65 lines
1.4 KiB
YAML
65 lines
1.4 KiB
YAML
image:
|
|
repository: docker.io/vaultwarden/server
|
|
tag: 1.35.3
|
|
pullPolicy: IfNotPresent
|
|
|
|
replicaCount: 1
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 8080
|
|
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: traefik
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
hosts:
|
|
- host: vaultwarden.immich-ad.ovh
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- secretName: vaultwarden-tls
|
|
hosts:
|
|
- vaultwarden.immich-ad.ovh
|
|
|
|
# Persist vaultwarden data (attachments, icon cache, etc.)
|
|
persistence:
|
|
enabled: true
|
|
existingClaim: pvc-vaultwarden-data
|
|
|
|
vaultwarden:
|
|
# REQUIRED for secure cookies, web vault, etc.
|
|
domain: "vaultwarden.immich-ad.ovh"
|
|
signupAllowed: false
|
|
adminToken: "x4FBfkK4f1wDCuXWQdX9"
|
|
|
|
# Database config
|
|
database:
|
|
name: vaultwarden
|
|
user: vaultwarden
|
|
|
|
# Bitnami PostgreSQL subchart values
|
|
postgresql:
|
|
enabled: true
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/postgresql
|
|
tag: latest
|
|
|
|
auth:
|
|
username: vaultwarden
|
|
database: vaultwarden
|
|
|
|
# Upgrade-safe: point to an existing secret you create once
|
|
existingSecret: vaultwarden-postgresql-auth
|
|
secretKeys:
|
|
adminPasswordKey: postgres-password
|
|
userPasswordKey: password
|
|
|
|
primary:
|
|
persistence:
|
|
enabled: true
|
|
existingClaim: pvc-vaultwarden-data # bind to precreated PVC if you want |