mirror of
https://github.com/auricom/home-cluster.git
synced 2025-10-02 08:47:17 +02:00
72 lines
1.9 KiB
YAML
72 lines
1.9 KiB
YAML
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: vaultwarden
|
|
namespace: data
|
|
spec:
|
|
interval: 5m
|
|
chart:
|
|
spec:
|
|
# renovate: registryUrl=https://k8s-at-home.com/charts/
|
|
chart: vaultwarden
|
|
version: 3.3.1
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: k8s-at-home-charts
|
|
namespace: flux-system
|
|
interval: 5m
|
|
values:
|
|
image:
|
|
repository: vaultwarden/server
|
|
tag: 1.23.1
|
|
pullPolicy: IfNotPresent
|
|
|
|
env:
|
|
DOMAIN: "https://vaultwarden.${SECRET_CLUSTER_DOMAIN}"
|
|
ADMIN_TOKEN: ${SECRET_VAULTWARDEN_ADMIN_TOKEN}
|
|
DATABASE_URL: ${SECRET_VAULTWARDEN_DB_URL}
|
|
TZ: "Europe/Paris"
|
|
DATA_FOLDER: "data"
|
|
SIGNUPS_ALLOWED: "false"
|
|
WEBSOCKET_ENABLED: "true"
|
|
SMTP_HOST: smtp.fastmail.com
|
|
SMTP_FROM: vaultwarden@${SECRET_CLUSTER_DOMAIN_ROOT}
|
|
SMTP_FROM_NAME: vaultwarden
|
|
SMTP_PORT: 587
|
|
SMTP_SSL: "true"
|
|
SMTP_USERNAME: ${SECRET_SMTP_USERNAME}
|
|
SMTP_PASSWORD: ${SECRET_VAULTWARDEN_SMTP_PASSWORD}
|
|
|
|
persistence:
|
|
config:
|
|
enabled: true
|
|
existingClaim: vaultwarden-data
|
|
|
|
service:
|
|
main:
|
|
annotations:
|
|
prometheus.io/probe: "true"
|
|
prometheus.io/protocol: tcp
|
|
|
|
ingress:
|
|
main:
|
|
enabled: true
|
|
ingressClassName: "nginx"
|
|
# annotations:
|
|
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
|
|
hosts:
|
|
- host: "vaultwarden.${SECRET_CLUSTER_DOMAIN}"
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
- path: /notifications/hub/negotiate
|
|
pathType: Prefix
|
|
- path: /notifications/hub
|
|
pathType: Prefix
|
|
servicePort: 3012
|
|
tls:
|
|
- hosts:
|
|
- "vaultwarden.${SECRET_CLUSTER_DOMAIN}"
|
|
secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}"
|