diff --git a/README.md b/README.md index 9e6dabc..208e78e 100644 --- a/README.md +++ b/README.md @@ -99,6 +99,22 @@ database: uriOverride: "postgresql://appuser:apppassword@pg.contoso.eu:5433/qualdb" ``` +Alternatively, you could create a Kubernetes secret containing the database URI: + +```bash +DB_STRING_B64=$(echo -n 'postgresql://appuser:apppassword@pg.contoso.eu:5433/qualdb' | base64 -w 0) +kubectl -n vaultwarden create secret generic prod-db-creds --from-literal=secret-uri=$DB_STRING_B64 +``` + +Then pass the name of the secret and the key to the chart: + +```yaml +database: + type: postgresql + existingSecret: "prod-db-creds" + existingSecretKey: "secret-uri" +``` + Detailed configuration options can be found in the [Database Configuration](#database-configuration) section below. ### SSL and Ingress @@ -268,15 +284,19 @@ Detailed configuration options can be found in the [Storage Configuration](#stor ### Database Configuration -| Name | Description | Value | -| ---------------------- | ----------------------------------------- | --------- | -| `database.type` | Database type, either mysql or postgresql | `default` | -| `database.host` | Database hostname or IP address | `""` | -| `database.port` | Database port | `""` | -| `database.username` | Database username | `""` | -| `database.password` | Database password | `""` | -| `database.dbName` | Database name | `""` | -| `database.uriOverride` | Manually specify the DB connection string | `""` | +| Name | Description | Value | +| ---------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | --------- | +| `database.type` | Database type, either mysql or postgresql | `default` | +| `database.host` | Database hostname or IP address | `""` | +| `database.port` | Database port | `""` | +| `database.username` | Database username | `""` | +| `database.password` | Database password | `""` | +| `database.dbName` | Database name | `""` | +| `database.uriOverride` | Manually specify the DB connection string | `""` | +| `database.existingSecret` | Name of an existing secret containing the database URI | `""` | +| `database.existingSecretKey` | Key in the existing secret | `""` | +| `database.connectionRetries` | Number of times to retry the database connection during startup, with 1 second delay between each retry, set to 0 to retry indefinitely. | `15` | +| `database.maxConnections` | Define the size of the connection pool used for connecting to the database. | `10` | ### SMTP Configuration diff --git a/templates/configmap.yaml b/templates/configmap.yaml index 0a3a36d..d9e3a5f 100644 --- a/templates/configmap.yaml +++ b/templates/configmap.yaml @@ -8,13 +8,6 @@ metadata: {{- include "vaultwarden.labels" . | nindent 4 }} data: DOMAIN: {{ .Values.domain | quote }} - {{- if ne "default" .Values.database.type }} - {{- if .Values.database.uriOverride }} - DATABASE_URL: {{ .Values.database.uriOverride }} - {{- else }} - DATABASE_URL: {{ include "dbString" . | quote }} - {{- end }} - {{- end }} {{- if and .Values.smtp.host .Values.smtp.from | quote }} SMTP_HOST: {{ .Values.smtp.host | quote }} SMTP_SECURITY: {{ .Values.smtp.security | quote }} @@ -46,3 +39,5 @@ data: LOG_FILE: {{ .Values.logging.logfile | quote }} LOG_LEVEL: {{ .Values.logging.loglevel | quote }} {{- end }} + DB_CONNECTION_RETRIES: {{ .Values.database.connectionRetries }} + DATABASE_MAX_CONNS: {{ .Values.database.maxConnections }} diff --git a/templates/statefulset.yaml b/templates/statefulset.yaml index 906013a..d9357e2 100644 --- a/templates/statefulset.yaml +++ b/templates/statefulset.yaml @@ -74,6 +74,21 @@ spec: secretKeyRef: name: {{ default (include "vaultwarden.fullname" .) .Values.adminToken.existingSecret }} key: {{ default "ADMIN_TOKEN" .Values.adminToken.existingSecretKey }} + {{- if ne "default" .Values.database.type }} + - name: DATABASE_URL + {{- if .Values.database.existingSecret }} + valueFrom: + secretKeyRef: + name: {{ .Values.database.existingSecret }} + key: {{ .Values.database.existingSecretKey }} + {{- else }} + {{- if .Values.database.uriOverride }} + value: {{ .Values.database.uriOverride }} + {{- else }} + value: {{ include "dbString" . | quote }} + {{- end }} + {{- end }} + {{- end }} ports: - containerPort: 8080 name: http diff --git a/values.yaml b/values.yaml index ec1f178..1f080c8 100644 --- a/values.yaml +++ b/values.yaml @@ -195,6 +195,18 @@ database: ## @param database.uriOverride Manually specify the DB connection string ## uriOverride: "" + ## @param database.existingSecret Name of an existing secret containing the database URI + ## + existingSecret: "" + ## @param database.existingSecretKey Key in the existing secret + ## + existingSecretKey: "" + ## @param database.connectionRetries Number of times to retry the database connection during startup, with 1 second delay between each retry, set to 0 to retry indefinitely. + ## + connectionRetries: 15 + ## @param database.maxConnections Define the size of the connection pool used for connecting to the database. + ## + maxConnections: 10 ## @section SMTP Configuration ##