77 lines
2.1 KiB
YAML
77 lines
2.1 KiB
YAML
vaultwarden:
|
|
controllers:
|
|
main:
|
|
type: deployment
|
|
replicas: 1
|
|
strategy: Recreate
|
|
revisionHistoryLimit: 3
|
|
containers:
|
|
main:
|
|
image:
|
|
repository: vaultwarden/server
|
|
tag: 1.34.3
|
|
pullPolicy: IfNotPresent
|
|
env:
|
|
- name: DOMAIN
|
|
value: https://passwords.alexlebens.dev
|
|
- name: SIGNUPS_ALLOWED
|
|
value: "false"
|
|
- name: INVITATIONS_ALLOWED
|
|
value: "false"
|
|
- name: DATABASE_URL
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: vaultwarden-postgresql-17-cluster-app
|
|
key: uri
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 128Mi
|
|
service:
|
|
main:
|
|
controller: main
|
|
ports:
|
|
http:
|
|
port: 80
|
|
targetPort: 80
|
|
protocol: HTTP
|
|
persistence:
|
|
config:
|
|
forceRename: vaultwarden-data
|
|
storageClass: ceph-block
|
|
accessMode: ReadWriteOnce
|
|
size: 5Gi
|
|
retain: true
|
|
advancedMounts:
|
|
main:
|
|
main:
|
|
- path: /data
|
|
readOnly: false
|
|
cloudflared:
|
|
existingSecretName: vaultwarden-cloudflared-secret
|
|
postgres-17-cluster:
|
|
mode: standalone
|
|
cluster:
|
|
storage:
|
|
storageClass: local-path
|
|
walStorage:
|
|
storageClass: local-path
|
|
monitoring:
|
|
enabled: true
|
|
prometheusRule:
|
|
enabled: true
|
|
recovery:
|
|
method: objectStore
|
|
objectStore:
|
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/vaultwarden/vaultwarden-postgresql-17-cluster
|
|
endpointCredentials: vaultwarden-postgresql-17-cluster-backup-secret
|
|
recoveryIndex: 3
|
|
backup:
|
|
enabled: true
|
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/vaultwarden/vaultwarden-postgresql-17-cluster
|
|
endpointCredentials: vaultwarden-postgresql-17-cluster-backup-secret
|
|
backupIndex: 3
|
|
retentionPolicy: "7d"
|