diff --git a/.gitignore b/.gitignore index c6d1387..1724783 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ bin custom +*.tgz \ No newline at end of file diff --git a/.woodpecker/.helm-workflow.yml b/.woodpecker/.helm-workflow.yml index f8b394f..cde5f42 100644 --- a/.woodpecker/.helm-workflow.yml +++ b/.woodpecker/.helm-workflow.yml @@ -70,6 +70,7 @@ steps: --password $REGISTRY_PASSWORD - | for chart in $(find charts -maxdepth 1 -mindepth 1 -type d); do + helm dependency update $chart helm package $chart -d chart-packages; done - | diff --git a/charts/mealie/Chart.lock b/charts/mealie/Chart.lock index 0254eb0..f119929 100644 --- a/charts/mealie/Chart.lock +++ b/charts/mealie/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: softplayer-lib-workload repository: oci://git.badhouseplants.net/softplayer - version: 0.2.0 -digest: sha256:e6bf909ead48b331a49921e1cf504791fb5ec0a80561d797ae06c7a44ad8a9cd -generated: "2024-07-15T08:45:21.509772+02:00" + version: 0.2.1 +digest: sha256:a3a4a69717a3549841454a0e27a1a9114ea8a03543caf5c0c9a184d5a98f36b4 +generated: "2024-07-15T19:51:29.734002+02:00" diff --git a/charts/mealie/Chart.yaml b/charts/mealie/Chart.yaml index af954f1..0c9f28a 100644 --- a/charts/mealie/Chart.yaml +++ b/charts/mealie/Chart.yaml @@ -10,7 +10,7 @@ maintainers: url: https://badhouseplants.net dependencies: - name: softplayer-lib-workload - version: 0.2.0 + version: 0.2.1 repository: oci://git.badhouseplants.net/softplayer annotations: allowed_workload_kinds: "Deployment" diff --git a/charts/mealie/charts/softplayer-lib-workload-0.2.0.tgz b/charts/mealie/charts/softplayer-lib-workload-0.2.0.tgz deleted file mode 100644 index 929b489..0000000 Binary files a/charts/mealie/charts/softplayer-lib-workload-0.2.0.tgz and /dev/null differ diff --git a/charts/mealie/templates/install.yaml b/charts/mealie/templates/install.yaml index 55acfe8..6f903c9 100644 --- a/charts/mealie/templates/install.yaml +++ b/charts/mealie/templates/install.yaml @@ -2,6 +2,5 @@ {{ include "lib.service" . }} {{ include "lib.ingress" . }} {{ include "lib.config.env" . }} -{{ include "lib.config.files" . }} {{ include "lib.pvc" . }} {{ include "lib.raw" . }} diff --git a/charts/mealie/values.yaml b/charts/mealie/values.yaml index c2ea521..9864b19 100644 --- a/charts/mealie/values.yaml +++ b/charts/mealie/values.yaml @@ -66,6 +66,7 @@ storage: - ReadWriteOnce env: environment: + enabled: true sensitive: false data: ALLOW_SIGNUP: true @@ -77,10 +78,11 @@ env: BASE_URL: https://mealie.softplayer.com DB_ENGINE: postgres secrets: + enabled: true sensitive: true data: - POSTGRES_USER: mealie - POSTGRES_PASSWORD: mealie - POSTGRES_SERVER: postgres - POSTGRES_PORT: 5432 - POSTGRES_DB: mealie + POSTGRES_USER: ~ + POSTGRES_PASSWORD: ~ + POSTGRES_SERVER: ~ + POSTGRES_PORT: ~ + POSTGRES_DB: ~ diff --git a/charts/team-fortress-2/charts/softplayer-lib-workload-0.1.8.tgz b/charts/team-fortress-2/charts/softplayer-lib-workload-0.1.8.tgz deleted file mode 100644 index 123ec15..0000000 Binary files a/charts/team-fortress-2/charts/softplayer-lib-workload-0.1.8.tgz and /dev/null differ diff --git a/charts/vaultwarden/Chart.lock b/charts/vaultwarden/Chart.lock new file mode 100644 index 0000000..8ade4b4 --- /dev/null +++ b/charts/vaultwarden/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: softplayer-lib-workload + repository: file://../../../softplayer-helm-lib/charts/workload/ + version: 0.2.1 +digest: sha256:a640e69a2823f6b5534cef9c3c7e8513e0ec6ce6c26904e32da03eb40bcd3143 +generated: "2024-07-15T19:46:39.750564+02:00" diff --git a/charts/vaultwarden/Chart.yaml b/charts/vaultwarden/Chart.yaml index c265afe..4c54ce8 100644 --- a/charts/vaultwarden/Chart.yaml +++ b/charts/vaultwarden/Chart.yaml @@ -2,12 +2,18 @@ apiVersion: v2 name: vaultwarden description: Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs type: application -version: 1.2.0 -appVersion: 1.30.5 +version: 2.0.0 +appVersion: 1.31.0 maintainers: - name: allanger email: allanger@zohomail.com url: https://badhouseplants.net +dependencies: + - name: softplayer-lib-workload + version: 0.2.1 + repository: oci://git.badhouseplants.net/softplayer +annotations: + allowed_workload_kinds: "Deployment" sources: - https://github.com/dani-garcia/vaultwarden/tree/main keywords: diff --git a/charts/vaultwarden/templates/NOTES.txt b/charts/vaultwarden/templates/NOTES.txt deleted file mode 100644 index 4dd323d..0000000 --- a/charts/vaultwarden/templates/NOTES.txt +++ /dev/null @@ -1,22 +0,0 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} - {{- end }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "vaultwarden.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "vaultwarden.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "vaultwarden.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "vaultwarden.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT -{{- end }} diff --git a/charts/vaultwarden/templates/configmap.yaml b/charts/vaultwarden/templates/configmap.yaml deleted file mode 100644 index 079aa18..0000000 --- a/charts/vaultwarden/templates/configmap.yaml +++ /dev/null @@ -1,46 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "vaultwarden.fullname" . }} - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -data: - DOMAIN: {{ .Values.vaultwarden.domain | quote }} - {{- if and .Values.vaultwarden.smtp.host .Values.vaultwarden.smtp.from | quote }} - SMTP_HOST: {{ .Values.vaultwarden.smtp.host | quote }} - SMTP_SECURITY: {{ .Values.vaultwarden.smtp.security | quote }} - SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }} - {{- if .Values.vaultwarden.smtp.authMechanism }} - SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }} - {{- end }} - SMTP_FROM: {{ .Values.vaultwarden.smtp.from | quote }} - SMTP_FROM_NAME: {{ default "Vaultwarden" .Values.vaultwarden.smtp.fromName | quote }} - SMTP_DEBUG: {{ .Values.vaultwarden.smtp.debug | quote }} - SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.acceptInvalidHostnames | quote }} - SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.acceptInvalidCerts | quote }} - SMTP_USERNAME: {{ .Values.vaultwarden.smtp.username | quote }} - {{- end }} - {{- if .Values.vaultwarden.websocket.enabled }} - WEBSOCKET_ENABLED: "true" - WEBSOCKET_ADDRESS: {{ .Values.vaultwarden.websocket.address | quote }} - WEBSOCKET_PORT: {{ .Values.vaultwarden.websocket.port | quote }} - {{- end }} - DATA_FOLDER: {{ .Values.vaultwarden.storage.dataDir | quote }} - ROCKET_PORT: {{ .Values.vaultwarden.rocket.port | quote }} - ROCKET_WORKERS: {{ .Values.vaultwarden.rocket.workers | quote }} - SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPassHint | quote }} - SIGNUPS_ALLOWED: {{ .Values.vaultwarden.signupsAllowed | quote }} - INVITATIONS_ALLOWED: {{ .Values.vaultwarden.invitationsAllowed | quote }} - SIGNUPS_DOMAINS_WHITELIST: {{ .Values.vaultwarden.signupDomains | quote }} - SIGNUPS_VERIFY: {{ .Values.vaultwarden.signupsVerify | quote }} - WEB_VAULT_ENABLED: {{ .Values.vaultwarden.webVaultEnabled | quote }} - {{- if .Values.vaultwarden.logging.enabled }} - LOG_FILE: {{ .Values.vaultwarden.logging.logfile | quote }} - LOG_LEVEL: {{ .Values.vaultwarden.logging.loglevel | quote }} - {{- end }} - DB_CONNECTION_RETRIES: {{ .Values.vaultwarden.database.connectionRetries | quote }} - DATABASE_MAX_CONNS: {{ .Values.vaultwarden.database.maxConnections | quote }} - # ------------------------------------------------------------------- - ORG_GROUPS_ENABLED: {{ .Values.vaultwarden.organizations.enabled | quote }} - ORG_EVENTS_ENABLED: {{ .Values.vaultwarden.organizations.orgEvents | quote }} - ORG_CREATION_USERS: {{ .Values.vaultwarden.organizations.crationUsers | quote }} diff --git a/charts/vaultwarden/templates/deployment.yaml b/charts/vaultwarden/templates/deployment.yaml deleted file mode 100644 index 9eca719..0000000 --- a/charts/vaultwarden/templates/deployment.yaml +++ /dev/null @@ -1,96 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "vaultwarden.fullname" . }} - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -spec: - replicas: 1 - selector: - matchLabels: - {{- include "vaultwarden.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} - {{- end }} - labels: - {{- include "vaultwarden.selectorLabels" . | nindent 8 }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - {{- if .Values.vaultwarden.storage.enabled }} - volumes: - - name: data - persistentVolumeClaim: - claimName: {{ include "vaultwarden.fullname" . }} - {{- end }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - ports: - - name: http - containerPort: {{ .Values.service.port }} - protocol: TCP - livenessProbe: - exec: - command: - - sh - - /healthcheck.sh - readinessProbe: - exec: - command: - - sh - - /healthcheck.sh - resources: - {{- toYaml .Values.resources | nindent 12 }} - envFrom: - - configMapRef: - name: {{ include "vaultwarden.fullname" . }} - env: - {{- if or (.Values.vaultwarden.smtp.password.value) (.Values.vaultwarden.smtp.password.existingSecretKey )}} - - name: SMTP_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.vaultwarden.smtp.password.existingSecret | default ( printf "%s-smtp" ( include "vaultwarden.fullname" . )) }} - key: {{ default "SMTP_PASSWORD" .Values.vaultwarden.smtp.password.existingSecretKey }} - {{- end }} - - name: ADMIN_TOKEN - valueFrom: - secretKeyRef: - name: {{ .Values.vaultwarden.adminToken.existingSecret | default ( printf "%s-admin-token" ( include "vaultwarden.fullname" . )) }} - key: {{ default "ADMIN_TOKEN" .Values.vaultwarden.adminToken.existingSecretKey }} - {{- if ne "default" .Values.vaultwarden.database.type }} - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: {{ .Values.vaultwarden.database.existingSecret | default ( printf "%s-db-creds" ( include "vaultwarden.fullname" . )) }} - key: {{ default "DATABASE_URL" .Values.vaultwarden.database.existingSecretKey }} - {{- end }} - {{- if .Values.vaultwarden.storage.enabled }} - volumeMounts: - - mountPath: {{ .Values.vaultwarden.storage.dataDir }} - name: data - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/charts/vaultwarden/templates/ingress.yaml b/charts/vaultwarden/templates/ingress.yaml deleted file mode 100644 index d12ebf3..0000000 --- a/charts/vaultwarden/templates/ingress.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "vaultwarden.fullname" . -}} -{{- $svcPort := .Values.service.port -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.ingress.className }} - {{- end }} - {{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} - pathType: {{ .pathType }} - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $fullName }} - port: - number: {{ $svcPort }} - {{- else }} - serviceName: {{ $fullName }} - servicePort: {{ $svcPort }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/vaultwarden/templates/install.yaml b/charts/vaultwarden/templates/install.yaml new file mode 100644 index 0000000..6f903c9 --- /dev/null +++ b/charts/vaultwarden/templates/install.yaml @@ -0,0 +1,6 @@ +{{ include "lib.workload" . }} +{{ include "lib.service" . }} +{{ include "lib.ingress" . }} +{{ include "lib.config.env" . }} +{{ include "lib.pvc" . }} +{{ include "lib.raw" . }} diff --git a/charts/vaultwarden/templates/pvc.yaml b/charts/vaultwarden/templates/pvc.yaml deleted file mode 100644 index f5463e7..0000000 --- a/charts/vaultwarden/templates/pvc.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.vaultwarden.storage.enabled }} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ include "vaultwarden.fullname" . }} - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{ .Values.vaultwarden.storage.size }} - storageClassName: {{ .Values.vaultwarden.storage.class }} -{{- end }} diff --git a/charts/vaultwarden/templates/secret.yaml b/charts/vaultwarden/templates/secret.yaml deleted file mode 100644 index 6b88f00..0000000 --- a/charts/vaultwarden/templates/secret.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{- if not .Values.vaultwarden.adminToken.existingSecret }} ---- -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ include "vaultwarden.fullname" . }}-admin-token - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -data: - ADMIN_TOKEN: {{ .Values.vaultwarden.adminToken.value | b64enc | quote }} -{{- end }} - -{{- if not .Values.vaultwarden.database.existingSecret }} ---- -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ include "vaultwarden.fullname" . }}-db-creds - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -data: - DATABASE_URL: {{ .Values.vaultwarden.database.connectionString | b64enc | quote }} -{{- end }} - -{{- if not .Values.vaultwarden.smtp.password.existingSecret }} ---- -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ include "vaultwarden.fullname" . }}-smtp - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -data: - SMTP_PASSWORD: {{ .Values.vaultwarden.smtp.password.value | b64enc | quote }} -{{- end }} diff --git a/charts/vaultwarden/templates/service.yaml b/charts/vaultwarden/templates/service.yaml deleted file mode 100644 index 1f21b2c..0000000 --- a/charts/vaultwarden/templates/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "vaultwarden.fullname" . }} - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - selector: - {{- include "vaultwarden.selectorLabels" . | nindent 4 }} diff --git a/charts/vaultwarden/values.yaml b/charts/vaultwarden/values.yaml index 7ed6839..85c3803 100644 --- a/charts/vaultwarden/values.yaml +++ b/charts/vaultwarden/values.yaml @@ -1,106 +1,114 @@ -image: - repository: registry.hub.docker.com/vaultwarden/server - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "" -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" -podAnnotations: {} -podSecurityContext: {} -# fsGroup: 2000 +--- +workload: + kind: Deployment + strategy: + type: RollingUpdate + containers: + mealie: + image: + registry: registry.hub.docker.com + repository: vaultwarden/server + tag: + pullPolicy: Always + ports: + - vaultwarden + mounts: + storage: + data: + path: /app/data/ + # logs: + # path: /app/logs + envFrom: + - environment + - secrets + livenessProbe: + exec: + command: + - sh + - /healthcheck.sh + readinessProbe: + exec: + command: + - sh + - /healthcheck.sh + initialDelaySeconds: 10 + periodSeconds: 10 -securityContext: {} -# capabilities: -# drop: -# - ALL -# readOnlyRootFilesystem: true -# runAsNonRoot: true -# runAsUser: 1000 +ingress: + main: + class: traefik + annotations: + annotation: test + rules: + - hosts: vaultwarden.softplayer.net + http: + paths: + - backend: + service: + name: '{{ include "chart.fullname" $ }}' + port: 8080 + tls: + - hosts: + - vaultwarden.softplayer.net + secretName: vaultwarden.softplayer.net service: type: ClusterIP - port: 8080 -ingress: - enabled: false - className: "" - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: chart-example.local - paths: - - path: / - pathType: ImplementationSpecific - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local -resources: {} -# We usually recommend not to specify default resources and to leave this as a conscious -# choice for the user. This also increases chances charts run on environments with little -# resources, such as Minikube. If you do want to specify resources, uncomment the following -# lines, adjust them as necessary, and remove the curly braces after 'resources:'. -# limits: -# cpu: 100m -# memory: 128Mi -# requests: -# cpu: 100m -# memory: 128Mi + ports: + vaultwarden: + port: 9000 + targetPort: 9000 + protocol: TCP -nodeSelector: {} -tolerations: [] -affinity: {} -vaultwarden: - smtp: - host: "" - security: "starttls" - port: 25 - from: vaultwarden@badhouseplants.net - fromName: vaultwarden - username: vaultwarden - password: - value: "VerySecurePassword" - existingSecret: "" - existingSecretKey: "" - authMechanism: "Plain" - acceptInvalidHostnames: "false" - acceptInvalidCerts: "false" - debug: false - adminToken: - existingSecret: "" - existingSecretKey: "" - value: "R@ndomToken$tring" - domain: "https://badhouseplants.vaultwarden.com" - websocket: +storage: + data: + storageClassName: default + size: 1G + accessModes: + - ReadWriteOnce + # logs: + # storageClassName: default + # size: 1G + # accessModes: + # - ReadWriteOnce + +# -- Please have a look here: https://github.com/dani-garcia/vaultwarden/blob/main/.env.template +env: + environment: enabled: true - address: "0.0.0.0" - port: 3012 - rocket: - port: "8080" - workers: "10" - webVaultEnabled: "true" - signupsAllowed: true - invitationsAllowed: true - signupDomains: "https://badhouseplants.vaultwarden.com" - signupsVerify: "true" - showPassHint: "false" - database: - connectionString: "data/db.sqlite3" - existingSecret: "" - existingSecretKey: "" - connectionRetries: 15 - maxConnections: 10 - storage: - enabled: false - size: 1Gi - class: default - dataDir: /data - logging: - enabled: false - logfile: "/data/vaultwarden.log" - loglevel: "warn" - organizations: - enabled: false - orgEvents: false # -- ORG_GROUPS_ENABLED - crationUsers: "" # -- ORG_CREATION_USERS + sensitive: false + data: + DOMAIN: vaultwarden.softplayer.net + SMTP_HOST: ~ + SMTP_SECURITY: startls + SMTP_PORT: 587 + SMTP_AUTH_MECHANISM: Plain + SMTP_FROM: vaultwarden@softplayer.net + SMTP_FROM_NAME: Soft Player + SMTP_DEBUG: false + SMTP_ACCEPT_INVALID_HOSTNAMES: false + SMTP_ACCEPT_INVALID_CERTS: false + SMTP_USERNAME: ~ + DATA_FOLDER: /app/data/ + ROCKET_PORT: 8080 + SHOW_PASSWORD_HINT: true + SIGNUPS_ALLOWED: false + INVITATIONS_ALLOWED: true + SIGNUPS_DOMAINS_WHITELIST: "*" + SIGNUPS_VERIFY: true + WEB_VAULT_ENABLED: true + LOG_FILE: /app/logs + LOG_LEVEL: info + DB_CONNECTION_RETRIES: 10 + DATABASE_MAX_CONNS: 10 + ORG_GROUPS_ENABLED: true + ORG_EVENTS_ENABLED: true + ORG_CREATION_USERS: "" + + secrets: + enabled: true + sensitive: true + data: + ADMIN_TOKEN: "R@ndomToken$tring" + DATABASE_URL: ~ + SMTP_PASSWORD: ~