81 lines
1.6 KiB
YAML
81 lines
1.6 KiB
YAML
image:
|
|
repository: ghcr.io/bitwarden/lite
|
|
tag: "2025.12.0"
|
|
pullPolicy: IfNotPresent
|
|
|
|
replicaCount: 1
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 8080
|
|
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: traefik
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
hosts:
|
|
- host: bitwarden.immich-ad.ovh
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- secretName: bitwarden-tls
|
|
hosts:
|
|
- bitwarden.immich-ad.ovh
|
|
|
|
# Persist bitwarden data (attachments, icon cache, etc.)
|
|
persistence:
|
|
enabled: true
|
|
existingClaim: pvc-bitwarden-data
|
|
|
|
bitwarden:
|
|
# REQUIRED for secure cookies, web vault, etc.
|
|
domain: "bitwarden.immich-ad.ovh"
|
|
disableUserRegistration: false
|
|
|
|
installation:
|
|
id: "bca307eb-c177-4eb7-b6a6-b3ba0129ff3d"
|
|
key: "x4FBfkK4f1wDCuXWQdX9"
|
|
|
|
# SMTP optional
|
|
smtp:
|
|
enabled: false
|
|
host: ""
|
|
port: 587
|
|
username: ""
|
|
password:
|
|
existingSecret: ""
|
|
key: "SMTP_PASSWORD"
|
|
from: ""
|
|
hibp:
|
|
apiKey: ""
|
|
|
|
# Database config
|
|
database:
|
|
name: bitwarden
|
|
user: bitwarden
|
|
|
|
# Bitnami PostgreSQL subchart values
|
|
postgresql:
|
|
enabled: true
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/postgresql
|
|
tag: latest
|
|
|
|
auth:
|
|
username: bitwarden
|
|
database: bitwarden
|
|
|
|
# Upgrade-safe: point to an existing secret you create once
|
|
existingSecret: bitwarden-postgresql-auth
|
|
secretKeys:
|
|
adminPasswordKey: postgres-password
|
|
userPasswordKey: password
|
|
|
|
primary:
|
|
persistence:
|
|
enabled: true
|
|
existingClaim: pvc-bitwarden-data # bind to precreated PVC if you want |