vaultwarden: controllers: main: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 containers: main: image: repository: vaultwarden/server tag: 1.34.3 pullPolicy: IfNotPresent env: - name: DOMAIN value: https://passwords.alexlebens.dev - name: SIGNUPS_ALLOWED value: "false" - name: INVITATIONS_ALLOWED value: "false" - name: DATABASE_URL valueFrom: secretKeyRef: name: vaultwarden-postgresql-18-cluster-app key: uri resources: requests: cpu: 10m memory: 128Mi service: main: controller: main ports: http: port: 80 targetPort: 80 protocol: HTTP persistence: config: forceRename: vaultwarden-data storageClass: ceph-block accessMode: ReadWriteOnce size: 5Gi retain: true advancedMounts: main: main: - path: /data readOnly: false postgres-18-cluster: mode: recovery recovery: method: objectStore objectStore: index: 1 backup: objectStore: - name: garage-local index: 1 destinationBucket: postgres-backups externalSecretCredentialPath: /garage/home-infra/postgres-backups isWALArchiver: true # - name: garage-remote # index: 1 # destinationBucket: postgres-backups # externalSecretCredentialPath: /garage/home-infra/postgres-backups # retentionPolicy: "90d" # data: # compression: bzip2 # - name: external # index: 1 # endpointURL: https://nyc3.digitaloceanspaces.com # destinationBucket: postgres-backups-ce540ddf106d186bbddca68a # externalSecretCredentialPath: /garage/home-infra/postgres-backups # isWALArchiver: false scheduledBackups: - name: live-backup suspend: false immediate: true schedule: "0 0 0 * * *" backupName: garage-local # - name: weekly-backup # suspend: true # immediate: true # schedule: "0 0 4 * * SAT" # backupName: garage-remote # - name: daily-backup # suspend: true # immediate: true # schedule: "0 0 0 * * *" # backupName: external volsync-target-data: pvcTarget: vaultwarden-data local: schedule: 0 0 0 * * * remote: schedule: 0 0 0 * * * external: schedule: 0 0 0 * * *