From 48d955c7c09878fe9cd3b4e733cbf32bec3a2c11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yannik=20M=C3=BCller?= Date: Tue, 20 Aug 2024 14:11:41 +0200 Subject: [PATCH 1/4] Change pushNotifications configuration to enable the use of existing secrets for Bitwarden installation id and key. Alternative to defining sensitive secret values as a string in values.yaml. Based on the implementation of the smtp settings. --- charts/vaultwarden/templates/_podSpec.tpl | 14 +++++++ charts/vaultwarden/templates/configmap.yaml | 2 - charts/vaultwarden/templates/secrets.yaml | 4 ++ charts/vaultwarden/values.yaml | 42 +++++++++++++++++---- 4 files changed, 53 insertions(+), 9 deletions(-) diff --git a/charts/vaultwarden/templates/_podSpec.tpl b/charts/vaultwarden/templates/_podSpec.tpl index 8bd4a42..792d3ba 100644 --- a/charts/vaultwarden/templates/_podSpec.tpl +++ b/charts/vaultwarden/templates/_podSpec.tpl @@ -68,6 +68,20 @@ containers: - name: DISABLE_ADMIN_TOKEN value: "true" {{- end }} + {{- if or (.Values.pushNotifications.installationId.value) (.Values.pushNotifications.installationId.existingSecretKey )}} + - name: PUSH_INSTALLATION_ID + valueFrom: + secretKeyRef: + name: {{ default (include "vaultwarden.fullname" .) .Values.pushNotifications.existingSecret }} + key: {{ default "PUSH_INSTALLATION_ID" .Values.pushNotifications.installationId.existingSecretKey }} + {{- end }} + {{- if or (.Values.pushNotifications.installationKey.value) (.Values.pushNotifications.installationKey.existingSecretKey )}} + - name: PUSH_INSTALLATION_KEY + valueFrom: + secretKeyRef: + name: {{ default (include "vaultwarden.fullname" .) .Values.pushNotifications.existingSecret }} + key: {{ default "PUSH_INSTALLATION_KEY" .Values.pushNotifications.installationKey.existingSecretKey }} + {{- end }} {{- if ne "default" .Values.database.type }} - name: DATABASE_URL {{- if .Values.database.existingSecret }} diff --git a/charts/vaultwarden/templates/configmap.yaml b/charts/vaultwarden/templates/configmap.yaml index 9f67f5e..447eac0 100644 --- a/charts/vaultwarden/templates/configmap.yaml +++ b/charts/vaultwarden/templates/configmap.yaml @@ -55,8 +55,6 @@ data: IP_HEADER: {{ .Values.ipHeader | quote }} {{- if .Values.pushNotifications }} PUSH_ENABLED: "true" - PUSH_INSTALLATION_ID: {{ .Values.pushNotifications.installationId | quote }} - PUSH_INSTALLATION_KEY: {{ .Values.pushNotifications.installationKey | quote }} {{- with .Values.pushNotifications.relayUri }} PUSH_RELAY_URI: {{ . | quote }} {{- end }} diff --git a/charts/vaultwarden/templates/secrets.yaml b/charts/vaultwarden/templates/secrets.yaml index 1d26846..7b2cd3a 100644 --- a/charts/vaultwarden/templates/secrets.yaml +++ b/charts/vaultwarden/templates/secrets.yaml @@ -16,6 +16,10 @@ data: SMTP_PASSWORD: {{ .Values.smtp.password.value | b64enc | quote }} SMTP_USERNAME: {{ .Values.smtp.username.value | b64enc | quote }} {{- end }} + {{- if not ( .Values.pushNotifications.existingSecret ) }} + PUSH_INSTALLATION_ID: {{ .Values.pushNotifications.installationId.value | b64enc | quote }} + PUSH_INSTALLATION_KEY: {{ .Values.pushNotifications.installationKey.value | b64enc | quote }} + {{- end }} {{- if not ( .Values.adminToken.existingSecret ) }} ADMIN_TOKEN: {{ .Values.adminToken.value | b64enc | quote }} {{- end }} diff --git a/charts/vaultwarden/values.yaml b/charts/vaultwarden/values.yaml index 845468b..acfeace 100644 --- a/charts/vaultwarden/values.yaml +++ b/charts/vaultwarden/values.yaml @@ -293,15 +293,43 @@ database: ## @section Push notifications ## -## @param pushNotifications Enable mobile push notifications, see values.yaml for parameters +## @extra pushNotifications Enable mobile push notifications. Refer to https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Mobile-Client-push-notification for details ## Supported since 1.29.0. -## Refer to https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Mobile-Client-push-notification for details +## ## -pushNotifications: {} - # installationId: "" - # installationKey: "" - # relayUri: "https://push.bitwarden.com" - # identityUri: "https://identity.bitwarden.com" +pushNotifications: + ## @param pushNotifications.existingSecret Name of an existing secret containing the Bitwarden installation id and key + ## + existingSecret: "" + ## @extra pushNotifications.installationId Installation Id for mobile push notifications + ## + installationId: + ## @param pushNotifications.installationId.value Bitwarden installation id string + ## Example: installationIdGoesHere + ## + value: "" + ## @param pushNotifications.installationId.existingSecretKey When using an existing secret, specify the key which contains the installation id. + ## Example: INSTALLATION_ID + ## + existingSecretKey: "" + ## @extra pushNotifications.installationKey Installation Key for mobile push notifications + installationKey: + ## @param pushNotifications.installationKey.value Bitwarden installation key string + ## Example: superSecretInstallationKey + ## + value: "" + ## @param pushNotifications.installationKey.existingSecretKey When using an existing secret, specify the key which contains the installation key. + ## Example: INSTALLATION_KEY + ## + existingSecretKey: "" + ## @param pushNotifications.relayUri Change Bitwarden relay uri. + ## Refer to https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Mobile-Client-push-notification for details + ## + relayUri: "https://push.bitwarden.com" + ## @param pushNotifications.identityUri Change Bitwarden identity uri. + ## Refer to https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Mobile-Client-push-notification for details + ## + identityUri: "https://identity.bitwarden.com" ## @section Scheduled jobs ## From dad57eb2aeb8618688434e07ea7ea465229281a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yannik=20M=C3=BCller?= Date: Tue, 20 Aug 2024 14:47:54 +0200 Subject: [PATCH 2/4] Updated documentation for pushNotifications in values.yaml --- charts/vaultwarden/values.yaml | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/charts/vaultwarden/values.yaml b/charts/vaultwarden/values.yaml index acfeace..09fb6b0 100644 --- a/charts/vaultwarden/values.yaml +++ b/charts/vaultwarden/values.yaml @@ -290,19 +290,15 @@ database: ## maxConnections: 10 -## @section Push notifications -## - -## @extra pushNotifications Enable mobile push notifications. Refer to https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Mobile-Client-push-notification for details +## @section Push Notifications ## Supported since 1.29.0. -## +## Refer to https://github.com/dani-garcia/vaultwarden/wiki/Enabling-Mobile-Client-push-notification for details ## + pushNotifications: ## @param pushNotifications.existingSecret Name of an existing secret containing the Bitwarden installation id and key ## existingSecret: "" - ## @extra pushNotifications.installationId Installation Id for mobile push notifications - ## installationId: ## @param pushNotifications.installationId.value Bitwarden installation id string ## Example: installationIdGoesHere @@ -312,7 +308,6 @@ pushNotifications: ## Example: INSTALLATION_ID ## existingSecretKey: "" - ## @extra pushNotifications.installationKey Installation Key for mobile push notifications installationKey: ## @param pushNotifications.installationKey.value Bitwarden installation key string ## Example: superSecretInstallationKey From 09c54fda0493a7e0d1678a13e1c4f8e897299336 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yannik=20M=C3=BCller?= Date: Tue, 20 Aug 2024 14:48:18 +0200 Subject: [PATCH 3/4] Updated README.md to reflect changes in pushNotifications section --- charts/vaultwarden/README.md | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/charts/vaultwarden/README.md b/charts/vaultwarden/README.md index 14b2b19..c12daad 100644 --- a/charts/vaultwarden/README.md +++ b/charts/vaultwarden/README.md @@ -335,11 +335,17 @@ helm -n $NAMESPACE uninstall $RELEASE_NAME | `database.connectionRetries` | Number of times to retry the database connection during startup, with 1 second delay between each retry, set to 0 to retry indefinitely. | `15` | | `database.maxConnections` | Define the size of the connection pool used for connecting to the database. | `10` | -### Push notifications - -| Name | Description | Value | -| ------------------- | ---------------------------------------------------------------- | ----- | -| `pushNotifications` | Enable mobile push notifications, see values.yaml for parameters | `{}` | +### Push Notifications + +| Name | Description | Value | +| ----------------------------------------------------- | ----------------------------------------------------------------------------------- | -------------------------------- | +| `pushNotifications.existingSecret` | Name of an existing secret containing the Bitwarden installation id and key | `""` | +| `pushNotifications.installationId.value` | Bitwarden installation id string | `""` | +| `pushNotifications.installationId.existingSecretKey` | When using an existing secret, specify the key which contains the installation id. | `""` | +| `pushNotifications.installationKey.value` | Bitwarden installation key string | `""` | +| `pushNotifications.installationKey.existingSecretKey` | When using an existing secret, specify the key which contains the installation key. | `""` | +| `pushNotifications.relayUri` | Change Bitwarden relay uri. | `https://push.bitwarden.com` | +| `pushNotifications.identityUri` | Change Bitwarden identity uri. | `https://identity.bitwarden.com` | ### Scheduled jobs From fde36ddfc2744adafdd8504f81978c837a5c08ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yannik=20M=C3=BCller?= Date: Tue, 27 Aug 2024 14:45:05 +0200 Subject: [PATCH 4/4] Upped version --- charts/vaultwarden/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/vaultwarden/Chart.yaml b/charts/vaultwarden/Chart.yaml index 11515d5..81c29cf 100644 --- a/charts/vaultwarden/Chart.yaml +++ b/charts/vaultwarden/Chart.yaml @@ -13,5 +13,5 @@ maintainers: - name: guerzon email: guerzon@proton.me url: https://github.com/guerzon -version: 0.24.0 +version: 0.24.2 kubeVersion: ">=1.12.0-0"