diff --git a/deployments/bitwarden/ingress.yaml b/deployments/bitwarden/ingress.yaml deleted file mode 100644 index 1976d66..0000000 --- a/deployments/bitwarden/ingress.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: traefik.io/v1alpha1 -kind: IngressRoute -metadata: - name: bitwarden - namespace: security - annotations: - kubernetes.io/ingress.class: traefik -spec: - entryPoints: - - websecure - routes: - - match: Host(`bitwarden.khalisio.com`) - kind: Rule - services: - - name: bitwarden - port: 80 - tls: - secretName: bitwarden-tls - options: - name: default - kind: ClusterEntrypoint diff --git a/deployments/bitwarden/deployment.yaml b/deployments/security/bitwarden/deployment.yaml similarity index 67% rename from deployments/bitwarden/deployment.yaml rename to deployments/security/bitwarden/deployment.yaml index 3931fe2..ccbba63 100644 --- a/deployments/bitwarden/deployment.yaml +++ b/deployments/security/bitwarden/deployment.yaml @@ -17,23 +17,18 @@ spec: spec: containers: - name: bitwarden - image: bitwarden/server:1.30.1 + image: bitwarden/server:latest ports: - containerPort: 80 env: - - name: WEBSOCKET_ENABLED + - name: BW_ADMIN_DOMAIN + value: bitwarden.khalisio.com + - name: WEBSOCKETS_ENABLED value: "true" - name: SIGNUPS_ALLOWED value: "true" - - name: ADMIN_TOKEN - valueFrom: - secretKeyRef: - name: bitwarden-secret - key: admin-token - - name: DB_CERT_FORMAT - value: "pem" - - name: SIGNUP_ORIGINS - value: "https://bitwarden.khalisio.com" + - name: DOMAIN + value: https://bitwarden.khalisio.com volumeMounts: - name: bitwarden-data mountPath: /data diff --git a/deployments/security/bitwarden/ingress.yaml b/deployments/security/bitwarden/ingress.yaml new file mode 100644 index 0000000..218b49c --- /dev/null +++ b/deployments/security/bitwarden/ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: bitwarden + namespace: security + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/router.entrypoints: websecure +spec: + ingressClassName: traefik + tls: + - hosts: + - bitwarden.khalisio.com + secretName: bitwarden-tls + rules: + - host: bitwarden.khalisio.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: bitwarden + port: + number: 80 diff --git a/deployments/bitwarden/pvc.yaml b/deployments/security/bitwarden/pvc.yaml similarity index 100% rename from deployments/bitwarden/pvc.yaml rename to deployments/security/bitwarden/pvc.yaml diff --git a/deployments/bitwarden/service.yaml b/deployments/security/bitwarden/service.yaml similarity index 71% rename from deployments/bitwarden/service.yaml rename to deployments/security/bitwarden/service.yaml index 7e07252..02bdb48 100644 --- a/deployments/bitwarden/service.yaml +++ b/deployments/security/bitwarden/service.yaml @@ -3,13 +3,11 @@ kind: Service metadata: name: bitwarden namespace: security - labels: - app: bitwarden spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 80 - protocol: TCP selector: app: bitwarden + ports: + - name: http + port: 80 + targetPort: 80 + type: ClusterIP diff --git a/deployments/bitwarden/namespace.yaml b/deployments/security/namespace.yaml similarity index 73% rename from deployments/bitwarden/namespace.yaml rename to deployments/security/namespace.yaml index 5b441a5..467ada5 100644 --- a/deployments/bitwarden/namespace.yaml +++ b/deployments/security/namespace.yaml @@ -3,5 +3,5 @@ kind: Namespace metadata: name: security labels: - app.kubernetes.io/name: bitwarden + app.kubernetes.io/name: security app.kubernetes.io/managed-by: orion