chore(bootstrap): Added vaultwarden to argocd
This commit is contained in:
Daniël Groothuis
8
manifests/artemis/vaultwarden/kustomization.yaml
Normal file
8
manifests/artemis/vaultwarden/kustomization.yaml
Normal file
@@ -0,0 +1,8 @@
|
||||
---
|
||||
helmCharts:
|
||||
- name: vaultwarden
|
||||
repo: https://guerzon.github.io/vaultwarden/
|
||||
version: 0.31.8
|
||||
releaseName: vaultwarden
|
||||
namespace: vaultwarden
|
||||
valuesFile: values.yaml
|
||||
190
manifests/artemis/vaultwarden/values.yaml
Normal file
190
manifests/artemis/vaultwarden/values.yaml
Normal file
@@ -0,0 +1,190 @@
|
||||
adminRateLimitMaxBurst: "3"
|
||||
adminRateLimitSeconds: "300"
|
||||
adminToken:
|
||||
existingSecret: ""
|
||||
existingSecretKey: ""
|
||||
value: $argon2id$v=19$m=19456,t=2,p=1$Vkx1VkE4RmhDMUhwNm9YVlhPQkVOZk1Yc1duSDdGRVYzd0Y5ZkgwaVg0Yz0$PK+h1ANCbzzmEKaiQfCjWw+hWFaMKvLhG2PjRanH5Kk
|
||||
affinity: {}
|
||||
commonAnnotations: {}
|
||||
commonLabels: {}
|
||||
configMapAnnotations: {}
|
||||
database:
|
||||
connectionRetries: 15
|
||||
dbName: ""
|
||||
existingSecret: ""
|
||||
existingSecretKey: ""
|
||||
host: ""
|
||||
maxConnections: 10
|
||||
password: ""
|
||||
port: ""
|
||||
type: default
|
||||
uriOverride: ""
|
||||
username: ""
|
||||
dnsConfig: {}
|
||||
domain: https://vault.dgse.cloud
|
||||
duo:
|
||||
existingSecret: ""
|
||||
hostname: ""
|
||||
iKey: ""
|
||||
sKey:
|
||||
existingSecretKey: ""
|
||||
value: ""
|
||||
emailChangeAllowed: "true"
|
||||
emergencyAccessAllowed: "true"
|
||||
emergencyNotifReminderSched: 0 3 * * * *
|
||||
emergencyRqstTimeoutSched: 0 7 * * * *
|
||||
enableServiceLinks: true
|
||||
eventCleanupSched: 0 10 0 * * *
|
||||
eventsDayRetain: ""
|
||||
experimentalClientFeatureFlags: null
|
||||
extendedLogging: "true"
|
||||
fullnameOverride: ""
|
||||
hibpApiKey: ""
|
||||
iconBlacklistNonGlobalIps: "true"
|
||||
iconRedirectCode: "302"
|
||||
iconService: internal
|
||||
image:
|
||||
extraSecrets: []
|
||||
extraVars: []
|
||||
pullPolicy: IfNotPresent
|
||||
pullSecrets: []
|
||||
registry: docker.io
|
||||
repository: vaultwarden/server
|
||||
tag: 1.33.2-alpine
|
||||
ingress:
|
||||
additionalAnnotations: {}
|
||||
additionalHostnames: []
|
||||
class: traefik
|
||||
customHeadersConfigMap: {}
|
||||
enabled: true
|
||||
hostname: vault.dgse.cloud
|
||||
labels: {}
|
||||
nginxAllowList: ""
|
||||
nginxIngressAnnotations: false
|
||||
path: /
|
||||
pathType: Prefix
|
||||
tls: true
|
||||
tlsSecret: vaultwarden-cert-secret
|
||||
initContainers: []
|
||||
invitationExpirationHours: "120"
|
||||
invitationOrgName: Vaultwarden
|
||||
invitationsAllowed: true
|
||||
ipHeader: X-Real-IP
|
||||
livenessProbe:
|
||||
enabled: true
|
||||
failureThreshold: 10
|
||||
initialDelaySeconds: 5
|
||||
path: /alive
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
logTimestampFormat: '%Y-%m-%d %H:%M:%S.%3f'
|
||||
logging:
|
||||
logFile: ""
|
||||
logLevel: ""
|
||||
nodeSelector:
|
||||
node-role.kubernetes.io/worker: worker
|
||||
orgAttachmentLimit: ""
|
||||
orgCreationUsers: ""
|
||||
orgEventsEnabled: "false"
|
||||
orgGroupsEnabled: "false"
|
||||
podAnnotations: {}
|
||||
podDisruptionBudget:
|
||||
enabled: false
|
||||
maxUnavailable: null
|
||||
minAvailable: 1
|
||||
podLabels: {}
|
||||
podSecurityContext: {}
|
||||
pushNotifications:
|
||||
enabled: false
|
||||
existingSecret: ""
|
||||
identityUri: https://identity.bitwarden.com
|
||||
installationId:
|
||||
existingSecretKey: ""
|
||||
value: ""
|
||||
installationKey:
|
||||
existingSecretKey: ""
|
||||
value: ""
|
||||
relayUri: https://push.bitwarden.com
|
||||
readinessProbe:
|
||||
enabled: true
|
||||
failureThreshold: 3
|
||||
initialDelaySeconds: 5
|
||||
path: /alive
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
replicas: 1
|
||||
requireDeviceEmail: "true"
|
||||
resourceType: ""
|
||||
resources: {}
|
||||
rocket:
|
||||
address: 0.0.0.0
|
||||
port: "8080"
|
||||
workers: "10"
|
||||
securityContext: {}
|
||||
sendsAllowed: "true"
|
||||
service:
|
||||
annotations: {}
|
||||
ipFamilyPolicy: SingleStack
|
||||
labels: {}
|
||||
sessionAffinity: ""
|
||||
sessionAffinityConfig: {}
|
||||
type: ClusterIP
|
||||
serviceAccount:
|
||||
create: true
|
||||
name: vaultwarden-svc
|
||||
showPassHint: "false"
|
||||
sidecars: []
|
||||
signupDomains: ""
|
||||
signupsAllowed: false
|
||||
signupsVerify: "true"
|
||||
smtp:
|
||||
acceptInvalidCerts: "false"
|
||||
acceptInvalidHostnames: "false"
|
||||
authMechanism: Plain
|
||||
debug: false
|
||||
existingSecret: smtp-creds
|
||||
from: vault@dgse.cloud
|
||||
fromName: '[DGSE] Vault'
|
||||
host: mail.dgse.cloud
|
||||
password:
|
||||
existingSecretKey: password
|
||||
value: ""
|
||||
port: 465
|
||||
security: force_tls
|
||||
username:
|
||||
existingSecretKey: username
|
||||
value: ""
|
||||
startupProbe:
|
||||
enabled: false
|
||||
failureThreshold: 10
|
||||
initialDelaySeconds: 5
|
||||
path: /alive
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
storage:
|
||||
attachments: {}
|
||||
data:
|
||||
accessMode: ReadWriteOnce
|
||||
class: ""
|
||||
keepPvc: false
|
||||
name: vaultwarden-data
|
||||
path: /data
|
||||
size: 15Gi
|
||||
existingVolumeClaim: {}
|
||||
strategy: {}
|
||||
timeZone: ""
|
||||
tolerations: []
|
||||
trashAutoDeleteDays: ""
|
||||
userAttachmentLimit: ""
|
||||
userSendLimit: ""
|
||||
webVaultEnabled: "true"
|
||||
yubico:
|
||||
clientId: ""
|
||||
existingSecret: ""
|
||||
secretKey:
|
||||
existingSecretKey: ""
|
||||
value: ""
|
||||
server: ""
|
||||
Reference in New Issue
Block a user