DOMAIN:"https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
envFrom:
- configMapRef:
name:bitwardenconfig
- secretRef:
name:bitwardensecret
envValueFrom:
DATABASE_URL:
secretKeyRef:
name:dbcreds
key:url
database:
# Database type, must be one of: 'sqlite', 'mysql' or 'postgresql'.
type:postgresql
# Enable DB Write-Ahead-Log for SQLite, disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
wal:true
## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
# url: ""
## Set the size of the database connection pool.
# maxConnections: 10
## Connection retries during startup, 0 for infinite. 1 second between retries.
# retries: 15
# Set Bitwarden_rs application variables
bitwardenrs:
# Allow any user to sign-up: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
allowSignups:true
## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
# signupDomains:
# - domain.tld
# Verify e-mail before login is enabled. SMTP must be enabled.
verifySignup:false
# When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
requireEmail:false
## Maximum attempts before an email token is reset and a new email will need to be sent.
# emailAttempts: 3
## Email token validity in seconds.
# emailTokenExpiration: 600
# Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
allowInvitation:true
# Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
## Default organization name in invitation e-mails that are not coming from a specific organization.
# defaultInviteName: ""
showPasswordHint:true
# Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
# Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
enableWebsockets:true
# Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
enableWebVault:true
# Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
orgCreationUsers:all
## Limit attachment disk usage per organization.
# attachmentLimitOrg:
## Limit attachment disk usage per user.
# attachmentLimitUser:
## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
# hibpApiKey:
admin:
# Enable admin portal.
enabled:false
# Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
disableAdminToken:false
## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page