From 8b2476f98e0a25300cb393d0e83496e3509a1e41 Mon Sep 17 00:00:00 2001 From: gitea-admin Date: Tue, 19 May 2026 08:42:36 +0000 Subject: [PATCH 1/5] feat: deploy Bitwarden self-hosted in security namespace --- deployments/bitwarden/namespace.yaml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 deployments/bitwarden/namespace.yaml diff --git a/deployments/bitwarden/namespace.yaml b/deployments/bitwarden/namespace.yaml new file mode 100644 index 0000000..5b441a5 --- /dev/null +++ b/deployments/bitwarden/namespace.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: security + labels: + app.kubernetes.io/name: bitwarden + app.kubernetes.io/managed-by: orion -- 2.52.0 From 0db41645f12dafd45dc67f91c99a08038974a4e0 Mon Sep 17 00:00:00 2001 From: gitea-admin Date: Tue, 19 May 2026 08:42:36 +0000 Subject: [PATCH 2/5] feat: deploy Bitwarden self-hosted in security namespace --- deployments/bitwarden/bitwarden-pvc.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 deployments/bitwarden/bitwarden-pvc.yaml diff --git a/deployments/bitwarden/bitwarden-pvc.yaml b/deployments/bitwarden/bitwarden-pvc.yaml new file mode 100644 index 0000000..a95af8b --- /dev/null +++ b/deployments/bitwarden/bitwarden-pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: bitwarden-data + namespace: security +spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn + resources: + requests: + storage: 5Gi -- 2.52.0 From a25bd791eee15d4550906404a6283bb918163713 Mon Sep 17 00:00:00 2001 From: gitea-admin Date: Tue, 19 May 2026 08:42:36 +0000 Subject: [PATCH 3/5] feat: deploy Bitwarden self-hosted in security namespace --- .../bitwarden/bitwarden-deployment.yaml | 59 +++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 deployments/bitwarden/bitwarden-deployment.yaml diff --git a/deployments/bitwarden/bitwarden-deployment.yaml b/deployments/bitwarden/bitwarden-deployment.yaml new file mode 100644 index 0000000..01004ce --- /dev/null +++ b/deployments/bitwarden/bitwarden-deployment.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bitwarden + namespace: security + labels: + app: bitwarden +spec: + replicas: 1 + selector: + matchLabels: + app: bitwarden + template: + metadata: + labels: + app: bitwarden + spec: + containers: + - name: bitwarden + image: bitwarden/server:latest + ports: + - containerPort: 80 + env: + - name: SIGNUPS_ALLOWED + value: "true" + - name: WEBVAULT_ENABLED + value: "true" + - name: IDENTITY_URL + value: "https://bitwarden.khalisio.com" + - name: API_URL + value: "https://bitwarden.khalisio.com" + - name: DATABASE_URL + value: "/bitwarden/data/bitwarden.db" + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + volumeMounts: + - name: bitwarden-data + mountPath: /bitwarden + readinessProbe: + httpGet: + path: /healthz + port: 80 + initialDelaySeconds: 15 + periodSeconds: 10 + livenessProbe: + httpGet: + path: /healthz + port: 80 + initialDelaySeconds: 30 + periodSeconds: 30 + volumes: + - name: bitwarden-data + persistentVolumeClaim: + claimName: bitwarden-data -- 2.52.0 From 32590587436062bbd88e32cc3c373e613a52e434 Mon Sep 17 00:00:00 2001 From: gitea-admin Date: Tue, 19 May 2026 08:42:37 +0000 Subject: [PATCH 4/5] feat: deploy Bitwarden self-hosted in security namespace --- deployments/bitwarden/bitwarden-service.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 deployments/bitwarden/bitwarden-service.yaml diff --git a/deployments/bitwarden/bitwarden-service.yaml b/deployments/bitwarden/bitwarden-service.yaml new file mode 100644 index 0000000..02bdb48 --- /dev/null +++ b/deployments/bitwarden/bitwarden-service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: bitwarden + namespace: security +spec: + selector: + app: bitwarden + ports: + - name: http + port: 80 + targetPort: 80 + type: ClusterIP -- 2.52.0 From f882fbff417f57a5f41eec4053e8ce6f60c947e9 Mon Sep 17 00:00:00 2001 From: gitea-admin Date: Tue, 19 May 2026 08:42:37 +0000 Subject: [PATCH 5/5] feat: deploy Bitwarden self-hosted in security namespace --- deployments/bitwarden/bitwarden-ingress.yaml | 26 ++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 deployments/bitwarden/bitwarden-ingress.yaml diff --git a/deployments/bitwarden/bitwarden-ingress.yaml b/deployments/bitwarden/bitwarden-ingress.yaml new file mode 100644 index 0000000..0c8d4c5 --- /dev/null +++ b/deployments/bitwarden/bitwarden-ingress.yaml @@ -0,0 +1,26 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: bitwarden + namespace: security + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" +spec: + ingressClassName: traefik + tls: + - hosts: + - bitwarden.khalisio.com + secretName: bitwarden-tls + rules: + - host: bitwarden.khalisio.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: bitwarden + port: + number: 80 -- 2.52.0