Init commit and vaultwarden
This commit is contained in:
Antonin Ruan
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@@ -0,0 +1 @@
|
|||||||
|
config.yaml
|
||||||
5623
cert-manager.yaml
Normal file
5623
cert-manager.yaml
Normal file
File diff suppressed because it is too large
Load Diff
4
config.yaml.sample
Normal file
4
config.yaml.sample
Normal file
@@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
domain:
|
||||||
|
email:
|
||||||
|
admin:
|
||||||
15
k8s/cluster_issuer.yaml.in
Normal file
15
k8s/cluster_issuer.yaml.in
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
---
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: ClusterIssuer
|
||||||
|
metadata:
|
||||||
|
name: letsencrypt
|
||||||
|
spec:
|
||||||
|
acme:
|
||||||
|
server: https://acme-v02.api.letsencrypt.org/directory
|
||||||
|
email: {{.email.admin}}
|
||||||
|
privateKeySecretRef:
|
||||||
|
name: letsencrypt
|
||||||
|
solvers:
|
||||||
|
- http01:
|
||||||
|
ingress:
|
||||||
|
ingressClassName: traefik
|
||||||
80
k8s/vaultwarden.yaml.in
Normal file
80
k8s/vaultwarden.yaml.in
Normal file
@@ -0,0 +1,80 @@
|
|||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: vaultwarden
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
app: vaultwarden
|
||||||
|
ports:
|
||||||
|
- port: 80
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: vaultwarden
|
||||||
|
annotations:
|
||||||
|
spec.ingressClassName: "nginx"
|
||||||
|
cert-manager.io/cluster-issuer: "letsencrypt"
|
||||||
|
spec:
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- vault.{{.domain}}
|
||||||
|
secretName: vaultwarden-tls
|
||||||
|
rules:
|
||||||
|
- host: vault.{{.domain}}
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: vaultwarden
|
||||||
|
port:
|
||||||
|
number: 80
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: vaultwarden-pv-claim
|
||||||
|
spec:
|
||||||
|
storageClassName: local-path
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteOnce
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 1Gi
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: vaultwarden
|
||||||
|
labels:
|
||||||
|
app: vaultwarden
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: vaultwarden
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: vaultwarden
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: vaultwarden
|
||||||
|
image: vaultwarden/server:latest
|
||||||
|
imagePullPolicy: IfNotPresent
|
||||||
|
ports:
|
||||||
|
- containerPort: 80
|
||||||
|
volumeMounts:
|
||||||
|
- name: vaultwarden-pv-claim
|
||||||
|
mountPath: /data
|
||||||
|
env:
|
||||||
|
- name: DOMAIN
|
||||||
|
value: "https://vault.ruan.fr"
|
||||||
|
volumes:
|
||||||
|
- name: vaultwarden-pv-claim
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: vaultwarden-pv-claim
|
||||||
Reference in New Issue
Block a user