initial git commit saving configs

bitwarden/values.yaml

@@ -0,0 +1,81 @@
+image:
+  repository: ghcr.io/bitwarden/lite
+  tag: "2025.12.0"
+  pullPolicy: IfNotPresent
+
+replicaCount: 1
+
+service:
+  type: ClusterIP
+  port: 8080
+
+ingress:
+  enabled: true
+  ingressClassName: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+  hosts:
+    - host: bitwarden.immich-ad.ovh
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: bitwarden-tls
+      hosts:
+        - bitwarden.immich-ad.ovh
+
+# Persist bitwarden data (attachments, icon cache, etc.)
+persistence:
+  enabled: true
+  existingClaim: pvc-bitwarden-data
+
+bitwarden:
+  # REQUIRED for secure cookies, web vault, etc.
+  domain: "bitwarden.immich-ad.ovh"
+  disableUserRegistration: false
+
+  installation:
+    id: "bca307eb-c177-4eb7-b6a6-b3ba0129ff3d"
+    key: "x4FBfkK4f1wDCuXWQdX9"
+
+  # SMTP optional
+  smtp:
+    enabled: false
+    host: ""
+    port: 587
+    username: ""
+    password:
+      existingSecret: ""
+      key: "SMTP_PASSWORD"
+    from: ""
+hibp:
+  apiKey: ""
+
+# Database config
+database:
+  name: bitwarden
+  user: bitwarden
+
+# Bitnami PostgreSQL subchart values
+postgresql:
+  enabled: true
+  image:
+    registry: docker.io
+    repository: bitnami/postgresql
+    tag: latest
+
+  auth:
+    username: bitwarden
+    database: bitwarden
+
+    # Upgrade-safe: point to an existing secret you create once
+    existingSecret: bitwarden-postgresql-auth
+    secretKeys:
+      adminPasswordKey: postgres-password
+      userPasswordKey: password
+
+  primary:
+    persistence:
+      enabled: true
+      existingClaim: pvc-bitwarden-data  # bind to precreated PVC if you want