add vaultwarden
This commit is contained in:
parent
da9d9867e0
commit
fe7c1936ee
24
vaultwarden/ingress.yaml
Normal file
24
vaultwarden/ingress.yaml
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: vaultwarden
|
||||||
|
namespace: vaultwarden
|
||||||
|
annotations:
|
||||||
|
haproxy-ingress.github.io/ssl-redirect: "true"
|
||||||
|
spec:
|
||||||
|
ingressClassName: haproxy
|
||||||
|
rules:
|
||||||
|
- host: warden.strudelline.net
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: vaultwarden
|
||||||
|
port:
|
||||||
|
number: 80
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- warden.strudelline.net
|
||||||
|
secretName: wildcard-tls
|
12
vaultwarden/nfs-data-vol.yaml
Normal file
12
vaultwarden/nfs-data-vol.yaml
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: vaultwarden-data
|
||||||
|
namespace: vaultwarden
|
||||||
|
spec:
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 1Gi
|
||||||
|
storageClassName: nfs
|
4
vaultwarden/ns.yaml
Normal file
4
vaultwarden/ns.yaml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: vaultwarden
|
17
vaultwarden/svc.yaml
Normal file
17
vaultwarden/svc.yaml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: vaultwarden
|
||||||
|
name: vaultwarden
|
||||||
|
namespace: vaultwarden
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
app: vaultwarden
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
port: 80
|
||||||
|
protocol: TCP
|
||||||
|
targetPort: 80
|
||||||
|
clusterIP: None
|
||||||
|
type: ClusterIP
|
76
vaultwarden/vaultwarden-deployment.yaml
Normal file
76
vaultwarden/vaultwarden-deployment.yaml
Normal file
|
@ -0,0 +1,76 @@
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
namespace: vaultwarden
|
||||||
|
name: vaultwarden
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: vaultwarden
|
||||||
|
strategy:
|
||||||
|
type: Recreate
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: vaultwarden
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- env:
|
||||||
|
- name: ADMIN_RATELIMIT_MAX_BURST
|
||||||
|
value: "2"
|
||||||
|
- name: ADMIN_RATELIMIT_SECONDS
|
||||||
|
value: "60"
|
||||||
|
- name: ADMIN_TOKEN
|
||||||
|
value: '"AIRN*hup*twed@grif6prud"'
|
||||||
|
- name: DOMAIN
|
||||||
|
value: https://warden.strudelline.net
|
||||||
|
- name: EMERGENCY_ACCESS_ALLOWED
|
||||||
|
value: "true"
|
||||||
|
- name: IP_HEADER
|
||||||
|
value: CF-Connecting-IP
|
||||||
|
- name: LOGIN_RATELIMIT_MAX_BURST
|
||||||
|
value: "2"
|
||||||
|
- name: LOGIN_RATELIMIT_SECONDS
|
||||||
|
value: "30"
|
||||||
|
- name: SENDS_ALLOWED
|
||||||
|
value: "true"
|
||||||
|
- name: SIGNUPS_ALLOWED
|
||||||
|
value: "true"
|
||||||
|
- name: SIGNUPS_DOMAINS_WHITELIST
|
||||||
|
value: strudelline.net,werts.us,brechy.net,andariese.net
|
||||||
|
- name: SIGNUPS_VERIFY
|
||||||
|
value: "true"
|
||||||
|
- name: SIGNUPS_VERIFY_RESEND_LIMIT
|
||||||
|
value: "5"
|
||||||
|
- name: SIGNUPS_VERIFY_RESEND_TIME
|
||||||
|
value: "3600"
|
||||||
|
- name: SMTP_AUTH_MECHANISM
|
||||||
|
value: '"Login"'
|
||||||
|
- name: SMTP_FROM
|
||||||
|
value: vaultwarden@strudelline.net
|
||||||
|
- name: SMTP_FROM_NAME
|
||||||
|
value: vaultwarden
|
||||||
|
- name: SMTP_HOST
|
||||||
|
value: smtp.mailgun.org
|
||||||
|
- name: SMTP_PASSWORD
|
||||||
|
value: 5d83cb4fad5c81fe3a9bb952a3fba23a-81bd92f8-d226d236
|
||||||
|
- name: SMTP_PORT
|
||||||
|
value: "465"
|
||||||
|
- name: SMTP_SECURITY
|
||||||
|
value: force_tls
|
||||||
|
- name: SMTP_USERNAME
|
||||||
|
value: vaultwarden@strudelline.net
|
||||||
|
- name: WEB_VAULT_ENABLED
|
||||||
|
value: "true"
|
||||||
|
image: vaultwarden/server:latest
|
||||||
|
name: vaultwarden
|
||||||
|
resources: {}
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /data
|
||||||
|
name: vaultwarden-data
|
||||||
|
restartPolicy: Always
|
||||||
|
volumes:
|
||||||
|
- name: vaultwarden-data
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: vaultwarden-data
|
Loading…
Reference in New Issue
Block a user