alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 8 Actions Activity
Files
0d04fc4c26006a78b359f673328192035f19f213
infrastructure/clusters/cl01tl/helm/vaultwarden/values.yaml
Alex Lebens bb770531a6
Some checks failed
lint-test-helm / lint-helm (pull_request) Failing after 33s
Details
lint-test-helm / validate-kubeconform (pull_request) Has been skipped
Details
feat: refactor apps
2026-04-07 20:20:01 -05:00

94 lines
2.5 KiB
YAML
Raw Blame History

vaultwarden:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
containers:
main:
image:
repository: ghcr.io/vaultwarden/server
tag: 1.35.4@sha256:43498a94b22f9563f2a94b53760ab3e710eefc0d0cac2efda4b12b9eb8690664
env:
- name: DOMAIN
value: https://passwords.alexlebens.dev
- name: SIGNUPS_ALLOWED
value: "false"
- name: INVITATIONS_ALLOWED
value: "false"
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: vaultwarden-postgresql-18-cluster-app
key: uri
- name: SSO_ENABLED
value: true
- name: SSO_SIGNUPS_MATCH_EMAIL
value: true
- name: SSO_AUTHORITY
value: https://auth.alexlebens.dev/application/o/vaultwarden/
- name: SSO_SCOPES
value: "email profile offline_access"
- name: SSO_CLIENT_ID
valueFrom:
secretKeyRef:
name: vaultwarden-oidc-secret
key: client
- name: SSO_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: vaultwarden-oidc-secret
key: secret
resources:
requests:
cpu: 10m
memory: 30Mi
service:
main:
controller: main
ports:
http:
port: 80
targetPort: 80
persistence:
config:
forceRename: vaultwarden-data
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 5Gi
advancedMounts:
main:
main:
- path: /data
readOnly: false
postgres-18-cluster:
mode: recovery
recovery:
method: objectStore
objectStore:
index: 1
backup:
objectStore:
- name: garage-local
index: 1
destinationBucket: postgres-backups
externalSecretCredentialPath: /garage/home-infra/postgres-backups
isWALArchiver: true
scheduledBackups:
- name: live-backup
suspend: false
immediate: true
schedule: "0 0 0 * * *"
backupName: garage-local
volsync-target-data:
pvcTarget: vaultwarden-data
local:
enabled: true
schedule: 0 0 0 * * *
remote:
enabled: true
schedule: 0 0 0 * * *
external:
enabled: true
schedule: 0 0 0 * * *
Reference in New Issue View Git Blame Copy Permalink