github-personal/vaultwarden
1
0
Fork 0
mirror of https://github.com/outbackdingo/vaultwarden.git synced 2026-01-27 10:20:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: multiple features

Browse Source 
- allow disabling the admin token
- minor fix to writing initContainers in template
- update example for signupDomains
- add support for push notifications
- rework storage variable and add support for custom attachments dir
- Makefile for testing
- fix logging configuration
- use alpine image
- move resource config to values.yml
- add readiness probe
- add funding button for repo

Signed-off-by: Lester Guerzon <guerzon@proton.me>
This commit is contained in:
Lester Guerzon
2023-11-05 14:14:32 +08:00
parent f58bd50e90
commit dcb1ca1cfd
11 changed files with 220 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1 @@
github: guerzon

19
CONTRIBUTING.md
View File

@@ -9,21 +9,20 @@ This document was created by the Linux Kernel community and is a simple statemen
See the [DCO](../DCO) file for details.
## Requirements
## How-to
1. Fork this repository, develop, and test your changes.
2. Submit a pull request.
2. When updating the `values.yml`, also update the [chart documentation](./charts/vaultwarden/README.md) by using [this tool](https://github.com/bitnami-labs/readme-generator-for-helm). A quick way to do this is to run the tool via Docker and the script [generate-readme.sh](generate-readme.sh):
### Technical Requirements
```bash
./generate-readme.sh
```
3. Submit a pull request.
### Reminders
When submitting a pull request, please ensure that:
- The PR follow [Helm best practices](https://helm.sh/docs/chart_best_practices/).
- Any change to a chart requires a version bump following [semver](https://semver.org/) principles.
- The tables of parameters are generated based on the metadata information from the `values.yaml` file, by using [this tool](https://github.com/bitnami-labs/readme-generator-for-helm).
A quick way to do this is to run the tool via Docker and the script [generate-readme.sh](generate-readme.sh):
```bash
./generate-readme.sh
```

8
Makefile Normal file
View File

@@ -0,0 +1,8 @@
lint:
ct lint --target-branch main
test:
ct install --target-branch main --helm-extra-set-args="--set=domain=https://warden.example.com:8443"
.PHONY: lint test

19
README.md
View File

@@ -15,6 +15,7 @@ The `vaultwarden` project can be found [here](https://github.com/dani-garcia/vau
- Kubernetes >= 1.12
- Helm >= 3.1.0
- `docker` and `make` for generating the chart documentation
## Usage
@@ -26,16 +27,6 @@ helm repo add vaultwarden https://guerzon.github.io/vaultwarden
Refer to the detailed documentation [here](./charts/vaultwarden/README.md).
## Uninstall
To uninstall/delete the `vaultwarden-demo` release:
```console
export NAMESPACE=vaultwarden
export RELEASE_NAME=vaultwarden-demo
helm -n $NAMESPACE uninstall $RELEASE_NAME
```
## Disclaimer
Please do your due-diligence before using this chart for a production deployment.
@@ -44,7 +35,7 @@ Nevertheless, if you find any issues while using this chart, or have any suggest
## License
[MIT](./LICENSE).
See [LICENSE](./LICENSE).
## Author
@@ -54,3 +45,9 @@ This Helm chart was created and maintained by [Lester Guerzon](https://blog.pidn
- The `vaultwarden` project can be found [here](https://github.com/dani-garcia/vaultwarden)
- Further information about `Bitwarden` and 8bit Solutions LLC can be found [here](https://bitwarden.com/)
## References
- Guides: <https://github.com/dani-garcia/vaultwarden/wiki>
- Configuration: <https://github.com/dani-garcia/vaultwarden/blob/main/.env.template>
- Releases: <https://github.com/dani-garcia/vaultwarden/releases>

2
charts/vaultwarden/Chart.yaml
View File

@@ -13,5 +13,5 @@ maintainers:
- name: guerzon
email: guerzon@proton.me
url: https://github.com/guerzon
version: 0.15.3
version: 0.16.0
kubeVersion: ">=1.12.0-0"

127
charts/vaultwarden/README.md
View File

@@ -27,7 +27,7 @@ helm upgrade -i \
-f demo.yaml
```
### General configuration
## General configuration
This chart deploys `vaultwarden` from pre-built images on [Docker Hub](https://hub.docker.com/r/vaultwarden/server/tags): `vaultwarden/server`. The image can be defined by specifying the tag with `image.tag`.
@@ -48,7 +48,7 @@ domain: "https://vaultwarden.contoso.com:9443/"
Detailed configuration options can be found in the [Vaultwarden settings](./charts/vaultwarden/README.md#vaultwarden-settings) section.
### Database options
## Database options
By default, `vaultwarden` uses a SQLite database located in `/data/db.sqlite3`. However, it is also possible to make use of an external database, in particular either [MySQL](https://www.mysql.com/downloads/) or [PostgreSQL](https://www.postgresql.org).
@@ -91,11 +91,11 @@ database:
Detailed configuration options can be found in the [Database Configuration](./charts/vaultwarden/README.md#database-configuration) section.
### SSL and Ingress
## SSL and Ingress
This chart supports the usage of existing Ingress Controllers for exposing the `vaultwarden` deployment.
#### nginx-ingress
### nginx-ingress
Nginx ingress controller can be installed by following [this](https://kubernetes.github.io/ingress-nginx/deploy/) guide. An SSL certificate can be added as a secret with a few commands:
@@ -118,7 +118,7 @@ ingress:
allowList: "10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16"
```
#### AWS LB Controller
### AWS LB Controller
When using AWS, the [AWS Load Balancer controller](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/deploy/installation/) can be used together with [ACM](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/guide/ingress/cert_discovery/).
@@ -137,9 +137,26 @@ ingress:
Detailed configuration options can be found in the [Exposure Parameters](./charts/vaultwarden/README.md#exposure-parameters) section.
### Security
## Security
An admin token can be generated with: `openssl rand -base64 48`.
### Admin page
An insecure string token can be generated with: `openssl rand -base64 48` and can be used for the admin token. However, from v1.28.0 and later, it is now possible to pass a hashed value to the admin token:
```bash
echo -n "R@ndomTokenString" | argon2 "$(openssl rand -base64 32)" -e -id -k 19456 -t 2 -p 1
```
Please see [this](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-admin-page#secure-the-admin_token) guide for more information.
```yaml
adminToken:
value: "khit9gYQV6ax9LKTTm+s6QbZi5oiuR+3s1PEn9q3IRmCl9IQn7LmBpmFCOYTb7Mr"
```
You can also [disable](https://github.com/dani-garcia/vaultwarden/wiki/Disable-admin-token) the admin token by passing `--set adminToken=null` to `helm`. Doing so will pass the disable the authentication to the admin page. Do this if you know what you are doing.
### Service account
By default, the chart deploys a [service account](https://kubernetes.io/docs/reference/access-authn-authz/service-accounts-admin/) called `vaultwarden-svc`.
@@ -151,7 +168,7 @@ serviceAccount:
Detailed configuration options can be found in the [Security settings](./charts/vaultwarden/README.md#security-settings) section.
### Mail settings
## Mail settings
To enable the SMTP service, make sure that at a minimum, `smtp.host` and `smtp.from` are set.
@@ -168,31 +185,48 @@ smtp:
Detailed configuration options can be found in the [SMTP Configuration](./charts/vaultwarden/README.md#smtp-configuration) section.
### Storage
## Persistent storage
To use persistent storage using a claim, set `storage.enabled` to `true`. The following example sets the storage class to an already-installed Rancher's [local path storage](https://github.com/rancher/local-path-provisioner) provisioner.
Vaultwarden requires persistent storage for its attachments and icons cache.
To use persistent storage using a claim, set the `data` dictionary. Optionally set a different path using the `path` key. The following example sets the storage class to an already-installed Rancher's [local path storage](https://github.com/rancher/local-path-provisioner) provisioner.
```yaml
storage:
enabled: true
size: "10Gi"
data:
name: "vaultwarden-data"
size: "15Gi"
class: "local-path"
```
Example for AWS:
```yaml
storage:
enabled: true
data:
name: "vaultwarden-data"
size: "10Gi"
class: "gp2"
path: "/srv/vaultwarden-data"
```
Detailed configuration options can be found in the [Storage Configuration](./charts/vaultwarden/README.md#storage-configuration) section.
To use persistent storage for attachments, set the `attachmenets` dictionary. Optionally set a different path. Note that by default, the path is `/data/attachments`.
## Deployment in GKE
```yaml
data:
name: "vaultwarden-data"
size: "15Gi"
class: "local-path"
```
I have written a detailed post about deploying Vaultwarden in Google Kubernetes Engine [here](https://medium.com/@sreafterhours/terraform-helm-external-dns-cert-manager-nginx-and-vaultwarden-on-gke-5080f3b4909f).
## Uninstall
To uninstall/delete the `vaultwarden-demo` release:
```bash
export NAMESPACE=vaultwarden
export RELEASE_NAME=vaultwarden-demo
helm -n $NAMESPACE uninstall $RELEASE_NAME
```
## Parameters
@@ -202,7 +236,7 @@ I have written a detailed post about deploying Vaultwarden in Google Kubernetes
| ------------------- | --------------------------------------------- | -------------------- |
| `image.registry` | Vaultwarden image registry | `docker.io` |
| `image.repository` | Vaultwarden image repository | `vaultwarden/server` |
| `image.tag` | Vaultwarden image tag | `1.29.2` |
| `image.tag` | Vaultwarden image tag | `1.29.2-alpine` |
| `image.pullPolicy` | Vaultwarden image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names | `[]` |
| `domain` | Domain name where the application is accessed | `""` |
@@ -222,22 +256,22 @@ I have written a detailed post about deploying Vaultwarden in Google Kubernetes
### Security settings
| Name | Description | Value |
| ------------------------------ | -------------------------------------------------------------------------------------------------------- | ------------------- |
| `adminToken.existingSecret` | Specify an existing Kubernetes secret containing the admin token. Also set adminToken.existingSecretKey. | `""` |
| `adminToken.existingSecretKey` | When using adminToken.existingSecret, specify the key containing the token. | `""` |
| `adminToken.value` | Plain string containing the admin token. | `R@ndomToken$tring` |
| `signupsAllowed` | By default, anyone who can access your instance can register for a new account. | `true` |
| `invitationsAllowed` | Even when registration is disabled, organization administrators or owners can | `true` |
| `signupDomains` | List of domain names for users allowed to register | `""` |
| `signupsVerify` | Whether to require account verification for newly-registered users. | `true` |
| `showPassHint` | Whether a password hint should be shown in the page. | `false` |
| `fullnameOverride` | String to override the application name. | `""` |
| `invitationOrgName` | String Name shown in the invitation emails that don't come from a specific organization | `Vaultwarden` |
| `iconBlacklistNonGlobalIps` | Whether block non-global IPs. | `true` |
| `ipHeader` | Client IP Header, used to identify the IP of the client | `X-Real-IP` |
| `serviceAccount.create` | Create a service account | `true` |
| `serviceAccount.name` | Name of the service account to create | `vaultwarden-svc` |
| Name | Description | Value |
| ------------------------------ | -------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- |
| `adminToken.existingSecret` | Specify an existing Kubernetes secret containing the admin token. Also set adminToken.existingSecretKey. | `""` |
| `adminToken.existingSecretKey` | When using adminToken.existingSecret, specify the key containing the token. | `""` |
| `adminToken.value` | Plain or argon2 string containing the admin token. | `$argon2id$v=19$m=19456,t=2,p=1$Vkx1VkE4RmhDMUhwNm9YVlhPQkVOZk1Yc1duSDdGRVYzd0Y5ZkgwaVg0Yz0$PK+h1ANCbzzmEKaiQfCjWw+hWFaMKvLhG2PjRanH5Kk` |
| `signupsAllowed` | By default, anyone who can access your instance can register for a new account. | `true` |
| `invitationsAllowed` | Even when registration is disabled, organization administrators or owners can | `true` |
| `signupDomains` | List of domain names for users allowed to register. For example: | `""` |
| `signupsVerify` | Whether to require account verification for newly-registered users. | `true` |
| `showPassHint` | Whether a password hint should be shown in the page. | `false` |
| `fullnameOverride` | String to override the application name. | `""` |
| `invitationOrgName` | String Name shown in the invitation emails that don't come from a specific organization | `Vaultwarden` |
| `iconBlacklistNonGlobalIps` | Whether block non-global IPs. | `true` |
| `ipHeader` | Client IP Header, used to identify the IP of the client | `X-Real-IP` |
| `serviceAccount.create` | Create a service account | `true` |
| `serviceAccount.name` | Name of the service account to create | `vaultwarden-svc` |
### Exposure Parameters
@@ -295,22 +329,19 @@ I have written a detailed post about deploying Vaultwarden in Google Kubernetes
| `smtp.acceptInvalidCerts` | Accept Invalid Certificates | `false` |
| `smtp.debug` | SMTP debugging | `false` |
### Storage Configuration
### Persistent data configuration
| Name | Description | Value |
| ----------------- | ------------------------------------------- | ------- |
| `storage.enabled` | Enable configuration for persistent storage | `false` |
| `storage.size` | Storage size for /data | `15Gi` |
| `storage.class` | Specify the storage class | `""` |
| `storage.dataDir` | Specify the data directory | `/data` |
| Name | Description | Value |
| ------------- | ------------------------------------------------------------------------- | ----- |
| `data` | Data directory configuration, refer to values.yaml for parameters. | `{}` |
| `attachments` | Attachments directory configuration, refer to values.yaml for parameters. | `{}` |
### Logging Configuration
| Name | Description | Value |
| ------------------ | ----------------------------------- | ----------------------- |
| `logging.enabled` | Enable logging to a file | `false` |
| `logging.logfile` | Specify logfile path for output log | `/data/vaultwarden.log` |
| `logging.loglevel` | Specify the log level | `warn` |
| Name | Description | Value |
| ------------------ | --------------------- | ----- |
| `logging.logLevel` | Specify the log level | `""` |
| `logging.logFile` | Log to a file | `""` |
### Extra containers Configuration
@@ -327,3 +358,5 @@ I have written a detailed post about deploying Vaultwarden in Google Kubernetes
| `affinity` | Affinity for pod assignment | `{}` |
| `tolerations` | Tolerations for pod assignment | `[]` |
| `statefulsetlabels` | Additional labels for the statefulset | `{}` |
| `pushNotifications` | Enable mobile push notifications | `{}` |
| `resources` | Resource configurations | `{}` |

20
charts/vaultwarden/templates/configmap.yaml
View File

@@ -26,7 +26,12 @@ data:
WEBSOCKET_ADDRESS: {{ .Values.websocket.address | quote }}
WEBSOCKET_PORT: {{ .Values.websocket.port | quote }}
{{- end }}
DATA_FOLDER: {{ .Values.storage.dataDir | quote }}
{{- if .Values.data }}
DATA_FOLDER: {{ default "/data" .Values.data.path | quote }}
{{- end }}
{{- if .Values.attachments }}
ATTACHMENTS_FOLDER: {{ default "/data/attachments" .Values.attachments.path | quote }}
{{- end }}
ROCKET_PORT: {{ .Values.rocket.port | quote }}
ROCKET_WORKERS: {{ .Values.rocket.workers | quote }}
SHOW_PASSWORD_HINT: {{ .Values.showPassHint | quote }}
@@ -37,12 +42,19 @@ data:
{{- end }}
SIGNUPS_VERIFY: {{ .Values.signupsVerify | quote }}
WEB_VAULT_ENABLED: {{ .Values.webVaultEnabled | quote }}
{{- if .Values.logging.enabled }}
LOG_FILE: {{ .Values.logging.logfile | quote }}
LOG_LEVEL: {{ .Values.logging.loglevel | quote }}
{{- if .Values.logging.logFile }}
LOG_FILE: {{ .Values.logging.logFile | quote }}
{{- end }}
{{- if .Values.logging.logLevel }}
LOG_LEVEL: {{ .Values.logging.logLevel | quote }}
{{- end }}
DB_CONNECTION_RETRIES: {{ .Values.database.connectionRetries | quote }}
DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
INVITATION_ORG_NAME: {{ .Values.invitationOrgName | quote }}
ICON_BLACKLIST_NON_GLOBAL_IPS: {{ .Values.iconBlacklistNonGlobalIps | quote }}
IP_HEADER: {{ .Values.ipHeader | quote }}
{{- if .Values.pushNotifications }}
PUSH_ENABLED: "true"
PUSH_INSTALLATION_ID: {{ .Values.pushNotifications.installationId | quote }}
PUSH_INSTALLATION_KEY: {{ .Values.pushNotifications.installationKey | quote }}
{{- end }}

2
charts/vaultwarden/templates/secrets.yaml
View File

@@ -13,7 +13,7 @@ data:
SMTP_PASSWORD: {{ .Values.smtp.password.value | b64enc | quote }}
SMTP_USERNAME: {{ .Values.smtp.username.value | b64enc | quote }}
{{- end }}
{{- if not ( .Values.adminToken.existingSecret ) }}
{{- if ( .Values.adminToken ) }}
ADMIN_TOKEN: {{ .Values.adminToken.value | b64enc | quote }}
{{- end }}
{{ end }}

59
charts/vaultwarden/templates/statefulset.yaml
View File

@@ -47,10 +47,10 @@ spec:
tolerations:
{{- toYaml .Values.tolerations | nindent 8 }}
{{- end }}
{{- if .Values.initContainers }}
initContainers:
{{- if .Values.initContainers }}
{{- toYaml .Values.initContainers | nindent 8 }}
{{- end }}
{{- end }}
containers:
- image: {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
@@ -73,11 +73,16 @@ spec:
name: {{ default (include "vaultwarden.fullname" .) .Values.smtp.existingSecret }}
key: {{ default "SMTP_PASSWORD" .Values.smtp.password.existingSecretKey }}
{{- end }}
{{- if .Values.adminToken }}
- name: ADMIN_TOKEN
valueFrom:
secretKeyRef:
name: {{ default (include "vaultwarden.fullname" .) .Values.adminToken.existingSecret }}
key: {{ default "ADMIN_TOKEN" .Values.adminToken.existingSecretKey }}
{{- else }}
- name: DISABLE_ADMIN_TOKEN
value: "true"
{{- end }}
{{- if ne "default" .Values.database.type }}
- name: DATABASE_URL
{{- if .Values.database.existingSecret }}
@@ -100,31 +105,37 @@ spec:
- containerPort: {{ .Values.websocket.port }}
name: websocket
protocol: TCP
{{- if .Values.storage.enabled }}
readinessProbe:
httpGet:
path: /alive
port: 8080
initialDelaySeconds: 5
{{- if .Values.data }}
volumeMounts:
- name: vaultwarden-data
mountPath: {{ .Values.storage.dataDir }}
- name: {{ .Values.data.name }}
mountPath: {{ default "/data" .Values.data.path }}
{{- end }}
{{- if .Values.attachments }}
volumeMounts:
- name: {{ .Values.attachments.name }}
mountPath: {{ default "/data/attachments" .Values.attachments.path }}
{{- end }}
resources:
limits:
cpu: 300m
memory: 1Gi
requests:
cpu: 50m
memory: 256Mi
{{- toYaml .Values.resources | nindent 12 }}
{{- if .Values.sidecars }}
{{- toYaml .Values.sidecars | nindent 8 }}
{{- end }}
{{- if .Values.serviceAccount.create }}
serviceAccountName: {{ .Values.serviceAccount.name }}
{{- end }}
{{- if .Values.storage.enabled }}
{{- if (or .Values.data .Values.attachments) }}
persistentVolumeClaimRetentionPolicy:
whenDeleted: Retain
whenScaled: Retain
volumeClaimTemplates:
{{- if .Values.data }}
- metadata:
name: vaultwarden-data
name: {{ .Values.data.name }}
labels:
{{- include "vaultwarden.labels" . | nindent 10 }}
spec:
@@ -132,8 +143,24 @@ spec:
- "ReadWriteOnce"
resources:
requests:
storage: {{ .Values.storage.size }}
{{- if .Values.storage.class }}
storageClassName: {{ .Values.storage.class | quote }}
storage: {{ .Values.data.size }}
{{- if .Values.data.class }}
storageClassName: {{ .Values.data.class | quote }}
{{- end }}
{{- end }}
{{- if .Values.attachments }}
- metadata:
name: {{ .Values.attachments.name }}
labels:
{{- include "vaultwarden.labels" . | nindent 10 }}
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: {{ .Values.attachments.size }}
{{- if .Values.attachments.class }}
storageClassName: {{ .Values.attachments.class | quote }}
{{- end }}
{{- end }}
{{- end }}

78
charts/vaultwarden/values.yaml
View File

@@ -11,7 +11,7 @@ image:
## @param image.tag Vaultwarden image tag
## Ref: https://hub.docker.com/r/vaultwarden/server/tags
##
tag: "1.29.2"
tag: "1.29.2-alpine"
## @param image.pullPolicy Vaultwarden image pull policy
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
@@ -56,6 +56,7 @@ podLabels: {}
## @section Security settings
##
adminToken:
## @param adminToken.existingSecret Specify an existing Kubernetes secret containing the admin token. Also set adminToken.existingSecretKey.
## Example: admincreds_secret
@@ -65,10 +66,11 @@ adminToken:
## Example: ADMIN_TOKEN
##
existingSecretKey: ""
## @param adminToken.value Plain string containing the admin token.
## Example: ADMIN_TOKEN
## @param adminToken.value Plain or argon2 string containing the admin token.
## This example is the argon2 has of "R@ndomTokenString" (no quotes).
##
value: "R@ndomToken$tring"
value: "$argon2id$v=19$m=19456,t=2,p=1$Vkx1VkE4RmhDMUhwNm9YVlhPQkVOZk1Yc1duSDdGRVYzd0Y5ZkgwaVg0Yz0$PK+h1ANCbzzmEKaiQfCjWw+hWFaMKvLhG2PjRanH5Kk"
## @param signupsAllowed By default, anyone who can access your instance can register for a new account.
## To disable this, set this parameter to false. Even when signupsAllowed=false, an existing user who is
## an organization owner or admin can still invite new users. If you want to disable this as well, set
@@ -82,7 +84,8 @@ signupsAllowed: true
## if signupsAllowed is actually set to false. You can disable this functionality completely by setting
## invitationsAllowed env variable to false
invitationsAllowed: true
## @param signupDomains List of domain names for users allowed to register
## @param signupDomains List of domain names for users allowed to register. For example:
## example.com,example.net,example.org.
##
signupDomains: ""
## @param signupsVerify Whether to require account verification for newly-registered users.
@@ -283,34 +286,35 @@ smtp:
##
debug: false
## @section Storage Configuration
## @section Persistent data configuration
##
storage:
## @param storage.enabled Enable configuration for persistent storage
##
enabled: false
## @param storage.size Storage size for /data
##
size: "15Gi"
## @param storage.class Specify the storage class
##
class: ""
## @param storage.dataDir Specify the data directory
##
dataDir: "/data"
## @param data Data directory configuration, refer to values.yaml for parameters.
##
data: {}
# name: "vaultwarden-data"
# size: "15Gi"
# class: ""
# path: "/data"
## @param attachments Attachments directory configuration, refer to values.yaml for parameters.
## By default, attachments/ is located inside the data directory.
##
attachments: {}
# name: "vaultwarden-files"
# size: "100Gi"
# class: ""
# path: /files
## @section Logging Configuration
##
logging:
## @param logging.enabled Enable logging to a file
## @param logging.logLevel Specify the log level
##
enabled: false
## @param logging.logfile Specify logfile path for output log
logLevel: ""
## @param logging.logFile Log to a file
##
logfile: "/data/vaultwarden.log"
## @param logging.loglevel Specify the log level
##
loglevel: "warn"
logFile: ""
## @section Extra containers Configuration
##
@@ -344,3 +348,25 @@ tolerations: []
## @param statefulsetlabels Additional labels for the statefulset
##
statefulsetlabels: {}
## @param pushNotifications Enable mobile push notifications
## Supported since 1.29.0.
## Refer to https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Mobile-Client-push-notification for details
##
pushNotifications: {}
# installationId: ""
# installationKey: ""
## @param resources Resource configurations
##
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 300m
# memory: 1Gi
# requests:
# cpu: 50m
# memory: 256Mi

4
generate-readme.sh
View File

@@ -4,9 +4,7 @@
if [ ! -d "readme-generator-for-helm" ]; then
git clone https://github.com/bitnami-labs/readme-generator-for-helm
fi
cd readme-generator-for-helm/
docker build -t readme-gen .
cd ..
docker build -t readme-gen readme-generator-for-helm/
# Run the tool and mount the current project directory.
docker run --rm -v $(pwd):/mnt -w /mnt readme-gen readme-generator -v charts/vaultwarden/values.yaml -r charts/vaultwarden/README.md