vaultwarden helm template
This commit is contained in:
Philip Haupt
@@ -98,39 +98,21 @@ subjects:
|
||||
---
|
||||
apiVersion: v1
|
||||
data:
|
||||
_enable_duo: "false"
|
||||
_enable_email_2fa: "false"
|
||||
_enable_smtp: "true"
|
||||
_enable_yubico: "false"
|
||||
ADMIN_RATELIMIT_MAX_BURST: "3"
|
||||
ADMIN_RATELIMIT_SECONDS: "300"
|
||||
admin_session_lifetime: "20"
|
||||
authenticator_disable_time_drift: "false"
|
||||
DATA_FOLDER: /data
|
||||
DATABASE_MAX_CONNS: "10"
|
||||
DB_CONNECTION_RETRIES: "15"
|
||||
disable_2fa_remember: "false"
|
||||
disable_icon_download: "false"
|
||||
DOMAIN: https://vault.borninpain.de
|
||||
email_2fa_enforce_on_verified_invite: "false"
|
||||
email_2fa_auto_fallback: "false"
|
||||
email_attempts_limit: "3"
|
||||
EMAIL_CHANGE_ALLOWED: "true"
|
||||
email_expiration_time: "600"
|
||||
email_token_size: "6"
|
||||
EMERGENCY_ACCESS_ALLOWED: "true"
|
||||
EMERGENCY_NOTIFICATION_REMINDER_SCHEDULE: 0 3 * * * *
|
||||
EMERGENCY_REQUEST_TIMEOUT_SCHEDULE: 0 7 * * * *
|
||||
EXTENDED_LOGGING: "true"
|
||||
EXPERIMENTAL_CLIENT_FEATURE_FLAGS: ssh-key-vault-item,ssh-agent
|
||||
http_request_block_non_global_ips: "true"
|
||||
EXTENDED_LOGGING: "true"
|
||||
ICON_BLACKLIST_NON_GLOBAL_IPS: "true"
|
||||
icon_cache_ttl: "2592000"
|
||||
icon_cache_negttl: "259200"
|
||||
icon_download_timeout: "10"
|
||||
ICON_REDIRECT_CODE: "302"
|
||||
ICON_SERVICE: internal
|
||||
incomplete_2fa_time_limit: "3"
|
||||
increase_note_size_limit: "false"
|
||||
INVITATION_EXPIRATION_HOURS: "120"
|
||||
INVITATION_ORG_NAME: Vaultwarden
|
||||
INVITATIONS_ALLOWED: "true"
|
||||
@@ -138,9 +120,6 @@ data:
|
||||
LOG_TIMESTAMP_FORMAT: '%Y-%m-%d %H:%M:%S.%3f'
|
||||
ORG_EVENTS_ENABLED: "false"
|
||||
ORG_GROUPS_ENABLED: "false"
|
||||
password_hints_allowed: "true"
|
||||
password_iterations: "600000"
|
||||
reload_templates: "false"
|
||||
REQUIRE_DEVICE_EMAIL: "false"
|
||||
ROCKET_ADDRESS: 0.0.0.0
|
||||
ROCKET_PORT: "8080"
|
||||
@@ -149,19 +128,17 @@ data:
|
||||
SHOW_PASSWORD_HINT: "false"
|
||||
SIGNUPS_ALLOWED: "true"
|
||||
SIGNUPS_VERIFY: "true"
|
||||
signups_verify_resend_limit: "6"
|
||||
signups_verify_resend_time: "3600"
|
||||
smtp_host: mxe965.netcup.net
|
||||
smtp_security: starttls
|
||||
smtp_port: "587"
|
||||
smtp_from: noreply@borninpain.de
|
||||
smtp_from_name: Vaultwarden
|
||||
smtp_timeout: "15"
|
||||
smtp_embed_images: "true"
|
||||
smtp_accept_invalid_certs: "false"
|
||||
smtp_accept_invalid_hostnames: "false"
|
||||
SMTP_ACCEPT_INVALID_CERTS: "false"
|
||||
SMTP_ACCEPT_INVALID_HOSTNAMES: "false"
|
||||
SMTP_AUTH_MECHANISM: Plain
|
||||
SMTP_DEBUG: "false"
|
||||
SMTP_FROM: noreply@borninpain.de
|
||||
SMTP_FROM_NAME: Vaultwarden
|
||||
SMTP_HOST: mxe965.netcup.net
|
||||
SMTP_PORT: "587"
|
||||
SMTP_SECURITY: starttls
|
||||
TRASH_AUTO_DELETE_DAYS: ""
|
||||
use_sendmail: "false"
|
||||
TZ: Europe/Berlin
|
||||
WEB_VAULT_ENABLED: "true"
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
@@ -226,20 +203,54 @@ spec:
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
checksum/config: 168947ab11e3ea29e464b86f13ba129b41fa167f
|
||||
checksum/secret: 63df1807c40909b47d8731b04a208cffc9f387f4
|
||||
checksum/config: 43e8689608a3dc84803c911f22965468d480cd42
|
||||
checksum/secret: adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
|
||||
labels:
|
||||
app.kubernetes.io/component: vaultwarden
|
||||
app.kubernetes.io/instance: vaultwarden
|
||||
app.kubernetes.io/name: vaultwarden
|
||||
spec:
|
||||
containers:
|
||||
- envFrom:
|
||||
- env:
|
||||
- name: YUBICO_SECRET_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: YUBICO_SECRET_KEY
|
||||
name: vaultwarden
|
||||
- name: DUO_SKEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: DUO_SKEY
|
||||
name: vaultwarden
|
||||
- name: SMTP_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: SMTP_USERNAME
|
||||
name: vaultwarden
|
||||
- name: SMTP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: SMTP_PASSWORD
|
||||
name: vaultwarden
|
||||
- name: ADMIN_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: ADMIN_TOKEN
|
||||
name: vaultwarden
|
||||
- name: PUSH_INSTALLATION_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: PUSH_INSTALLATION_ID
|
||||
name: vaultwarden
|
||||
- name: PUSH_INSTALLATION_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: PUSH_INSTALLATION_KEY
|
||||
name: vaultwarden
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: vaultwarden
|
||||
- secretRef:
|
||||
name: vaultwarden
|
||||
image: docker.io/vaultwarden/server:1.33.2-alpine
|
||||
image: docker.io/vaultwarden/server:1.34.3-alpine
|
||||
imagePullPolicy: IfNotPresent
|
||||
livenessProbe:
|
||||
failureThreshold: 10
|
||||
@@ -266,10 +277,23 @@ spec:
|
||||
timeoutSeconds: 1
|
||||
resources: {}
|
||||
volumeMounts:
|
||||
- name: vaultwarden-data
|
||||
mountPath: /data
|
||||
volumes:
|
||||
- name: vaultwarden-data
|
||||
persistentVolumeClaim:
|
||||
claimName: vaultwarden-data-pvc
|
||||
- mountPath: /data
|
||||
name: vaultwarden-data
|
||||
serviceAccountName: vaultwarden-svc
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
annotations:
|
||||
meta.helm.sh/release-name: vaultwarden
|
||||
meta.helm.sh/release-namespace: vaultwarden
|
||||
labels:
|
||||
app.kubernetes.io/component: vaultwarden
|
||||
app.kubernetes.io/instance: vaultwarden
|
||||
app.kubernetes.io/name: vaultwarden
|
||||
name: vaultwarden-data
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
storageClassName: openebs-3-replicas
|
||||
|
||||
Reference in New Issue
Block a user