Stavros Kois
2e4d29ecf6
Set minimum runAs user to 568 and bump common (#1146)
|
2 anni fa | |
|---|---|---|
| .. | ||
| charts | 2 anni fa | |
| ci | 2 anni fa | |
| templates | 2 anni fa | |
| Chart.lock | 2 anni fa | |
| Chart.yaml | 2 anni fa | |
| README.md | 2 anni fa | |
| app-readme.md | 2 anni fa | |
| item.yaml | 2 anni fa | |
| questions.yaml | 2 anni fa | |
| upgrade_info.json | 2 anni fa | |
| upgrade_strategy | 2 anni fa | |
| values.yaml | 2 anni fa | |
README.md
Vaultwarden
Vaultwarden Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients
During the installation process, a container will be launched with root privileges. This is required in order to apply the correct permissions to the
Vaultwardendata directory. Afterward, theVaultwardencontainer will run as a non-root user (default568). Same applies to thepostgrescontainer. This will run afterwards as a non-root user (999). On each upgrade, a container will be launched with root privileges in order to apply the correct permissions to thepostgresbackups directory. Container that performs the backup will run as a non-root user (999) afterwards. Keep in mind the permissions on the backup directory will be changed to999:999on every update. But will only be changed once for theVaultwardenandpostgresdata directories.
While the option to use Rocket for TLS is there, it is not
recommended.
Instead, use a reverse proxy to handle TLS termination.
Using HTTPS is required for the most of the features to work (correctly).