Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / bcbaa0e2933812d04010efb6497a952e03c8c5a6 / . / apps / vaultwarden / install.yaml
blob: 203e4a3bcc958f19de7165f419ce4bd15849f79f [file] [log] [blame]
giolekvabcbaa0e2021-07-31 17:59:15 +0400[diff] [blame^]1---
2apiVersion: v1
3kind: Namespace
4metadata:
5 name: app-vault
6---
7apiVersion: v1
8kind: PersistentVolumeClaim
9metadata:
10 name: data
11 namespace: app-vault
12spec:
13 accessModes:
14 - ReadWriteOnce
15 resources:
16 requests:
17 storage: 10Gi
18---
19apiVersion: apps/v1
20kind: Deployment
21metadata:
22 name: server
23 namespace: app-vault
24spec:
25 selector:
26 matchLabels:
27 app: server
28 replicas: 1
29 template:
30 metadata:
31 labels:
32 app: server
33 spec:
34 volumes:
35 - name: data
36 persistentVolumeClaim:
37 claimName: data
38 containers:
39 - name: server
40 image: vaultwarden/server:1.22.2
41 imagePullPolicy: IfNotPresent
42 env:
43 - name: ROCKET_PORT
44 value: "80"
45 - name: DISABLE_ADMIN_TOKEN
46 value: "true"
47 - name: DOMAIN
48 value: "https://vault.pcloud"
49 ports:
50 - name: http
51 containerPort: 80
52 protocol: TCP
53 volumeMounts:
54 - name: data
55 mountPath: /data
56---
57apiVersion: v1
58kind: Service
59metadata:
60 name: server
61 namespace: app-vault
62spec:
63 type: ClusterIP
64 selector:
65 app: server
66 ports:
67 - name: http
68 port: 80
69 targetPort: http
70 protocol: TCP
71---
72apiVersion: networking.k8s.io/v1
73kind: Ingress
74metadata:
75 name: ingress
76 namespace: app-vault
77 annotations:
78 # nginx.ingress.kubernetes.io/ssl-redirect: "false"
79 cert-manager.io/cluster-issuer: "selfsigned-ca"
80 acme.cert-manager.io/http01-edit-in-place: "true"
81spec:
82 ingressClassName: nginx-private
83 tls:
84 - hosts:
85 - vault.pcloud
86 secretName: cert-vault.pcloud
87 rules:
88 - host: vault.pcloud
89 http:
90 paths:
91 - path: /
92 pathType: Prefix
93 backend:
94 service:
95 name: server
96 port:
97 name: http