---
apiVersion: v1
kind: Service
metadata:
  name: vaultwarden
spec:
  selector:
    app: vaultwarden
  ports:
  - port: 80

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: vaultwarden
  annotations:
    spec.ingressClassName: "nginx"
    cert-manager.io/cluster-issuer: "letsencrypt"
spec:
  tls:
  - hosts:
    - vault.{{.domain}}
    secretName: vaultwarden-tls
  rules:
  - host: vault.{{.domain}}
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: vaultwarden
            port:
              number: 80
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: vaultwarden-pv-claim
spec:
  storageClassName: local-path
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: vaultwarden
  labels:
    app: vaultwarden
spec:
  replicas: 1
  selector:
    matchLabels:
      app: vaultwarden
  template:
    metadata:
      labels:
        app: vaultwarden
    spec:
      containers:
      - name: vaultwarden
        image: vaultwarden/server:latest
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 80
        volumeMounts:
        - name: vaultwarden-pv-claim
          mountPath: /data 
        env:
        - name: DOMAIN
          value: "https://vault.ruan.fr"
      volumes:
      - name: vaultwarden-pv-claim
        persistentVolumeClaim:
          claimName: vaultwarden-pv-claim