49 lines
1.2 KiB
YAML
49 lines
1.2 KiB
YAML
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: vaultwarden
|
|
namespace: vaultwarden
|
|
spec:
|
|
interval: 10m
|
|
chart:
|
|
spec:
|
|
chart: vaultwarden
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: vaultwarden
|
|
namespace: flux-system
|
|
values:
|
|
domain: https://vault.n0ball.tw
|
|
database:
|
|
type: postgresql
|
|
existingSecret: vaultwarden-db-secret
|
|
existingSecretKey: DATABASE_URL
|
|
sso:
|
|
enabled: true
|
|
authority: https://keycloak.n0ball.tw/realms/homelab
|
|
existingSecret: vaultwarden-oidc-secret
|
|
clientId:
|
|
existingSecretKey: SSO_CLIENT_ID
|
|
clientSecret:
|
|
existingSecretKey: SSO_CLIENT_SECRET
|
|
signupsMatchEmail: true
|
|
onlySSO: true
|
|
enforceSSO: true
|
|
smtp:
|
|
existingSecret: vaultwarden-smtp-secret
|
|
host: mail.smtp2go.com
|
|
port: 2525
|
|
from: "vaultwarden@n0ball.tw"
|
|
username:
|
|
existingSecretKey: SMTP_USERNAME
|
|
password:
|
|
existingSecretKey: SMTP_PASSWORD
|
|
security: starttls
|
|
ingress:
|
|
enabled: true
|
|
class: traefik
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: "n0ball-tw-issuer"
|
|
hostname: vault.n0ball.tw
|
|
tls: true
|