commit d33b01da43157f9c9fbe35b25529ae1a1839f05d Author: Tanguy Herbron Date: Tue May 20 12:50:36 2025 +0200 feat: Initial commit diff --git a/README.md b/README.md new file mode 100644 index 0000000..29503af --- /dev/null +++ b/README.md @@ -0,0 +1,16 @@ +# Bitwarden server (Vaultwarden) +## Usage +Self-hosted password manager, giving individual the insurance that data is not used by unkown entity, with the drawback of having to take care of the security yourself. + +This server is based off [Vaultwarden](https://github.com/dani-garcia/vaultwarden), an unofficial Bitwarden server working seamlessly with all Bitwarden clients (officials and community). + +## Requirements +Do deploy this instance, you only need to install `docker-compose` and `docker`. + +## Installation +``` +git clone https://git.halia.dev/athens-school/Bitwarden.git +docker-compose up -d +``` + +All necessary images should be downloaded automatically and the service should be started in the background. diff --git a/manifests/deployment.yaml b/manifests/deployment.yaml new file mode 100644 index 0000000..b5e9eb9 --- /dev/null +++ b/manifests/deployment.yaml @@ -0,0 +1,30 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: owncast + namespace: owncast +spec: + replicas: 1 + selector: + matchLabels: + app: owncast + template: + metadata: + labels: + app: owncast + spec: + hostname: owncast + subdomain: owncast + containers: + - name: owncast + image: owncast/owncast:0.2.3 + ports: + - containerPort: 8080 + - containerPort: 1935 + volumeMounts: + - mountPath: "/app/data" + name: owncast-data + volumes: + - name: owncast-data + persistentVolumeClaim: + claimName: owncast-pvc diff --git a/manifests/ingress.yaml b/manifests/ingress.yaml new file mode 100644 index 0000000..8381652 --- /dev/null +++ b/manifests/ingress.yaml @@ -0,0 +1,52 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: owncast-ingress + namespace: owncast + annotations: + cert-manager.io/cluster-issuer: letsencrypt-production + kubernetes.io/ingress.class: nginx-external + acme.cert-manager.io/http01-edit-in-place: "true" +spec: + tls: + - hosts: + - live.halis.io + secretName: live-halis-io-tls + ingressClassName: nginx-external + rules: + - host: live.halis.io + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: owncast-svc + port: + number: 80 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: owncast-internal-ingress + namespace: owncast +spec: + ingressClassName: nginx-internal + rules: + - host: live.entos + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: owncast-svc + port: + number: 80 + - path: /live + pathType: Prefix + backend: + service: + name: owncast-svc + port: + number: 1935 diff --git a/manifests/kustomization.yaml b/manifests/kustomization.yaml new file mode 100644 index 0000000..0af785d --- /dev/null +++ b/manifests/kustomization.yaml @@ -0,0 +1,9 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - namespace.yaml + - service.yaml + - ingress.yaml + - pvc.yaml + - deployment.yaml diff --git a/manifests/namespace.yaml b/manifests/namespace.yaml new file mode 100644 index 0000000..98f9040 --- /dev/null +++ b/manifests/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: owncast diff --git a/manifests/pvc.yaml b/manifests/pvc.yaml new file mode 100644 index 0000000..ff63d19 --- /dev/null +++ b/manifests/pvc.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: owncast-pvc + namespace: owncast + labels: + recurring-job.longhorn.io/source: enabled + recurring-job-group.longhorn.io/standard-pvc: enabled +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 50Gi + storageClassName: redundant-storage-class diff --git a/manifests/service.yaml b/manifests/service.yaml new file mode 100644 index 0000000..592a687 --- /dev/null +++ b/manifests/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: owncast-svc + namespace: owncast +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8080 + - name: rtmp + port: 1935 + protocol: TCP + targetPort: 1935 + selector: + app: owncast