mirror of
https://gitlab.com/oecis/charts.git
synced 2024-11-15 00:28:59 +00:00
103 lines
3.5 KiB
YAML
103 lines
3.5 KiB
YAML
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: {{ include "vaultwarden.fullname" . }}
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
app.kubernetes.io/component: vaultwarden
|
|
spec:
|
|
serviceName: vaultwarden
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: vaultwarden
|
|
app.kubernetes.io/component: vaultwarden
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: vaultwarden
|
|
app.kubernetes.io/component: vaultwarden
|
|
annotations:
|
|
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha1sum }}
|
|
checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha1sum }}
|
|
spec:
|
|
{{- if .Values.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml .Values.nodeSelector | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.affinity }}
|
|
affinity:
|
|
{{- toYaml .Values.affinity | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.tolerations }}
|
|
tolerations:
|
|
{{- toYaml .Values.tolerations | nindent 8 }}
|
|
{{- end }}
|
|
initContainers:
|
|
{{- if .Values.initContainers }}
|
|
{{- toYaml .Values.initContainers | nindent 8 }}
|
|
{{- end }}
|
|
containers:
|
|
- image: {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
name: vaultwarden
|
|
envFrom:
|
|
- configMapRef:
|
|
name: {{ include "vaultwarden.fullname" . }}
|
|
env:
|
|
- name: SMTP_USERNAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ default (include "vaultwarden.fullname" .) .Values.smtp.existingSecret }}
|
|
key: {{ default "SMTP_USERNAME" .Values.smtp.username.existingSecretKey }}
|
|
- name: SMTP_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ default (include "vaultwarden.fullname" .) .Values.smtp.existingSecret }}
|
|
key: {{ default "SMTP_PASSWORD" .Values.smtp.password.existingSecretKey }}
|
|
- name: ADMIN_TOKEN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ default (include "vaultwarden.fullname" .) .Values.adminToken.existingSecret }}
|
|
key: {{ default "ADMIN_TOKEN" .Values.adminToken.existingSecretKey }}
|
|
ports:
|
|
- containerPort: 8080
|
|
name: http
|
|
protocol: TCP
|
|
- containerPort: {{ .Values.websocket.port }}
|
|
name: websocket
|
|
protocol: TCP
|
|
{{- if .Values.storage.enabled }}
|
|
volumeMounts:
|
|
- name: vaultwarden-data
|
|
mountPath: {{ .Values.storage.dataDir }}
|
|
{{- end }}
|
|
resources:
|
|
limits:
|
|
cpu: 300m
|
|
memory: 1Gi
|
|
requests:
|
|
cpu: 50m
|
|
memory: 256Mi
|
|
{{- if .Values.sidecars }}
|
|
{{- toYaml .Values.sidecars | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.serviceAccount.create }}
|
|
serviceAccountName: {{ .Values.serviceAccount.name }}
|
|
{{- end }}
|
|
{{- if .Values.storage.enabled }}
|
|
persistentVolumeClaimRetentionPolicy:
|
|
whenDeleted: Retain
|
|
whenScaled: Retain
|
|
volumeClaimTemplates:
|
|
- metadata:
|
|
name: vaultwarden-data
|
|
spec:
|
|
accessModes:
|
|
- "ReadWriteOnce"
|
|
resources:
|
|
requests:
|
|
storage: {{ .Values.storage.size }}
|
|
storageClassName: {{ default "default" .Values.storage.class }}
|
|
{{- end }}
|