apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ include "vaultwarden.fullname" . }}
spec:
  replicas: {{ .Values.replicaCount }}
  selector:
    matchLabels:
      app: {{ include "vaultwarden.fullname" . }}
  template:
    metadata:
      labels:
        app: {{ include "vaultwarden.fullname" . }}
    spec:
      containers:
        - name: vaultwarden
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          ports:
            - name: http
              containerPort: 8080
          env:
            - name: ADMIN_TOKEN
              value: {{ .Values.vaultwarden.adminToken | quote }}
            - name: SIGNUPS_ALLOWED
              value: {{ .Values.vaultwarden.signupAllowed | quote }}
          envFrom:
            - secretRef:
                name: vaultwarden-smtp # SMTP secret
            - secretRef:
                name: vaultwarden-db-url # Database URL secret
          volumeMounts:
            - name: data
              mountPath: /data
      volumes:
        - name: data
          persistentVolumeClaim:
            claimName: {{ default (printf "%s-data" (include "vaultwarden.fullname" .)) .Values.persistence.existingClaim }}