Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / f9f0beec8492e05a459bd7080ad095b4cf9292bc / . / apps / vaultwarden / install.yaml
blob: d2faede75c38c565a523539569b3c37b2cc94e27 [file] [log] [blame]
giolekvabcbaa0e2021-07-31 17:59:15 +0400[diff] [blame]1---
2apiVersion: v1
3kind: Namespace
4metadata:
5 name: app-vault
6---
7apiVersion: v1
8kind: PersistentVolumeClaim
9metadata:
10 name: data
11 namespace: app-vault
12spec:
13 accessModes:
14 - ReadWriteOnce
15 resources:
16 requests:
17 storage: 10Gi
18---
19apiVersion: apps/v1
20kind: Deployment
21metadata:
22 name: server
23 namespace: app-vault
24spec:
25 selector:
26 matchLabels:
27 app: server
28 replicas: 1
29 template:
30 metadata:
31 labels:
32 app: server
33 spec:
34 volumes:
35 - name: data
36 persistentVolumeClaim:
37 claimName: data
38 containers:
39 - name: server
40 image: vaultwarden/server:1.22.2
41 imagePullPolicy: IfNotPresent
42 env:
43 - name: ROCKET_PORT
44 value: "80"
45 - name: DISABLE_ADMIN_TOKEN
46 value: "true"
47 - name: DOMAIN
48 value: "https://vault.pcloud"
49 ports:
50 - name: http
51 containerPort: 80
52 protocol: TCP
53 volumeMounts:
54 - name: data
55 mountPath: /data
56---
57apiVersion: v1
58kind: Service
59metadata:
60 name: server
61 namespace: app-vault
62spec:
63 type: ClusterIP
64 selector:
65 app: server
66 ports:
67 - name: http
68 port: 80
69 targetPort: http
70 protocol: TCP
71---
72apiVersion: networking.k8s.io/v1
73kind: Ingress
74metadata:
75 name: ingress
76 namespace: app-vault
77 annotations:
giolekvabcbaa0e2021-07-31 17:59:15 +0400[diff] [blame]78 cert-manager.io/cluster-issuer: "selfsigned-ca"
79 acme.cert-manager.io/http01-edit-in-place: "true"
80spec:
81 ingressClassName: nginx-private
82 tls:
83 - hosts:
84 - vault.pcloud
85 secretName: cert-vault.pcloud
86 rules:
87 - host: vault.pcloud
88 http:
89 paths:
90 - path: /
91 pathType: Prefix
92 backend:
93 service:
94 name: server
95 port:
96 name: http