aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/namespaces/default/bitwarden
diff options
context:
space:
mode:
authorGravatar Joe Banks <[email protected]>2024-04-15 11:26:52 +0100
committerGravatar Joe Banks <[email protected]>2024-04-15 11:26:52 +0100
commit23f7ec4f17dde7761619ef29634dd177b292d742 (patch)
treebe7744708c4c70f00e070f45acfe46efa636430d /kubernetes/namespaces/default/bitwarden
parentRemove unused services (diff)
Move services to tooling namespace
Diffstat (limited to 'kubernetes/namespaces/default/bitwarden')
-rw-r--r--kubernetes/namespaces/default/bitwarden/README.md14
-rw-r--r--kubernetes/namespaces/default/bitwarden/configmap.yaml23
-rw-r--r--kubernetes/namespaces/default/bitwarden/deployment.yaml34
-rw-r--r--kubernetes/namespaces/default/bitwarden/ingress.yaml24
-rw-r--r--kubernetes/namespaces/default/bitwarden/secrets.yamlbin345 -> 0 bytes
-rw-r--r--kubernetes/namespaces/default/bitwarden/service.yaml9
6 files changed, 0 insertions, 104 deletions
diff --git a/kubernetes/namespaces/default/bitwarden/README.md b/kubernetes/namespaces/default/bitwarden/README.md
deleted file mode 100644
index 37f01eb..0000000
--- a/kubernetes/namespaces/default/bitwarden/README.md
+++ /dev/null
@@ -1,14 +0,0 @@
-# BitWarden
-
-Our internal password manager, used by the admins to share passwords for our services. Hosted at https://bitwarden.pythondiscord.com
-
-To deploy this, first set up the secrets (see below) and then run `kubectl apply -f .` in this folder.
-
-## Secrets
-This deployment expects a few secrets to exist in a secret called `bitwarden-secret-env`.
-
-
-| Environment | Description |
-|-----------------------|-------------------------------------------|
-| ADMIN_TOKEN | 64-character token used for initial login |
-| DATABASE_URL | Database string: host://user:pass/db |
diff --git a/kubernetes/namespaces/default/bitwarden/configmap.yaml b/kubernetes/namespaces/default/bitwarden/configmap.yaml
deleted file mode 100644
index c758f5d..0000000
--- a/kubernetes/namespaces/default/bitwarden/configmap.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: bitwarden-config-env
-data:
- # Domain to access bitwarden by
- DOMAIN: "https://bitwarden.pythondiscord.com"
-
- # Password hint must be sent to an email when this is false.
- # When it's true, it'll be shown right on the page.
- SHOW_PASSWORD_HINT: "false"
-
- # Admins only, please!
- SIGNUPS_ALLOWED: "false"
-
- # Used for LiveSync
- WEBSOCKET_ENABLED: "true"
-
- # Max conns to the DB
- DATABASE_MAX_CONNS: "2"
-
- # Force bitwarden to use postgres, rather than it's own volume
- I_REALLY_WANT_VOLATILE_STORAGE: "true"
diff --git a/kubernetes/namespaces/default/bitwarden/deployment.yaml b/kubernetes/namespaces/default/bitwarden/deployment.yaml
deleted file mode 100644
index 70a22ce..0000000
--- a/kubernetes/namespaces/default/bitwarden/deployment.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: bitwarden
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: bitwarden
- template:
- metadata:
- labels:
- app: bitwarden
- spec:
- containers:
- - name: bitwarden
- image: vaultwarden/server:latest
- imagePullPolicy: Always
- resources:
- requests:
- cpu: 1m
- memory: 50Mi
- limits:
- cpu: 50m
- memory: 100Mi
- ports:
- - containerPort: 80
- envFrom:
- - secretRef:
- name: bitwarden-secret-env
- - configMapRef:
- name: bitwarden-config-env
- securityContext:
- readOnlyRootFilesystem: true
diff --git a/kubernetes/namespaces/default/bitwarden/ingress.yaml b/kubernetes/namespaces/default/bitwarden/ingress.yaml
deleted file mode 100644
index d0371f6..0000000
--- a/kubernetes/namespaces/default/bitwarden/ingress.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- annotations:
- nginx.ingress.kubernetes.io/auth-tls-verify-client: "on"
- nginx.ingress.kubernetes.io/auth-tls-secret: "kube-system/mtls-client-crt-bundle"
- nginx.ingress.kubernetes.io/auth-tls-error-page: "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
- name: bitwarden
-spec:
- tls:
- - hosts:
- - "*.pythondiscord.com"
- secretName: pythondiscord.com-tls
- rules:
- - host: bitwarden.pythondiscord.com
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: bitwarden
- port:
- number: 80
diff --git a/kubernetes/namespaces/default/bitwarden/secrets.yaml b/kubernetes/namespaces/default/bitwarden/secrets.yaml
deleted file mode 100644
index 34cfd7a..0000000
--- a/kubernetes/namespaces/default/bitwarden/secrets.yaml
+++ /dev/null
Binary files differ
diff --git a/kubernetes/namespaces/default/bitwarden/service.yaml b/kubernetes/namespaces/default/bitwarden/service.yaml
deleted file mode 100644
index 3df8cc2..0000000
--- a/kubernetes/namespaces/default/bitwarden/service.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: bitwarden
-spec:
- ports:
- - port: 80
- selector:
- app: bitwarden
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-22 19:40:33 +0000