ghp/helm-charts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

use patched helm chart k8s-at-home/bitwardenrs

Browse Source
This commit is contained in:
ace
2021-01-18 19:38:16 +03:00
parent c26c7c66b0
commit 2cde98435f
17 changed files with 705 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

209
bitwarden/values.yaml
View File

@ -1,59 +1,161 @@
# Default values for bitwarden.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# Default values for bitwardenrs.
replicaCount: 1
image:
repository: bitwardenrs/server
tag: 1.18.0
pullPolicy: IfNotPresent
# imagePullSecrets for accessing private registries
# pullSecrets: regcred
env:
SIGNUPS_ALLOWED: true
INVITATIONS_ALLOWED: true
# SERVER_ADMIN_EMAIL
# DOMAIN
# YUBICO_CLIENT_ID
# YUBICO_SECRET_KEY
# DATA_FOLDER
# DATABASE_URL
# ATTACHMENTS_FOLDER
# ICON_CACHE_FOLDER
# ROCKET_LIMITS
# ROCKET_WORKERS
# SMTP_HOST
# SMTP_FROM
# SMTP_PORT
# SMTP_SSL
# SMTP_EXPLICIT_TLS
# SMTP_USERNAME
# SMTP_PASSWORD
# SHOW_PASSWORD_HINT
# WEB_VAULT_ENABLED
tag: "1.18.0"
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
bitwarden:
domain: ""
signupsAllowed: true
invitationsAllowed: true
gui:
# If you set a different port here, you must also provide it under env
port: 80
websockets:
enabled: true
port: 3012
admin:
enabled: false
disableAdminToken: true
existingSecret:
enabled: false
name: ""
tokenKey: ""
# External database configuration.
# Requires bitwardenrs/server >= 1.17.0 or bitwardenrs/server-{mysql,postgres} images
# ref: https://github.com/dani-garcia/bitwarden_rs/wiki/Using-the-MySQL-Backend
# https://github.com/dani-garcia/bitwarden_rs/wiki/Using-the-PostgreSQL-Backend
externalDatabase:
enabled: false
# Supported values: 'mysql', 'postgresql'.
type: ""
# Database host. Required if external database is enabled.
host: ""
# Database port. Optional, default value is specific to the database backend.
port: ""
# Database name.
database: ""
# Database user.
user: ""
# Database password. Special characters must be escaped with percent encoding.
password: ""
# Use existing secret for database credentials.
existingSecret:
enabled: false
name: ""
userKey: ""
# Special characters in the password value must be escaped with percent encoding.
passwordKey: ""
# Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
smtp:
enabled: false
# SMTP hostname, required if SMTP is enabled
host: ""
# SMTP sender e-mail address, required if SMTP is enabled
from: ""
# SMTP sender name, defaults to 'Bitwarden_RS'
fromName: ""
# Enable SSL connection
ssl: true
# Explicit TLS
explicitTLS: true
# SMTP port
port: 465
# Timeout
timeout: 120
# SMTP username
user: ""
# SMTP password. Required is user is specified, ignored if no user provided
password: ""
# Use existing secret for SMTP authentication
existingSecret:
enabled: false
name: ""
userKey: ""
passwordKey: ""
# Enable Yubikey 2FA: https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
yubico:
enabled: false
# OTP verification server. Will use the default YubiCloud servers if not specified
server: ""
# API Client ID for OTP server. Ignored if existingSecret is provided.
clientId: ""
# API Secret Key for OTP server. Required if clientId is specified, ignored when using existingSecret.
secretKey: ""
# Use existing secret for API keys
existingSecret:
enabled: false
name: ""
clientIdKey: ""
secretKeyKey: ""
env: {}
# If you plan to run the WebUI on a port other than port 80, specify that here:
# For example, if running the container as a non-root user.
# ROCKET_PORT: "80"
persistence:
type: statefulset
enabled: false
size: 1Gi
accessMode: ReadWriteOnce
## Persistent Volume storage class
# storageClass: "-"
## Use existing Persistent Volume Claim
# existingClaim:
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
port: 80
loadBalancerIP: ""
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
labels: {}
additionalSpec: {}
ingress:
enabled: true
annotations:
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
path: /
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- bitwarden.example
tls:
- secretName: bitwarden-tls
hosts:
- bitwarden.example
- host: chart-example.local
paths: []
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
@ -61,26 +163,21 @@ resources: {}
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# cpu: 100m
# memory: 128Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
deploymentAnnotations: {}
## Persist data to a persitent volume
persistence:
enabled: false
accessMode: ReadWriteOnce
size: 800Mi
#storageClass:
#existingClaim: "bitwarden-pvc"