vaultwarden: controllers: main: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 containers: main: image: repository: vaultwarden/server tag: 1.34.3 pullPolicy: IfNotPresent env: - name: DOMAIN value: https://passwords.alexlebens.dev - name: SIGNUPS_ALLOWED value: "false" - name: INVITATIONS_ALLOWED value: "false" - name: DATABASE_URL valueFrom: secretKeyRef: name: vaultwarden-postgresql-17-cluster-app key: uri resources: requests: cpu: 10m memory: 128Mi service: main: controller: main ports: http: port: 80 targetPort: 80 protocol: HTTP persistence: config: forceRename: vaultwarden-data storageClass: ceph-block accessMode: ReadWriteOnce size: 5Gi retain: true advancedMounts: main: main: - path: /data readOnly: false cloudflared: existingSecretName: vaultwarden-cloudflared-secret postgres-17-cluster: mode: recovery cluster: storage: storageClass: local-path walStorage: storageClass: local-path monitoring: enabled: true prometheusRule: enabled: true recovery: method: objectStore objectStore: destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/vaultwarden/vaultwarden-postgresql-17-cluster index: 3 endpointCredentials: sonarr-postgresql-17-cluster-backup-secret backup: objectStore: - name: external destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/vaultwarden/vaultwarden-postgresql-17-cluster index: 3 endpointCredentials: sonarr-postgresql-17-cluster-backup-secret retentionPolicy: "3d" scheduledBackups: - name: daily-backup suspend: false schedule: "0 0 0 * * *" backupName: external