| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583 |
- {
- "1.0.29": {
- "healthy": true,
- "supported": true,
- "healthy_error": null,
- "location": "/__w/charts/charts/community/vaultwarden/1.0.29",
- "last_update": "2023-11-14 10:11:57",
- "required_features": [
- "definitions/certificate",
- "definitions/timezone",
- "normalize/ixVolume"
- ],
- "human_version": "1.30.0_1.0.29",
- "version": "1.0.29",
- "chart_metadata": {
- "name": "vaultwarden",
- "description": "Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients.",
- "annotations": {
- "title": "Vaultwarden"
- },
- "type": "application",
- "version": "1.0.29",
- "apiVersion": "v2",
- "appVersion": "1.30.0",
- "kubeVersion": ">=1.16.0-0",
- "maintainers": [
- {
- "name": "truenas",
- "url": "https://www.truenas.com/",
- "email": "dev@ixsystems.com"
- }
- ],
- "dependencies": [
- {
- "name": "common",
- "repository": "file://../../../common",
- "version": "1.2.2"
- }
- ],
- "home": "https://github.com/dani-garcia/vaultwarden",
- "icon": "https://media.sys.truenas.net/apps/vaultwarden/icons/icon.png",
- "sources": [
- "https://github.com/dani-garcia/vaultwarden",
- "https://github.com/truenas/charts/tree/master/community/vaultwarden"
- ],
- "keywords": [
- "password",
- "manager"
- ]
- },
- "app_metadata": {
- "runAsContext": [
- {
- "userName": "vaultwarden",
- "groupName": "vaultwarden",
- "gid": 568,
- "uid": 568,
- "description": "Vaultwarden can run as any non-root user."
- },
- {
- "userName": "postgres",
- "groupName": "postgres",
- "gid": 999,
- "uid": 999,
- "description": "Postgres runs as a non-root user."
- }
- ],
- "capabilities": [],
- "hostMounts": []
- },
- "schema": {
- "groups": [
- {
- "name": "Vaultwarden Configuration",
- "description": "Configure Vaultwarden"
- },
- {
- "name": "User and Group Configuration",
- "description": "Configure User and Group for Vaultwarden"
- },
- {
- "name": "Network Configuration",
- "description": "Configure Network for Vaultwarden"
- },
- {
- "name": "Storage Configuration",
- "description": "Configure Storage for Vaultwarden"
- },
- {
- "name": "Resources Configuration",
- "description": "Configure Resources for Vaultwarden"
- }
- ],
- "portals": {
- "web_portal": {
- "protocols": [
- "$kubernetes-resource_configmap_portal_protocol"
- ],
- "host": [
- "$kubernetes-resource_configmap_portal_host"
- ],
- "ports": [
- "$kubernetes-resource_configmap_portal_port"
- ],
- "path": "$kubernetes-resource_configmap_portal_path"
- },
- "admin_portal": {
- "protocols": [
- "$kubernetes-resource_configmap_portal_protocol"
- ],
- "host": [
- "$kubernetes-resource_configmap_portal_host"
- ],
- "ports": [
- "$kubernetes-resource_configmap_portal_port"
- ],
- "path": "$kubernetes-resource_configmap_portal_admin_path"
- }
- },
- "questions": [
- {
- "variable": "TZ",
- "group": "Vaultwarden Configuration",
- "label": "Timezone",
- "schema": {
- "type": "string",
- "default": "America/Los_Angeles",
- "required": true,
- "$ref": [
- "definitions/timezone"
- ],
- "enum": [
- {
- "value": "Asia/Damascus",
- "description": "'Asia/Damascus' timezone"
- },
- {
- "value": "Asia/Saigon",
- "description": "'Asia/Saigon' timezone"
- }
- ]
- }
- },
- {
- "variable": "vaultwardenConfig",
- "label": "",
- "group": "Vaultwarden Configuration",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "adminToken",
- "label": "Admin Token",
- "description": "Setting this, will enable the admin portal",
- "schema": {
- "type": "string",
- "private": true,
- "default": ""
- }
- },
- {
- "variable": "additionalEnvs",
- "label": "Additional Environment Variables",
- "description": "Configure additional environment variables for Vaultwarden.",
- "schema": {
- "type": "list",
- "default": [],
- "items": [
- {
- "variable": "env",
- "label": "Environment Variable",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "name",
- "label": "Name",
- "schema": {
- "type": "string",
- "required": true
- }
- },
- {
- "variable": "value",
- "label": "Value",
- "schema": {
- "type": "string",
- "required": true
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- },
- {
- "variable": "vaultwardenRunAs",
- "label": "",
- "group": "User and Group Configuration",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "user",
- "label": "User ID",
- "description": "The user id that Vaultwarden will run as.",
- "schema": {
- "type": "int",
- "min": 568,
- "default": 568,
- "required": true
- }
- },
- {
- "variable": "group",
- "label": "Group ID",
- "description": "The group id that Vaultwarden will run as.",
- "schema": {
- "type": "int",
- "min": 568,
- "default": 568,
- "required": true
- }
- }
- ]
- }
- },
- {
- "variable": "vaultwardenNetwork",
- "label": "",
- "group": "Network Configuration",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "webPort",
- "label": "Web Port",
- "description": "The port for the Vaultwarden Web UI.",
- "schema": {
- "type": "int",
- "default": 30032,
- "min": 9000,
- "max": 65535,
- "required": true
- }
- },
- {
- "variable": "wsEnabled",
- "label": "Enable Websocket",
- "schema": {
- "type": "boolean",
- "default": true
- }
- },
- {
- "variable": "wsPort",
- "label": "Websocket Port",
- "description": "The port for the Vaultwarden Websocket.",
- "schema": {
- "type": "int",
- "show_if": [
- [
- "wsEnabled",
- "=",
- true
- ]
- ],
- "default": 30033,
- "min": 9000,
- "max": 65535,
- "required": true
- }
- },
- {
- "variable": "hostNetwork",
- "label": "Host Network",
- "description": "Bind to the host network. It's recommended to keep this disabled.</br>\n",
- "schema": {
- "type": "boolean",
- "default": false
- }
- },
- {
- "variable": "domain",
- "label": "Domain",
- "description": "The domain to use for Vaultwarden </br>\nFormat is: https://sub.domain.tld:port\n",
- "schema": {
- "type": "string",
- "default": ""
- }
- },
- {
- "variable": "certificateID",
- "label": "Certificate",
- "description": "The certificate to use for Vaultwarden </br>\nUsing the Rocket method for TLS setup is NOT recommended </br>\nPrefer a reverse proxy with a valid certificate </br>\n",
- "schema": {
- "type": "int",
- "null": true,
- "$ref": [
- "definitions/certificate"
- ],
- "enum": [
- {
- "value": null,
- "description": "No Certificate"
- }
- ],
- "default": null
- }
- }
- ]
- }
- },
- {
- "variable": "vaultwardenStorage",
- "label": "",
- "group": "Storage Configuration",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "data",
- "label": "Vaultwarden Data Storage",
- "description": "The path to store Vaultwarden attachments, icons, etc.",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "type",
- "label": "Type",
- "description": "ixVolume: Is dataset created automatically by the system.</br>\nHost Path: Is a path that already exists on the system.\n",
- "schema": {
- "type": "string",
- "required": true,
- "immutable": true,
- "default": "ixVolume",
- "enum": [
- {
- "value": "hostPath",
- "description": "Host Path (Path that already exists on the system)"
- },
- {
- "value": "ixVolume",
- "description": "ixVolume (Dataset created automatically by the system)"
- }
- ]
- }
- },
- {
- "variable": "datasetName",
- "label": "Dataset Name",
- "schema": {
- "type": "string",
- "show_if": [
- [
- "type",
- "=",
- "ixVolume"
- ]
- ],
- "required": true,
- "hidden": true,
- "immutable": true,
- "default": "data",
- "$ref": [
- "normalize/ixVolume"
- ]
- }
- },
- {
- "variable": "hostPath",
- "label": "Host Path",
- "schema": {
- "type": "hostpath",
- "show_if": [
- [
- "type",
- "=",
- "hostPath"
- ]
- ],
- "immutable": true,
- "required": true
- }
- }
- ]
- }
- },
- {
- "variable": "pgData",
- "label": "Vaultwarden Postgres Data Storage",
- "description": "The path to store Vaultwarden Postgres Data.",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "type",
- "label": "Type",
- "description": "ixVolume: Is dataset created automatically by the system.</br>\nHost Path: Is a path that already exists on the system.\n",
- "schema": {
- "type": "string",
- "required": true,
- "immutable": true,
- "default": "ixVolume",
- "enum": [
- {
- "value": "hostPath",
- "description": "Host Path (Path that already exists on the system)"
- },
- {
- "value": "ixVolume",
- "description": "ixVolume (Dataset created automatically by the system)"
- }
- ]
- }
- },
- {
- "variable": "datasetName",
- "label": "Dataset Name",
- "schema": {
- "type": "string",
- "show_if": [
- [
- "type",
- "=",
- "ixVolume"
- ]
- ],
- "required": true,
- "hidden": true,
- "immutable": true,
- "default": "pgData",
- "$ref": [
- "normalize/ixVolume"
- ]
- }
- },
- {
- "variable": "hostPath",
- "label": "Host Path",
- "schema": {
- "type": "hostpath",
- "show_if": [
- [
- "type",
- "=",
- "hostPath"
- ]
- ],
- "immutable": true,
- "required": true
- }
- }
- ]
- }
- },
- {
- "variable": "pgBackup",
- "label": "Vaultwarden Postgres Backup Storage",
- "description": "The path to store Vaultwarden Postgres Backup.",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "type",
- "label": "Type",
- "description": "ixVolume: Is dataset created automatically by the system.</br>\nHost Path: Is a path that already exists on the system.\n",
- "schema": {
- "type": "string",
- "required": true,
- "immutable": true,
- "default": "ixVolume",
- "enum": [
- {
- "value": "hostPath",
- "description": "Host Path (Path that already exists on the system)"
- },
- {
- "value": "ixVolume",
- "description": "ixVolume (Dataset created automatically by the system)"
- }
- ]
- }
- },
- {
- "variable": "datasetName",
- "label": "Dataset Name",
- "schema": {
- "type": "string",
- "show_if": [
- [
- "type",
- "=",
- "ixVolume"
- ]
- ],
- "required": true,
- "hidden": true,
- "immutable": true,
- "default": "pgBackup",
- "$ref": [
- "normalize/ixVolume"
- ]
- }
- },
- {
- "variable": "hostPath",
- "label": "Host Path",
- "schema": {
- "type": "hostpath",
- "show_if": [
- [
- "type",
- "=",
- "hostPath"
- ]
- ],
- "immutable": true,
- "required": true
- }
- }
- ]
- }
- }
- ]
- }
- },
- {
- "variable": "resources",
- "label": "",
- "group": "Resources Configuration",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "limits",
- "label": "Limits",
- "schema": {
- "type": "dict",
- "attrs": [
- {
- "variable": "cpu",
- "label": "CPU",
- "description": "CPU limit for Vaultwarden.",
- "schema": {
- "type": "string",
- "max_length": 6,
- "valid_chars": "^(0\\.[1-9]|[1-9][0-9]*)(\\.[0-9]|m?)$",
- "valid_chars_error": "Valid CPU limit formats are</br>\n- Plain Integer - eg. 1</br>\n- Float - eg. 0.5</br>\n- Milicpu - eg. 500m\n",
- "default": "4000m",
- "required": true
- }
- },
- {
- "variable": "memory",
- "label": "Memory",
- "description": "Memory limit for Vaultwarden.",
- "schema": {
- "type": "string",
- "max_length": 12,
- "valid_chars": "^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$",
- "valid_chars_error": "Valid Memory limit formats are</br>\n- Suffixed with E/P/T/G/M/K - eg. 1G</br>\n- Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi</br>\n- Plain Integer in bytes - eg. 1024</br>\n- Exponent - eg. 134e6\n",
- "default": "8Gi",
- "required": true
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- },
- "app_readme": "<h1>Vaultwarden</h1>\n<p><a href=\"https://github.com/dani-garcia/vaultwarden\">Vaultwarden</a> Alternative implementation of the <code>Bitwarden</code> server API written in Rust and compatible with upstream Bitwarden clients</p>\n<blockquote>\n<p>During the installation process, a container will be launched with <strong>root</strong> privileges. This is required\nin order to apply the correct permissions to the <code>Vaultwarden</code> data directory. Afterward, the <code>Vaultwarden</code> container\nwill run as a <strong>non</strong>-root user (default <code>568</code>).\nSame applies to the <code>postgres</code> container. This will run afterwards as a <strong>non</strong>-root user (<code>999</code>).\nOn each upgrade, a container will be launched with <strong>root</strong> privileges in order to apply the correct\npermissions to the <code>postgres</code> <strong>backups</strong> directory. Container that performs the backup will run as a <strong>non</strong>-root user (<code>999</code>) afterwards.\nKeep in mind the permissions on the backup directory will be changed to <code>999:999</code> on <strong>every</strong> update.\nBut will only be changed once for the <code>Vaultwarden</code> and <code>postgres</code> data directories.</p>\n</blockquote>\n<p>While the option to use <code>Rocket</code> for TLS is there, it is not\n<a href=\"https://github.com/dani-garcia/vaultwarden/wiki/Enabling-HTTPS#via-rocket\">recommended</a>.\nInstead, use a reverse proxy to handle TLS termination.</p>\n<p>Using <code>HTTPS</code> is <strong>required</strong> for the most of the features to work (correctly).</p>",
- "detailed_readme": "<h1>Vaultwarden</h1>\n<p><a href=\"https://github.com/dani-garcia/vaultwarden\">Vaultwarden</a> Alternative implementation of the <code>Bitwarden</code> server API written in Rust and compatible with upstream Bitwarden clients</p>\n<blockquote>\n<p>During the installation process, a container will be launched with <strong>root</strong> privileges. This is required\nin order to apply the correct permissions to the <code>Vaultwarden</code> data directory. Afterward, the <code>Vaultwarden</code> container\nwill run as a <strong>non</strong>-root user (default <code>568</code>).\nSame applies to the <code>postgres</code> container. This will run afterwards as a <strong>non</strong>-root user (<code>999</code>).\nOn each upgrade, a container will be launched with <strong>root</strong> privileges in order to apply the correct\npermissions to the <code>postgres</code> <strong>backups</strong> directory. Container that performs the backup will run as a <strong>non</strong>-root user (<code>999</code>) afterwards.\nKeep in mind the permissions on the backup directory will be changed to <code>999:999</code> on <strong>every</strong> update.\nBut will only be changed once for the <code>Vaultwarden</code> and <code>postgres</code> data directories.</p>\n</blockquote>\n<p>While the option to use <code>Rocket</code> for TLS is there, it is not\n<a href=\"https://github.com/dani-garcia/vaultwarden/wiki/Enabling-HTTPS#via-rocket\">recommended</a>.\nInstead, use a reverse proxy to handle TLS termination.</p>\n<p>Using <code>HTTPS</code> is <strong>required</strong> for the most of the features to work (correctly).</p>",
- "changelog": null
- }
- }
|
