sec: disable Vaultwarden open signups, add admin token

- signupsAllowed: false - prevents public registration - invitationsAllowed: false - prevents invitation abuse - adminToken from Secret for /admin panel access
2026-02-19 22:58:29 +00:00
parent b69cc16002
commit d59ac2a933
1 changed files with 7 additions and 0 deletions
--- a/clusters/lab/apps/vaultwarden.yaml
+++ b/clusters/lab/apps/vaultwarden.yaml
@@ -30,8 +30,15 @@ spec:
        kind: HelmRepository
        name: vaultwarden
      interval: 1h
+  valuesFrom:
+  - kind: Secret
+    name: vaultwarden-admin
+    valuesKey: ADMIN_TOKEN
+    targetPath: adminToken.value
  values:
    domain: "https://vault.davidepiu.xyz"
+    signupsAllowed: false
+    invitationsAllowed: false
    ingress:
      enabled: true
      class: traefik