58 lines
1.5 KiB
YAML
58 lines
1.5 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: vaultwarden
|
|
labels:
|
|
app.kubernetes.io/name: vaultwarden
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: vaultwarden
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: vaultwarden
|
|
spec:
|
|
affinity:
|
|
nodeAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 1
|
|
preference:
|
|
matchExpressions:
|
|
- key: location
|
|
operator: In
|
|
values:
|
|
- fsn
|
|
volumes:
|
|
- name: vaultwarden-data
|
|
persistentVolumeClaim:
|
|
claimName: vaultwarden-data-pvc
|
|
hostAliases:
|
|
- ip: "100.113.193.5"
|
|
hostnames:
|
|
- "mail.prettysunflower.moe"
|
|
containers:
|
|
- name: teable
|
|
image: vaultwarden/server:1.34.3
|
|
ports:
|
|
- containerPort: 80
|
|
name: http
|
|
envFrom:
|
|
- configMapRef:
|
|
name: vaultwarden-config
|
|
- secretRef:
|
|
name: vaultwarden-secrets
|
|
volumeMounts:
|
|
- name: vaultwarden-data
|
|
mountPath: "/data"
|
|
securityContext:
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
runAsNonRoot: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault |