diff --git a/stable/authelia/5.0.3/charts/postgresql-4.0.1.tgz b/stable/authelia/5.0.3/charts/postgresql-4.0.1.tgz
deleted file mode 100644
index 42ef215d176..00000000000
Binary files a/stable/authelia/5.0.3/charts/postgresql-4.0.1.tgz and /dev/null differ
diff --git a/stable/authelia/5.0.3/charts/redis-15.4.2.tgz b/stable/authelia/5.0.3/charts/redis-15.4.2.tgz
deleted file mode 100644
index 72bbf3bb751..00000000000
Binary files a/stable/authelia/5.0.3/charts/redis-15.4.2.tgz and /dev/null differ
diff --git a/stable/authelia/5.0.3/CHANGELOG.md b/stable/authelia/5.1.0/CHANGELOG.md
similarity index 73%
rename from stable/authelia/5.0.3/CHANGELOG.md
rename to stable/authelia/5.1.0/CHANGELOG.md
index 9f0d1536cdf..0aa10be5812 100644
--- a/stable/authelia/5.0.3/CHANGELOG.md
+++ b/stable/authelia/5.1.0/CHANGELOG.md
@@ -1,6 +1,33 @@
# Changelog
+
+### [authelia-5.1.0](https://github.com/truecharts/apps/compare/authelia-6.0.1...authelia-5.1.0) (2021-10-26)
+
+#### Fix
+
+* fix patch for important postgresql consumping apps
+
+
+
+
+### [authelia-6.0.1](https://github.com/truecharts/apps/compare/authelia-6.0.0...authelia-6.0.1) (2021-10-26)
+
+#### Chore
+
+* update non-major deps helm releases
+
+
+
+
+### [authelia-6.0.0](https://github.com/truecharts/apps/compare/authelia-5.0.3...authelia-6.0.0) (2021-10-25)
+
+#### Chore
+
+* Adapt for TrueNAS SCALE RC1
+
+
+
### [authelia-5.0.3](https://github.com/truecharts/apps/compare/authelia-5.0.2...authelia-5.0.3) (2021-10-20)
@@ -70,30 +97,3 @@
#### Fix
* fix previous SCALE bugfix not correctly being applied
-
-
-
-
-### [authelia-4.0.21](https://github.com/truecharts/apps/compare/authelia-4.0.20...authelia-4.0.21) (2021-10-19)
-
-#### Fix
-
-* Solve issues regarding ix_values.yaml not containing the image and tag definitions. ([#1176](https://github.com/truecharts/apps/issues/1176))
-
-
-
-
-### [authelia-4.0.20](https://github.com/truecharts/apps/compare/authelia-4.0.19...authelia-4.0.20) (2021-10-18)
-
-#### Refactor
-
-* Project Eclipse - part 1 - remove ix_values.yaml ([#1168](https://github.com/truecharts/apps/issues/1168))
-
-
-
-
-### [authelia-4.0.19](https://github.com/truecharts/apps/compare/authelia-4.0.18...authelia-4.0.19) (2021-10-17)
-
-#### Chore
-
-* update helm chart common to v8.3.10 ([#1160](https://github.com/truecharts/apps/issues/1160))
diff --git a/stable/authelia/5.0.3/CONFIG.md b/stable/authelia/5.1.0/CONFIG.md
similarity index 100%
rename from stable/authelia/5.0.3/CONFIG.md
rename to stable/authelia/5.1.0/CONFIG.md
diff --git a/stable/nextcloud/7.0.3/Chart.lock b/stable/authelia/5.1.0/Chart.lock
similarity index 56%
rename from stable/nextcloud/7.0.3/Chart.lock
rename to stable/authelia/5.1.0/Chart.lock
index e2e9eaa2350..0aef3f9c453 100644
--- a/stable/nextcloud/7.0.3/Chart.lock
+++ b/stable/authelia/5.1.0/Chart.lock
@@ -4,9 +4,9 @@ dependencies:
version: 8.3.14
- name: postgresql
repository: https://truecharts.org/
- version: 4.0.1
+ version: 4.1.0
- name: redis
repository: https://charts.bitnami.com/bitnami
- version: 15.4.2
-digest: sha256:440d54f702d80797b75fadce9f40f86921f8725ddf48298016c1d539d7eee295
-generated: "2021-10-20T22:45:21.748423282Z"
+ version: 15.5.1
+digest: sha256:46f1de93d3f444db9c89f79f5adeb3dd89ad44959ee80eb5b99c63812c3319b4
+generated: "2021-10-26T09:16:26.033548355Z"
diff --git a/stable/authelia/5.0.3/Chart.yaml b/stable/authelia/5.1.0/Chart.yaml
similarity index 95%
rename from stable/authelia/5.0.3/Chart.yaml
rename to stable/authelia/5.1.0/Chart.yaml
index 41d01ef7285..c5935ec769f 100644
--- a/stable/authelia/5.0.3/Chart.yaml
+++ b/stable/authelia/5.1.0/Chart.yaml
@@ -7,11 +7,11 @@ dependencies:
- condition: postgresql.enabled
name: postgresql
repository: https://truecharts.org/
- version: 4.0.1
+ version: 4.1.0
- condition: redis.enabled
name: redis
repository: https://charts.bitnami.com/bitnami
- version: 15.4.2
+ version: 15.5.1
deprecated: false
description: Authelia is a Single Sign-On Multi-Factor portal for web apps
home: https://github.com/truecharts/apps/tree/master/charts/stable/authelia
@@ -38,10 +38,9 @@ sources:
- https://github.com/authelia/chartrepo
- https://github.com/authelia/authelia
type: application
-version: 5.0.3
+version: 5.1.0
annotations:
truecharts.org/catagories: |
- security
-
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U
diff --git a/stable/authelia/5.0.3/README.md b/stable/authelia/5.1.0/README.md
similarity index 92%
rename from stable/authelia/5.0.3/README.md
rename to stable/authelia/5.1.0/README.md
index 347eedc48e7..626f0dc09bb 100644
--- a/stable/authelia/5.0.3/README.md
+++ b/stable/authelia/5.1.0/README.md
@@ -18,8 +18,8 @@ Kubernetes: `>=1.16.0-0`
| Repository | Name | Version |
|------------|------|---------|
-| https://charts.bitnami.com/bitnami | redis | 15.4.2 |
-| https://truecharts.org/ | postgresql | 4.0.1 |
+| https://charts.bitnami.com/bitnami | redis | 15.5.1 |
+| https://truecharts.org/ | postgresql | 4.1.0 |
| https://truecharts.org | common | 8.3.14 |
## Installing the Chart
diff --git a/stable/authelia/5.0.3/app-readme.md b/stable/authelia/5.1.0/app-readme.md
similarity index 100%
rename from stable/authelia/5.0.3/app-readme.md
rename to stable/authelia/5.1.0/app-readme.md
diff --git a/stable/authelia/5.0.3/charts/common-8.3.14.tgz b/stable/authelia/5.1.0/charts/common-8.3.14.tgz
similarity index 100%
rename from stable/authelia/5.0.3/charts/common-8.3.14.tgz
rename to stable/authelia/5.1.0/charts/common-8.3.14.tgz
diff --git a/stable/authelia/5.1.0/charts/postgresql-4.1.0.tgz b/stable/authelia/5.1.0/charts/postgresql-4.1.0.tgz
new file mode 100644
index 00000000000..727d92ee467
Binary files /dev/null and b/stable/authelia/5.1.0/charts/postgresql-4.1.0.tgz differ
diff --git a/stable/authelia/5.1.0/charts/redis-15.5.1.tgz b/stable/authelia/5.1.0/charts/redis-15.5.1.tgz
new file mode 100644
index 00000000000..781323fd81f
Binary files /dev/null and b/stable/authelia/5.1.0/charts/redis-15.5.1.tgz differ
diff --git a/stable/authelia/5.0.3/helm-values.md b/stable/authelia/5.1.0/helm-values.md
similarity index 100%
rename from stable/authelia/5.0.3/helm-values.md
rename to stable/authelia/5.1.0/helm-values.md
diff --git a/stable/authelia/5.0.3/ix_values.yaml b/stable/authelia/5.1.0/ix_values.yaml
similarity index 100%
rename from stable/authelia/5.0.3/ix_values.yaml
rename to stable/authelia/5.1.0/ix_values.yaml
diff --git a/stable/authelia/5.0.3/questions.yaml b/stable/authelia/5.1.0/questions.yaml
similarity index 100%
rename from stable/authelia/5.0.3/questions.yaml
rename to stable/authelia/5.1.0/questions.yaml
diff --git a/stable/authelia/5.0.3/templates/_configmap.tpl b/stable/authelia/5.1.0/templates/_configmap.tpl
similarity index 100%
rename from stable/authelia/5.0.3/templates/_configmap.tpl
rename to stable/authelia/5.1.0/templates/_configmap.tpl
diff --git a/stable/authelia/5.0.3/templates/_secrets.tpl b/stable/authelia/5.1.0/templates/_secrets.tpl
similarity index 100%
rename from stable/authelia/5.0.3/templates/_secrets.tpl
rename to stable/authelia/5.1.0/templates/_secrets.tpl
diff --git a/stable/authelia/5.0.3/templates/common.yaml b/stable/authelia/5.1.0/templates/common.yaml
similarity index 100%
rename from stable/authelia/5.0.3/templates/common.yaml
rename to stable/authelia/5.1.0/templates/common.yaml
diff --git a/stable/authelia/5.0.3/values.yaml b/stable/authelia/5.1.0/values.yaml
similarity index 100%
rename from stable/authelia/5.0.3/values.yaml
rename to stable/authelia/5.1.0/values.yaml
diff --git a/stable/nextcloud/7.0.3/charts/postgresql-4.0.1.tgz b/stable/nextcloud/7.0.3/charts/postgresql-4.0.1.tgz
deleted file mode 100644
index 42ef215d176..00000000000
Binary files a/stable/nextcloud/7.0.3/charts/postgresql-4.0.1.tgz and /dev/null differ
diff --git a/stable/nextcloud/7.0.3/charts/redis-15.4.2.tgz b/stable/nextcloud/7.0.3/charts/redis-15.4.2.tgz
deleted file mode 100644
index 72bbf3bb751..00000000000
Binary files a/stable/nextcloud/7.0.3/charts/redis-15.4.2.tgz and /dev/null differ
diff --git a/stable/nextcloud/7.0.3/CHANGELOG.md b/stable/nextcloud/7.1.0/CHANGELOG.md
similarity index 74%
rename from stable/nextcloud/7.0.3/CHANGELOG.md
rename to stable/nextcloud/7.1.0/CHANGELOG.md
index d20854058cc..b0da926862f 100644
--- a/stable/nextcloud/7.0.3/CHANGELOG.md
+++ b/stable/nextcloud/7.1.0/CHANGELOG.md
@@ -1,6 +1,34 @@
# Changelog
+
+### [nextcloud-7.1.0](https://github.com/truecharts/apps/compare/nextcloud-8.0.1...nextcloud-7.1.0) (2021-10-26)
+
+#### Fix
+
+* fix patch for important postgresql consumping apps
+
+
+
+
+### [nextcloud-8.0.1](https://github.com/truecharts/apps/compare/nextcloud-8.0.0...nextcloud-8.0.1) (2021-10-26)
+
+#### Chore
+
+* update non-major deps helm releases
+
+
+
+
+### [nextcloud-8.0.0](https://github.com/truecharts/apps/compare/nextcloud-7.0.3...nextcloud-8.0.0) (2021-10-25)
+
+#### Chore
+
+* Adapt for TrueNAS SCALE RC1
+* make admin password private ([#1219](https://github.com/truecharts/apps/issues/1219))
+
+
+
### [nextcloud-7.0.3](https://github.com/truecharts/apps/compare/nextcloud-7.0.0...nextcloud-7.0.3) (2021-10-20)
@@ -69,31 +97,3 @@
* update helm chart postgresql to v3.0.20 ([#1177](https://github.com/truecharts/apps/issues/1177))
-
-
-### [nextcloud-6.0.25](https://github.com/truecharts/apps/compare/nextcloud-6.0.24...nextcloud-6.0.25) (2021-10-19)
-
-#### Fix
-
-* fix previous SCALE bugfix not correctly being applied
-
-
-
-
-### [nextcloud-6.0.24](https://github.com/truecharts/apps/compare/nextcloud-6.0.23...nextcloud-6.0.24) (2021-10-19)
-
-#### Fix
-
-* Solve issues regarding ix_values.yaml not containing the image and tag definitions. ([#1176](https://github.com/truecharts/apps/issues/1176))
-
-
-
-
-### [nextcloud-6.0.23](https://github.com/truecharts/apps/compare/nextcloud-6.0.22...nextcloud-6.0.23) (2021-10-18)
-
-#### Refactor
-
-* Project Eclipse - part 1 - remove ix_values.yaml ([#1168](https://github.com/truecharts/apps/issues/1168))
-
-
-
diff --git a/stable/nextcloud/7.0.3/CONFIG.md b/stable/nextcloud/7.1.0/CONFIG.md
similarity index 100%
rename from stable/nextcloud/7.0.3/CONFIG.md
rename to stable/nextcloud/7.1.0/CONFIG.md
diff --git a/stable/authelia/5.0.3/Chart.lock b/stable/nextcloud/7.1.0/Chart.lock
similarity index 56%
rename from stable/authelia/5.0.3/Chart.lock
rename to stable/nextcloud/7.1.0/Chart.lock
index 17911380dcd..58b9f22309e 100644
--- a/stable/authelia/5.0.3/Chart.lock
+++ b/stable/nextcloud/7.1.0/Chart.lock
@@ -4,9 +4,9 @@ dependencies:
version: 8.3.14
- name: postgresql
repository: https://truecharts.org/
- version: 4.0.1
+ version: 4.1.0
- name: redis
repository: https://charts.bitnami.com/bitnami
- version: 15.4.2
-digest: sha256:440d54f702d80797b75fadce9f40f86921f8725ddf48298016c1d539d7eee295
-generated: "2021-10-20T22:07:26.080176894Z"
+ version: 15.5.1
+digest: sha256:46f1de93d3f444db9c89f79f5adeb3dd89ad44959ee80eb5b99c63812c3319b4
+generated: "2021-10-26T09:17:22.457946728Z"
diff --git a/stable/nextcloud/7.0.3/Chart.yaml b/stable/nextcloud/7.1.0/Chart.yaml
similarity index 95%
rename from stable/nextcloud/7.0.3/Chart.yaml
rename to stable/nextcloud/7.1.0/Chart.yaml
index 6e55373a1c3..b2f2776265a 100644
--- a/stable/nextcloud/7.0.3/Chart.yaml
+++ b/stable/nextcloud/7.1.0/Chart.yaml
@@ -7,11 +7,11 @@ dependencies:
- condition: postgresql.enabled
name: postgresql
repository: https://truecharts.org/
- version: 4.0.1
+ version: 4.1.0
- condition: redis.enabled
name: redis
repository: https://charts.bitnami.com/bitnami
- version: 15.4.2
+ version: 15.5.1
deprecated: false
description: A private cloud server that puts the control and security of your own
data back into your hands.
@@ -33,10 +33,9 @@ sources:
- https://github.com/nextcloud/docker
- https://github.com/nextcloud/helm
type: application
-version: 7.0.3
+version: 7.1.0
annotations:
truecharts.org/catagories: |
- cloud
-
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U
diff --git a/stable/nextcloud/7.0.3/README.md b/stable/nextcloud/7.1.0/README.md
similarity index 92%
rename from stable/nextcloud/7.0.3/README.md
rename to stable/nextcloud/7.1.0/README.md
index 69709f3400c..2eecc140e42 100644
--- a/stable/nextcloud/7.0.3/README.md
+++ b/stable/nextcloud/7.1.0/README.md
@@ -18,8 +18,8 @@ Kubernetes: `>=1.16.0-0`
| Repository | Name | Version |
|------------|------|---------|
-| https://charts.bitnami.com/bitnami | redis | 15.4.2 |
-| https://truecharts.org/ | postgresql | 4.0.1 |
+| https://charts.bitnami.com/bitnami | redis | 15.5.1 |
+| https://truecharts.org/ | postgresql | 4.1.0 |
| https://truecharts.org | common | 8.3.14 |
## Installing the Chart
diff --git a/stable/nextcloud/7.0.3/app-readme.md b/stable/nextcloud/7.1.0/app-readme.md
similarity index 100%
rename from stable/nextcloud/7.0.3/app-readme.md
rename to stable/nextcloud/7.1.0/app-readme.md
diff --git a/stable/nextcloud/7.0.3/charts/common-8.3.14.tgz b/stable/nextcloud/7.1.0/charts/common-8.3.14.tgz
similarity index 100%
rename from stable/nextcloud/7.0.3/charts/common-8.3.14.tgz
rename to stable/nextcloud/7.1.0/charts/common-8.3.14.tgz
diff --git a/stable/nextcloud/7.1.0/charts/postgresql-4.1.0.tgz b/stable/nextcloud/7.1.0/charts/postgresql-4.1.0.tgz
new file mode 100644
index 00000000000..727d92ee467
Binary files /dev/null and b/stable/nextcloud/7.1.0/charts/postgresql-4.1.0.tgz differ
diff --git a/stable/nextcloud/7.1.0/charts/redis-15.5.1.tgz b/stable/nextcloud/7.1.0/charts/redis-15.5.1.tgz
new file mode 100644
index 00000000000..781323fd81f
Binary files /dev/null and b/stable/nextcloud/7.1.0/charts/redis-15.5.1.tgz differ
diff --git a/stable/nextcloud/7.0.3/helm-values.md b/stable/nextcloud/7.1.0/helm-values.md
similarity index 100%
rename from stable/nextcloud/7.0.3/helm-values.md
rename to stable/nextcloud/7.1.0/helm-values.md
diff --git a/stable/nextcloud/7.0.3/ix_values.yaml b/stable/nextcloud/7.1.0/ix_values.yaml
similarity index 100%
rename from stable/nextcloud/7.0.3/ix_values.yaml
rename to stable/nextcloud/7.1.0/ix_values.yaml
diff --git a/stable/nextcloud/7.0.3/questions.yaml b/stable/nextcloud/7.1.0/questions.yaml
similarity index 99%
rename from stable/nextcloud/7.0.3/questions.yaml
rename to stable/nextcloud/7.1.0/questions.yaml
index d72a42f867f..004740cdfdf 100644
--- a/stable/nextcloud/7.0.3/questions.yaml
+++ b/stable/nextcloud/7.1.0/questions.yaml
@@ -198,6 +198,7 @@ questions:
description: "Sets nextcloud admin password"
schema:
type: string
+ private: true
required: true
default: ""
- variable: TRUSTED_PROXIES
diff --git a/stable/nextcloud/7.0.3/templates/_configmap.tpl b/stable/nextcloud/7.1.0/templates/_configmap.tpl
similarity index 100%
rename from stable/nextcloud/7.0.3/templates/_configmap.tpl
rename to stable/nextcloud/7.1.0/templates/_configmap.tpl
diff --git a/stable/nextcloud/7.0.3/templates/_cronjob.tpl b/stable/nextcloud/7.1.0/templates/_cronjob.tpl
similarity index 100%
rename from stable/nextcloud/7.0.3/templates/_cronjob.tpl
rename to stable/nextcloud/7.1.0/templates/_cronjob.tpl
diff --git a/stable/nextcloud/7.0.3/templates/_secrets.tpl b/stable/nextcloud/7.1.0/templates/_secrets.tpl
similarity index 100%
rename from stable/nextcloud/7.0.3/templates/_secrets.tpl
rename to stable/nextcloud/7.1.0/templates/_secrets.tpl
diff --git a/stable/nextcloud/7.0.3/templates/common.yaml b/stable/nextcloud/7.1.0/templates/common.yaml
similarity index 100%
rename from stable/nextcloud/7.0.3/templates/common.yaml
rename to stable/nextcloud/7.1.0/templates/common.yaml
diff --git a/stable/nextcloud/7.0.3/values.yaml b/stable/nextcloud/7.1.0/values.yaml
similarity index 100%
rename from stable/nextcloud/7.0.3/values.yaml
rename to stable/nextcloud/7.1.0/values.yaml
diff --git a/stable/vaultwarden/10.1.0/CHANGELOG.md b/stable/vaultwarden/10.1.0/CHANGELOG.md
new file mode 100644
index 00000000000..e8aef81c91f
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/CHANGELOG.md
@@ -0,0 +1,99 @@
+# Changelog
+
+
+
+### [vaultwarden-10.1.0](https://github.com/truecharts/apps/compare/vaultwarden-11.0.0...vaultwarden-10.1.0) (2021-10-26)
+
+#### Fix
+
+* fix patch for important postgresql consumping apps
+
+
+
+
+### [vaultwarden-11.0.0](https://github.com/truecharts/apps/compare/vaultwarden-10.0.3...vaultwarden-11.0.0) (2021-10-25)
+
+#### Chore
+
+* Adapt for TrueNAS SCALE RC1
+
+
+
+
+### [vaultwarden-10.0.3](https://github.com/truecharts/apps/compare/vaultwarden-10.0.0...vaultwarden-10.0.3) (2021-10-20)
+
+#### Chore
+
+* bump apps, remove duplicates and move incubator to stable for RC1
+* update non-major deps helm releases ([#1213](https://github.com/truecharts/apps/issues/1213))
+
+#### Fix
+
+* reenable postgresql migration scripting and bump all to force update
+
+
+
+
+### [vaultwarden-10.0.0](https://github.com/truecharts/apps/compare/vaultwarden-9.0.23...vaultwarden-10.0.0) (2021-10-20)
+
+#### Chore
+
+* update helm chart postgresql to v4 ([#1214](https://github.com/truecharts/apps/issues/1214))
+
+#### Fix
+
+* use correct PVC storageClass when using postgresql as a dependency on SCALE ([#1212](https://github.com/truecharts/apps/issues/1212))
+
+
+
+
+### [vaultwarden-9.0.23](https://github.com/truecharts/apps/compare/vaultwarden-9.0.22...vaultwarden-9.0.23) (2021-10-20)
+
+#### Chore
+
+* bump versions to rerelease and fix icons
+
+
+
+
+### [vaultwarden-9.0.22](https://github.com/truecharts/apps/compare/vaultwarden-9.0.21...vaultwarden-9.0.22) (2021-10-19)
+
+#### Change
+
+* Project-Eclipse 3, Automatically generate item.yaml ([#1178](https://github.com/truecharts/apps/issues/1178))
+
+#### Chore
+
+* Project-Eclipse 5, move app-readme to automatic generation script ([#1181](https://github.com/truecharts/apps/issues/1181))
+* update helm chart common to v8.3.13 ([#1184](https://github.com/truecharts/apps/issues/1184))
+
+#### Feat
+
+* Project-Eclipse 4, Add App grading annotations to Chart.yaml ([#1180](https://github.com/truecharts/apps/issues/1180))
+
+#### Refactor
+
+* Project Eclipse Part 6, move questions.yaml to root App folder ([#1182](https://github.com/truecharts/apps/issues/1182))
+
+
+
+
+### [vaultwarden-9.0.21](https://github.com/truecharts/apps/compare/vaultwarden-9.0.20...vaultwarden-9.0.21) (2021-10-19)
+
+#### Chore
+
+* Project-Eclipse part 2, adapting and cleaning changelog ([#1173](https://github.com/truecharts/apps/issues/1173))
+* update helm chart postgresql to v3.0.20 ([#1177](https://github.com/truecharts/apps/issues/1177))
+
+
+
+
+### [vaultwarden-9.0.20](https://github.com/truecharts/apps/compare/vaultwarden-9.0.19...vaultwarden-9.0.20) (2021-10-19)
+
+#### Fix
+
+* fix previous SCALE bugfix not correctly being applied
+
+
+
+
diff --git a/stable/vaultwarden/10.1.0/CONFIG.md b/stable/vaultwarden/10.1.0/CONFIG.md
new file mode 100644
index 00000000000..fc9b2fa2d5f
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/CONFIG.md
@@ -0,0 +1,8 @@
+# Configuration Options
+
+##### Connecting to other apps
+If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our "Linking Apps Internally" quick-start guide:
+https://truecharts.org/manual/Quick-Start%20Guides/14-linking-apps/
+
+##### Available config options
+In the future this page is going to contain an automated list of options available in the installation/edit UI.
diff --git a/stable/vaultwarden/10.1.0/Chart.lock b/stable/vaultwarden/10.1.0/Chart.lock
new file mode 100644
index 00000000000..633a3df83a6
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/Chart.lock
@@ -0,0 +1,9 @@
+dependencies:
+- name: common
+ repository: https://truecharts.org
+ version: 8.3.14
+- name: postgresql
+ repository: https://truecharts.org/
+ version: 4.1.0
+digest: sha256:f05375d8052735440c0e822942901906870505b999c645f3d8cb5ef4e0ec8d2f
+generated: "2021-10-26T09:18:15.832749962Z"
diff --git a/stable/vaultwarden/10.1.0/Chart.yaml b/stable/vaultwarden/10.1.0/Chart.yaml
new file mode 100644
index 00000000000..d756478b908
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/Chart.yaml
@@ -0,0 +1,36 @@
+apiVersion: v2
+appVersion: "1.22.2"
+dependencies:
+- name: common
+ repository: https://truecharts.org
+ version: 8.3.14
+- condition: postgresql.enabled
+ name: postgresql
+ repository: https://truecharts.org/
+ version: 4.1.0
+deprecated: false
+description: Unofficial Bitwarden compatible server written in Rust
+home: https://github.com/truecharts/apps/tree/master/charts/stable/vaultwarden
+icon: https://raw.githubusercontent.com/bitwarden/brand/master/icons/256x256.png
+keywords:
+- bitwarden
+- bitwardenrs
+- bitwarden_rs
+- vaultwarden
+- password
+- rust
+kubeVersion: '>=1.16.0-0'
+maintainers:
+- email: info@truecharts.org
+ name: TrueCharts
+ url: truecharts.org
+name: vaultwarden
+sources:
+- https://github.com/dani-garcia/vaultwarden
+type: application
+version: 10.1.0
+annotations:
+ truecharts.org/catagories: |
+ - security
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/grade: U
diff --git a/stable/vaultwarden/10.1.0/README.md b/stable/vaultwarden/10.1.0/README.md
new file mode 100644
index 00000000000..eec29b6b1f1
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/README.md
@@ -0,0 +1,38 @@
+# Introduction
+
+Unofficial Bitwarden compatible server written in Rust
+
+TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation.
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)**
+
+## Source Code
+
+*
+
+## Requirements
+
+Kubernetes: `>=1.16.0-0`
+
+## Dependencies
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://truecharts.org/ | postgresql | 4.1.0 |
+| https://truecharts.org | common | 8.3.14 |
+
+## Installing the Chart
+
+To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/03-Installing-an-App/).
+
+## Uninstalling the Chart
+
+To remove this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/07-Deleting-an-App/).
+
+## Support
+
+- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Open-Apps/) first.
+- See the [Wiki](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
+---
+All Rights Reserved - The TrueCharts Project
diff --git a/stable/vaultwarden/10.1.0/app-readme.md b/stable/vaultwarden/10.1.0/app-readme.md
new file mode 100644
index 00000000000..adff46b5f72
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/app-readme.md
@@ -0,0 +1,3 @@
+Unofficial Bitwarden compatible server written in Rust
+
+This App is supplied by TrueCharts, for more information please visit https://truecharts.org
diff --git a/stable/vaultwarden/10.1.0/charts/common-8.3.14.tgz b/stable/vaultwarden/10.1.0/charts/common-8.3.14.tgz
new file mode 100644
index 00000000000..433c2b8196b
Binary files /dev/null and b/stable/vaultwarden/10.1.0/charts/common-8.3.14.tgz differ
diff --git a/stable/vaultwarden/10.1.0/charts/postgresql-4.1.0.tgz b/stable/vaultwarden/10.1.0/charts/postgresql-4.1.0.tgz
new file mode 100644
index 00000000000..727d92ee467
Binary files /dev/null and b/stable/vaultwarden/10.1.0/charts/postgresql-4.1.0.tgz differ
diff --git a/stable/vaultwarden/10.1.0/helm-values.md b/stable/vaultwarden/10.1.0/helm-values.md
new file mode 100644
index 00000000000..d1d475e66b9
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/helm-values.md
@@ -0,0 +1,68 @@
+# Default Helm-Values
+
+TrueCharts is primarily build to supply TrueNAS SCALE Apps.
+However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our values.yaml file.
+
+Most of our Apps also consume our "common" Helm Chart.
+If this is the case, this means that all values.yaml values are set to the common chart values.yaml by default. This values.yaml file will only contain values that deviate from the common chart.
+You will, however, be able to use all values referenced in the common chart here, besides the values listed in this document.
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| database.type | string | `"postgresql"` | |
+| database.wal | bool | `true` | |
+| env | object | `{}` | |
+| envFrom[0].configMapRef.name | string | `"vaultwardenconfig"` | |
+| envFrom[1].secretRef.name | string | `"vaultwardensecret"` | |
+| envTpl.DOMAIN | string | `"https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"` | |
+| envValueFrom.DATABASE_URL.secretKeyRef.key | string | `"url"` | |
+| envValueFrom.DATABASE_URL.secretKeyRef.name | string | `"dbcreds"` | |
+| image.pullPolicy | string | `"IfNotPresent"` | |
+| image.repository | string | `"ghcr.io/truecharts/vaultwarden"` | |
+| image.tag | string | `"v1.22.2@sha256:8693c057298731f507128a395395172d60093be9b299f6bf9e5c35512a74d457"` | |
+| ingress | object | See below | Configure the ingresses for the chart here. Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress. |
+| ingress.main.enabled | bool | `true` | Enables or disables the ingress |
+| ingress.main.fixedMiddlewares | list | `["chain-basic"]` | List of middlewares in the traefikmiddlewares k8s namespace to add automatically Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names Primarily used for TrueNAS SCALE to add additional (seperate) middlewares without exposing them to the end-user |
+| ingress.main.hosts[0].host | string | `"chart-example.local"` | Host address. Helm template can be passed. |
+| ingress.main.hosts[0].paths[0].path | string | `"/"` | Path. Helm template can be passed. |
+| ingress.main.hosts[0].paths[0].pathType | string | `"Prefix"` | Ignored if not kubeVersion >= 1.14-0 |
+| ingress.main.hosts[0].paths[0].service.name | string | `nil` | Overrides the service name reference for this path |
+| ingress.main.hosts[0].paths[0].service.port | string | `nil` | Overrides the service port reference for this path |
+| ingress.main.ingressClassName | string | `nil` | Set the ingressClass that is used for this ingress. Requires Kubernetes >=1.19 |
+| ingress.main.middlewares | list | `[]` | Additional List of middlewares in the traefikmiddlewares k8s namespace to add automatically Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names |
+| ingress.main.nameOverride | string | `nil` | Override the name suffix that is used for this ingress. |
+| ingress.main.primary | bool | `true` | Make this the primary ingress (used in probes, notes, etc...). If there is more than 1 ingress, make sure that only 1 ingress is marked as primary. |
+| ingress.main.tls | list | `[]` | Configure TLS for the ingress. Both secretName and hosts can process a Helm template. |
+| persistence.data.accessMode | string | `"ReadWriteOnce"` | |
+| persistence.data.enabled | bool | `true` | |
+| persistence.data.mountPath | string | `"/data"` | |
+| persistence.data.size | string | `"100Gi"` | |
+| persistence.data.type | string | `"pvc"` | |
+| postgresql.enabled | bool | `true` | |
+| postgresql.existingSecret | string | `"dbcreds"` | |
+| postgresql.postgresqlDatabase | string | `"vaultwarden"` | |
+| postgresql.postgresqlUsername | string | `"vaultwarden"` | |
+| service.main.ports.main.port | int | `8080` | |
+| service.ws.ports.ws.enabled | bool | `true` | |
+| service.ws.ports.ws.port | int | `3012` | |
+| vaultwarden.admin.disableAdminToken | bool | `false` | |
+| vaultwarden.admin.enabled | bool | `false` | |
+| vaultwarden.allowInvitation | bool | `true` | |
+| vaultwarden.allowSignups | bool | `true` | |
+| vaultwarden.enableWebVault | bool | `true` | |
+| vaultwarden.enableWebsockets | bool | `true` | |
+| vaultwarden.icons.disableDownload | bool | `false` | |
+| vaultwarden.log.file | string | `""` | |
+| vaultwarden.log.level | string | `"trace"` | |
+| vaultwarden.orgCreationUsers | string | `"all"` | |
+| vaultwarden.requireEmail | bool | `false` | |
+| vaultwarden.showPasswordHint | bool | `true` | |
+| vaultwarden.smtp.enabled | bool | `false` | |
+| vaultwarden.smtp.from | string | `""` | |
+| vaultwarden.smtp.host | string | `""` | |
+| vaultwarden.verifySignup | bool | `false` | |
+| vaultwarden.yubico.enabled | bool | `false` | |
+
+All Rights Reserved - The TrueCharts Project
diff --git a/stable/vaultwarden/10.1.0/ix_values.yaml b/stable/vaultwarden/10.1.0/ix_values.yaml
new file mode 100644
index 00000000000..d54ee9102ef
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/ix_values.yaml
@@ -0,0 +1,226 @@
+# Default values for Bitwarden.
+
+image:
+ repository: ghcr.io/truecharts/vaultwarden
+ pullPolicy: IfNotPresent
+ tag: v1.22.2@sha256:8693c057298731f507128a395395172d60093be9b299f6bf9e5c35512a74d457
+
+service:
+ main:
+ ports:
+ main:
+ port: 8080
+ ws:
+ ports:
+ ws:
+ enabled: true
+ port: 3012
+
+env: {}
+
+# -- Configure the ingresses for the chart here.
+# Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress.
+# @default -- See below
+ingress:
+ main:
+ # -- Enables or disables the ingress
+ enabled: true
+
+ # -- Make this the primary ingress (used in probes, notes, etc...).
+ # If there is more than 1 ingress, make sure that only 1 ingress is marked as primary.
+ primary: true
+
+ # -- Override the name suffix that is used for this ingress.
+ nameOverride:
+
+ # -- List of middlewares in the traefikmiddlewares k8s namespace to add automatically
+ # Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names
+ # Primarily used for TrueNAS SCALE to add additional (seperate) middlewares without exposing them to the end-user
+ fixedMiddlewares:
+ - chain-basic
+
+ # -- Additional List of middlewares in the traefikmiddlewares k8s namespace to add automatically
+ # Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names
+ middlewares: []
+ annotationsList: []
+ # - name: somename
+ # value: somevalue
+ # -- Provide additional annotations which may be required.
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+
+ labelsList: []
+ # - name: somename
+ # value: somevalue
+ # -- Set labels on the deployment/statefulset/daemonset
+ # -- Provide additional labels which may be required.
+ # -- Provide additional labels which may be required.
+ labels: {}
+
+ # -- Set the ingressClass that is used for this ingress.
+ # Requires Kubernetes >=1.19
+ ingressClassName: # "nginx"
+
+ ## Configure the hosts for the ingress
+ hosts:
+ - # -- Host address. Helm template can be passed.
+ host: chart-example.local
+ ## Configure the paths for the host
+ paths:
+ - # -- Path. Helm template can be passed.
+ path: /
+ # -- Ignored if not kubeVersion >= 1.14-0
+ pathType: Prefix
+ service:
+ # -- Overrides the service name reference for this path
+ name:
+ # -- Overrides the service port reference for this path
+ port:
+
+ # -- Configure TLS for the ingress. Both secretName and hosts can process a Helm template.
+ tls: []
+ # - secretName: chart-example-tls
+ # -- Create a secret from a GUI selected TrueNAS SCALE certificate
+ # scaleCert: true
+ # hosts:
+ # - chart-example.local
+
+envTpl:
+ DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
+
+envFrom:
+ - configMapRef:
+ name: vaultwardenconfig
+ - secretRef:
+ name: vaultwardensecret
+
+envValueFrom:
+ DATABASE_URL:
+ secretKeyRef:
+ name: dbcreds
+ key: url
+
+database:
+ # Database type, must be one of: 'sqlite', 'mysql' or 'postgresql'.
+ type: postgresql
+ # Enable DB Write-Ahead-Log for SQLite, disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
+ wal: true
+ ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
+ # url: ""
+ ## Set the size of the database connection pool.
+ # maxConnections: 10
+ ## Connection retries during startup, 0 for infinite. 1 second between retries.
+ # retries: 15
+
+# Set Bitwarden_rs application variables
+vaultwarden:
+ # Allow any user to sign-up: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
+ allowSignups: true
+ ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
+ # signupDomains:
+ # - domain.tld
+ # Verify e-mail before login is enabled. SMTP must be enabled.
+ verifySignup: false
+ # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
+ requireEmail: false
+ ## Maximum attempts before an email token is reset and a new email will need to be sent.
+ # emailAttempts: 3
+ ## Email token validity in seconds.
+ # emailTokenExpiration: 600
+ # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
+ allowInvitation: true
+ # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
+ ## Default organization name in invitation e-mails that are not coming from a specific organization.
+ # defaultInviteName: ""
+ showPasswordHint: true
+ # Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
+ # Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
+ enableWebsockets: true
+ # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
+ enableWebVault: true
+ # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
+ orgCreationUsers: all
+ ## Limit attachment disk usage per organization.
+ # attachmentLimitOrg:
+ ## Limit attachment disk usage per user.
+ # attachmentLimitUser:
+ ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
+ # hibpApiKey:
+
+ admin:
+ # Enable admin portal.
+ enabled: false
+ # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
+ disableAdminToken: false
+ ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
+ # token:
+
+ # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
+ smtp:
+ enabled: false
+ # SMTP hostname, required if SMTP is enabled.
+ host: ""
+ # SMTP sender e-mail address, required if SMTP is enabled.
+ from: ""
+ ## SMTP sender name, defaults to 'Bitwarden_RS'.
+ # fromName: ""
+ ## Enable SSL connection.
+ # ssl: true
+ ## SMTP port. Defaults to 25 without SSL, 587 with SSL.
+ # port: 587
+ ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
+ # authMechanism: Plain
+ ## Hostname to be sent for SMTP HELO. Defaults to pod name.
+ # heloName: ""
+ ## SMTP timeout.
+ # timeout: 15
+ ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
+ # invalidHostname: false
+ ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
+ # invalidCertificate: false
+ ## SMTP username.
+ # user: ""
+ ## SMTP password. Required is user is specified, ignored if no user provided.
+ # password: ""
+
+ ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
+ yubico:
+ enabled: false
+ ## Yubico server. Defaults to YubiCloud.
+ # server:
+ ## Yubico ID and Secret Key.
+ # clientId:
+ # secretKey:
+
+ ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
+ log:
+ # Log to file.
+ file: ""
+ # Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
+ level: "trace"
+ ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
+ # timeFormat: ""
+
+ icons:
+ # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
+ disableDownload: false
+ ## Cache time-to-live for icons fetched. 0 means no purging.
+ # cache: 2592000
+ ## Cache time-to-live for icons that were not available. 0 means no purging.
+ # cacheFailed: 259200
+
+persistence:
+ data:
+ enabled: true
+ mountPath: "/data"
+ type: pvc
+ accessMode: ReadWriteOnce
+ size: "100Gi"
+
+# Enabled postgres
+postgresql:
+ enabled: true
+ existingSecret: "dbcreds"
+ postgresqlUsername: vaultwarden
+ postgresqlDatabase: vaultwarden
diff --git a/stable/vaultwarden/10.1.0/questions.yaml b/stable/vaultwarden/10.1.0/questions.yaml
new file mode 100644
index 00000000000..019447ac411
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/questions.yaml
@@ -0,0 +1,2113 @@
+groups:
+ - name: "Container Image"
+ description: "Image to be used for container"
+ - name: "Controller"
+ description: "Configure workload deployment"
+ - name: "Container Configuration"
+ description: "additional container configuration"
+ - name: "App Configuration"
+ description: "App specific config options"
+ - name: "Networking and Services"
+ description: "Configure Network and Services for container"
+ - name: "Storage and Persistence"
+ description: "Persist and share data that is separate from the container"
+ - name: "Ingress"
+ description: "Ingress Configuration"
+ - name: "Security and Permissions"
+ description: "Configure security context and permissions"
+ - name: "Resources and Devices"
+ description: "Specify resources/devices to be allocated to workload"
+ - name: "Middlewares"
+ description: "Traefik Middlewares"
+ - name: "Addons"
+ description: "Addon Configuration"
+ - name: "Advanced"
+ description: "Advanced Configuration"
+portals:
+ web_portal:
+ protocols:
+ - "$kubernetes-resource_configmap_portal_protocol"
+ host:
+ - "$kubernetes-resource_configmap_portal_host"
+ ports:
+ - "$kubernetes-resource_configmap_portal_port"
+questions:
+ - variable: portal
+ group: "Container Image"
+ label: "Configure Portal Button"
+ schema:
+ type: dict
+ hidden: true
+ attrs:
+ - variable: enabled
+ label: "Enable"
+ description: "enable the portal button"
+ schema:
+ hidden: true
+ editable: false
+ type: boolean
+ default: true
+ - variable: global
+ label: "global settings"
+ group: "Controller"
+ schema:
+ type: dict
+ hidden: true
+ attrs:
+ - variable: isSCALE
+ label: "flag this is SCALE"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: controller
+ group: "Controller"
+ label: ""
+ schema:
+ type: dict
+ attrs:
+ - variable: type
+ description: "Please specify type of workload to deploy"
+ label: "(Advanced) Controller Type"
+ schema:
+ type: string
+ default: "deployment"
+ required: true
+ enum:
+ - value: "deployment"
+ description: "Deployment"
+ - value: "statefulset"
+ description: "Statefulset"
+ - value: "daemonset"
+ description: "Daemonset"
+ - variable: replicas
+ description: "Number of desired pod replicas"
+ label: "Desired Replicas"
+ schema:
+ type: int
+ default: 1
+ required: true
+ - variable: strategy
+ description: "Please specify type of workload to deploy"
+ label: "(Advanced) Update Strategy"
+ schema:
+ type: string
+ default: "Recreate"
+ required: true
+ enum:
+ - value: "Recreate"
+ description: "Recreate: Kill existing pods before creating new ones"
+ - value: "RollingUpdate"
+ description: "RollingUpdate: Create new pods and then kill old ones"
+ - value: "OnDelete"
+ description: "(Legacy) OnDelete: ignore .spec.template changes"
+ - variable: advanced
+ label: "Show Expert Configuration Options"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: extraArgs
+ label: "Extra Args"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: argItem
+ label: "Arg"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: labelsList
+ label: "Controller Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: labelItem
+ label: "Label"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: annotationsList
+ label: " Controller Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: annotationItem
+ label: "Label"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+
+ - variable: env
+ group: "Container Configuration"
+ label: "Image Environment"
+ schema:
+ type: dict
+ attrs:
+ - variable: TZ
+ label: "Timezone"
+ schema:
+ type: string
+ default: "Etc/UTC"
+ $ref:
+ - "definitions/timezone"
+ - variable: UMASK
+ label: "UMASK"
+ description: "Sets the UMASK env var for LinuxServer.io (compatible) containers"
+ schema:
+ type: string
+ default: "002"
+
+ - variable: envList
+ label: "Image environment"
+ group: "Container Configuration"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: envItem
+ label: "Environment Variable"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+
+ - variable: expertpodconf
+ group: "Container Configuration"
+ label: "Show Expert Config"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: termination
+ group: "Container Configuration"
+ label: "Termination settings"
+ schema:
+ type: dict
+ attrs:
+ - variable: gracePeriodSeconds
+ label: "Grace Period Seconds"
+ schema:
+ type: int
+ default: 10
+ - variable: podLabelsList
+ group: "Container Configuration"
+ label: "Pod Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: podLabelItem
+ label: "Label"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+
+ - variable: podAnnotationsList
+ group: "Container Configuration"
+ label: "Pod Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: podAnnotationItem
+ label: "Label"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+
+ - variable: vaultwarden
+ label: ""
+ group: "App Configuration"
+ schema:
+ type: dict
+ attrs:
+ - variable: yubico
+ label: "Yubico OTP authentication"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable Yubico OTP authentication"
+ description: "Please refer to the manual at: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Yubikey-OTP-authentication"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: server
+ label: "Yubico server"
+ description: "Defaults to YubiCloud"
+ schema:
+ type: string
+ default: ""
+ - variable: clientId
+ label: "Yubico ID"
+ schema:
+ type: string
+ default: ""
+ - variable: secretKey
+ label: "Yubico Secret Key"
+ schema:
+ type: string
+ default: ""
+ - variable: admin
+ label: "Admin Portal"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable Admin Portal"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: disableAdminToken
+ label: "Make Accessible Without Password/Token"
+ schema:
+ type: boolean
+ default: false
+ - variable: token
+ label: "Admin Portal Password/Token"
+ description: "Will be automatically generated if not defined"
+ schema:
+ type: string
+ default: ""
+ - variable: icons
+ label: "Icon Download Settings"
+ schema:
+ type: dict
+ attrs:
+ - variable: disableDownload
+ label: "Disable Icon Download"
+ description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
+ schema:
+ type: boolean
+ default: false
+ - variable: cache
+ label: "Cache time-to-live"
+ description: "Cache time-to-live for icons fetched. 0 means no purging"
+ schema:
+ type: int
+ default: 2592000
+ - variable: token
+ label: "Failed Downloads Cache time-to-live"
+ description: "Cache time-to-live for icons that were not available. 0 means no purging."
+ schema:
+ type: int
+ default: 2592000
+ - variable: log
+ label: "Logging"
+ schema:
+ type: dict
+ attrs:
+ - variable: level
+ label: "Log level"
+ schema:
+ type: string
+ default: "info"
+ required: true
+ enum:
+ - value: "trace"
+ description: "trace"
+ - value: "debug"
+ description: "debug"
+ - value: "info"
+ description: "info"
+ - value: "warn"
+ description: "warn"
+ - value: "error"
+ description: "error"
+ - value: "off"
+ description: "off"
+ - variable: file
+ label: "Log-File Location"
+ schema:
+ type: string
+ default: ""
+ - variable: smtp
+ label: "SMTP Settings (Email)"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable SMTP Support"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: host
+ label: "SMTP hostname"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: from
+ label: "SMTP sender e-mail address"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: fromName
+ label: "SMTP sender name"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: user
+ label: "SMTP username"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: password
+ label: "SMTP password"
+ description: "Required is user is specified, ignored if no user provided"
+ schema:
+ type: string
+ default: ""
+ - variable: ssl
+ label: "Enable SSL connection"
+ schema:
+ type: boolean
+ default: true
+ - variable: port
+ label: "SMTP port"
+ description: "Usually: 25 without SSL, 587 with SSL"
+ schema:
+ type: int
+ default: 587
+ - variable: authMechanism
+ label: "SMTP Authentication Mechanisms"
+ description: "Comma-separated options: Plain, Login and Xoauth2"
+ schema:
+ type: string
+ default: "Plain"
+ - variable: heloName
+ label: "SMTP HELO - Hostname"
+ description: "Hostname to be sent for SMTP HELO. Defaults to pod name"
+ schema:
+ type: string
+ default: ""
+ - variable: port
+ label: "SMTP timeout"
+ schema:
+ type: int
+ default: 15
+ - variable: invalidHostname
+ label: "Accept Invalid Hostname"
+ description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
+ schema:
+ type: boolean
+ default: false
+ - variable: invalidCertificate
+ label: "Accept Invalid Certificate"
+ description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
+ schema:
+ type: boolean
+ default: false
+ - variable: allowSignups
+ label: "Allow Signup"
+ description: "Allow any user to sign-up: https://github.com/dani-garcia/vaultwarden/wiki/Disable-registration-of-new-users"
+ schema:
+ type: boolean
+ default: true
+ - variable: allowInvitation
+ label: "Always allow Invitation"
+ description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/vaultwarden/wiki/Disable-invitations"
+ schema:
+ type: boolean
+ default: true
+ - variable: defaultInviteName
+ label: "Default Invite Organisation Name"
+ description: "Default organization name in invitation e-mails that are not coming from a specific organization."
+ schema:
+ type: string
+ default: ""
+ - variable: showPasswordHint
+ label: "Show password hints"
+ description: "https://github.com/dani-garcia/vaultwarden/wiki/Password-hint-display"
+ schema:
+ type: boolean
+ default: true
+ - variable: signupwhitelistenable
+ label: "Enable Signup Whitelist"
+ description: "allowSignups is ignored if set"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: signupDomains
+ label: "Signup Whitelist Domains"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: domain
+ label: "Domain"
+ schema:
+ type: string
+ default: ""
+ - variable: verifySignup
+ label: "Verifiy Signup"
+ description: "Verify e-mail before login is enabled. SMTP must be enabled"
+ schema:
+ type: boolean
+ default: false
+ - variable: requireEmail
+ label: "Block Login if email fails"
+ description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
+ schema:
+ type: boolean
+ default: false
+ - variable: emailAttempts
+ label: "Email token reset attempts"
+ description: "Maximum attempts before an email token is reset and a new email will need to be sent"
+ schema:
+ type: int
+ default: 3
+ - variable: emailTokenExpiration
+ label: "Email token validity in seconds"
+ schema:
+ type: int
+ default: 600
+ - variable: enableWebsockets
+ label: "Enable Websocket Connections"
+ description: "Enable Websockets for notification. https://github.com/dani-garcia/vaultwarden/wiki/Enabling-WebSocket-notifications"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: enableWebVault
+ label: "Enable Webvault"
+ description: "Enable Web Vault (static content). https://github.com/dani-garcia/vaultwarden/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
+ schema:
+ type: boolean
+ default: true
+ - variable: orgCreationUsers
+ label: "Limit Organisation Creation to (users)"
+ description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
+ schema:
+ type: string
+ default: "all"
+ - variable: attachmentLimitOrg
+ label: "Limit Attachment Disk Usage per Organisation"
+ schema:
+ type: string
+ default: ""
+ - variable: attachmentLimitUser
+ label: "Limit Attachment Disk Usage per User"
+ schema:
+ type: string
+ default: ""
+ - variable: hibpApiKey
+ label: "HaveIBeenPwned API Key"
+ description: "Can be purchased at https://haveibeenpwned.com/API/Key"
+ schema:
+ type: string
+ default: ""
+
+ - variable: service
+ group: "Networking and Services"
+ label: "Configure Service(s)"
+ schema:
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Service"
+ description: "The Primary service on which the healthcheck runs, often the webUI"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the service"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: "Service Type"
+ description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: "NodePort"
+ enum:
+ - value: "NodePort"
+ description: "NodePort"
+ - value: "ClusterIP"
+ description: "ClusterIP"
+ - value: "LoadBalancer"
+ description: "LoadBalancer"
+ - variable: loadBalancerIP
+ label: "LoadBalancer IP"
+ description: "LoadBalancerIP"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: "External IP"
+ schema:
+ type: string
+ - variable: ports
+ label: "Service's Port(s) Configuration"
+ schema:
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Service Port Configuration"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the port"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: protocol
+ label: "Port Type"
+ schema:
+ type: string
+ default: "HTTP"
+ enum:
+ - value: HTTP
+ description: "HTTP"
+ - value: "HTTPS"
+ description: "HTTPS"
+ - value: TCP
+ description: "TCP"
+ - value: "UDP"
+ description: "UDP"
+ - variable: targetPort
+ label: "Target Port"
+ description: "This port exposes the container port on the service"
+ schema:
+ type: int
+ default: 8080
+ editable: false
+ hidden: true
+ - variable: port
+ label: "Container Port"
+ schema:
+ type: int
+ default: 8080
+ editable: true
+ required: true
+ - variable: nodePort
+ label: "Node Port (Optional)"
+ description: "This port gets exposed to the node. Only considered when service type is NodePort"
+ schema:
+ type: int
+ min: 9000
+ max: 65535
+ default: 36000
+ - variable: ws
+ label: "WebSocket Service"
+ description: "WebSocket Service"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the service"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: "Service Type"
+ description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: "ClusterIP"
+ enum:
+ - value: "NodePort"
+ description: "NodePort"
+ - value: "ClusterIP"
+ description: "ClusterIP"
+ - value: "LoadBalancer"
+ description: "LoadBalancer"
+ - variable: loadBalancerIP
+ label: "LoadBalancer IP"
+ description: "LoadBalancerIP"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: "External IP"
+ schema:
+ type: string
+ - variable: ports
+ label: "Service's Port(s) Configuration"
+ schema:
+ type: dict
+ attrs:
+ - variable: ws
+ label: "WebSocket Service Port Configuration"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the port"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: protocol
+ label: "Port Type"
+ schema:
+ type: string
+ default: "HTTP"
+ enum:
+ - value: HTTP
+ description: "HTTP"
+ - value: "HTTPS"
+ description: "HTTPS"
+ - value: TCP
+ description: "TCP"
+ - value: "UDP"
+ description: "UDP"
+ - variable: targetPort
+ label: "Target Port"
+ description: "This port exposes the container port on the service"
+ schema:
+ type: int
+ default: 3012
+ editable: false
+ hidden: true
+ - variable: port
+ label: "Container Port"
+ schema:
+ type: int
+ default: 3012
+ editable: true
+ required: true
+ - variable: nodePort
+ label: "Node Port (Optional)"
+ description: "This port gets exposed to the node. Only considered when service type is NodePort"
+ schema:
+ type: int
+ min: 9000
+ max: 65535
+ default: 36001
+
+ - variable: serviceexpert
+ group: "Networking and Services"
+ label: "Show Expert Config"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hostNetwork
+ group: "Networking and Services"
+ label: "Host-Networking (Complicated)"
+ schema:
+ type: boolean
+ default: false
+
+ - variable: dnsPolicy
+ group: "Networking and Services"
+ label: "dnsPolicy"
+ schema:
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "ClusterFirst"
+ description: "ClusterFirst"
+ - value: "ClusterFirstWithHostNet"
+ description: "ClusterFirstWithHostNet"
+ - value: "None"
+ description: "None"
+
+ - variable: dnsConfig
+ label: "DNS Configuration"
+ group: "Networking and Services"
+ description: "Specify custom DNS configuration which will be applied to the pod"
+ schema:
+ type: dict
+ attrs:
+ - variable: nameservers
+ label: "Nameservers"
+ schema:
+ default: []
+ type: list
+ items:
+ - variable: nameserver
+ label: "Nameserver"
+ schema:
+ type: string
+ - variable: options
+ label: "options"
+ schema:
+ default: []
+ type: list
+ items:
+ - variable: option
+ label: "Option Entry"
+ schema:
+ type: string
+ - variable: searches
+ label: "Searches"
+ schema:
+ default: []
+ type: list
+ items:
+ - variable: search
+ label: "Search Entry"
+ schema:
+ type: string
+
+ - variable: serviceList
+ label: "Add Manual Custom Services"
+ group: "Networking and Services"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: serviceListEntry
+ label: "Custom Service"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the service"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ default: ""
+ - variable: type
+ label: "Service Type"
+ description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: "NodePort"
+ enum:
+ - value: "NodePort"
+ description: "NodePort"
+ - value: "ClusterIP"
+ description: "ClusterIP"
+ - value: "LoadBalancer"
+ description: "LoadBalancer"
+ - variable: loadBalancerIP
+ label: "LoadBalancer IP"
+ description: "LoadBalancerIP"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: "External IP"
+ schema:
+ type: string
+ - variable: portsList
+ label: "Additional Service Ports"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsListEntry
+ label: "Custom ports"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the port"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: "Port Name"
+ schema:
+ type: string
+ default: ""
+ - variable: protocol
+ label: "Port Type"
+ schema:
+ type: string
+ default: "TCP"
+ enum:
+ - value: HTTP
+ description: "HTTP"
+ - value: "HTTPS"
+ description: "HTTPS"
+ - value: TCP
+ description: "TCP"
+ - value: "UDP"
+ description: "UDP"
+ - variable: targetPort
+ label: "Target Port"
+ description: "This port exposes the container port on the service"
+ schema:
+ type: int
+ required: true
+ - variable: port
+ label: "Container Port"
+ schema:
+ type: int
+ required: true
+ - variable: nodePort
+ label: "Node Port (Optional)"
+ description: "This port gets exposed to the node. Only considered when service type is NodePort"
+ schema:
+ type: int
+ min: 9000
+ max: 65535
+
+ - variable: persistence
+ label: "Integrated Persistent Storage"
+ description: "Integrated Persistent Storage"
+ group: "Storage and Persistence"
+ schema:
+ type: dict
+ attrs:
+ - variable: data
+ label: "App Config Storage"
+ description: "Stores the Application Configuration."
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the storage"
+ schema:
+ type: boolean
+ default: true
+ - variable: type
+ label: "(Advanced) Type of Storage"
+ description: "Sets the persistence type"
+ schema:
+ type: string
+ default: "pvc"
+ enum:
+ - value: "pvc"
+ description: "pvc"
+ - value: "emptyDir"
+ description: "emptyDir"
+ - value: "hostPath"
+ description: "hostPath"
+ - variable: storageClass
+ label: "(Advanced) storageClass"
+ description: " Warning: Anything other than SCALE-ZFS will break rollback!"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "SCALE-ZFS"
+ - variable: setPermissions
+ label: "Automatic Permissions"
+ description: "Automatically set permissions on install"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: boolean
+ default: true
+ - variable: readOnly
+ label: "readOnly"
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: "hostPath"
+ description: "Path inside the container the storage is mounted"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: hostpath
+ - variable: hostPathType
+ label: "hostPath Type"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "DirectoryOrCreate"
+ description: "DirectoryOrCreate"
+ - value: "Directory"
+ description: "Directory"
+ - value: "FileOrCreate"
+ description: "FileOrCreate"
+ - value: "File"
+ description: "File"
+ - value: "Socket"
+ description: "Socket"
+ - value: "CharDevice"
+ description: "CharDevice"
+ - value: "BlockDevice"
+ description: "BlockDevice"
+ - variable: mountPath
+ label: "mountPath"
+ description: "Path inside the container the storage is mounted"
+ schema:
+ type: string
+ default: "/data"
+ hidden: true
+ valid_chars: '^\/([a-zA-Z0-9._-]+\/?)+$'
+ - variable: medium
+ label: "EmptyDir Medium"
+ schema:
+ show_if: [["type", "=", "emptyDir"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "Memory"
+ description: "Memory"
+ - variable: accessMode
+ label: "Access Mode (Advanced)"
+ description: "Allow or disallow multiple PVC's writhing to the same PV"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "ReadWriteOnce"
+ enum:
+ - value: "ReadWriteOnce"
+ description: "ReadWriteOnce"
+ - value: "ReadOnlyMany"
+ description: "ReadOnlyMany"
+ - value: "ReadWriteMany"
+ description: "ReadWriteMany"
+ - variable: size
+ label: "Size quotum of storage"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "100Gi"
+
+ - variable: persistenceList
+ label: "Additional app storage"
+ group: "Storage and Persistence"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: persistenceListEntry
+ label: "Custom Storage"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the storage"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: advanced
+ label: "Show Advanced Options"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: labelsList
+ label: "Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: labelItem
+ label: "Label"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: annotationsList
+ label: "Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: annotationItem
+ label: "Label"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: type
+ label: "(Advanced) Type of Storage"
+ description: "Sets the persistence type"
+ schema:
+ type: string
+ default: "hostPath"
+ enum:
+ - value: "pvc"
+ description: "pvc"
+ - value: "emptyDir"
+ description: "emptyDir"
+ - value: "hostPath"
+ description: "hostPath"
+ - variable: storageClass
+ label: "(Advanced) storageClass"
+ description: "Warning: Anything other than SCALE-ZFS will break rollback!"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "SCALE-ZFS"
+ - variable: setPermissions
+ label: "Automatic Permissions"
+ description: "Automatically set permissions on install"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: boolean
+ default: true
+ - variable: readOnly
+ label: "readOnly"
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: "hostPath"
+ description: "Path inside the container the storage is mounted"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: hostpath
+ - variable: hostPathType
+ label: "(Advanced) hostPath Type"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "DirectoryOrCreate"
+ description: "DirectoryOrCreate"
+ - value: "Directory"
+ description: "Directory"
+ - value: "FileOrCreate"
+ description: "FileOrCreate"
+ - value: "File"
+ description: "File"
+ - value: "Socket"
+ description: "Socket"
+ - value: "CharDevice"
+ description: "CharDevice"
+ - value: "BlockDevice"
+ description: "BlockDevice"
+ - variable: mountPath
+ label: "mountPath"
+ description: "Path inside the container the storage is mounted"
+ schema:
+ type: string
+ default: ""
+ required: true
+ valid_chars: '^\/([a-zA-Z0-9._-]+\/?)+$'
+ - variable: medium
+ label: "EmptyDir Medium"
+ schema:
+ show_if: [["type", "=", "emptyDir"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "Memory"
+ description: "Memory"
+ - variable: accessMode
+ label: "(Advanced) Access Mode"
+ description: "Allow or disallow multiple PVC's writhing to the same PV"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "ReadWriteOnce"
+ enum:
+ - value: "ReadWriteOnce"
+ description: "ReadWriteOnce"
+ - value: "ReadOnlyMany"
+ description: "ReadOnlyMany"
+ - value: "ReadWriteMany"
+ description: "ReadWriteMany"
+ - variable: size
+ label: "Size quotum of storage"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "100Gi"
+
+ - variable: ingress
+ label: ""
+ group: "Ingress"
+ schema:
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Ingress"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable Ingress"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hosts
+ label: "Hosts"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: "Host"
+ schema:
+ type: dict
+ attrs:
+ - variable: host
+ label: "HostName"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: "Paths"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pathEntry
+ label: "Host"
+ schema:
+ type: dict
+ attrs:
+ - variable: path
+ label: "path"
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: "pathType"
+ schema:
+ type: string
+ required: true
+ default: "Prefix"
+
+ - variable: tls
+ label: "TLS-Settings"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: tlsEntry
+ label: "Host"
+ schema:
+ type: dict
+ attrs:
+ - variable: hosts
+ label: "Certificate Hosts"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: "Host"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: scaleCert
+ label: "Select TrueNAS SCALE Certificate"
+ schema:
+ type: int
+ $ref:
+ - "definitions/certificate"
+
+ - variable: entrypoint
+ label: "(Advanced) Traefik Entrypoint"
+ description: "Entrypoint used by Traefik when using Traefik as Ingress Provider"
+ schema:
+ type: string
+ default: "websecure"
+ required: true
+ - variable: middlewares
+ label: "Traefik Middlewares"
+ description: "Add previously created Traefik Middlewares to this Ingress"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: expert
+ label: "Show Expert Configuration Options"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: enableFixedMiddlewares
+ description: "These middlewares enforce a number of best practices."
+ label: "Enable Default Middlewares"
+ schema:
+ type: boolean
+ default: true
+ - variable: ingressClassName
+ label: "IngressClass Name"
+ schema:
+ type: string
+ default: ""
+ - variable: labelsList
+ label: "Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: labelItem
+ label: "Label"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: annotationsList
+ label: "Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: annotationItem
+ label: "Label"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+
+ - variable: ingressList
+ label: "Add Manual Custom Ingresses"
+ group: "Ingress"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressListEntry
+ label: "Custom Ingress"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable Ingress"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ default: ""
+ - variable: ingressClassName
+ label: "IngressClass Name"
+ schema:
+ type: string
+ default: ""
+ - variable: labelsList
+ label: "Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: labelItem
+ label: "Label"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: annotationsList
+ label: "Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: annotationItem
+ label: "Label"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: hosts
+ label: "Hosts"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: "Host"
+ schema:
+ type: dict
+ attrs:
+ - variable: host
+ label: "HostName"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: "Paths"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pathEntry
+ label: "Host"
+ schema:
+ type: dict
+ attrs:
+ - variable: path
+ label: "path"
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: "pathType"
+ schema:
+ type: string
+ required: true
+ default: "Prefix"
+ - variable: service
+ label: "Linked Service"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Service Name"
+ schema:
+ type: string
+ default: ""
+ - variable: port
+ label: "Service Port"
+ schema:
+ type: int
+ - variable: tls
+ label: "TLS-Settings"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: tlsEntry
+ label: "Host"
+ schema:
+ type: dict
+ attrs:
+ - variable: hosts
+ label: "Certificate Hosts"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: "Host"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: scaleCert
+ label: "Select TrueNAS SCALE Certificate"
+ schema:
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: entrypoint
+ label: "Traefik Entrypoint"
+ description: "Entrypoint used by Traefik when using Traefik as Ingress Provider"
+ schema:
+ type: string
+ default: "websecure"
+ required: true
+ - variable: middlewares
+ label: "Traefik Middlewares"
+ description: "Add previously created Traefik Middlewares to this Ingress"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: securityContext
+ group: "Security and Permissions"
+ label: "Security Context"
+ schema:
+ type: dict
+ attrs:
+ - variable: privileged
+ label: "Privileged mode"
+ schema:
+ type: boolean
+ default: false
+ - variable: readOnlyRootFilesystem
+ label: "ReadOnly Root Filesystem"
+ schema:
+ type: boolean
+ default: true
+ - variable: allowPrivilegeEscalation
+ label: "Allow Privilege Escalation"
+ schema:
+ type: boolean
+ default: false
+ - variable: runAsNonRoot
+ label: "runAsNonRoot"
+ schema:
+ type: boolean
+ default: true
+
+ - variable: podSecurityContext
+ group: "Security and Permissions"
+ label: "Pod Security Context"
+ schema:
+ type: dict
+ attrs:
+ - variable: runAsUser
+ label: "runAsUser"
+ description: "The UserID of the user running the application"
+ schema:
+ type: int
+ default: 568
+ - variable: runAsGroup
+ label: "runAsGroup"
+ description: The groupID this App of the user running the application"
+ schema:
+ type: int
+ default: 568
+ - variable: fsGroup
+ label: "fsGroup"
+ description: "The group that should own ALL storage."
+ schema:
+ type: int
+ default: 568
+ - variable: supplementalGroups
+ label: "supplemental Groups"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: supplementalGroupsEntry
+ label: "supplemental Group"
+ schema:
+ type: int
+ - variable: fsGroupChangePolicy
+ label: "When should we take ownership?"
+ schema:
+ type: string
+ default: "OnRootMismatch"
+ enum:
+ - value: "OnRootMismatch"
+ description: "OnRootMismatch"
+ - value: "Always"
+ description: "Always"
+
+
+ # Specify GPU configuration
+ - variable: scaleGPU
+ label: "GPU Configuration"
+ group: "Resources and Devices"
+ schema:
+ type: dict
+ $ref:
+ - "definitions/gpuConfiguration"
+ attrs: []
+
+ - variable: resources
+ group: "Resources and Devices"
+ label: ""
+ schema:
+ type: dict
+ attrs:
+ - variable: limits
+ label: "Advanced Limit Resource Consumption"
+ schema:
+ type: dict
+ attrs:
+ - variable: cpu
+ label: "CPU"
+ schema:
+ type: string
+ default: "4000m"
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: "Memory RAM"
+ schema:
+ type: string
+ default: "8Gi"
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: requests
+ label: "Advanced Request minimum resources required"
+ schema:
+ type: dict
+ attrs:
+ - variable: cpu
+ label: "CPU"
+ schema:
+ type: string
+ default: "10m"
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: "Memory RAM"
+ schema:
+ type: string
+ default: "50Mi"
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+
+ - variable: deviceList
+ label: "Mount USB devices"
+ group: "Resources and Devices"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: deviceListEntry
+ label: "Device"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the storage"
+ schema:
+ type: boolean
+ default: true
+ - variable: type
+ label: "(Advanced) Type of Storage"
+ description: "Sets the persistence type"
+ schema:
+ type: string
+ default: "hostPath"
+ hidden: true
+ - variable: readOnly
+ label: "readOnly"
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: "Host Device Path"
+ description: "Path to the device on the host system"
+ schema:
+ type: path
+ - variable: mountPath
+ label: "Container Device Path"
+ description: "Path inside the container the device is mounted"
+ schema:
+ type: string
+ default: "/dev/ttyACM0"
+
+ - variable: autoscaling
+ group: "Resources and Devices"
+ label: "(Advanced) Horizontal Pod Autoscaler"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "enabled"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: target
+ label: "Target"
+ description: "deployment name, defaults to main deployment"
+ schema:
+ type: string
+ default: ""
+ - variable: minReplicas
+ label: "Minimum Replicas"
+ schema:
+ type: int
+ default: 1
+ - variable: maxReplicas
+ label: "Maximum Replicas"
+ schema:
+ type: int
+ default: 5
+ - variable: targetCPUUtilizationPercentage
+ label: "Target CPU Utilization Percentage"
+ schema:
+ type: int
+ default: 80
+ - variable: targetMemoryUtilizationPercentage
+ label: "Target Memory Utilization Percentage"
+ schema:
+ type: int
+ default: 80
+
+
+ - variable: addons
+ group: "Addons"
+ label: ""
+ schema:
+ type: dict
+ attrs:
+ - variable: vpn
+ label: "VPN"
+ schema:
+ type: dict
+ attrs:
+ - variable: type
+ label: "Type"
+ schema:
+ type: string
+ default: "disabled"
+ enum:
+ - value: "disabled"
+ description: "disabled"
+ - value: "openvpn"
+ description: "OpenVPN"
+ - value: "wireguard"
+ description: "Wireguard"
+ - variable: openvpn
+ label: "OpenVPN Settings"
+ schema:
+ type: dict
+ show_if: [["type", "=", "openvpn"]]
+ attrs:
+ - variable: username
+ label: "authentication username"
+ description: "authentication username, optional"
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: "authentication password"
+ description: "authentication credentials"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: killSwitch
+ label: "Enable killswitch"
+ schema:
+ type: boolean
+ show_if: [["type", "!=", "disabled"]]
+ default: true
+ - variable: excludedNetworks_IPv4
+ label: "Killswitch Excluded IPv4 networks"
+ description: "list of killswitch excluded ipv4 addresses"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv4
+ label: "IPv4 Network"
+ schema:
+ type: string
+ required: true
+ - variable: excludedNetworks_IPv6
+ label: "Killswitch Excluded IPv6 networks"
+ description: "list of killswitch excluded ipv4 addresses"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv6
+ label: "IPv6 Network"
+ schema:
+ type: string
+ required: true
+
+ - variable: configFile
+ label: "VPN Config File Location"
+ schema:
+ type: dict
+ show_if: [["type", "!=", "disabled"]]
+ attrs:
+ - variable: enabled
+ label: "enabled"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: "type"
+ schema:
+ type: string
+ default: "hostPath"
+ hidden: true
+ - variable: hostPathType
+ label: "hostPathType"
+ schema:
+ type: string
+ default: "File"
+ hidden: true
+ - variable: noMount
+ label: "noMount"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: hostPath
+ label: "Full path to file"
+ description: "path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: envList
+ label: "VPN environment Variables"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: "Environment Variable"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ required: true
+
+ - variable: codeserver
+ label: "Codeserver"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "enabled"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: git
+ label: "Git Settings"
+ schema:
+ type: dict
+ attrs:
+ - variable: deployKey
+ description: "Raw SSH private key"
+ label: "deployKey"
+ schema:
+ type: string
+ - variable: deployKeyBase64
+ description: "Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence"
+ label: "deployKeyBase64"
+ schema:
+ type: string
+ - variable: service
+ label: ""
+ schema:
+ type: dict
+ attrs:
+ - variable: type
+ label: "Service Type"
+ description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: "NodePort"
+ enum:
+ - value: "NodePort"
+ description: "NodePort"
+ - value: "ClusterIP"
+ description: "ClusterIP"
+ - value: "LoadBalancer"
+ description: "LoadBalancer"
+ - variable: loadBalancerIP
+ label: "LoadBalancer IP"
+ description: "LoadBalancerIP"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: "External IP"
+ schema:
+ type: string
+ - variable: ports
+ label: ""
+ schema:
+ type: dict
+ attrs:
+ - variable: codeserver
+ label: ""
+ schema:
+ type: dict
+ attrs:
+ - variable: nodePort
+ description: "leave empty to disable"
+ label: "nodePort"
+ schema:
+ type: int
+ default: 36107
+ - variable: envList
+ label: "Codeserver environment Variables"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: "Environment Variable"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ required: true
+
+
+ - variable: promtail
+ label: "Promtail"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "enabled"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: loki
+ label: "Loki URL"
+ schema:
+ type: string
+ required: true
+ - variable: logs
+ label: "Log Paths"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: path
+ label: "Path"
+ schema:
+ type: string
+ required: true
+ - variable: args
+ label: "Promtail ecommand line arguments"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: arg
+ label: "Arg"
+ schema:
+ type: string
+ required: true
+ - variable: envList
+ label: "Promtail environment Variables"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: "Environment Variable"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ required: true
+
+
+
+
+ - variable: netshoot
+ label: "Netshoot"
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "enabled"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: envList
+ label: "Netshoot environment Variables"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: "Environment Variable"
+ schema:
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ required: true
diff --git a/stable/vaultwarden/10.1.0/templates/_configmap.tpl b/stable/vaultwarden/10.1.0/templates/_configmap.tpl
new file mode 100644
index 00000000000..8809925abdf
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/templates/_configmap.tpl
@@ -0,0 +1,116 @@
+{{/* Define the configmap */}}
+{{- define "vaultwarden.configmap" -}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: vaultwardenconfig
+data:
+ ROCKET_PORT: "8080"
+ SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
+ {{- if .Values.vaultwarden.signupDomains }}
+ SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
+ {{- end }}
+ {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
+ SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
+ {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
+ REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
+ {{- if .Values.vaultwarden.emailAttempts }}
+ EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.emailTokenExpiration }}
+ EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
+ {{- end }}
+ INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
+ {{- if .Values.vaultwarden.defaultInviteName }}
+ INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
+ {{- end }}
+ SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
+ WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
+ WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
+ ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
+ {{- if .Values.vaultwarden.attachmentLimitOrg }}
+ ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.attachmentLimitUser }}
+ USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.hibpApiKey }}
+ HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
+ {{- end }}
+ {{- include "vaultwarden.dbTypeValid" . }}
+ {{- if .Values.database.retries }}
+ DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
+ {{- end }}
+ {{- if .Values.database.maxConnections }}
+ DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
+ {{- end }}
+ {{- if eq .Values.vaultwarden.smtp.enabled true }}
+ SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
+ SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
+ {{- if .Values.vaultwarden.smtp.fromName }}
+ SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.ssl }}
+ SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.port }}
+ SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.authMechanism }}
+ SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.heloName }}
+ HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.timeout }}
+ SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.invalidHostname }}
+ SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.smtp.invalidCertificate }}
+ SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.vaultwarden.log.file }}
+ LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
+ {{- end }}
+ {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
+ EXTENDED_LOGGING: "true"
+ {{- end }}
+ {{- if .Values.vaultwarden.log.level }}
+ {{- include "vaultwarden.logLevelValid" . }}
+ LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.log.timeFormat }}
+ LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.icons.disableDownload }}
+ DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
+ {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
+ ICON_CACHE_TTL: "0"
+ {{- end }}
+ {{- end }}
+ {{- if .Values.vaultwarden.icons.cache }}
+ ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
+ {{- end }}
+ {{- if .Values.vaultwarden.icons.cacheFailed }}
+ ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
+ {{- end }}
+ {{- if eq .Values.vaultwarden.admin.enabled true }}
+ {{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
+ DISABLE_ADMIN_TOKEN: "true"
+ {{- end }}
+ {{- end }}
+ {{- if eq .Values.vaultwarden.yubico.enabled true }}
+ {{- if .Values.vaultwarden.yubico.server }}
+ YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
+ {{- end }}
+ {{- end }}
+ {{- if eq .Values.database.type "sqlite" }}
+ ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
+ {{- else }}
+ ENABLE_DB_WAL: "false"
+ {{- end }}
+{{- end -}}
diff --git a/stable/vaultwarden/10.1.0/templates/_secrets.tpl b/stable/vaultwarden/10.1.0/templates/_secrets.tpl
new file mode 100644
index 00000000000..ca5ec74b0af
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/templates/_secrets.tpl
@@ -0,0 +1,36 @@
+{{/* Define the secrets */}}
+{{- define "vaultwarden.secrets" -}}
+
+{{- $adminToken := "" }}
+{{- if eq .Values.vaultwarden.admin.enabled true }}
+{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | b64enc | quote }}
+{{- end -}}
+
+{{- $smtpUser := "" }}
+{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
+{{- $smtpUser = .Values.vaultwarden.smtp.user | b64enc | quote }}
+{{- end -}}
+
+{{- $yubicoClientId := "" }}
+{{- if eq .Values.vaultwarden.yubico.enabled true }}
+{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | b64enc | quote }}
+{{- end -}}
+---
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: vaultwardensecret
+data:
+ {{- if ne $adminToken "" }}
+ ADMIN_TOKEN: {{ $adminToken }}
+ {{- end }}
+ {{- if ne $smtpUser "" }}
+ SMTP_USERNAME: {{ $smtpUser }}
+ SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | b64enc | quote }}
+ {{- end }}
+ {{- if ne $yubicoClientId "" }}
+ YUBICO_CLIENT_ID: {{ $yubicoClientId }}
+ YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | b64enc | quote }}
+ {{- end }}
+{{- end -}}
diff --git a/stable/vaultwarden/10.1.0/templates/_validate.tpl b/stable/vaultwarden/10.1.0/templates/_validate.tpl
new file mode 100644
index 00000000000..e4832c2f6e5
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/templates/_validate.tpl
@@ -0,0 +1,17 @@
+{{/*
+Ensure valid DB type is select, defaults to SQLite
+*/}}
+{{- define "vaultwarden.dbTypeValid" -}}
+{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
+{{- required "Invalid database type" nil }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Ensure log type is valid
+*/}}
+{{- define "vaultwarden.logLevelValid" -}}
+{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
+{{- required "Invalid log level" nil }}
+{{- end }}
+{{- end }}
diff --git a/stable/vaultwarden/10.1.0/templates/common.yaml b/stable/vaultwarden/10.1.0/templates/common.yaml
new file mode 100644
index 00000000000..23381ff8a0c
--- /dev/null
+++ b/stable/vaultwarden/10.1.0/templates/common.yaml
@@ -0,0 +1,38 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "common.setup" . }}
+
+
+{{/* Render configmap for vaultwarden */}}
+{{- include "vaultwarden.configmap" . }}
+
+{{/* Render secrets for vaultwarden */}}
+{{- include "vaultwarden.secrets" . }}
+
+{{/* Define path for websocket */}}
+{{- define "vaultwarden.websocket" -}}
+path: "/notifications/hub"
+# -- Ignored if not kubeVersion >= 1.14-0
+pathType: Prefix
+service:
+ # -- Overrides the service name reference for this path
+ name: ws
+ port: {{ .Values.service.ws.ports.ws.port }}
+{{- end -}}
+
+{{/* inject websocket path to all main ingress hosts*/}}
+{{- define "vaultwarden.websocketinjector" -}}
+{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
+{{- if .Values.ingress.main.enabled }}
+{{- range .Values.ingress.main.hosts }}
+{{- $newpaths := list }}
+{{- $newpaths := concat .paths $path }}
+{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{/* inject websocket paths in ingress */}}
+{{- include "vaultwarden.websocketinjector" . }}
+
+{{/* Render the templates */}}
+{{ include "common.postSetup" . }}
diff --git a/stable/vaultwarden/10.1.0/values.yaml b/stable/vaultwarden/10.1.0/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d