fix: move Bitwarden to security/bitwarden/ (correct namespace structure)

2026-05-19 22:17:30 +00:00 · 2026-05-19 22:17:30 +00:00 · 2026-05-19 22:17:29 +00:00 · 2026-05-19 22:17:29 +00:00 · 2026-05-19 22:17:29 +00:00 · 2026-05-19 22:17:28 +00:00
9 changed files with 212 additions and 0 deletions
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: bitwarden
+  namespace: security
+  labels:
+    app: bitwarden
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: bitwarden
+  template:
+    metadata:
+      labels:
+        app: bitwarden
+    spec:
+      containers:
+        - name: bitwarden
+          image: bitwarden/server:latest
+          ports:
+            - containerPort: 80
+          env:
+            - name: SIGNUPS_ALLOWED
+              value: "true"
+            - name: WEBVAULT_ENABLED
+              value: "true"
+            - name: IDENTITY_URL
+              value: "https://bitwarden.khalisio.com"
+            - name: API_URL
+              value: "https://bitwarden.khalisio.com"
+            - name: DATABASE_URL
+              value: "/bitwarden/data/bitwarden.db"
+          resources:
+            requests:
+              cpu: 100m
+              memory: 256Mi
+            limits:
+              cpu: 500m
+              memory: 512Mi
+          volumeMounts:
+            - name: bitwarden-data
+              mountPath: /bitwarden
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: 80
+            initialDelaySeconds: 15
+            periodSeconds: 10
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 80
+            initialDelaySeconds: 30
+            periodSeconds: 30
+      volumes:
+        - name: bitwarden-data
+          persistentVolumeClaim:
+            claimName: bitwarden-data
@@ -0,0 +1,26 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: bitwarden
+  namespace: security
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+spec:
+  ingressClassName: traefik
+  tls:
+    - hosts:
+        - bitwarden.khalisio.com
+      secretName: bitwarden-tls
+  rules:
+    - host: bitwarden.khalisio.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: bitwarden
+                port:
+                  number: 80
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: bitwarden-data
+  namespace: security
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 5Gi
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: bitwarden
+  namespace: security
+spec:
+  selector:
+    app: bitwarden
+  ports:
+    - name: http
+      port: 80
+      targetPort: 80
+  type: ClusterIP
@@ -0,0 +1,45 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: bitwarden
+  namespace: security
+  labels:
+    app: bitwarden
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: bitwarden
+  template:
+    metadata:
+      labels:
+        app: bitwarden
+    spec:
+      containers:
+        - name: bitwarden
+          image: bitwarden/server:latest
+          ports:
+            - containerPort: 80
+          env:
+            - name: BW_ADMIN_DOMAIN
+              value: bitwarden.khalisio.com
+            - name: WEBSOCKETS_ENABLED
+              value: "true"
+            - name: SIGNUPS_ALLOWED
+              value: "true"
+            - name: DOMAIN
+              value: https://bitwarden.khalisio.com
+          volumeMounts:
+            - name: bitwarden-data
+              mountPath: /data
+          resources:
+            requests:
+              cpu: 100m
+              memory: 128Mi
+            limits:
+              cpu: 500m
+              memory: 512Mi
+      volumes:
+        - name: bitwarden-data
+          persistentVolumeClaim:
+            claimName: bitwarden-data
@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: bitwarden
+  namespace: security
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+spec:
+  ingressClassName: traefik
+  tls:
+    - hosts:
+        - bitwarden.khalisio.com
+      secretName: bitwarden-tls
+  rules:
+    - host: bitwarden.khalisio.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: bitwarden
+                port:
+                  number: 80
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: bitwarden-data
+  namespace: security
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 5Gi
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: bitwarden
+  namespace: security
+spec:
+  selector:
+    app: bitwarden
+  ports:
+    - name: http
+      port: 80
+      targetPort: 80
+  type: ClusterIP
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: security
+  labels:
+    app.kubernetes.io/name: security
+    app.kubernetes.io/managed-by: orion
Author	SHA1	Message	Date
gitea-admin	2d1b6cf487	fix: move Bitwarden to security/bitwarden/ (correct namespace structure) Validate Manifests / validate (pull_request) Has been cancelled Details	2026-05-19 22:17:30 +00:00
gitea-admin	1436def461	fix: move Bitwarden to security/bitwarden/ (correct namespace structure)	2026-05-19 22:17:30 +00:00
gitea-admin	309c291917	fix: move Bitwarden to security/bitwarden/ (correct namespace structure)	2026-05-19 22:17:29 +00:00
gitea-admin	0b35e7500a	fix: move Bitwarden to security/bitwarden/ (correct namespace structure)	2026-05-19 22:17:29 +00:00
gitea-admin	96e4179de5	fix: move Bitwarden to security/bitwarden/ (correct namespace structure)	2026-05-19 22:17:29 +00:00
gitea-admin	18c7a798d4	fix: move Bitwarden to security/bitwarden/ (correct namespace structure)	2026-05-19 22:17:28 +00:00
gitea-admin	4a170e2a7b	fix: move Bitwarden to security/bitwarden/ (correct namespace structure)	2026-05-19 22:17:28 +00:00
gitea-admin	61faadcea3	fix: move Bitwarden to security/bitwarden/ (correct namespace structure)	2026-05-19 22:17:28 +00:00
gitea-admin	6619978c47	fix: move Bitwarden to security/bitwarden/ (correct namespace structure)	2026-05-19 22:17:27 +00:00
gitea-admin	ce7384d92e	fix: move Bitwarden to security/bitwarden/ (correct namespace structure)	2026-05-19 22:17:27 +00:00
gitea-admin	082a79b613	Merge pull request 'feat: deploy Bitwarden vault to security namespace' (#99 ) from orion/auto/feat-deploy-bitwarden-vault-to-security--1779180493216 into main Reviewed-on: #99	2026-05-19 08:48:38 +00:00
gitea-admin	e44858053c	feat: deploy Bitwarden vault to security namespace Validate Manifests / validate (pull_request) Has been cancelled Details	2026-05-19 08:48:14 +00:00
gitea-admin	56141866cb	feat: deploy Bitwarden vault to security namespace	2026-05-19 08:48:14 +00:00
gitea-admin	808f2aff06	feat: deploy Bitwarden vault to security namespace	2026-05-19 08:48:13 +00:00
gitea-admin	b03242120e	feat: deploy Bitwarden vault to security namespace	2026-05-19 08:48:13 +00:00
gitea-admin	96cf67dfa0	Merge pull request 'feat: deploy Bitwarden self-hosted in security namespace' (#97 ) from orion/auto/feat-deploy-bitwarden-self-hosted-in-sec-1779180155812 into main Reviewed-on: #97	2026-05-19 08:43:33 +00:00
gitea-admin	f882fbff41	feat: deploy Bitwarden self-hosted in security namespace Validate Manifests / validate (pull_request) Has been cancelled Details	2026-05-19 08:42:37 +00:00
gitea-admin	3259058743	feat: deploy Bitwarden self-hosted in security namespace	2026-05-19 08:42:37 +00:00
gitea-admin	a25bd791ee	feat: deploy Bitwarden self-hosted in security namespace	2026-05-19 08:42:36 +00:00
gitea-admin	0db41645f1	feat: deploy Bitwarden self-hosted in security namespace	2026-05-19 08:42:36 +00:00
gitea-admin	8b2476f98e	feat: deploy Bitwarden self-hosted in security namespace	2026-05-19 08:42:36 +00:00