xactfetch: Provide Vaultwarden password for sync
Vaultwarden has started prompting for the master password occasionally when syncing the vault. Thus, we need to make sure it is available in the _sync_ container, by mounting the secret and providing the `PINENTRY_PASSWORD_FILE` environment variable.etcd
parent
8939c1d02c
commit
365334cea7
|
|
@ -38,12 +38,18 @@ spec:
|
||||||
command:
|
command:
|
||||||
- rbw
|
- rbw
|
||||||
- sync
|
- sync
|
||||||
|
envFrom:
|
||||||
|
- configMapRef:
|
||||||
|
name: xactfetch
|
||||||
securityContext:
|
securityContext:
|
||||||
readOnlyRootFilesystem: true
|
readOnlyRootFilesystem: true
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /etc/rbw
|
- mountPath: /etc/rbw
|
||||||
name: xactfetch-rbw
|
name: xactfetch-rbw
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
- mountPath: /run/secrets/xactfetch
|
||||||
|
name: xactfetch-secrets
|
||||||
|
readOnly: true
|
||||||
- mountPath: /tmp
|
- mountPath: /tmp
|
||||||
name: tmp
|
name: tmp
|
||||||
subPath: tmp
|
subPath: tmp
|
||||||
|
|
@ -71,6 +77,8 @@ spec:
|
||||||
- mountPath: /var/lib/xactfetch
|
- mountPath: /var/lib/xactfetch
|
||||||
name: xactfetch-data
|
name: xactfetch-data
|
||||||
subPath: data
|
subPath: data
|
||||||
|
nodeSelector:
|
||||||
|
kubernetes.io/arch: amd64
|
||||||
securityContext:
|
securityContext:
|
||||||
fsGroup: 2468
|
fsGroup: 2468
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue