feat(deployment): Add k3s manifests for argocd
This commit is contained in:
parent
0de24867a8
commit
20e10c255e
@ -1,4 +1,4 @@
|
|||||||
# Torrent stack
|
# Bitwarden server (Vaultwarden)
|
||||||
## Usage
|
## Usage
|
||||||
Self-hosted password manager, giving individual the insurance that data is not used by unkown entity, with the drawback of having to take care of the security yourself.
|
Self-hosted password manager, giving individual the insurance that data is not used by unkown entity, with the drawback of having to take care of the security yourself.
|
||||||
|
|
||||||
|
30
manifests/database.yaml
Normal file
30
manifests/database.yaml
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
kind: "postgresql"
|
||||||
|
apiVersion: "acid.zalan.do/v1"
|
||||||
|
|
||||||
|
metadata:
|
||||||
|
name: "vaultwarden"
|
||||||
|
namespace: "vaultwarden"
|
||||||
|
labels:
|
||||||
|
team: acid
|
||||||
|
|
||||||
|
spec:
|
||||||
|
teamId: "acid"
|
||||||
|
postgresql:
|
||||||
|
version: "15"
|
||||||
|
numberOfInstances: 1
|
||||||
|
volume:
|
||||||
|
size: "1Gi"
|
||||||
|
storageClass: "flat-storage-class"
|
||||||
|
users:
|
||||||
|
vaultwarden: []
|
||||||
|
databases:
|
||||||
|
vaultwarden: vaultwarden
|
||||||
|
allowedSourceRanges:
|
||||||
|
# IP ranges to access your cluster go here
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 100Mi
|
||||||
|
limits:
|
||||||
|
cpu: 500m
|
||||||
|
memory: 500Mi
|
36
manifests/deployment.yaml
Normal file
36
manifests/deployment.yaml
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: vaultwarden
|
||||||
|
namespace: vaultwarden
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: vaultwarden
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: vaultwarden
|
||||||
|
spec:
|
||||||
|
hostname: vaultwarden
|
||||||
|
subdomain: vaultwarden
|
||||||
|
containers:
|
||||||
|
- name: vaultwarden
|
||||||
|
image: vaultwarden/server
|
||||||
|
ports:
|
||||||
|
- containerPort: 80
|
||||||
|
env:
|
||||||
|
- name: DB_PASSWORD
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: vaultwarden.vaultwarden.credentials.postgresql.acid.zalan.do
|
||||||
|
key: password
|
||||||
|
- name: SIGNUPS_ALLOWED
|
||||||
|
value: "true"
|
||||||
|
- name: DATABASE_URL
|
||||||
|
value: "postgresql://vaultwarden:$(DB_PASSWORD)@vaultwarden.vaultwarden.svc.cluster.local:5432/vaultwarden"
|
||||||
|
volumes:
|
||||||
|
- name: vaultwarden-pv
|
||||||
|
hostPath:
|
||||||
|
path: "/mnt/vaultwarden"
|
23
manifests/ingress.yaml
Normal file
23
manifests/ingress.yaml
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: vaultwarden-ingress
|
||||||
|
namespace: vaultwarden
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/ingress.class: "traefik"
|
||||||
|
spec:
|
||||||
|
tls:
|
||||||
|
- secretName: vaultwarden-beta-tls
|
||||||
|
hosts:
|
||||||
|
- bitwarden.beta.halia.dev
|
||||||
|
rules:
|
||||||
|
- host: bitwarden.beta.halia.dev
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: vaultwarden-svc
|
||||||
|
port:
|
||||||
|
number: 80
|
9
manifests/kustomization.yaml
Normal file
9
manifests/kustomization.yaml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- namespace.yaml
|
||||||
|
- database.yaml
|
||||||
|
- service.yaml
|
||||||
|
- ingress.yaml
|
||||||
|
- deployment.yaml
|
4
manifests/namespace.yaml
Normal file
4
manifests/namespace.yaml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: vaultwarden
|
13
manifests/service.yaml
Normal file
13
manifests/service.yaml
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: vaultwarden-svc
|
||||||
|
namespace: vaultwarden
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
port: 80
|
||||||
|
protocol: TCP
|
||||||
|
targetPort: 80
|
||||||
|
selector:
|
||||||
|
app: vaultwarden
|
Loading…
Reference in New Issue
Block a user