52 lines
1.1 KiB
YAML
52 lines
1.1 KiB
YAML
apiVersion: secrets.hashicorp.com/v1beta1
|
|
kind: VaultStaticSecret
|
|
metadata:
|
|
name: vaultwarden
|
|
namespace: vaultwarden
|
|
spec:
|
|
destination:
|
|
create: true
|
|
name: vaultwarden
|
|
mount: kv
|
|
path: vaultwarden/vaultwarden
|
|
refreshAfter: 30s
|
|
type: kv-v2
|
|
vaultAuthRef: vault
|
|
---
|
|
apiVersion: secrets.hashicorp.com/v1beta1
|
|
kind: VaultDynamicSecret
|
|
metadata:
|
|
name: postgres-vaultwarden
|
|
namespace: vaultwarden
|
|
spec:
|
|
allowStaticCreds: true
|
|
destination:
|
|
create: true
|
|
name: postgres-vaultwarden
|
|
transformation:
|
|
templates:
|
|
DATABASE_URL:
|
|
text: postgres://{{ .Secrets.username }}:{{ .Secrets.password }}@192.168.50.236/vaultwarden
|
|
mount: database
|
|
path: static-creds/vaultwarden
|
|
refreshAfter: 30s
|
|
vaultAuthRef: vault
|
|
rolloutRestartTargets:
|
|
- name: vaultwarden
|
|
kind: Deployment
|
|
---
|
|
apiVersion: secrets.hashicorp.com/v1beta1
|
|
kind: VaultStaticSecret
|
|
metadata:
|
|
name: vaultwarden-keys
|
|
namespace: vaultwarden
|
|
spec:
|
|
destination:
|
|
create: true
|
|
name: vaultwarden-keys
|
|
mount: kv
|
|
path: vaultwarden/keys
|
|
refreshAfter: 30s
|
|
type: kv-v2
|
|
vaultAuthRef: vault
|