Delete enterprise/vaultwarden directory
This commit is contained in:
parent
464be1e7a9
commit
d986d3d79e
|
@ -1,99 +0,0 @@
|
|||
# Changelog
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.37](https://github.com/truecharts/charts/compare/vaultwarden-16.0.39...vaultwarden-16.0.37) (2022-09-24)
|
||||
|
||||
### Chore
|
||||
|
||||
- Add a copy of Initial Apps selected for Enterprise Train ([#3749](https://github.com/truecharts/charts/issues/3749))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.37](https://github.com/truecharts/charts/compare/vaultwarden-16.0.36...vaultwarden-16.0.37) (2022-09-11)
|
||||
|
||||
### Chore
|
||||
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- update helm general non-major ([#3711](https://github.com/truecharts/charts/issues/3711))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.37](https://github.com/truecharts/charts/compare/vaultwarden-16.0.36...vaultwarden-16.0.37) (2022-09-11)
|
||||
|
||||
### Chore
|
||||
|
||||
- Auto-update chart README [skip ci]
|
||||
- update helm general non-major ([#3711](https://github.com/truecharts/charts/issues/3711))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.37](https://github.com/truecharts/charts/compare/vaultwarden-16.0.36...vaultwarden-16.0.37) (2022-09-11)
|
||||
|
||||
### Chore
|
||||
|
||||
- update helm general non-major ([#3711](https://github.com/truecharts/charts/issues/3711))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.36](https://github.com/truecharts/charts/compare/vaultwarden-16.0.34...vaultwarden-16.0.36) (2022-08-30)
|
||||
|
||||
### Chore
|
||||
|
||||
- Auto-update chart README [skip ci]
|
||||
- update helm general non-major ([#3639](https://github.com/truecharts/charts/issues/3639))
|
||||
- update helm chart common to v10.5.5 ([#3626](https://github.com/truecharts/charts/issues/3626))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.35](https://github.com/truecharts/charts/compare/vaultwarden-16.0.34...vaultwarden-16.0.35) (2022-08-30)
|
||||
|
||||
### Chore
|
||||
|
||||
- update helm chart common to v10.5.5 ([#3626](https://github.com/truecharts/charts/issues/3626))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.34](https://github.com/truecharts/charts/compare/vaultwarden-16.0.32...vaultwarden-16.0.34) (2022-08-29)
|
||||
|
||||
### Chore
|
||||
|
||||
- update helm general non-major ([#3621](https://github.com/truecharts/charts/issues/3621))
|
||||
- update helm general non-major ([#3619](https://github.com/truecharts/charts/issues/3619))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.32](https://github.com/truecharts/charts/compare/vaultwarden-16.0.31...vaultwarden-16.0.32) (2022-08-23)
|
||||
|
||||
### Chore
|
||||
|
||||
- update helm general non-major helm releases ([#3545](https://github.com/truecharts/charts/issues/3545))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.31](https://github.com/truecharts/charts/compare/vaultwarden-16.0.30...vaultwarden-16.0.31) (2022-08-17)
|
||||
|
||||
### Chore
|
||||
|
||||
- update helm general non-major helm releases ([#3484](https://github.com/truecharts/charts/issues/3484))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.30](https://github.com/truecharts/charts/compare/vaultwarden-16.0.29...vaultwarden-16.0.30) (2022-08-12)
|
||||
|
||||
### Chore
|
||||
|
||||
- add documentation checkbox/section to all SCALE Apps
|
||||
- update helm general non-major helm releases ([#3456](https://github.com/truecharts/charts/issues/3456))
|
||||
|
||||
### Fix
|
|
@ -1,9 +0,0 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 10.5.9
|
||||
- name: postgresql
|
||||
repository: https://charts.truecharts.org/
|
||||
version: 8.0.75
|
||||
digest: sha256:85a7386bd4120271d745576b43b1da2bb13765de1310fcef8100641023c432dc
|
||||
generated: "2022-09-24T19:13:34.068845443Z"
|
|
@ -1,37 +0,0 @@
|
|||
apiVersion: v2
|
||||
appVersion: "1.25.2"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 10.5.9
|
||||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
repository: https://charts.truecharts.org/
|
||||
version: 8.0.75
|
||||
deprecated: false
|
||||
description: Unofficial Bitwarden compatible server written in Rust
|
||||
home: https://truecharts.org/docs/charts/enterprise/vaultwarden
|
||||
icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
|
||||
keywords:
|
||||
- bitwarden
|
||||
- bitwardenrs
|
||||
- bitwarden_rs
|
||||
- vaultwarden
|
||||
- password
|
||||
- rust
|
||||
kubeVersion: ">=1.16.0-0"
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
url: https://truecharts.org
|
||||
name: vaultwarden
|
||||
sources:
|
||||
- https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden
|
||||
- https://github.com/dani-garcia/vaultwarden
|
||||
type: application
|
||||
version: 16.0.37
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- security
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/grade: U
|
|
@ -1,107 +0,0 @@
|
|||
# vaultwarden
|
||||
|
||||
Unofficial Bitwarden compatible server written in Rust
|
||||
|
||||
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
|
||||
|
||||
This readme is just an automatically generated general guide on installing our Helm Charts and Apps.
|
||||
For more information, please click here: [vaultwarden](https://truecharts.org/docs/charts/enterprise/vaultwarden)
|
||||
|
||||
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden>
|
||||
* <https://github.com/dani-garcia/vaultwarden>
|
||||
|
||||
## Requirements
|
||||
|
||||
Kubernetes: `>=1.16.0-0`
|
||||
|
||||
## Dependencies
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://charts.truecharts.org/ | postgresql | 8.0.75 |
|
||||
| https://library-charts.truecharts.org | common | 10.5.9 |
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
### TrueNAS SCALE
|
||||
|
||||
To install this Chart on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Installing-an-App).
|
||||
|
||||
### Helm
|
||||
|
||||
To install the chart with the release name `vaultwarden`
|
||||
|
||||
```console
|
||||
helm repo add TrueCharts https://charts.truecharts.org
|
||||
helm repo update
|
||||
helm install vaultwarden TrueCharts/vaultwarden
|
||||
```
|
||||
|
||||
## Uninstall
|
||||
|
||||
### TrueNAS SCALE
|
||||
|
||||
**Upgrading, Rolling Back and Uninstalling the Chart**
|
||||
|
||||
To upgrade, rollback or delete this Chart from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Upgrade-rollback-delete-an-App).
|
||||
|
||||
### Helm
|
||||
|
||||
To uninstall the `vaultwarden` deployment
|
||||
|
||||
```console
|
||||
helm uninstall vaultwarden
|
||||
```
|
||||
|
||||
## Configuration
|
||||
|
||||
### Helm
|
||||
|
||||
#### Available Settings
|
||||
|
||||
Read through the values.yaml file. It has several commented out suggested values.
|
||||
Other values may be used from the [values.yaml](https://github.com/truecharts/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
|
||||
|
||||
#### Configure using the command line
|
||||
|
||||
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
|
||||
|
||||
```console
|
||||
helm install vaultwarden \
|
||||
--set env.TZ="America/New York" \
|
||||
TrueCharts/vaultwarden
|
||||
```
|
||||
|
||||
#### Configure using a yaml file
|
||||
|
||||
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
|
||||
|
||||
```console
|
||||
helm install vaultwarden TrueCharts/vaultwarden -f values.yaml
|
||||
```
|
||||
|
||||
#### Connecting to other charts
|
||||
|
||||
If you need to connect this Chart to other Charts on TrueNAS SCALE, please refer to our [Linking Charts Internally](https://truecharts.org/docs/manual/SCALE%20Apps/linking-apps) quick-start guide.
|
||||
|
||||
## Support
|
||||
|
||||
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/docs/manual/SCALE%20Apps/Important-MUST-READ).
|
||||
- See the [Website](https://truecharts.org)
|
||||
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
||||
- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
|
||||
|
||||
---
|
||||
|
||||
## Sponsor TrueCharts
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
||||
|
||||
---
|
||||
|
||||
All Rights Reserved - The TrueCharts Project
|
|
@ -1,8 +0,0 @@
|
|||
Unofficial Bitwarden compatible server written in Rust
|
||||
|
||||
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/docs/charts/enterprise/vaultwarden](https://truecharts.org/docs/charts/enterprise/vaultwarden)
|
||||
|
||||
---
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/docs/about/sponsor) or contributing back to the project any way you can!
|
Binary file not shown.
Binary file not shown.
|
@ -1,7 +0,0 @@
|
|||
# -- Configure the ingresses for the chart here.
|
||||
# Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress.
|
||||
# @default -- See below
|
||||
ingress:
|
||||
main:
|
||||
# -- Enables or disables the ingress
|
||||
enabled: true
|
|
@ -1,159 +0,0 @@
|
|||
image:
|
||||
repository: tccr.io/truecharts/vaultwarden
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 1.25.2@sha256:ec34588ef04cfdf79cdbb0f90882b3073d8baa39d9aaf8aa86abbb263049f8eb
|
||||
|
||||
service:
|
||||
main:
|
||||
ports:
|
||||
main:
|
||||
port: 10102
|
||||
targetPort: 8080
|
||||
ws:
|
||||
enabled: true
|
||||
ports:
|
||||
ws:
|
||||
enabled: true
|
||||
port: 3012
|
||||
targetPort: 3012
|
||||
|
||||
env:
|
||||
DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
|
||||
DATABASE_URL:
|
||||
secretKeyRef:
|
||||
name: dbcreds
|
||||
key: url
|
||||
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: vaultwardenconfig
|
||||
- secretRef:
|
||||
name: vaultwardensecret
|
||||
|
||||
database:
|
||||
# -- Database type,
|
||||
# must be one of: 'sqlite', 'mysql' or 'postgresql'.
|
||||
type: postgresql
|
||||
# -- Enable DB Write-Ahead-Log for SQLite,
|
||||
# disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
|
||||
wal: true
|
||||
## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
|
||||
# url: ""
|
||||
## Set the size of the database connection pool.
|
||||
# maxConnections: 10
|
||||
## Connection retries during startup, 0 for infinite. 1 second between retries.
|
||||
# retries: 15
|
||||
|
||||
# Set Bitwarden_rs application variables
|
||||
vaultwarden:
|
||||
# -- Allow any user to sign-up
|
||||
# see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
|
||||
allowSignups: true
|
||||
## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
|
||||
# signupDomains:
|
||||
# - domain.tld
|
||||
# -- Verify e-mail before login is enabled.
|
||||
# SMTP must be enabled.
|
||||
verifySignup: false
|
||||
# When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
|
||||
requireEmail: false
|
||||
## Maximum attempts before an email token is reset and a new email will need to be sent.
|
||||
# emailAttempts: 3
|
||||
## Email token validity in seconds.
|
||||
# emailTokenExpiration: 600
|
||||
# Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
|
||||
allowInvitation: true
|
||||
# Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
|
||||
## Default organization name in invitation e-mails that are not coming from a specific organization.
|
||||
# defaultInviteName: ""
|
||||
showPasswordHint: true
|
||||
# Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
|
||||
# Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
|
||||
enableWebsockets: true
|
||||
# Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
|
||||
enableWebVault: true
|
||||
# Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
|
||||
orgCreationUsers: all
|
||||
## Limit attachment disk usage per organization.
|
||||
# attachmentLimitOrg:
|
||||
## Limit attachment disk usage per user.
|
||||
# attachmentLimitUser:
|
||||
## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
|
||||
# hibpApiKey:
|
||||
|
||||
admin:
|
||||
# Enable admin portal.
|
||||
enabled: false
|
||||
# Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
|
||||
disableAdminToken: false
|
||||
## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
|
||||
# token:
|
||||
|
||||
# Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
|
||||
smtp:
|
||||
enabled: false
|
||||
# SMTP hostname, required if SMTP is enabled.
|
||||
host: ""
|
||||
# SMTP sender e-mail address, required if SMTP is enabled.
|
||||
from: ""
|
||||
## SMTP sender name, defaults to 'Bitwarden_RS'.
|
||||
# fromName: ""
|
||||
## Enable SSL connection.
|
||||
# ssl: true
|
||||
## SMTP port. Defaults to 25 without SSL, 587 with SSL.
|
||||
# port: 587
|
||||
## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
|
||||
# authMechanism: Plain
|
||||
## Hostname to be sent for SMTP HELO. Defaults to pod name.
|
||||
# heloName: ""
|
||||
## SMTP timeout.
|
||||
# timeout: 15
|
||||
## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
|
||||
# invalidHostname: false
|
||||
## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
|
||||
# invalidCertificate: false
|
||||
## SMTP username.
|
||||
# user: ""
|
||||
## SMTP password. Required is user is specified, ignored if no user provided.
|
||||
# password: ""
|
||||
|
||||
## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
|
||||
yubico:
|
||||
enabled: false
|
||||
## Yubico server. Defaults to YubiCloud.
|
||||
# server:
|
||||
## Yubico ID and Secret Key.
|
||||
# clientId:
|
||||
# secretKey:
|
||||
|
||||
## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
|
||||
log:
|
||||
# Log to file.
|
||||
file: ""
|
||||
# Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
|
||||
level: "trace"
|
||||
## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
|
||||
# timeFormat: ""
|
||||
|
||||
icons:
|
||||
# Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
|
||||
disableDownload: false
|
||||
## Cache time-to-live for icons fetched. 0 means no purging.
|
||||
# cache: 2592000
|
||||
## Cache time-to-live for icons that were not available. 0 means no purging.
|
||||
# cacheFailed: 259200
|
||||
|
||||
persistence:
|
||||
data:
|
||||
enabled: true
|
||||
mountPath: "/data"
|
||||
|
||||
# Enabled postgres
|
||||
postgresql:
|
||||
enabled: true
|
||||
existingSecret: "dbcreds"
|
||||
postgresqlUsername: vaultwarden
|
||||
postgresqlDatabase: vaultwarden
|
||||
|
||||
portal:
|
||||
enabled: true
|
File diff suppressed because it is too large
Load Diff
|
@ -1,116 +0,0 @@
|
|||
{{/* Define the configmap */}}
|
||||
{{- define "vaultwarden.configmap" -}}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: vaultwardenconfig
|
||||
data:
|
||||
ROCKET_PORT: "8080"
|
||||
SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
|
||||
{{- if .Values.vaultwarden.signupDomains }}
|
||||
SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
|
||||
SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
|
||||
{{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
|
||||
REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
|
||||
{{- if .Values.vaultwarden.emailAttempts }}
|
||||
EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.emailTokenExpiration }}
|
||||
EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
|
||||
{{- end }}
|
||||
INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
|
||||
{{- if .Values.vaultwarden.defaultInviteName }}
|
||||
INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
|
||||
{{- end }}
|
||||
SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
|
||||
WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
|
||||
WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
|
||||
ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
|
||||
{{- if .Values.vaultwarden.attachmentLimitOrg }}
|
||||
ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.attachmentLimitUser }}
|
||||
USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.hibpApiKey }}
|
||||
HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
|
||||
{{- end }}
|
||||
{{- include "vaultwarden.dbTypeValid" . }}
|
||||
{{- if .Values.database.retries }}
|
||||
DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.database.maxConnections }}
|
||||
DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.vaultwarden.smtp.enabled true }}
|
||||
SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
|
||||
SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
|
||||
{{- if .Values.vaultwarden.smtp.fromName }}
|
||||
SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.ssl }}
|
||||
SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.port }}
|
||||
SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.authMechanism }}
|
||||
SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.heloName }}
|
||||
HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.timeout }}
|
||||
SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.invalidHostname }}
|
||||
SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.invalidCertificate }}
|
||||
SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.log.file }}
|
||||
LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
|
||||
{{- end }}
|
||||
{{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
|
||||
EXTENDED_LOGGING: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.log.level }}
|
||||
{{- include "vaultwarden.logLevelValid" . }}
|
||||
LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.log.timeFormat }}
|
||||
LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.icons.disableDownload }}
|
||||
DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
|
||||
{{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
|
||||
ICON_CACHE_TTL: "0"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.icons.cache }}
|
||||
ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.icons.cacheFailed }}
|
||||
ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.vaultwarden.admin.enabled true }}
|
||||
{{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
|
||||
DISABLE_ADMIN_TOKEN: "true"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.vaultwarden.yubico.enabled true }}
|
||||
{{- if .Values.vaultwarden.yubico.server }}
|
||||
YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.database.type "sqlite" }}
|
||||
ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
|
||||
{{- else }}
|
||||
ENABLE_DB_WAL: "false"
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -1,36 +0,0 @@
|
|||
{{/* Define the secrets */}}
|
||||
{{- define "vaultwarden.secrets" -}}
|
||||
|
||||
{{- $adminToken := "" }}
|
||||
{{- if eq .Values.vaultwarden.admin.enabled true }}
|
||||
{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | b64enc | quote }}
|
||||
{{- end -}}
|
||||
|
||||
{{- $smtpUser := "" }}
|
||||
{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
|
||||
{{- $smtpUser = .Values.vaultwarden.smtp.user | b64enc | quote }}
|
||||
{{- end -}}
|
||||
|
||||
{{- $yubicoClientId := "" }}
|
||||
{{- if eq .Values.vaultwarden.yubico.enabled true }}
|
||||
{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | b64enc | quote }}
|
||||
{{- end -}}
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: vaultwardensecret
|
||||
data:
|
||||
{{- if ne $adminToken "" }}
|
||||
ADMIN_TOKEN: {{ $adminToken }}
|
||||
{{- end }}
|
||||
{{- if ne $smtpUser "" }}
|
||||
SMTP_USERNAME: {{ $smtpUser }}
|
||||
SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if ne $yubicoClientId "" }}
|
||||
YUBICO_CLIENT_ID: {{ $yubicoClientId }}
|
||||
YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -1,17 +0,0 @@
|
|||
{{/*
|
||||
Ensure valid DB type is select, defaults to SQLite
|
||||
*/}}
|
||||
{{- define "vaultwarden.dbTypeValid" -}}
|
||||
{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
|
||||
{{- required "Invalid database type" nil }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Ensure log type is valid
|
||||
*/}}
|
||||
{{- define "vaultwarden.logLevelValid" -}}
|
||||
{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
|
||||
{{- required "Invalid log level" nil }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -1,39 +0,0 @@
|
|||
{{/* Make sure all variables are set properly */}}
|
||||
{{- include "tc.common.loader.init" . }}
|
||||
|
||||
|
||||
{{/* Render configmap for vaultwarden */}}
|
||||
{{- include "vaultwarden.configmap" . }}
|
||||
|
||||
{{/* Render secrets for vaultwarden */}}
|
||||
{{- include "vaultwarden.secrets" . }}
|
||||
|
||||
{{/* Define path for websocket */}}
|
||||
{{- define "vaultwarden.websocket" -}}
|
||||
{{- $fullname := include "tc.common.names.fullname" . -}}
|
||||
path: "/notifications/hub"
|
||||
# -- Ignored if not kubeVersion >= 1.14-0
|
||||
pathType: Prefix
|
||||
service:
|
||||
# -- Overrides the service name reference for this path
|
||||
name: {{ printf "%s-ws" $fullname }}
|
||||
port: {{ .Values.service.ws.ports.ws.port }}
|
||||
{{- end -}}
|
||||
|
||||
{{/* inject websocket path to all main ingress hosts*/}}
|
||||
{{- define "vaultwarden.websocketinjector" -}}
|
||||
{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
|
||||
{{- if .Values.ingress.main.enabled }}
|
||||
{{- range .Values.ingress.main.hosts }}
|
||||
{{- $newpaths := list }}
|
||||
{{- $newpaths := concat .paths $path }}
|
||||
{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/* inject websocket paths in ingress */}}
|
||||
{{- include "vaultwarden.websocketinjector" . }}
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "tc.common.loader.apply" . }}
|
|
@ -1,99 +0,0 @@
|
|||
# Changelog
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-17.0.0](https://github.com/truecharts/charts/compare/vaultwarden-16.0.37...vaultwarden-17.0.0) (2022-09-24)
|
||||
|
||||
### Chore
|
||||
|
||||
- Auto-update chart README [skip ci]
|
||||
- bump major on new enterprise app to seperate helm updates
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.39](https://github.com/truecharts/charts/compare/vaultwarden-16.0.38...vaultwarden-16.0.39) (2022-09-22)
|
||||
|
||||
### Chore
|
||||
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- refactor Services SCALE GUI
|
||||
- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767))
|
||||
- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.39](https://github.com/truecharts/charts/compare/vaultwarden-16.0.38...vaultwarden-16.0.39) (2022-09-21)
|
||||
|
||||
### Chore
|
||||
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- refactor Services SCALE GUI
|
||||
- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767))
|
||||
- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.39](https://github.com/truecharts/charts/compare/vaultwarden-16.0.38...vaultwarden-16.0.39) (2022-09-21)
|
||||
|
||||
### Chore
|
||||
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- refactor Services SCALE GUI
|
||||
- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767))
|
||||
- split serviceSelector ([#3751](https://github.com/truecharts/charts/issues/3751))
|
||||
|
||||
|
||||
|
||||
|
||||
## [vaultwarden-16.0.39](https://github.com/truecharts/charts/compare/vaultwarden-16.0.38...vaultwarden-16.0.39) (2022-09-20)
|
||||
|
||||
### Chore
|
||||
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- Auto-update chart README [skip ci]
|
||||
- refactor Services SCALE GUI
|
||||
- update helm general non-major ([#3767](https://github.com/truecharts/charts/issues/3767))
|
|
@ -1,9 +0,0 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 10.6.0
|
||||
- name: postgresql
|
||||
repository: https://charts.truecharts.org/
|
||||
version: 8.0.78
|
||||
digest: sha256:c7d95291348fad2484e6426c23dcba89f034b969ba2268f6acaab77d153d42fe
|
||||
generated: "2022-09-24T21:36:04.323893916Z"
|
|
@ -1,37 +0,0 @@
|
|||
apiVersion: v2
|
||||
appVersion: "1.25.2"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 10.6.0
|
||||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
repository: https://charts.truecharts.org/
|
||||
version: 8.0.78
|
||||
deprecated: false
|
||||
description: Unofficial Bitwarden compatible server written in Rust
|
||||
home: https://truecharts.org/docs/charts/enterprise/vaultwarden
|
||||
icon: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
|
||||
keywords:
|
||||
- bitwarden
|
||||
- bitwardenrs
|
||||
- bitwarden_rs
|
||||
- vaultwarden
|
||||
- password
|
||||
- rust
|
||||
kubeVersion: ">=1.16.0-0"
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
url: https://truecharts.org
|
||||
name: vaultwarden
|
||||
sources:
|
||||
- https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden
|
||||
- https://github.com/dani-garcia/vaultwarden
|
||||
type: application
|
||||
version: 17.0.0
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- security
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/grade: U
|
|
@ -1,107 +0,0 @@
|
|||
# vaultwarden
|
||||
|
||||
Unofficial Bitwarden compatible server written in Rust
|
||||
|
||||
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
|
||||
|
||||
This readme is just an automatically generated general guide on installing our Helm Charts and Apps.
|
||||
For more information, please click here: [vaultwarden](https://truecharts.org/docs/charts/enterprise/vaultwarden)
|
||||
|
||||
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden>
|
||||
* <https://github.com/dani-garcia/vaultwarden>
|
||||
|
||||
## Requirements
|
||||
|
||||
Kubernetes: `>=1.16.0-0`
|
||||
|
||||
## Dependencies
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://charts.truecharts.org/ | postgresql | 8.0.78 |
|
||||
| https://library-charts.truecharts.org | common | 10.6.0 |
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
### TrueNAS SCALE
|
||||
|
||||
To install this Chart on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Installing-an-App).
|
||||
|
||||
### Helm
|
||||
|
||||
To install the chart with the release name `vaultwarden`
|
||||
|
||||
```console
|
||||
helm repo add TrueCharts https://charts.truecharts.org
|
||||
helm repo update
|
||||
helm install vaultwarden TrueCharts/vaultwarden
|
||||
```
|
||||
|
||||
## Uninstall
|
||||
|
||||
### TrueNAS SCALE
|
||||
|
||||
**Upgrading, Rolling Back and Uninstalling the Chart**
|
||||
|
||||
To upgrade, rollback or delete this Chart from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Upgrade-rollback-delete-an-App).
|
||||
|
||||
### Helm
|
||||
|
||||
To uninstall the `vaultwarden` deployment
|
||||
|
||||
```console
|
||||
helm uninstall vaultwarden
|
||||
```
|
||||
|
||||
## Configuration
|
||||
|
||||
### Helm
|
||||
|
||||
#### Available Settings
|
||||
|
||||
Read through the values.yaml file. It has several commented out suggested values.
|
||||
Other values may be used from the [values.yaml](https://github.com/truecharts/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
|
||||
|
||||
#### Configure using the command line
|
||||
|
||||
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
|
||||
|
||||
```console
|
||||
helm install vaultwarden \
|
||||
--set env.TZ="America/New York" \
|
||||
TrueCharts/vaultwarden
|
||||
```
|
||||
|
||||
#### Configure using a yaml file
|
||||
|
||||
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
|
||||
|
||||
```console
|
||||
helm install vaultwarden TrueCharts/vaultwarden -f values.yaml
|
||||
```
|
||||
|
||||
#### Connecting to other charts
|
||||
|
||||
If you need to connect this Chart to other Charts on TrueNAS SCALE, please refer to our [Linking Charts Internally](https://truecharts.org/docs/manual/SCALE%20Apps/linking-apps) quick-start guide.
|
||||
|
||||
## Support
|
||||
|
||||
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/docs/manual/SCALE%20Apps/Important-MUST-READ).
|
||||
- See the [Website](https://truecharts.org)
|
||||
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
||||
- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
|
||||
|
||||
---
|
||||
|
||||
## Sponsor TrueCharts
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
||||
|
||||
---
|
||||
|
||||
All Rights Reserved - The TrueCharts Project
|
|
@ -1,8 +0,0 @@
|
|||
Unofficial Bitwarden compatible server written in Rust
|
||||
|
||||
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/docs/charts/enterprise/vaultwarden](https://truecharts.org/docs/charts/enterprise/vaultwarden)
|
||||
|
||||
---
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/docs/about/sponsor) or contributing back to the project any way you can!
|
Binary file not shown.
Binary file not shown.
|
@ -1,7 +0,0 @@
|
|||
# -- Configure the ingresses for the chart here.
|
||||
# Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress.
|
||||
# @default -- See below
|
||||
ingress:
|
||||
main:
|
||||
# -- Enables or disables the ingress
|
||||
enabled: true
|
|
@ -1,159 +0,0 @@
|
|||
image:
|
||||
repository: tccr.io/truecharts/vaultwarden
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 1.25.2@sha256:ec34588ef04cfdf79cdbb0f90882b3073d8baa39d9aaf8aa86abbb263049f8eb
|
||||
|
||||
service:
|
||||
main:
|
||||
ports:
|
||||
main:
|
||||
port: 10102
|
||||
targetPort: 8080
|
||||
ws:
|
||||
enabled: true
|
||||
ports:
|
||||
ws:
|
||||
enabled: true
|
||||
port: 3012
|
||||
targetPort: 3012
|
||||
|
||||
env:
|
||||
DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
|
||||
DATABASE_URL:
|
||||
secretKeyRef:
|
||||
name: dbcreds
|
||||
key: url
|
||||
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: vaultwardenconfig
|
||||
- secretRef:
|
||||
name: vaultwardensecret
|
||||
|
||||
database:
|
||||
# -- Database type,
|
||||
# must be one of: 'sqlite', 'mysql' or 'postgresql'.
|
||||
type: postgresql
|
||||
# -- Enable DB Write-Ahead-Log for SQLite,
|
||||
# disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
|
||||
wal: true
|
||||
## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
|
||||
# url: ""
|
||||
## Set the size of the database connection pool.
|
||||
# maxConnections: 10
|
||||
## Connection retries during startup, 0 for infinite. 1 second between retries.
|
||||
# retries: 15
|
||||
|
||||
# Set Bitwarden_rs application variables
|
||||
vaultwarden:
|
||||
# -- Allow any user to sign-up
|
||||
# see: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
|
||||
allowSignups: true
|
||||
## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
|
||||
# signupDomains:
|
||||
# - domain.tld
|
||||
# -- Verify e-mail before login is enabled.
|
||||
# SMTP must be enabled.
|
||||
verifySignup: false
|
||||
# When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
|
||||
requireEmail: false
|
||||
## Maximum attempts before an email token is reset and a new email will need to be sent.
|
||||
# emailAttempts: 3
|
||||
## Email token validity in seconds.
|
||||
# emailTokenExpiration: 600
|
||||
# Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
|
||||
allowInvitation: true
|
||||
# Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
|
||||
## Default organization name in invitation e-mails that are not coming from a specific organization.
|
||||
# defaultInviteName: ""
|
||||
showPasswordHint: true
|
||||
# Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
|
||||
# Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
|
||||
enableWebsockets: true
|
||||
# Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
|
||||
enableWebVault: true
|
||||
# Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
|
||||
orgCreationUsers: all
|
||||
## Limit attachment disk usage per organization.
|
||||
# attachmentLimitOrg:
|
||||
## Limit attachment disk usage per user.
|
||||
# attachmentLimitUser:
|
||||
## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
|
||||
# hibpApiKey:
|
||||
|
||||
admin:
|
||||
# Enable admin portal.
|
||||
enabled: false
|
||||
# Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
|
||||
disableAdminToken: false
|
||||
## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
|
||||
# token:
|
||||
|
||||
# Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
|
||||
smtp:
|
||||
enabled: false
|
||||
# SMTP hostname, required if SMTP is enabled.
|
||||
host: ""
|
||||
# SMTP sender e-mail address, required if SMTP is enabled.
|
||||
from: ""
|
||||
## SMTP sender name, defaults to 'Bitwarden_RS'.
|
||||
# fromName: ""
|
||||
## Enable SSL connection.
|
||||
# ssl: true
|
||||
## SMTP port. Defaults to 25 without SSL, 587 with SSL.
|
||||
# port: 587
|
||||
## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
|
||||
# authMechanism: Plain
|
||||
## Hostname to be sent for SMTP HELO. Defaults to pod name.
|
||||
# heloName: ""
|
||||
## SMTP timeout.
|
||||
# timeout: 15
|
||||
## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
|
||||
# invalidHostname: false
|
||||
## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
|
||||
# invalidCertificate: false
|
||||
## SMTP username.
|
||||
# user: ""
|
||||
## SMTP password. Required is user is specified, ignored if no user provided.
|
||||
# password: ""
|
||||
|
||||
## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
|
||||
yubico:
|
||||
enabled: false
|
||||
## Yubico server. Defaults to YubiCloud.
|
||||
# server:
|
||||
## Yubico ID and Secret Key.
|
||||
# clientId:
|
||||
# secretKey:
|
||||
|
||||
## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
|
||||
log:
|
||||
# Log to file.
|
||||
file: ""
|
||||
# Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
|
||||
level: "trace"
|
||||
## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
|
||||
# timeFormat: ""
|
||||
|
||||
icons:
|
||||
# Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
|
||||
disableDownload: false
|
||||
## Cache time-to-live for icons fetched. 0 means no purging.
|
||||
# cache: 2592000
|
||||
## Cache time-to-live for icons that were not available. 0 means no purging.
|
||||
# cacheFailed: 259200
|
||||
|
||||
persistence:
|
||||
data:
|
||||
enabled: true
|
||||
mountPath: "/data"
|
||||
|
||||
# Enabled postgres
|
||||
postgresql:
|
||||
enabled: true
|
||||
existingSecret: "dbcreds"
|
||||
postgresqlUsername: vaultwarden
|
||||
postgresqlDatabase: vaultwarden
|
||||
|
||||
portal:
|
||||
enabled: true
|
File diff suppressed because it is too large
Load Diff
|
@ -1,116 +0,0 @@
|
|||
{{/* Define the configmap */}}
|
||||
{{- define "vaultwarden.configmap" -}}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: vaultwardenconfig
|
||||
data:
|
||||
ROCKET_PORT: "8080"
|
||||
SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
|
||||
{{- if .Values.vaultwarden.signupDomains }}
|
||||
SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
|
||||
SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
|
||||
{{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
|
||||
REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
|
||||
{{- if .Values.vaultwarden.emailAttempts }}
|
||||
EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.emailTokenExpiration }}
|
||||
EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
|
||||
{{- end }}
|
||||
INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
|
||||
{{- if .Values.vaultwarden.defaultInviteName }}
|
||||
INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
|
||||
{{- end }}
|
||||
SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
|
||||
WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
|
||||
WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
|
||||
ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
|
||||
{{- if .Values.vaultwarden.attachmentLimitOrg }}
|
||||
ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.attachmentLimitUser }}
|
||||
USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.hibpApiKey }}
|
||||
HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
|
||||
{{- end }}
|
||||
{{- include "vaultwarden.dbTypeValid" . }}
|
||||
{{- if .Values.database.retries }}
|
||||
DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.database.maxConnections }}
|
||||
DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.vaultwarden.smtp.enabled true }}
|
||||
SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
|
||||
SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
|
||||
{{- if .Values.vaultwarden.smtp.fromName }}
|
||||
SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.ssl }}
|
||||
SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.port }}
|
||||
SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.authMechanism }}
|
||||
SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.heloName }}
|
||||
HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.timeout }}
|
||||
SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.invalidHostname }}
|
||||
SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.invalidCertificate }}
|
||||
SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.log.file }}
|
||||
LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
|
||||
{{- end }}
|
||||
{{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
|
||||
EXTENDED_LOGGING: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.log.level }}
|
||||
{{- include "vaultwarden.logLevelValid" . }}
|
||||
LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.log.timeFormat }}
|
||||
LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.icons.disableDownload }}
|
||||
DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
|
||||
{{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
|
||||
ICON_CACHE_TTL: "0"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.icons.cache }}
|
||||
ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.icons.cacheFailed }}
|
||||
ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.vaultwarden.admin.enabled true }}
|
||||
{{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
|
||||
DISABLE_ADMIN_TOKEN: "true"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.vaultwarden.yubico.enabled true }}
|
||||
{{- if .Values.vaultwarden.yubico.server }}
|
||||
YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.database.type "sqlite" }}
|
||||
ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
|
||||
{{- else }}
|
||||
ENABLE_DB_WAL: "false"
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -1,36 +0,0 @@
|
|||
{{/* Define the secrets */}}
|
||||
{{- define "vaultwarden.secrets" -}}
|
||||
|
||||
{{- $adminToken := "" }}
|
||||
{{- if eq .Values.vaultwarden.admin.enabled true }}
|
||||
{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | b64enc | quote }}
|
||||
{{- end -}}
|
||||
|
||||
{{- $smtpUser := "" }}
|
||||
{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
|
||||
{{- $smtpUser = .Values.vaultwarden.smtp.user | b64enc | quote }}
|
||||
{{- end -}}
|
||||
|
||||
{{- $yubicoClientId := "" }}
|
||||
{{- if eq .Values.vaultwarden.yubico.enabled true }}
|
||||
{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | b64enc | quote }}
|
||||
{{- end -}}
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: vaultwardensecret
|
||||
data:
|
||||
{{- if ne $adminToken "" }}
|
||||
ADMIN_TOKEN: {{ $adminToken }}
|
||||
{{- end }}
|
||||
{{- if ne $smtpUser "" }}
|
||||
SMTP_USERNAME: {{ $smtpUser }}
|
||||
SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if ne $yubicoClientId "" }}
|
||||
YUBICO_CLIENT_ID: {{ $yubicoClientId }}
|
||||
YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -1,17 +0,0 @@
|
|||
{{/*
|
||||
Ensure valid DB type is select, defaults to SQLite
|
||||
*/}}
|
||||
{{- define "vaultwarden.dbTypeValid" -}}
|
||||
{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
|
||||
{{- required "Invalid database type" nil }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Ensure log type is valid
|
||||
*/}}
|
||||
{{- define "vaultwarden.logLevelValid" -}}
|
||||
{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
|
||||
{{- required "Invalid log level" nil }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -1,39 +0,0 @@
|
|||
{{/* Make sure all variables are set properly */}}
|
||||
{{- include "tc.common.loader.init" . }}
|
||||
|
||||
|
||||
{{/* Render configmap for vaultwarden */}}
|
||||
{{- include "vaultwarden.configmap" . }}
|
||||
|
||||
{{/* Render secrets for vaultwarden */}}
|
||||
{{- include "vaultwarden.secrets" . }}
|
||||
|
||||
{{/* Define path for websocket */}}
|
||||
{{- define "vaultwarden.websocket" -}}
|
||||
{{- $fullname := include "tc.common.names.fullname" . -}}
|
||||
path: "/notifications/hub"
|
||||
# -- Ignored if not kubeVersion >= 1.14-0
|
||||
pathType: Prefix
|
||||
service:
|
||||
# -- Overrides the service name reference for this path
|
||||
name: {{ printf "%s-ws" $fullname }}
|
||||
port: {{ .Values.service.ws.ports.ws.port }}
|
||||
{{- end -}}
|
||||
|
||||
{{/* inject websocket path to all main ingress hosts*/}}
|
||||
{{- define "vaultwarden.websocketinjector" -}}
|
||||
{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
|
||||
{{- if .Values.ingress.main.enabled }}
|
||||
{{- range .Values.ingress.main.hosts }}
|
||||
{{- $newpaths := list }}
|
||||
{{- $newpaths := concat .paths $path }}
|
||||
{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/* inject websocket paths in ingress */}}
|
||||
{{- include "vaultwarden.websocketinjector" . }}
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "tc.common.loader.apply" . }}
|
|
@ -1,4 +0,0 @@
|
|||
icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/vaultwarden.png
|
||||
categories:
|
||||
- security
|
||||
|
Loading…
Reference in New Issue