apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ template "bitwarden.fullname" . }}
  labels:
  {{- include "bitwarden.labels" . | nindent 4 }}
data:
  EMERGENCY_ACCESS_ALLOWED: {{ .Values.bitwarden.emergencyAccessAllowed | default "false" | quote }}
  SIGNUPS_ALLOWED: {{ .Values.bitwarden.signupsAllowed | quote }}
  INVITATIONS_ALLOWED: {{ .Values.bitwarden.invitationsAllowed | quote }}
  {{- if .Values.bitwarden.domain }}
  DOMAIN: {{ .Values.bitwarden.domain | quote }}
  {{- end }}
  WEBSOCKET_ENABLED: {{ .Values.bitwarden.websockets.enabled | quote }}
  {{- if and .Values.bitwarden.admin.enabled .Values.bitwarden.admin.disableAdminToken }}
  DISABLE_ADMIN_TOKEN: "true"
  {{- end }}
  {{- with .Values.bitwarden.smtp }}
  {{- if .enabled }}
  SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .host | quote }}
  SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .from | quote }}
  {{- if .fromName }}
  SMTP_FROM_NAME: {{ .fromName | quote }}
  {{- end }}
  {{- if .security }}
  SMTP_SECURITY: {{ .security | quote }}
  {{- end }}
  {{- if .port }}
  SMTP_PORT: {{ .port | quote }}
  {{- end }}
  {{- if .timeout }}
  SMTP_TIMEOUT: {{ .timeout | quote }}
  {{- end }}
  {{- if and (not .existingSecret.enabled) .user }}
  SMTP_USERNAME: {{ .user | quote }}
  {{- end }}
  {{- if and (not .existingSecret.enabled) .password }}
  SMTP_PASSWORD: {{ .password | quote }}
  {{- end }}
  {{- end }}
  {{- end }}
  {{- with .Values.bitwarden.yubico }}
  {{- if .enabled }}
  {{- if .server }}
  YUBICO_SERVER: {{ .server | quote }}
  {{- end }}
  {{- if and (not .existingSecret.enabled) .clientId }}
  YUBICO_CLIENT_ID: {{ .clientId | quote }}
  {{- end }}
  {{- if and (not .existingSecret.enabled) .secretKey }}
  YUBICO_SECRET_KEY: {{ .secretKey | quote }}
  {{- end }}
  {{- end }}
  {{- end }}
  {{- include "bitwarden.externalDatabaseConfigMap" . | nindent 2 }}
  {{- if .Values.env }}
  {{- toYaml .Values.env | nindent 2 }}
  {{- end }}