Commit new App releases for TrueCharts

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>

stable/vaultwarden/12.0.6/CHANGELOG.md

@@ -0,0 +1,99 @@
+# Changelog<br>
+
+
+<a name="vaultwarden-12.0.6"></a>
+### [vaultwarden-12.0.6](https://github.com/truecharts/apps/compare/vaultwarden-12.0.5...vaultwarden-12.0.6) (2021-11-04)
+
+#### Fix
+
+* correctly define ingress ([#1283](https://github.com/truecharts/apps/issues/1283))
+
+
+
+<a name="vaultwarden-12.0.5"></a>
+### [vaultwarden-12.0.5](https://github.com/truecharts/apps/compare/vaultwarden-12.0.4...vaultwarden-12.0.5) (2021-11-02)
+
+#### Chore
+
+* update non-major deps helm releases ([#1267](https://github.com/truecharts/apps/issues/1267))
+
+
+
+<a name="vaultwarden-12.0.4"></a>
+### [vaultwarden-12.0.4](https://github.com/truecharts/apps/compare/vaultwarden-12.0.3...vaultwarden-12.0.4) (2021-11-01)
+
+#### Chore
+
+* update non-major deps helm releases ([#1264](https://github.com/truecharts/apps/issues/1264))
+
+
+
+<a name="vaultwarden-12.0.3"></a>
+### [vaultwarden-12.0.3](https://github.com/truecharts/apps/compare/vaultwarden-12.0.2...vaultwarden-12.0.3) (2021-10-26)
+
+#### Chore
+
+* update helm chart postgresql to v5.1.4 ([#1249](https://github.com/truecharts/apps/issues/1249))
+
+
+
+<a name="vaultwarden-12.0.2"></a>
+### [vaultwarden-12.0.2](https://github.com/truecharts/apps/compare/vaultwarden-12.0.1...vaultwarden-12.0.2) (2021-10-26)
+
+#### Chore
+
+* update non-major deps helm releases ([#1245](https://github.com/truecharts/apps/issues/1245))
+
+
+
+<a name="vaultwarden-12.0.1"></a>
+### [vaultwarden-12.0.1](https://github.com/truecharts/apps/compare/vaultwarden-12.0.0...vaultwarden-12.0.1) (2021-10-26)
+
+#### Chore
+
+* update helm chart common to v8.3.15 ([#1240](https://github.com/truecharts/apps/issues/1240))
+
+
+
+<a name="vaultwarden-12.0.0"></a>
+### [vaultwarden-12.0.0](https://github.com/truecharts/apps/compare/vaultwarden-11.0.5...vaultwarden-12.0.0) (2021-10-26)
+
+#### Chore
+
+* update helm chart postgresql to v5 ([#1234](https://github.com/truecharts/apps/issues/1234))
+* update non-major ([#1232](https://github.com/truecharts/apps/issues/1232))
+
+
+
+<a name="vaultwarden-11.0.5"></a>
+### [vaultwarden-11.0.5](https://github.com/truecharts/apps/compare/vaultwarden-10.1.0...vaultwarden-11.0.5) (2021-10-26)
+
+
+
+<a name="vaultwarden-10.1.0"></a>
+### [vaultwarden-10.1.0](https://github.com/truecharts/apps/compare/vaultwarden-11.0.0...vaultwarden-10.1.0) (2021-10-26)
+
+#### Fix
+
+* fix patch for important postgresql consumping apps
+
+
+
+<a name="vaultwarden-11.0.0"></a>
+### [vaultwarden-11.0.0](https://github.com/truecharts/apps/compare/vaultwarden-10.0.3...vaultwarden-11.0.0) (2021-10-25)
+
+#### Chore
+
+* Adapt for TrueNAS SCALE RC1
+
+
+
+<a name="vaultwarden-10.0.3"></a>
+### [vaultwarden-10.0.3](https://github.com/truecharts/apps/compare/vaultwarden-10.0.0...vaultwarden-10.0.3) (2021-10-20)
+
+#### Chore
+
+* bump apps, remove duplicates and move incubator to stable for RC1
+* update non-major deps helm releases ([#1213](https://github.com/truecharts/apps/issues/1213))
+
+#### Fix

stable/vaultwarden/12.0.6/CONFIG.md

@@ -0,0 +1,8 @@
+# Configuration Options
+
+##### Connecting to other apps
+If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our "Linking Apps Internally" quick-start guide:
+https://truecharts.org/manual/Quick-Start%20Guides/14-linking-apps/
+
+##### Available config options
+In the future this page is going to contain an automated list of options available in the installation/edit UI.

stable/vaultwarden/12.0.6/Chart.lock

@@ -0,0 +1,9 @@
+dependencies:
+- name: common
+  repository: https://truecharts.org
+  version: 8.3.19
+- name: postgresql
+  repository: https://truecharts.org/
+  version: 5.1.7
+digest: sha256:9ca72bff75244fed934f5f0ef33b2d3bd41a69bb37410bab6f5c96775c803bb3
+generated: "2021-11-04T20:37:12.721418305Z"

stable/vaultwarden/12.0.6/Chart.yaml

@@ -0,0 +1,36 @@
+apiVersion: v2
+appVersion: "1.23.0"
+dependencies:
+- name: common
+  repository: https://truecharts.org
+  version: 8.3.19
+- condition: postgresql.enabled
+  name: postgresql
+  repository: https://truecharts.org/
+  version: 5.1.7
+deprecated: false
+description: Unofficial Bitwarden compatible server written in Rust
+home: https://github.com/truecharts/apps/tree/master/charts/stable/vaultwarden
+icon: https://raw.githubusercontent.com/bitwarden/brand/master/icons/256x256.png
+keywords:
+- bitwarden
+- bitwardenrs
+- bitwarden_rs
+- vaultwarden
+- password
+- rust
+kubeVersion: '>=1.16.0-0'
+maintainers:
+- email: info@truecharts.org
+  name: TrueCharts
+  url: truecharts.org
+name: vaultwarden
+sources:
+- https://github.com/dani-garcia/vaultwarden
+type: application
+version: 12.0.6
+annotations:
+  truecharts.org/catagories: |
+    - security
+  truecharts.org/SCALE-support: "true"
+  truecharts.org/grade: U

stable/vaultwarden/12.0.6/README.md

@@ -0,0 +1,38 @@
+# Introduction
+
+Unofficial Bitwarden compatible server written in Rust
+
+TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation.
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)**
+
+## Source Code
+
+* <https://github.com/dani-garcia/vaultwarden>
+
+## Requirements
+
+Kubernetes: `>=1.16.0-0`
+
+## Dependencies
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://truecharts.org/ | postgresql | 5.1.7 |
+| https://truecharts.org | common | 8.3.19 |
+
+## Installing the Chart
+
+To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/03-Installing-an-App/).
+
+## Uninstalling the Chart
+
+To remove this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/07-Deleting-an-App/).
+
+## Support
+
+- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Open-Apps/) first.
+- See the [Wiki](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
+---
+All Rights Reserved - The TrueCharts Project

stable/vaultwarden/12.0.6/app-readme.md

@@ -0,0 +1,3 @@
+Unofficial Bitwarden compatible server written in Rust
+
+This App is supplied by TrueCharts, for more information please visit https://truecharts.org

stable/vaultwarden/12.0.6/ci/ingress-values.yaml

@@ -0,0 +1,67 @@
+# -- Configure the ingresses for the chart here.
+# Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress.
+# @default -- See below
+ingress:
+  main:
+    # -- Enables or disables the ingress
+    enabled: true
+
+    # -- Make this the primary ingress (used in probes, notes, etc...).
+    # If there is more than 1 ingress, make sure that only 1 ingress is marked as primary.
+    primary: true
+
+    # -- Override the name suffix that is used for this ingress.
+    nameOverride:
+
+    # -- List of middlewares in the traefikmiddlewares k8s namespace to add automatically
+    # Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names
+    # Primarily used for TrueNAS SCALE to add additional (seperate) middlewares without exposing them to the end-user
+    fixedMiddlewares:
+      - chain-basic
+
+    # -- Additional List of middlewares in the traefikmiddlewares k8s namespace to add automatically
+    # Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names
+    middlewares: []
+    annotationsList: []
+    # - name: somename
+    #   value: somevalue
+    # -- Provide additional annotations which may be required.
+    annotations: {}
+      # kubernetes.io/ingress.class: nginx
+      # kubernetes.io/tls-acme: "true"
+
+    labelsList: []
+    # - name: somename
+    #   value: somevalue
+    # -- Set labels on the deployment/statefulset/daemonset
+    # -- Provide additional labels which may be required.
+    # -- Provide additional labels which may be required.
+    labels: {}
+
+    # -- Set the ingressClass that is used for this ingress.
+    # Requires Kubernetes >=1.19
+    ingressClassName:  # "nginx"
+
+    ## Configure the hosts for the ingress
+    hosts:
+      -  # -- Host address. Helm template can be passed.
+        host: chart-example.local
+        ## Configure the paths for the host
+        paths:
+          -  # -- Path.  Helm template can be passed.
+            path: /
+            # -- Ignored if not kubeVersion >= 1.14-0
+            pathType: Prefix
+            service:
+              # -- Overrides the service name reference for this path
+              name:
+              # -- Overrides the service port reference for this path
+              port:
+
+    # -- Configure TLS for the ingress. Both secretName and hosts can process a Helm template.
+    tls: []
+    #  - secretName: chart-example-tls
+    # -- Create a secret from a GUI selected TrueNAS SCALE certificate
+    #    scaleCert: true
+    #    hosts:
+    #      - chart-example.local

stable/vaultwarden/12.0.6/helm-values.md

@@ -0,0 +1,55 @@
+# Default Helm-Values
+
+TrueCharts is primarily build to supply TrueNAS SCALE Apps.
+However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our values.yaml file.
+
+Most of our Apps also consume our "common" Helm Chart.
+If this is the case, this means that all values.yaml values are set to the common chart values.yaml by default. This values.yaml file will only contain values that deviate from the common chart.
+You will, however, be able to use all values referenced in the common chart here, besides the values listed in this document.
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| database.type | string | `"postgresql"` |  |
+| database.wal | bool | `true` |  |
+| env | object | `{}` |  |
+| envFrom[0].configMapRef.name | string | `"vaultwardenconfig"` |  |
+| envFrom[1].secretRef.name | string | `"vaultwardensecret"` |  |
+| envTpl.DOMAIN | string | `"https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"` |  |
+| envValueFrom.DATABASE_URL.secretKeyRef.key | string | `"url"` |  |
+| envValueFrom.DATABASE_URL.secretKeyRef.name | string | `"dbcreds"` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"ghcr.io/truecharts/vaultwarden"` |  |
+| image.tag | string | `"v1.23.0@sha256:1e65dd23569e566576c3c80de76f711e0b9fc5e29a39d45f49f0a44d1282d869"` |  |
+| persistence.data.accessMode | string | `"ReadWriteOnce"` |  |
+| persistence.data.enabled | bool | `true` |  |
+| persistence.data.mountPath | string | `"/data"` |  |
+| persistence.data.size | string | `"100Gi"` |  |
+| persistence.data.type | string | `"pvc"` |  |
+| postgresql.enabled | bool | `true` |  |
+| postgresql.existingSecret | string | `"dbcreds"` |  |
+| postgresql.postgresqlDatabase | string | `"vaultwarden"` |  |
+| postgresql.postgresqlUsername | string | `"vaultwarden"` |  |
+| service.main.ports.main.port | int | `8080` |  |
+| service.ws.ports.ws.enabled | bool | `true` |  |
+| service.ws.ports.ws.port | int | `3012` |  |
+| vaultwarden.admin.disableAdminToken | bool | `false` |  |
+| vaultwarden.admin.enabled | bool | `false` |  |
+| vaultwarden.allowInvitation | bool | `true` |  |
+| vaultwarden.allowSignups | bool | `true` |  |
+| vaultwarden.enableWebVault | bool | `true` |  |
+| vaultwarden.enableWebsockets | bool | `true` |  |
+| vaultwarden.icons.disableDownload | bool | `false` |  |
+| vaultwarden.log.file | string | `""` |  |
+| vaultwarden.log.level | string | `"trace"` |  |
+| vaultwarden.orgCreationUsers | string | `"all"` |  |
+| vaultwarden.requireEmail | bool | `false` |  |
+| vaultwarden.showPasswordHint | bool | `true` |  |
+| vaultwarden.smtp.enabled | bool | `false` |  |
+| vaultwarden.smtp.from | string | `""` |  |
+| vaultwarden.smtp.host | string | `""` |  |
+| vaultwarden.verifySignup | bool | `false` |  |
+| vaultwarden.yubico.enabled | bool | `false` |  |
+
+All Rights Reserved - The TrueCharts Project

stable/vaultwarden/12.0.6/ix_values.yaml

@@ -0,0 +1,158 @@
+# Default values for Bitwarden.
+
+image:
+  repository: ghcr.io/truecharts/vaultwarden
+  pullPolicy: IfNotPresent
+  tag: v1.23.0@sha256:1e65dd23569e566576c3c80de76f711e0b9fc5e29a39d45f49f0a44d1282d869
+
+service:
+  main:
+    ports:
+      main:
+        port: 8080
+  ws:
+    ports:
+      ws:
+        enabled: true
+        port: 3012
+
+env: {}
+
+envTpl:
+  DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
+
+envFrom:
+  - configMapRef:
+      name: vaultwardenconfig
+  - secretRef:
+      name: vaultwardensecret
+
+envValueFrom:
+  DATABASE_URL:
+    secretKeyRef:
+      name: dbcreds
+      key: url
+
+database:
+  # Database type, must be one of: 'sqlite', 'mysql' or 'postgresql'.
+  type: postgresql
+  # Enable DB Write-Ahead-Log for SQLite, disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
+  wal: true
+  ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
+  # url: ""
+  ## Set the size of the database connection pool.
+  # maxConnections: 10
+  ## Connection retries during startup, 0 for infinite. 1 second between retries.
+  # retries: 15
+
+# Set Bitwarden_rs application variables
+vaultwarden:
+  # Allow any user to sign-up: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
+  allowSignups: true
+  ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
+  # signupDomains:
+  #  - domain.tld
+  # Verify e-mail before login is enabled. SMTP must be enabled.
+  verifySignup: false
+  # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
+  requireEmail: false
+  ## Maximum attempts before an email token is reset and a new email will need to be sent.
+  # emailAttempts: 3
+  ## Email token validity in seconds.
+  # emailTokenExpiration: 600
+  # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
+  allowInvitation: true
+  # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
+  ## Default organization name in invitation e-mails that are not coming from a specific organization.
+  # defaultInviteName: ""
+  showPasswordHint: true
+  # Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
+  # Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
+  enableWebsockets: true
+  # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
+  enableWebVault: true
+  # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
+  orgCreationUsers: all
+  ## Limit attachment disk usage per organization.
+  # attachmentLimitOrg:
+  ## Limit attachment disk usage per user.
+  # attachmentLimitUser:
+  ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
+  # hibpApiKey:
+
+  admin:
+    # Enable admin portal.
+    enabled: false
+    # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
+    disableAdminToken: false
+    ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
+    # token:
+
+  # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
+  smtp:
+    enabled: false
+    # SMTP hostname, required if SMTP is enabled.
+    host: ""
+    # SMTP sender e-mail address, required if SMTP is enabled.
+    from: ""
+    ## SMTP sender name, defaults to 'Bitwarden_RS'.
+    # fromName: ""
+    ## Enable SSL connection.
+    # ssl: true
+    ## SMTP port. Defaults to 25 without SSL, 587 with SSL.
+    # port: 587
+    ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
+    # authMechanism: Plain
+    ## Hostname to be sent for SMTP HELO. Defaults to pod name.
+    # heloName: ""
+    ## SMTP timeout.
+    # timeout: 15
+    ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
+    # invalidHostname: false
+    ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
+    # invalidCertificate: false
+    ## SMTP username.
+    # user: ""
+    ## SMTP password. Required is user is specified, ignored if no user provided.
+    # password: ""
+
+  ## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
+  yubico:
+    enabled: false
+    ## Yubico server. Defaults to YubiCloud.
+    # server:
+    ## Yubico ID and Secret Key.
+    # clientId:
+    # secretKey:
+
+  ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
+  log:
+    # Log to file.
+    file: ""
+    # Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
+    level: "trace"
+    ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
+    # timeFormat: ""
+
+  icons:
+    # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
+    disableDownload: false
+    ## Cache time-to-live for icons fetched. 0 means no purging.
+    # cache: 2592000
+    ## Cache time-to-live for icons that were not available. 0 means no purging.
+    # cacheFailed: 259200
+
+persistence:
+  data:
+    enabled: true
+    mountPath: "/data"
+    type: pvc
+    accessMode: ReadWriteOnce
+    size: "100Gi"
+
+# Enabled postgres
+postgresql:
+  enabled: true
+  existingSecret: "dbcreds"
+  postgresqlUsername: vaultwarden
+  postgresqlDatabase: vaultwarden

stable/vaultwarden/12.0.6/templates/_configmap.tpl

@@ -0,0 +1,116 @@
+{{/* Define the configmap */}}
+{{- define "vaultwarden.configmap" -}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: vaultwardenconfig
+data:
+  ROCKET_PORT: "8080"
+  SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
+  {{- if .Values.vaultwarden.signupDomains }}
+  SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
+  {{- end }}
+  {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
+  SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
+  {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
+  REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
+  {{- if .Values.vaultwarden.emailAttempts }}
+  EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.emailTokenExpiration }}
+  EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
+  {{- end }}
+  INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
+  {{- if .Values.vaultwarden.defaultInviteName }}
+  INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
+  {{- end }}
+  SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
+  WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
+  WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
+  ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
+  {{- if .Values.vaultwarden.attachmentLimitOrg }}
+  ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.attachmentLimitUser }}
+  USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.hibpApiKey }}
+  HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
+  {{- end }}
+  {{- include "vaultwarden.dbTypeValid" . }}
+  {{- if .Values.database.retries }}
+  DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
+  {{- end }}
+  {{- if .Values.database.maxConnections }}
+  DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
+  {{- end }}
+  {{- if eq .Values.vaultwarden.smtp.enabled true }}
+  SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
+  SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
+  {{- if .Values.vaultwarden.smtp.fromName }}
+  SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.smtp.ssl }}
+  SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.smtp.port }}
+  SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.smtp.authMechanism }}
+  SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.smtp.heloName }}
+  HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.smtp.timeout }}
+  SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.smtp.invalidHostname }}
+  SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.smtp.invalidCertificate }}
+  SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
+  {{- end }}
+  {{- end }}
+  {{- if .Values.vaultwarden.log.file }}
+  LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
+  {{- end }}
+  {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
+  EXTENDED_LOGGING: "true"
+  {{- end }}
+  {{- if .Values.vaultwarden.log.level }}
+  {{- include "vaultwarden.logLevelValid" . }}
+  LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.log.timeFormat }}
+  LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.icons.disableDownload }}
+  DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
+  {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
+  ICON_CACHE_TTL: "0"
+  {{- end }}
+  {{- end }}
+  {{- if .Values.vaultwarden.icons.cache }}
+  ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
+  {{- end }}
+  {{- if .Values.vaultwarden.icons.cacheFailed }}
+  ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
+  {{- end }}
+  {{- if eq .Values.vaultwarden.admin.enabled true }}
+  {{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
+  DISABLE_ADMIN_TOKEN: "true"
+  {{- end }}
+  {{- end }}
+  {{- if eq .Values.vaultwarden.yubico.enabled true }}
+  {{- if .Values.vaultwarden.yubico.server }}
+  YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
+  {{- end }}
+  {{- end }}
+  {{- if eq .Values.database.type "sqlite" }}
+  ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
+  {{- else }}
+  ENABLE_DB_WAL: "false"
+  {{- end }}
+{{- end -}}

stable/vaultwarden/12.0.6/templates/_secrets.tpl

@@ -0,0 +1,36 @@
+{{/* Define the secrets */}}
+{{- define "vaultwarden.secrets" -}}
+
+{{- $adminToken := "" }}
+{{- if eq .Values.vaultwarden.admin.enabled true }}
+{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | b64enc | quote }}
+{{- end -}}
+
+{{- $smtpUser := "" }}
+{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
+{{- $smtpUser = .Values.vaultwarden.smtp.user | b64enc | quote }}
+{{- end -}}
+
+{{- $yubicoClientId := "" }}
+{{- if eq .Values.vaultwarden.yubico.enabled true }}
+{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | b64enc | quote }}
+{{- end -}}
+---
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: vaultwardensecret
+data:
+  {{- if ne $adminToken "" }}
+  ADMIN_TOKEN: {{ $adminToken }}
+  {{- end }}
+  {{- if ne $smtpUser "" }}
+  SMTP_USERNAME: {{ $smtpUser }}
+  SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | b64enc | quote }}
+  {{- end }}
+  {{- if ne $yubicoClientId "" }}
+  YUBICO_CLIENT_ID: {{ $yubicoClientId }}
+  YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | b64enc | quote }}
+  {{- end }}
+{{- end -}}

stable/vaultwarden/12.0.6/templates/_validate.tpl

@@ -0,0 +1,17 @@
+{{/*
+Ensure valid DB type is select, defaults to SQLite
+*/}}
+{{- define "vaultwarden.dbTypeValid" -}}
+{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
+{{- required "Invalid database type" nil }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Ensure log type is valid
+*/}}
+{{- define "vaultwarden.logLevelValid" -}}
+{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
+{{- required "Invalid log level" nil }}
+{{- end }}
+{{- end }}

stable/vaultwarden/12.0.6/templates/common.yaml

@@ -0,0 +1,38 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "common.setup" . }}
+
+
+{{/* Render configmap for vaultwarden */}}
+{{- include "vaultwarden.configmap" . }}
+
+{{/* Render secrets for vaultwarden */}}
+{{- include "vaultwarden.secrets" . }}
+
+{{/* Define path for websocket */}}
+{{- define "vaultwarden.websocket" -}}
+path: "/notifications/hub"
+# -- Ignored if not kubeVersion >= 1.14-0
+pathType: Prefix
+service:
+  # -- Overrides the service name reference for this path
+  name: ws
+  port: {{ .Values.service.ws.ports.ws.port }}
+{{- end -}}
+
+{{/* inject websocket path to all main ingress hosts*/}}
+{{- define "vaultwarden.websocketinjector" -}}
+{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
+{{- if .Values.ingress.main.enabled }}
+{{- range .Values.ingress.main.hosts }}
+{{- $newpaths := list }}
+{{- $newpaths := concat .paths $path }}
+{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{/* inject websocket paths in ingress */}}
+{{- include "vaultwarden.websocketinjector" . }}
+
+{{/* Render the templates */}}
+{{ include "common.postSetup" . }}