|
|
@@ -0,0 +1,80 @@
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Namespace
|
|
|
+metadata:
|
|
|
+ name: vaultwarden
|
|
|
+---
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ name: vaultwarden
|
|
|
+ namespace: vaultwarden
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app: vaultwarden
|
|
|
+ replicas: 1
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ labels:
|
|
|
+ app: vaultwarden
|
|
|
+ spec:
|
|
|
+ containers:
|
|
|
+ - name: vaultwarden
|
|
|
+ image: vaultwarden/server:1.26.0
|
|
|
+ ports:
|
|
|
+ - containerPort: 80
|
|
|
+ name: http-web-svc
|
|
|
+ envFrom:
|
|
|
+ - secretRef:
|
|
|
+ name: vaultwarden-secret
|
|
|
+ env:
|
|
|
+ - name: WEBSOCKET_ENABLED
|
|
|
+ value: "true"
|
|
|
+ - name: SIGNUPS_ALLOWED
|
|
|
+ value: "false"
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: "/data"
|
|
|
+ name: data
|
|
|
+ livenessProbe:
|
|
|
+ httpGet:
|
|
|
+ path: /
|
|
|
+ port: 80
|
|
|
+ failureThreshold: 10
|
|
|
+ initialDelaySeconds: 30
|
|
|
+ periodSeconds: 10
|
|
|
+ volumes:
|
|
|
+ - name: data
|
|
|
+ persistentVolumeClaim:
|
|
|
+ claimName: vaultwarden-pvc
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ name: vaultwarden-service
|
|
|
+ namespace: vaultwarden
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ app: vaultwarden
|
|
|
+ type: ClusterIP
|
|
|
+ ports:
|
|
|
+ - name: vaultwarden-web-port
|
|
|
+ protocol: TCP
|
|
|
+ port: 80
|
|
|
+ targetPort: http-web-svc
|
|
|
+---
|
|
|
+apiVersion: traefik.containo.us/v1alpha1
|
|
|
+kind: IngressRoute
|
|
|
+metadata:
|
|
|
+ name: vaultwarden
|
|
|
+ namespace: vaultwarden
|
|
|
+spec:
|
|
|
+ entryPoints:
|
|
|
+ - websecure
|
|
|
+ routes:
|
|
|
+ - kind: Rule
|
|
|
+ match: Host(`vaultwarden.jibby.org`)
|
|
|
+ services:
|
|
|
+ - kind: Service
|
|
|
+ name: vaultwarden-service
|
|
|
+ port: 80
|
