update bitwarden role - use k8s-at-home/bitwardenrs patched helm
This commit is contained in:
parent
814a48e3a7
commit
9a0074dea1
@ -2,21 +2,80 @@ bitwarden_enabled: true
|
|||||||
bitwarden_publish: false
|
bitwarden_publish: false
|
||||||
bitwarden_use_external_db: true
|
bitwarden_use_external_db: true
|
||||||
bitwarden_default_values:
|
bitwarden_default_values:
|
||||||
|
fullnameOverride: "bitwarden"
|
||||||
|
bitwarden:
|
||||||
|
domain: "https://bitwarden.{{ domain }}"
|
||||||
|
signupsAllowed: true
|
||||||
|
invitationsAllowed: true
|
||||||
|
gui:
|
||||||
|
# If you set a different port here, you must also provide it under env
|
||||||
|
port: 80
|
||||||
|
websockets:
|
||||||
|
enabled: true
|
||||||
|
port: 3012
|
||||||
|
admin:
|
||||||
|
enabled: false
|
||||||
|
disableAdminToken: true
|
||||||
|
existingSecret:
|
||||||
|
enabled: false
|
||||||
|
name: ""
|
||||||
|
tokenKey: ""
|
||||||
|
# External database configuration.
|
||||||
|
# Requires bitwardenrs/server >= 1.17.0 or bitwardenrs/server-{mysql,postgres} images
|
||||||
|
# ref: https://github.com/dani-garcia/bitwarden_rs/wiki/Using-the-MySQL-Backend
|
||||||
|
# https://github.com/dani-garcia/bitwarden_rs/wiki/Using-the-PostgreSQL-Backend
|
||||||
|
externalDatabase:
|
||||||
|
enabled: true
|
||||||
|
# Supported values: 'mysql', 'postgresql'.
|
||||||
|
type: "postgresql"
|
||||||
|
# Database host. Required if external database is enabled.
|
||||||
|
host: "{{ postgres_db_team | default(namespace) }}-postgres.{{ postgres_db_namespace | default(namespace) }}.svc.cluster.local"
|
||||||
|
# Database port. Optional, default value is specific to the database backend.
|
||||||
|
port: "5432"
|
||||||
|
# Database name.
|
||||||
|
database: "{{ bitwarden_db_name | default ('bitwarden') }}"
|
||||||
|
# Database user.
|
||||||
|
user: "{{ bitwarden_db_username }}"
|
||||||
|
# Database password. Special characters must be escaped with percent encoding.
|
||||||
|
password: "{{ bitwarden_db_password }}"
|
||||||
|
# Use existing secret for database credentials.
|
||||||
|
existingSecret:
|
||||||
|
enabled: false
|
||||||
|
name: ""
|
||||||
|
userKey: ""
|
||||||
|
# Special characters in the password value must be escaped with percent encoding.
|
||||||
|
passwordKey: ""
|
||||||
|
# Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
|
||||||
|
smtp:
|
||||||
|
enabled: true
|
||||||
|
# SMTP hostname, required if SMTP is enabled
|
||||||
|
host: "mail.{{ domain }}"
|
||||||
|
# SMTP sender e-mail address, required if SMTP is enabled
|
||||||
|
from: "bitwarden@{{ domain }}"
|
||||||
|
# SMTP sender name, defaults to 'Bitwarden_RS'
|
||||||
|
fromName: "bitwarden"
|
||||||
|
# Enable SSL connection
|
||||||
|
ssl: true
|
||||||
|
# Enable EXPLICIT_TLS
|
||||||
|
explicitTLS: true
|
||||||
|
# SMTP port
|
||||||
|
port: 465
|
||||||
|
# SMTP username
|
||||||
|
user: "bitwarden@{{ domain }}"
|
||||||
|
# SMTP password. Required is user is specified, ignored if no user provided
|
||||||
|
password: "{{ bitwarden_ldap_pass | default(bitwarden_ldap_password) }}"
|
||||||
|
timeout: 120
|
||||||
env:
|
env:
|
||||||
SIGNUPS_ALLOWED: true
|
|
||||||
INVITATIONS_ALLOWED: true
|
|
||||||
DATABASE_URL: "postgresql://{{ bitwarden_db_username }}:{{ bitwarden_db_password }}@{{ postgres_db_team | default(namespace) }}-postgres.{{ postgres_db_namespace | default(namespace) }}.svc.cluster.local:5432/bitwarden?sslmode=require"
|
|
||||||
DOMAIN: "https://bitwarden.{{ domain }}"
|
|
||||||
SMTP_FROM: "bitwarden@{{ domain }}"
|
|
||||||
SMTP_HOST: "mail.{{ domain }}"
|
|
||||||
SMTP_PASSWORD: "{{ bitwarden_ldap_pass | default(bitwarden_ldap_password) }}"
|
|
||||||
SMTP_SSL: "true"
|
|
||||||
SMTP_EXPLICIT_TLS: "true"
|
|
||||||
SMTP_PORT: "465"
|
|
||||||
SMTP_USERNAME: "bitwarden@{{ domain }}"
|
|
||||||
SMTP_TIMEOUT: "120"
|
|
||||||
LOG_LEVEL: "debug"
|
LOG_LEVEL: "debug"
|
||||||
EXTENDED_LOGGING: "true"
|
# If you plan to run the WebUI on a port other than port 80, specify that here:
|
||||||
|
# For example, if running the container as a non-root user.
|
||||||
|
# ROCKET_PORT: "80"
|
||||||
|
persistence:
|
||||||
|
enabled: true
|
||||||
|
accessMode: "{{ bitwarden_storage_mode | default('ReadWriteMany') }}"
|
||||||
|
size: "{{ bitwarden_size | default('8Gi') }}"
|
||||||
|
storageClass: "{{ bitwarden_storage | default('nfs-ssd') }}"
|
||||||
|
type: deployment
|
||||||
ingress:
|
ingress:
|
||||||
enabled: true
|
enabled: true
|
||||||
annotations:
|
annotations:
|
||||||
@ -25,16 +84,10 @@ bitwarden_default_values:
|
|||||||
cert-manager.io/acme-dns01-provider: "rfc2136"
|
cert-manager.io/acme-dns01-provider: "rfc2136"
|
||||||
cert-manager.io/acme-challenge-type: "dns01"
|
cert-manager.io/acme-challenge-type: "dns01"
|
||||||
kubernetes.io/tls-acme: "true"
|
kubernetes.io/tls-acme: "true"
|
||||||
path: /
|
|
||||||
hosts:
|
hosts:
|
||||||
- "bitwarden.{{ domain }}"
|
- host: "bitwarden.{{ domain }}"
|
||||||
|
paths: ["/"]
|
||||||
tls:
|
tls:
|
||||||
- secretName: "bitwarden.{{ domain }}-tls"
|
- secretName: "bitwarden.{{ domain }}-tls"
|
||||||
hosts:
|
hosts:
|
||||||
- "bitwarden.{{ domain }}"
|
- "bitwarden.{{ domain }}"
|
||||||
persistence:
|
|
||||||
enabled: true
|
|
||||||
accessMode: "{{ bitwarden_storage_mode | default('ReadWriteMany') }}"
|
|
||||||
size: "{{ bitwarden_size | default('8Gi') }}"
|
|
||||||
storageClass: "{{ bitwarden_storage | default('nfs-ssd') }}"
|
|
||||||
|
|
||||||
|
|||||||
@ -6,3 +6,4 @@ helm_repos:
|
|||||||
- { name: 'ingress-nginx', url: 'https://kubernetes.github.io/ingress-nginx' }
|
- { name: 'ingress-nginx', url: 'https://kubernetes.github.io/ingress-nginx' }
|
||||||
- { name: 'stable', url: 'https://charts.helm.sh/stable' }
|
- { name: 'stable', url: 'https://charts.helm.sh/stable' }
|
||||||
- { name: 'nextcloud', url: 'https://nextcloud.github.io/helm' }
|
- { name: 'nextcloud', url: 'https://nextcloud.github.io/helm' }
|
||||||
|
- { name: 'k8s-at-home', url: 'https://k8s-at-home.com/charts' }
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user