sensitive: true
|
||||
data:
|
||||
POSTGRES_USER: mealie
|
||||
POSTGRES_PASSWORD: mealie
|
||||
POSTGRES_SERVER: postgres
|
||||
POSTGRES_PORT: 5432
|
||||
POSTGRES_DB: mealie
|
||||
POSTGRES_USER: ~
|
||||
POSTGRES_PASSWORD: ~
|
||||
POSTGRES_SERVER: ~
|
||||
POSTGRES_PORT: ~
|
||||
POSTGRES_DB: ~
|
||||
|
@ -2,7 +2,7 @@ apiVersion: v2
|
||||
name: team-fortress-2
|
||||
description: A Helm chart for running a Team Fortress 2 server
|
||||
type: application
|
||||
version: 0.1.1
|
||||
version: 0.1.2
|
||||
appVersion: "latest"
|
||||
maintainers:
|
||||
- name: allanger
|
||||
|
Binary file not shown.
6
charts/vaultwarden/Chart.lock
Normal file
6
charts/vaultwarden/Chart.lock
Normal file
@ -0,0 +1,6 @@
|
||||
dependencies:
|
||||
- name: softplayer-lib-workload
|
||||
repository: oci://git.badhouseplants.net/softplayer
|
||||
version: 0.2.1
|
||||
digest: sha256:a3a4a69717a3549841454a0e27a1a9114ea8a03543caf5c0c9a184d5a98f36b4
|
||||
generated: "2024-07-15T19:54:46.672967+02:00"
|
@ -2,12 +2,18 @@ apiVersion: v2
|
||||
name: vaultwarden
|
||||
description: Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
|
||||
type: application
|
||||
version: 1.2.0
|
||||
appVersion: 1.30.5
|
||||
version: 2.0.0
|
||||
appVersion: 1.31.0
|
||||
maintainers:
|
||||
- name: allanger
|
||||
email: allanger@zohomail.com
|
||||
url: https://badhouseplants.net
|
||||
dependencies:
|
||||
- name: softplayer-lib-workload
|
||||
version: 0.2.1
|
||||
repository: oci://git.badhouseplants.net/softplayer
|
||||
annotations:
|
||||
allowed_workload_kinds: "Deployment"
|
||||
sources:
|
||||
- https://github.com/dani-garcia/vaultwarden/tree/main
|
||||
keywords:
|
||||
|
@ -1,22 +0,0 @@
|
||||
1. Get the application URL by running these commands:
|
||||
{{- if .Values.ingress.enabled }}
|
||||
{{- range $host := .Values.ingress.hosts }}
|
||||
{{- range .paths }}
|
||||
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- else if contains "NodePort" .Values.service.type }}
|
||||
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "vaultwarden.fullname" . }})
|
||||
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
|
||||
echo http://$NODE_IP:$NODE_PORT
|
||||
{{- else if contains "LoadBalancer" .Values.service.type }}
|
||||
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
|
||||
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "vaultwarden.fullname" . }}'
|
||||
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "vaultwarden.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
|
||||
echo http://$SERVICE_IP:{{ .Values.service.port }}
|
||||
{{- else if contains "ClusterIP" .Values.service.type }}
|
||||
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "vaultwarden.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
|
||||
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
|
||||
echo "Visit http://127.0.0.1:8080 to use your application"
|
||||
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
|
||||
{{- end }}
|
@ -1,46 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "vaultwarden.fullname" . }}
|
||||
labels:
|
||||
{{- include "vaultwarden.labels" . | nindent 4 }}
|
||||
data:
|
||||
DOMAIN: {{ .Values.vaultwarden.domain | quote }}
|
||||
{{- if and .Values.vaultwarden.smtp.host .Values.vaultwarden.smtp.from | quote }}
|
||||
SMTP_HOST: {{ .Values.vaultwarden.smtp.host | quote }}
|
||||
SMTP_SECURITY: {{ .Values.vaultwarden.smtp.security | quote }}
|
||||
SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
|
||||
{{- if .Values.vaultwarden.smtp.authMechanism }}
|
||||
SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
|
||||
{{- end }}
|
||||
SMTP_FROM: {{ .Values.vaultwarden.smtp.from | quote }}
|
||||
SMTP_FROM_NAME: {{ default "Vaultwarden" .Values.vaultwarden.smtp.fromName | quote }}
|
||||
SMTP_DEBUG: {{ .Values.vaultwarden.smtp.debug | quote }}
|
||||
SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.acceptInvalidHostnames | quote }}
|
||||
SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.acceptInvalidCerts | quote }}
|
||||
SMTP_USERNAME: {{ .Values.vaultwarden.smtp.username | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.websocket.enabled }}
|
||||
WEBSOCKET_ENABLED: "true"
|
||||
WEBSOCKET_ADDRESS: {{ .Values.vaultwarden.websocket.address | quote }}
|
||||
WEBSOCKET_PORT: {{ .Values.vaultwarden.websocket.port | quote }}
|
||||
{{- end }}
|
||||
DATA_FOLDER: {{ .Values.vaultwarden.storage.dataDir | quote }}
|
||||
ROCKET_PORT: {{ .Values.vaultwarden.rocket.port | quote }}
|
||||
ROCKET_WORKERS: {{ .Values.vaultwarden.rocket.workers | quote }}
|
||||
SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPassHint | quote }}
|
||||
SIGNUPS_ALLOWED: {{ .Values.vaultwarden.signupsAllowed | quote }}
|
||||
INVITATIONS_ALLOWED: {{ .Values.vaultwarden.invitationsAllowed | quote }}
|
||||
SIGNUPS_DOMAINS_WHITELIST: {{ .Values.vaultwarden.signupDomains | quote }}
|
||||
SIGNUPS_VERIFY: {{ .Values.vaultwarden.signupsVerify | quote }}
|
||||
WEB_VAULT_ENABLED: {{ .Values.vaultwarden.webVaultEnabled | quote }}
|
||||
{{- if .Values.vaultwarden.logging.enabled }}
|
||||
LOG_FILE: {{ .Values.vaultwarden.logging.logfile | quote }}
|
||||
LOG_LEVEL: {{ .Values.vaultwarden.logging.loglevel | quote }}
|
||||
{{- end }}
|
||||
DB_CONNECTION_RETRIES: {{ .Values.vaultwarden.database.connectionRetries | quote }}
|
||||
DATABASE_MAX_CONNS: {{ .Values.vaultwarden.database.maxConnections | quote }}
|
||||
# -------------------------------------------------------------------
|
||||
ORG_GROUPS_ENABLED: {{ .Values.vaultwarden.organizations.enabled | quote }}
|
||||
ORG_EVENTS_ENABLED: {{ .Values.vaultwarden.organizations.orgEvents | quote }}
|
||||
ORG_CREATION_USERS: {{ .Values.vaultwarden.organizations.crationUsers | quote }}
|
@ -1,96 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ include "vaultwarden.fullname" . }}
|
||||
labels:
|
||||
{{- include "vaultwarden.labels" . | nindent 4 }}
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "vaultwarden.selectorLabels" . | nindent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
{{- with .Values.podAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
|
||||
checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "vaultwarden.selectorLabels" . | nindent 8 }}
|
||||
spec:
|
||||
{{- with .Values.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.podSecurityContext | nindent 8 }}
|
||||
{{- if .Values.vaultwarden.storage.enabled }}
|
||||
volumes:
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ include "vaultwarden.fullname" . }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.securityContext | nindent 12 }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: {{ .Values.service.port }}
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- sh
|
||||
- /healthcheck.sh
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- sh
|
||||
- /healthcheck.sh
|
||||
resources:
|
||||
{{- toYaml .Values.resources | nindent 12 }}
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: {{ include "vaultwarden.fullname" . }}
|
||||
env:
|
||||
{{- if or (.Values.vaultwarden.smtp.password.value) (.Values.vaultwarden.smtp.password.existingSecretKey )}}
|
||||
- name: SMTP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.vaultwarden.smtp.password.existingSecret | default ( printf "%s-smtp" ( include "vaultwarden.fullname" . )) }}
|
||||
key: {{ default "SMTP_PASSWORD" .Values.vaultwarden.smtp.password.existingSecretKey }}
|
||||
{{- end }}
|
||||
- name: ADMIN_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.vaultwarden.adminToken.existingSecret | default ( printf "%s-admin-token" ( include "vaultwarden.fullname" . )) }}
|
||||
key: {{ default "ADMIN_TOKEN" .Values.vaultwarden.adminToken.existingSecretKey }}
|
||||
{{- if ne "default" .Values.vaultwarden.database.type }}
|
||||
- name: DATABASE_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.vaultwarden.database.existingSecret | default ( printf "%s-db-creds" ( include "vaultwarden.fullname" . )) }}
|
||||
key: {{ default "DATABASE_URL" .Values.vaultwarden.database.existingSecretKey }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.storage.enabled }}
|
||||
volumeMounts:
|
||||
- mountPath: {{ .Values.vaultwarden.storage.dataDir }}
|
||||
name: data
|
||||
{{- end }}
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
@ -1,61 +0,0 @@
|
||||
{{- if .Values.ingress.enabled -}}
|
||||
{{- $fullName := include "vaultwarden.fullname" . -}}
|
||||
{{- $svcPort := .Values.service.port -}}
|
||||
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
|
||||
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
|
||||
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
apiVersion: networking.k8s.io/v1beta1
|
||||
{{- else -}}
|
||||
apiVersion: extensions/v1beta1
|
||||
{{- end }}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $fullName }}
|
||||
labels:
|
||||
{{- include "vaultwarden.labels" . | nindent 4 }}
|
||||
{{- with .Values.ingress.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
|
||||
ingressClassName: {{ .Values.ingress.className }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingress.tls }}
|
||||
tls:
|
||||
{{- range .Values.ingress.tls }}
|
||||
- hosts:
|
||||
{{- range .hosts }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
secretName: {{ .secretName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- range .Values.ingress.hosts }}
|
||||
- host: {{ .host | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- range .paths }}
|
||||
- path: {{ .path }}
|
||||
{{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
|
||||
pathType: {{ .pathType }}
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
|
||||
service:
|
||||
name: {{ $fullName }}
|
||||
port:
|
||||
number: {{ $svcPort }}
|
||||
{{- else }}
|
||||
serviceName: {{ $fullName }}
|
||||
servicePort: {{ $svcPort }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
6
charts/vaultwarden/templates/install.yaml
Normal file
6
charts/vaultwarden/templates/install.yaml
Normal file
@ -0,0 +1,6 @@
|
||||
{{ include "lib.workload" . }}
|
||||
{{ include "lib.service" . }}
|
||||
{{ include "lib.ingress" . }}
|
||||
{{ include "lib.config.env" . }}
|
||||
{{ include "lib.pvc" . }}
|
||||
{{ include "lib.raw" . }}
|
@ -1,15 +0,0 @@
|
||||
{{- if .Values.vaultwarden.storage.enabled }}
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: {{ include "vaultwarden.fullname" . }}
|
||||
labels:
|
||||
{{- include "vaultwarden.labels" . | nindent 4 }}
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.vaultwarden.storage.size }}
|
||||
storageClassName: {{ .Values.vaultwarden.storage.class }}
|
||||
{{- end }}
|
@ -1,38 +0,0 @@
|
||||
{{- if not .Values.vaultwarden.adminToken.existingSecret }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
type: Opaque
|
||||
metadata:
|
||||
name: {{ include "vaultwarden.fullname" . }}-admin-token
|
||||
labels:
|
||||
{{- include "vaultwarden.labels" . | nindent 4 }}
|
||||
data:
|
||||
ADMIN_TOKEN: {{ .Values.vaultwarden.adminToken.value | b64enc | quote }}
|
||||
{{- end }}
|
||||
|
||||
{{- if not .Values.vaultwarden.database.existingSecret }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
type: Opaque
|
||||
metadata:
|
||||
name: {{ include "vaultwarden.fullname" . }}-db-creds
|
||||
labels:
|
||||
{{- include "vaultwarden.labels" . | nindent 4 }}
|
||||
data:
|
||||
DATABASE_URL: {{ .Values.vaultwarden.database.connectionString | b64enc | quote }}
|
||||
{{- end }}
|
||||
|
||||
{{- if not .Values.vaultwarden.smtp.password.existingSecret }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
type: Opaque
|
||||
metadata:
|
||||
name: {{ include "vaultwarden.fullname" . }}-smtp
|
||||
labels:
|
||||
{{- include "vaultwarden.labels" . | nindent 4 }}
|
||||
data:
|
||||
SMTP_PASSWORD: {{ .Values.vaultwarden.smtp.password.value | b64enc | quote }}
|
||||
{{- end }}
|
@ -1,15 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "vaultwarden.fullname" . }}
|
||||
labels:
|
||||
{{- include "vaultwarden.labels" . | nindent 4 }}
|
||||
spec:
|
||||
type: {{ .Values.service.type }}
|
||||
ports:
|
||||
- port: {{ .Values.service.port }}
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
selector:
|
||||
{{- include "vaultwarden.selectorLabels" . | nindent 4 }}
|
@ -1,106 +1,114 @@
|
||||
---
|
||||
workload:
|
||||
kind: Deployment
|
||||
strategy:
|
||||
type: RollingUpdate
|
||||
containers:
|
||||
mealie:
|
||||
image:
|
||||
repository: registry.hub.docker.com/vaultwarden/server
|
||||
pullPolicy: IfNotPresent
|
||||
# Overrides the image tag whose default is the chart appVersion.
|
||||
tag: ""
|
||||
imagePullSecrets: []
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
podAnnotations: {}
|
||||
podSecurityContext: {}
|
||||
# fsGroup: 2000
|
||||
registry: registry.hub.docker.com
|
||||
repository: vaultwarden/server
|
||||
tag:
|
||||
pullPolicy: Always
|
||||
ports:
|
||||
- vaultwarden
|
||||
mounts:
|
||||
storage:
|
||||
data:
|
||||
path: /app/data/
|
||||
# logs:
|
||||
# path: /app/logs
|
||||
envFrom:
|
||||
- environment
|
||||
- secrets
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- sh
|
||||
- /healthcheck.sh
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- sh
|
||||
- /healthcheck.sh
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
|
||||
securityContext: {}
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - ALL
|
||||
# readOnlyRootFilesystem: true
|
||||
# runAsNonRoot: true
|
||||
# runAsUser: 1000
|
||||
ingress:
|
||||
main:
|
||||
class: traefik
|
||||
annotations:
|
||||
annotation: test
|
||||
rules:
|
||||
- hosts: vaultwarden.softplayer.net
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
service:
|
||||
name: '{{ include "chart.fullname" $ }}'
|
||||
port: 8080
|
||||
tls:
|
||||
- hosts:
|
||||
- vaultwarden.softplayer.net
|
||||
secretName: vaultwarden.softplayer.net
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 8080
|
||||
ingress:
|
||||
enabled: false
|
||||
className: ""
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: chart-example.local
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - chart-example.local
|
||||
resources: {}
|
||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
||||
# choice for the user. This also increases chances charts run on environments with little
|
||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
affinity: {}
|
||||
ports:
|
||||
vaultwarden:
|
||||
smtp:
|
||||
host: ""
|
||||
security: "starttls"
|
||||
port: 25
|
||||
from: vaultwarden@badhouseplants.net
|
||||
fromName: vaultwarden
|
||||
username: vaultwarden
|
||||
password:
|
||||
value: "VerySecurePassword"
|
||||
existingSecret: ""
|
||||
existingSecretKey: ""
|
||||
authMechanism: "Plain"
|
||||
acceptInvalidHostnames: "false"
|
||||
acceptInvalidCerts: "false"
|
||||
debug: false
|
||||
adminToken:
|
||||
existingSecret: ""
|
||||
existingSecretKey: ""
|
||||
value: "R@ndomToken$tring"
|
||||
domain: "https://badhouseplants.vaultwarden.com"
|
||||
websocket:
|
||||
enabled: true
|
||||
address: "0.0.0.0"
|
||||
port: 3012
|
||||
rocket:
|
||||
port: "8080"
|
||||
workers: "10"
|
||||
webVaultEnabled: "true"
|
||||
signupsAllowed: true
|
||||
invitationsAllowed: true
|
||||
signupDomains: "https://badhouseplants.vaultwarden.com"
|
||||
signupsVerify: "true"
|
||||
showPassHint: "false"
|
||||
database:
|
||||
connectionString: "data/db.sqlite3"
|
||||
existingSecret: ""
|
||||
existingSecretKey: ""
|
||||
connectionRetries: 15
|
||||
maxConnections: 10
|
||||
port: 9000
|
||||
targetPort: 9000
|
||||
protocol: TCP
|
||||
|
||||
storage:
|
||||
enabled: false
|
||||
size: 1Gi
|
||||
class: default
|
||||
dataDir: /data
|
||||
logging:
|
||||
enabled: false
|
||||
logfile: "/data/vaultwarden.log"
|
||||
loglevel: "warn"
|
||||
organizations:
|
||||
enabled: false
|
||||
orgEvents: false # -- ORG_GROUPS_ENABLED
|
||||
crationUsers: "" # -- ORG_CREATION_USERS
|
||||
data:
|
||||
storageClassName: default
|
||||
size: 1G
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
# logs:
|
||||
# storageClassName: default
|
||||
# size: 1G
|
||||
# accessModes:
|
||||
# - ReadWriteOnce
|
||||
|
||||
# -- Please have a look here: https://github.com/dani-garcia/vaultwarden/blob/main/.env.template
|
||||
env:
|
||||
environment:
|
||||
enabled: true
|
||||
sensitive: false
|
||||
data:
|
||||
DOMAIN: vaultwarden.softplayer.net
|
||||
SMTP_HOST: ~
|
||||
SMTP_SECURITY: startls
|
||||
SMTP_PORT: 587
|
||||
SMTP_AUTH_MECHANISM: Plain
|
||||
SMTP_FROM: vaultwarden@softplayer.net
|
||||
SMTP_FROM_NAME: Soft Player
|
||||
SMTP_DEBUG: false
|
||||
SMTP_ACCEPT_INVALID_HOSTNAMES: false
|
||||
SMTP_ACCEPT_INVALID_CERTS: false
|
||||
SMTP_USERNAME: ~
|
||||
DATA_FOLDER: /app/data/
|
||||
ROCKET_PORT: 8080
|
||||
SHOW_PASSWORD_HINT: true
|
||||
SIGNUPS_ALLOWED: false
|
||||
INVITATIONS_ALLOWED: true
|
||||
SIGNUPS_DOMAINS_WHITELIST: "*"
|
||||
SIGNUPS_VERIFY: true
|
||||
WEB_VAULT_ENABLED: true
|
||||
LOG_FILE: /app/logs
|
||||
LOG_LEVEL: info
|
||||
DB_CONNECTION_RETRIES: 10
|
||||
DATABASE_MAX_CONNS: 10
|
||||
ORG_GROUPS_ENABLED: true
|
||||
ORG_EVENTS_ENABLED: true
|
||||
ORG_CREATION_USERS: ""
|
||||
|
||||
secrets:
|
||||
enabled: true
|
||||
sensitive: true
|
||||
data:
|
||||
ADMIN_TOKEN: "R@ndomToken$tring"
|
||||
DATABASE_URL: ~
|
||||
SMTP_PASSWORD: ~
|
||||
|
Loading…
Reference in New Issue
Block a user