Skip to content

Commit

Permalink
Updates ready for v0.1.8-Beta (#64)
Browse files Browse the repository at this point in the history
* Fixing tag overrides.

Updating Application Gateway README steps.

Increasing resources for API and Identity pods

* Apply suggestions from code review

Co-authored-by: Vince Grassia <[email protected]>

* Update charts/self-host/templates/helpers.tpl

---------

Co-authored-by: Vince Grassia <[email protected]>
  • Loading branch information
jhbeskow and vgrassia authored Dec 4, 2023
1 parent a4cff82 commit edd7cca
Show file tree
Hide file tree
Showing 14 changed files with 42 additions and 34 deletions.
40 changes: 24 additions & 16 deletions charts/self-host/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -561,43 +561,51 @@ secrets:
secretProviderClass: bitwarden-azure-keyvault-csi #metadata.name in example
```

### Create Empty Azure Application Gateway Rewrite Set

Application Gateway ingress deployments have a few more required steps for Bitwarden to function correctly. If you are using another ingress controller, you may skip to the next section.

We will need to create a rewrite set on the Application Gateway. There are various ways of doing this, but we will discuss using the Azure Portal. For now we are creating an empty set for the Helm deployment to work. We will add the rewrite rule after deploying Helm.

1. Navigate to the Application Gateway in the Azure Portal
2. Once in the Application Gateway, find the "Rewrites" blade in the left-hand navigation menu.
3. Click the "+ Rewrite set" button at the top of the main page section to add a new rewrite set
4. On the "Update rewrite set" page in the "Name and Association" tab set the `Name` field to the same value specified in the `appgw.ingress.kubernetes.io/rewrite-rule-set` ingress annotation
5. Click Next
6. Click Create

### Helm

```shell
helm upgrade bitwarden bitwarden/self-host --install --devel --namespace bitwarden --values my-values.yaml
```

### Azure Application Gateway Rewrite Set
### Update Azure Application Gateway Rewrite Set

Application Gateway ingress deployments have one more required step for Bitwarden to function correctly. If you are using another ingress controller, you may skip to the next section.

We will need to create a rewrite set on the Application Gateway. There are various ways of doing this, but we will discuss using the Azure Portal.
We will need to finish the rewrite set on the Application Gateway we created earlier.

1. Navigate to the Application Gateway in the Azure Portal
2. Once in the Application Gateway, find the "Rewrites" blade in the left-hand navigation menu.
3. Click the "+ Rewrite set" button at the top of the main page section to add a new rewrite set
4. On the "Update rewrite set" page in the "Name and Association" tab:
- Set the Name field to the same value specified in the `appgw.ingress.kubernetes.io/rewrite-rule-set` ingress annotation
- Select all routing rules that start with something similar to "pr-bitwarden-bitwarden-ingress-rule-*"
5. Click Next
6. On the "Rewrite rule configuration" tab, click the "Add rewrite rule" button
7. Enter a name for the rule. This can be anything that helps you with organization. Something simlar to "bitwarden-rewrite" will work.
8. The rule sequence value does not matter for this purpose.
9. Add a condition and set the following values:
1. Reopen the rewrite set you created earlier.
2. On the "Update rewrite set" page in the "Name and Association" tab, select all routing paths that begin with pr-bitwarden-self-host-ingress... , deselect any that do not begin with that prefix, and then select Next.
3. On the "Rewrite rule configuration" tab, click the "Add rewrite rule" button.
4. Enter a name for the rule. This can be anything that helps you with organization. Something similar to "bitwarden-rewrite" will work.
5. The rule sequence value does not matter for this purpose.
6. Add a condition and set the following values:
- Type of variable to check: Server variable
- Server variable: uri_path
- Case-sensitive: No
- Operator: equal (=)
- Pattern to match: `^(\/(?!admin)[^\/]*)\/(.*)`
- Click OK
10. Add an action and set the following values:
7. Add an action and set the following values:
- Rewrite type: URL
- Action type: Set
- Components: URL path
- URL path value: `/{var_uri_path_2}`
- Re-evalueate path map: Unchecked
- Click OK
11. Click "Create" at the bottom of the screen
8. Click "Update" at the bottom of the screen.

### Pointing your DNS

Expand Down Expand Up @@ -853,7 +861,7 @@ oc create secret generic custom-secret -n bitwarden \
--from-literal=globalSettings__yubico__clientId="REPLACE" \
--from-literal=globalSettings__yubico__key="REPLACE" \
--from-literal=SA_PASSWORD="REPLACE" # If using SQL pod
# --from-literal="REPLACE" # If using your own SQL server
# --from-literal=globalSettings__sqlServer__connectionString="REPLACE" # If using your own SQL server
```

### Create a service account
Expand Down
2 changes: 1 addition & 1 deletion charts/self-host/templates/admin.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ spec:
{{- end }}
containers:
- name: {{ template "bitwarden.admin" . }}
image: "{{ .Values.component.admin.image.name }}:{{ template "bitwarden.coreVersion" }}"
image: "{{ .Values.component.admin.image.name }}:{{ default ( include "bitwarden.coreVersionDefault" nil ) .Values.general.coreVersionOverride }}"
envFrom:
- configMapRef:
name: {{ .Release.Name }}-config-map
Expand Down
2 changes: 1 addition & 1 deletion charts/self-host/templates/api.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ spec:
{{- end }}
containers:
- name: {{ template "bitwarden.api" . }}
image: "{{ .Values.component.api.image.name }}:{{ template "bitwarden.coreVersion" }}"
image: "{{ .Values.component.api.image.name }}:{{ default ( include "bitwarden.coreVersionDefault" nil ) .Values.general.coreVersionOverride }}"
envFrom:
- configMapRef:
name: {{ .Release.Name }}-config-map
Expand Down
2 changes: 1 addition & 1 deletion charts/self-host/templates/attachments.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ spec:
{{- end }}
containers:
- name: {{ template "bitwarden.attachments" . }}
image: "{{ .Values.component.attachments.image.name }}:{{ template "bitwarden.coreVersion" }}"
image: "{{ .Values.component.attachments.image.name }}:{{ default ( include "bitwarden.coreVersionDefault" nil ) .Values.general.coreVersionOverride }}"
envFrom:
- configMapRef:
name: {{ .Release.Name }}-config-map
Expand Down
2 changes: 1 addition & 1 deletion charts/self-host/templates/events.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ spec:
{{- end }}
containers:
- name: {{ template "bitwarden.events" . }}
image: "{{ .Values.component.events.image.name }}:{{ template "bitwarden.coreVersion" }}"
image: "{{ .Values.component.events.image.name }}:{{ default ( include "bitwarden.coreVersionDefault" nil ) .Values.general.coreVersionOverride }}"
envFrom:
- configMapRef:
name: {{ .Release.Name }}-config-map
Expand Down
2 changes: 1 addition & 1 deletion charts/self-host/templates/icons.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ spec:
{{- end }}
containers:
- name: {{ template "bitwarden.icons" . }}
image: "{{ .Values.component.icons.image.name }}:{{ template "bitwarden.coreVersion" }}"
image: "{{ .Values.component.icons.image.name }}:{{ default ( include "bitwarden.coreVersionDefault" nil ) .Values.general.coreVersionOverride }}"
envFrom:
- configMapRef:
name: {{ .Release.Name }}-config-map
Expand Down
2 changes: 1 addition & 1 deletion charts/self-host/templates/identity.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ spec:
{{- end }}
containers:
- name: {{ template "bitwarden.identity" . }}
image: "{{ .Values.component.identity.image.name }}:{{ template "bitwarden.coreVersion" }}"
image: "{{ .Values.component.identity.image.name }}:{{ default ( include "bitwarden.coreVersionDefault" nil ) .Values.general.coreVersionOverride }}"
envFrom:
- configMapRef:
name: {{ .Release.Name }}-config-map
Expand Down
2 changes: 1 addition & 1 deletion charts/self-host/templates/notifications.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ spec:
{{- end }}
containers:
- name: {{ template "bitwarden.notifications" . }}
image: "{{ .Values.component.notifications.image.name }}:{{ template "bitwarden.coreVersion" }}"
image: "{{ .Values.component.notifications.image.name }}:{{ default ( include "bitwarden.coreVersionDefault" nil ) .Values.general.coreVersionOverride }}"
envFrom:
- configMapRef:
name: {{ .Release.Name }}-config-map
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ spec:
name: "{{ .Values.secrets.secretName }}"
{{- end }}
key: globalSettings__sqlServer__connectionString
image: "bitwarden/mssqlmigratorutility:{{ template "bitwarden.coreVersion" }}"
image: "bitwarden/mssqlmigratorutility:{{ default ( include "bitwarden.coreVersionDefault" nil ) .Values.general.coreVersionOverride }}"
volumeMounts:
{{- if .Values.secrets.secretProviderClass}}
- name: secrets-store-inline
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ spec:
name: "{{ .Values.secrets.secretName }}"
{{- end }}
key: globalSettings__sqlServer__connectionString
image: "bitwarden/mssqlmigratorutility:{{ template "bitwarden.coreVersion" }}"
image: "bitwarden/mssqlmigratorutility:{{default ( include "bitwarden.coreVersionDefault" nil ) .Values.general.coreVersionOverride }}"
volumeMounts:
{{- if .Values.secrets.secretProviderClass}}
- name: secrets-store-inline
Expand Down
2 changes: 1 addition & 1 deletion charts/self-host/templates/scim.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ spec:
{{- end }}
containers:
- name: {{ template "bitwarden.scim" . }}
image: "{{ .Values.component.scim.image.name }}:{{ template "bitwarden.coreVersion" }}"
image: "{{ .Values.component.scim.image.name }}:{{ default ( include "bitwarden.coreVersionDefault" nil ) .Values.general.coreVersionOverride }}"
envFrom:
- configMapRef:
name: {{ .Release.Name }}-config-map
Expand Down
2 changes: 1 addition & 1 deletion charts/self-host/templates/sso.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ spec:
{{- end }}
containers:
- name: {{ template "bitwarden.sso" . }}
image: "{{ .Values.component.sso.image.name }}:{{ template "bitwarden.coreVersion" }}"
image: "{{ .Values.component.sso.image.name }}:{{ default ( include "bitwarden.coreVersionDefault" nil ) .Values.general.coreVersionOverride }}"
envFrom:
- configMapRef:
name: {{ .Release.Name }}-config-map
Expand Down
2 changes: 1 addition & 1 deletion charts/self-host/templates/web.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ spec:
{{- end }}
containers:
- name: {{ template "bitwarden.web" . }}
image: "{{ .Values.component.web.image.name }}:{{ template "bitwarden.webVersion" }}"
image: "{{ .Values.component.web.image.name }}:{{ default ( include "bitwarden.webVersionDefault" nil ) .Values.general.webVersionOverride }}"
envFrom:
- configMapRef:
name: {{ .Release.Name }}-config-map
Expand Down
12 changes: 6 additions & 6 deletions charts/self-host/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -121,11 +121,11 @@ component:
# The pod resource requirements. You can adjust these up and down for your environment
resources:
requests:
memory: "64Mi"
cpu: "50m"
limits:
memory: "128Mi"
cpu: "100m"
limits:
memory: "256Mi"
cpu: "200m"
# Specifies the strategy used to replace old Pods by new ones. The value can be "Recreate" or "RollingUpdate". "RollingUpdate" is the default value.
deploymentStrategy: RollingUpdate
# This will set the Kubernetes container security context
Expand Down Expand Up @@ -201,11 +201,11 @@ component:
# The pod resource requirements. You can adjust these up and down for your environment
resources:
requests:
memory: "64Mi"
cpu: "50m"
limits:
memory: "128Mi"
cpu: "100m"
limits:
memory: "256Mi"
cpu: "200m"
# Specifies the strategy used to replace old Pods by new ones. The value can be "Recreate" or "RollingUpdate". "RollingUpdate" is the default value.
deploymentStrategy: RollingUpdate
# This will set the Kubernetes container security context
Expand Down

0 comments on commit edd7cca

Please sign in to comment.