add admin secret

bitwarden/templates/deployment.yaml

@@ -28,9 +28,9 @@ spec:
           containerPort: 80
         env:
           - name: SIGNUPS_ALLOWED
-            value: "TRUE"
+            value: "FALSE"
           - name: INVITATIONS_ALLOWED
-            value: "TRUE"                      
+            value: "FALSE"                      
           - name: WEBSOCKET_ENABLED
             value: "TRUE"          
           - name: ROCKET_ENV
@@ -39,6 +39,11 @@ spec:
             value: "80"            
           - name: ROCKET_WORKERS
             value: "10"
+          - name: SECRET_USERNAME
+            valueFrom:
+              secretKeyRef:
+                name: bitwarden-secret
+                key: ADMIN_TOKEN
       volumes:
       - name: bitwarden-pvc
         persistentVolumeClaim:

bitwarden/templates/secrets.yaml

@@ -0,0 +1,33 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: bitwarden-secret
+spec:
+  secretStoreRef:
+    name: vault-bitwarden
+    kind: SecretStore
+  target:
+    name: bitwarden-secret
+  data:
+  - secretKey: dbpass
+    remoteRef:
+      key: bitwarden/admin
+      property: ADMIN_TOKEN
+
+---
+
+apiVersion: external-secrets.io/v1beta1
+kind: SecretStore
+metadata:
+  name: vault-bitwarden
+spec:
+  provider:
+    vault:
+      server: "http://vault.vault.svc.cluster.local:8200"
+      path: "bitwarden"
+      version: "v2"
+      auth:
+        kubernetes:
+          mountPath: "kubernetes"
+          role: "external-secrets"
+