apiVersion: apps/v1 kind: Deployment metadata: generation: 1 labels: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden name: vaultwarden namespace: default spec: replicas: 1 selector: matchLabels: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/name: vaultwarden template: metadata: labels: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/name: vaultwarden spec: containers: - env: - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: postgres key: postgres-password - name: DATABASE_URL value: "postgres://postgres:$(POSTGRES_PASSWORD)@postgres.default:5432/vaultwarden?sslmode=disable" envFrom: - configMapRef: name: vaultwarden image: docker.io/vaultwarden/server:1.32.4 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 10 httpGet: path: /alive port: http scheme: HTTP initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: vaultwarden ports: - containerPort: 8080 name: http protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /alive port: http scheme: HTTP initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 volumeMounts: - mountPath: /data name: vaultwarden-data volumes: - name: vaultwarden-data persistentVolumeClaim: claimName: vaultwarden-data-vaultwarden-0 --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/name: vaultwarden name: vaultwarden namespace: default spec: ports: - name: http port: 80 protocol: TCP targetPort: 8080 selector: app.kubernetes.io/component: vaultwarden app.kubernetes.io/instance: vaultwarden app.kubernetes.io/name: vaultwarden type: ClusterIP