apiVersion: v1 kind: ServiceAccount metadata: labels: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: vaultwarden app.kubernetes.io/version: 1.33.2 helm.sh/chart: vaultwarden-0.31.8 name: vaultwarden-svc namespace: vaultwarden --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: vaultwarden app.kubernetes.io/version: 1.33.2 helm.sh/chart: vaultwarden-0.31.8 name: vaultwarden namespace: vaultwarden rules: - apiGroups: - extensions - apps resources: - deployments verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - pods verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - pods/exec verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - pods/log verbs: - get - list - watch - apiGroups: - "" resources: - secrets verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: vaultwarden app.kubernetes.io/version: 1.33.2 helm.sh/chart: vaultwarden-0.31.8 name: vaultwarden namespace: vaultwarden roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: vaultwarden subjects: - kind: ServiceAccount name: vaultwarden-svc --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: vaultwarden app.kubernetes.io/version: 1.33.2 helm.sh/chart: vaultwarden-0.31.8 name: vaultwarden namespace: vaultwarden spec: ipFamilyPolicy: SingleStack ports: - name: http port: 80 protocol: TCP targetPort: 8080 selector: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/name: vaultwarden type: ClusterIP --- apiVersion: apps/v1 kind: StatefulSet metadata: labels: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: vaultwarden app.kubernetes.io/version: 1.33.2 helm.sh/chart: vaultwarden-0.31.8 name: vaultwarden namespace: vaultwarden spec: persistentVolumeClaimRetentionPolicy: whenDeleted: Retain whenScaled: Retain replicas: 1 selector: matchLabels: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/name: vaultwarden serviceName: vaultwarden template: metadata: annotations: checksum/config: 168947ab11e3ea29e464b86f13ba129b41fa167f checksum/secret: 63df1807c40909b47d8731b04a208cffc9f387f4 labels: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/name: vaultwarden spec: containers: - envFrom: - configMapRef: name: vaultwarden - secretRef: name: vaultwarden image: docker.io/vaultwarden/server:1.33.2-alpine imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 10 httpGet: path: /alive port: http initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: vaultwarden ports: - containerPort: 8080 name: http protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /alive port: http initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: {} serviceAccountName: vaultwarden-svc