-
Notifications
You must be signed in to change notification settings - Fork 18
/
helm-release.yaml
91 lines (91 loc) · 2.23 KB
/
helm-release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: &app vaultwarden
namespace: security
spec:
releaseName: *app
interval: 15m
chart:
spec:
chart: app-template
version: 0.2.2
sourceRef:
kind: HelmRepository
name: bjw-s-charts
namespace: flux-system
interval: 15m
install:
createNamespace: true
remediation:
retries: 5
upgrade:
remediation:
retries: 5
dependsOn:
- name: cloudnative-pg
namespace: database
values:
global:
nameOverride: *app
image:
repository: docker.io/vaultwarden/server
tag: 1.27.0
env:
DATA_FOLDER: "config"
SIGNUPS_ALLOWED: false
WEBSOCKET_ENABLED: true
WEBSOCKET_ADDRESS: 0.0.0.0
WEBSOCKET_PORT: 3012
DOMAIN: https://warden.${SECRET_DOMAIN}
ADMIN_TOKEN: ${SECRET_VAULTWARDEN_ADMIN_TOKEN}
SMTP_HOST: "smtp.sendgrid.net"
SMTP_FROM: "no-reply@56k.jp"
SMTP_FROM_NAME: "Vaultwarden"
SMTP_SSL: true
SMTP_PORT: 587
SMTP_USERNAME: "apikey"
SMTP_PASSWORD: "${SECRET_SENDGRID_API_KEY}"
DATABASE_URL:
valueFrom:
secretKeyRef:
name: vaultwarden-postgres
key: POSTGRES_URL
service:
main:
ports:
http:
port: &port 80
websocket:
enabled: true
port: &websocket-port 3012
ingress:
main:
enabled: true
ingressClassName: "nginx"
annotations:
hajimari.io/icon: "form-textbox-password"
external-dns.home.arpa/enabled: "true"
hosts:
- host: "warden.${SECRET_DOMAIN}"
paths:
- path: /
pathType: Prefix
service:
port: *port
- path: /notifications/hub/negotiate
pathType: Prefix
service:
port: *port
- path: /notifications/hub
pathType: Prefix
service:
port: *websocket-port
tls:
- hosts:
- "warden.${SECRET_DOMAIN}"
persistence:
config:
enabled: true
existingClaim: vaultwarden-config-v1