bitwarden_enabled: true
bitwarden_publish: false
bitwarden_use_external_db: true
bitwarden_default_values:
  env:
    SIGNUPS_ALLOWED: true
    INVITATIONS_ALLOWED: true
    DATABASE_URL: "postgresql://{{ bitwarden_db_username }}:{{ bitwarden_db_password }}@{{ postgres_db_team | default(namespace) }}-postgres.{{ postgres_db_namespace | default(namespace) }}.svc.cluster.local:5432/bitwarden?sslmode=require"
    DOMAIN: "https://bitwarden.{{ domain }}"
    SMTP_FROM: "bitwarden@{{ domain }}"
    SMTP_HOST: "mail.{{ domain }}"
    SMTP_PASSWORD: "{{ bitwarden_ldap_pass | default(bitwarden_ldap_password) }}"
    SMTP_SSL: "true"
    SMTP_EXPLICIT_TLS: "true"
    SMTP_PORT: "465"
    SMTP_USERNAME: "bitwarden@{{ domain }}"
    SMTP_TIMEOUT: "120"
    LOG_LEVEL: "debug"
    EXTENDED_LOGGING: "true"
  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: "{{ external_ingress_class if bitwarden_publish else internal_ingress_class }}"
      cert-manager.io/cluster-issuer: "letsencrypt-prod"
      cert-manager.io/acme-dns01-provider: "rfc2136"
      cert-manager.io/acme-challenge-type: "dns01"
      kubernetes.io/tls-acme: "true"
    path: /
    hosts:
      - "bitwarden.{{ domain }}"
    tls:
      - secretName: "bitwarden.{{ domain }}-tls"
        hosts:
          - "bitwarden.{{ domain }}"
  persistence:
    enabled: true
    accessMode: "{{ bitwarden_storage_mode | default('ReadWriteMany') }}"
    size: "{{ bitwarden_size | default('8Gi') }}"
    storageClass: "{{ bitwarden_storage | default('nfs-ssd') }}"