We run vaultwarden in kubernetes with /data being snapshoted every night.
However, this is the live db-files beeing snapshoted, and should preferably be a dump.
To ease with the dumping of the DB’s, it would be nice if
sqlite3 was included in the official image. This would make it possible to run a scheduled job in k8s using the same image as vaultwarden itself.
Would including sqlite3 in the image be reasonable?
Alternatively, extend the functionality of the existing backup button in /admin, and make it possible to dump the sqlite3 db on a schedule.
You could also create a batch that calls the backup endpoint.
Or, use a sidecar which has a sqlite3 binary and is able to use the same volume.
Alternatively, I added the install to the init script which runs on container startup:
Just mount a file at /etc/vaultwarden.sh with the contents of:
apt update && apt install sqlite3 -y
I did this for awhile until realizing I could run kubernetes cronjobs mounting the same volume.
edit: if you decide to go this route, you can view my deployment as an example here
I just saw that you are using kubernetes. You can take a look at my current deployment here: https://github.com/Ryan-McD/gitops-home-cluster/tree/0d7173b25e24efa65434e1b075a1988a220c39b1/cluster/apps/security/vaultwarden
This works because pod anti-affinity forces the cronjob to create the pod on the node that vaultwarden is running on. RWO PVCs are able to be mounted to another pod on the same node.