fix: remove mailu

2ce34eeb · Janne Mareike Koschinski · fff6b842 · fff6b842 · fff6b842 · fff6b842
Unverified Commit 2ce34eeb authored Apr 28, 2023 by Janne Mareike Koschinski
--- a/mailu/templates/ingress-autodiscover.yaml
+++ b/mailu/templates/ingress-autodiscover.yaml
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}-autodiscover
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-    component: autodiscover
-  annotations:
-    nginx.ingress.kubernetes.io/cache-enable: "true"
-    nginx.ingress.kubernetes.io/cache-generation: "2"
-    nginx.ingress.kubernetes.io/cache-whitelist-query-params: ""
-    nginx.ingress.kubernetes.io/configuration-snippet: |-
-      rewrite ^/.well-known/(carddav|caldav)$ "https://{{ .Values.webdav.host }}{{ .Values.webdav.path }}/.well-known/$1" permanent;
-      rewrite ^/mail/(.*) /$1 last;
-    {{- range $key, $value := .Values.ingress.annotations }}
-    {{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 4 }}
-    {{- end }}
-spec:
-  rules:
-    {{ range .Values.config.hostnames }}
-    - host: {{ . }}
-      http:
-        paths:
-          - path: "/.well-known/carddav"
-            backend:
-              service:
-                name: {{ include "mailu-helm.fullname" $ }}-autodiscover
-                port:
-                  name: http
-            pathType: Prefix
-          - path: "/.well-known/caldav"
-            backend:
-              service:
-                name: {{ include "mailu-helm.fullname" $ }}-autodiscover
-                port:
-                  name: http
-            pathType: Prefix
-          - path: "/.well-known/mta-sts.txt"
-            backend:
-              service:
-                name: {{ include "mailu-helm.fullname" $ }}-autodiscover
-                port:
-                  name: http
-            pathType: Prefix
-    - host: "mta-sts.{{ . }}"
-      http:
-        paths:
-          - path: "/.well-known/mta-sts.txt"
-            backend:
-              service:
-                name: {{ include "mailu-helm.fullname" $ }}-autodiscover
-                port:
-                  name: http
-            pathType: Prefix
-    {{ end }}
-    - host: "autodiscover.{{ .Values.config.domain }}"
-      http:
-        paths:
-          - path: "/"
-            backend:
-              service:
-                name: {{ include "mailu-helm.fullname" . }}-autodiscover
-                port:
-                  name: http
-            pathType: Prefix
-    - host: "autoconfig.{{ .Values.config.domain }}"
-      http:
-        paths:
-          - path: "/"
-            backend:
-              service:
-                name: {{ include "mailu-helm.fullname" . }}-autodiscover
-                port:
-                  name: http
-            pathType: Prefix
--- a/mailu/templates/ingress-webdav.yaml
+++ b/mailu/templates/ingress-webdav.yaml
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}-webdav
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-    component: webdav
-  annotations:
-    nginx.ingress.kubernetes.io/auth-url:
-      "http://{{ include "mailu-helm.fullname" . }}-admin.{{ .Release.Namespace }}.svc.{{ .Values.clusterSuffix }}/internal/auth/basic"
-    nginx.ingress.kubernetes.io/configuration-snippet: |-
-      auth_request_set $user $upstream_http_x_user;
-      proxy_set_header X-Remote-User $user;
-      proxy_set_header X-Script-Name "{{ .Values.webdav.path }}";
-    nginx.ingress.kubernetes.io/rewrite-target: /$2
-    {{- range $key, $value := .Values.ingress.annotations }}
-    {{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 4 }}
-    {{- end }}
-spec:
-  rules:
-    - host: "{{ .Values.webdav.host }}"
-      http:
-        paths:
-          - path: "{{ .Values.webdav.path }}(/|$)(.*)"
-            backend:
-              service:
-                name: {{ include "mailu-helm.fullname" . }}-webdav
-                port:
-                  name: http
-            pathType: Prefix
--- a/mailu/templates/ingress-webmail.yaml
+++ b/mailu/templates/ingress-webmail.yaml
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}-webmail
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-    component: webmail
-  annotations:
-    nginx.ingress.kubernetes.io/auth-url:
-      "http://{{ include "mailu-helm.fullname" . }}-admin.{{ .Release.Namespace }}.svc.{{ .Values.clusterSuffix }}/internal/auth/user"
-    nginx.ingress.kubernetes.io/configuration-snippet: |-
-      auth_request_set $user $upstream_http_x_user;
-      proxy_set_header 'X-Remote-User' $user;
-      auth_request_set $token $upstream_http_x_user_token;
-      proxy_set_header 'X-Remote-User-Token' $token;
-      error_page 403 @login;
-    {{- range $key, $value := .Values.ingress.annotations }}
-    {{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 4 }}
-    {{- end }}
-spec:
-  rules:
-    - host: "{{ .Values.webmail.host }}"
-      http:
-        paths:
-          - path: "{{ .Values.webmail.path }}"
-            backend:
-              service:
-                name: {{ include "mailu-helm.fullname" . }}-webmail
-                port:
-                  name: http
-            pathType: Prefix
--- a/mailu/templates/secret-global.yaml
+++ b/mailu/templates/secret-global.yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-stringData:
-  SECRET_KEY: "{{ .Values.config.secretKey }}"
-  DB_PW: "{{ .Values.database.password }}"
-  DB_USER: "{{ .Values.database.username }}"
-  QUOTA_STORAGE_URL: "redis://:{{ .Values.redis.password }}@{{ .Values.redis.host }}/{{ .Values.redis.databases.quota }}"
-  RATELIMIT_STORAGE_URL: "redis://:{{ .Values.redis.password }}@{{ .Values.redis.host }}/{{ .Values.redis.databases.ratelimit }}"
--- a/mailu/templates/service-admin.yaml
+++ b/mailu/templates/service-admin.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}-admin
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-    component: admin
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - port: 80
-      targetPort: http
-      protocol: "TCP"
-      name: http
-  selector:
-    {{- include "mailu-helm.selectorLabels" . | nindent 4 }}
-    component: admin
--- a/mailu/templates/service-antispam.yaml
+++ b/mailu/templates/service-antispam.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}-antispam
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-    component: antispam
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - port: 11332
-      targetPort: antispam
-      protocol: "TCP"
-      name: antispam
-    - port: 11334
-      targetPort: antispam-http
-      protocol: "TCP"
-      name: antispam-http
-  selector:
-    {{- include "mailu-helm.selectorLabels" . | nindent 4 }}
-    component: antispam
--- a/mailu/templates/service-autodiscover.yaml
+++ b/mailu/templates/service-autodiscover.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}-autodiscover
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-    component: autodiscover
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - port: 80
-      targetPort: http
-      protocol: "TCP"
-      name: http
-  selector:
-    {{- include "mailu-helm.selectorLabels" . | nindent 4 }}
-    component: autodiscover
--- a/mailu/templates/service-front.yaml
+++ b/mailu/templates/service-front.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}-front
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-    component: front
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - name: pop3
-      port: 110
-      protocol: TCP
-      targetPort: pop3
-    - name: pop3s
-      port: 995
-      protocol: TCP
-      targetPort: pop3s
-    - name: imap
-      port: 143
-      protocol: TCP
-      targetPort: imap
-    - name: imaps
-      port: 993
-      protocol: TCP
-      targetPort: imaps
-    - name: smtp
-      port: 25
-      protocol: TCP
-      targetPort: smtp
-    - name: smtps
-      port: 465
-      protocol: TCP
-      targetPort: smtps
-    - name: smtpd
-      port: 587
-      protocol: TCP
-      targetPort: smtpd
-    - name: smtp-auth
-      port: 10025
-      protocol: TCP
-      targetPort: smtp-auth
-    - name: imap-auth
-      port: 10143
-      protocol: TCP
-      targetPort: imap-auth
-  selector:
-    {{- include "mailu-helm.selectorLabels" . | nindent 4 }}
-    component: front
--- a/mailu/templates/service-imap.yaml
+++ b/mailu/templates/service-imap.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}-imap
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-    component: imap
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - name: imap-auth
-      port: 2102
-      protocol: "TCP"
-      targetPort: imap-auth
-    - name: imap-transport
-      port: 2525
-      protocol: "TCP"
-      targetPort: imap-transport
-    - name: pop3
-      port: 110
-      protocol: "TCP"
-      targetPort: pop3
-    - name: imap-default
-      port: 143
-      protocol: "TCP"
-      targetPort: imap-default
-    - name: sieve
-      port: 4190
-      protocol: "TCP"
-      targetPort: sieve
-  selector:
-    {{- include "mailu-helm.selectorLabels" . | nindent 4 }}
-    component: imap
--- a/mailu/templates/service-smtp.yaml
+++ b/mailu/templates/service-smtp.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}-smtp
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-    component: smtp
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - name: smtp
-      port: 25
-      protocol: "TCP"
-      targetPort: smtp
-    - name: smtp-ssl
-      port: 465
-      protocol: "TCP"
-      targetPort: smtp-ssl
-    - name: smtp-starttls
-      port: 587
-      protocol: "TCP"
-      targetPort: smtp-starttls
-    - name: smtp-auth
-      port: 10025
-      protocol: "TCP"
-      targetPort: smtp-auth
-    - name: smtp-proxy
-      port: 10024
-      protocol: "TCP"
-      targetPort: smtp-proxy
-  selector:
-    {{- include "mailu-helm.selectorLabels" . | nindent 4 }}
-    component: smtp
--- a/mailu/templates/service-webdav.yaml
+++ b/mailu/templates/service-webdav.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}-webdav
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-    component: webdav
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - name: http
-      port: 80
-      protocol: "TCP"
-      targetPort: http
-  selector:
-    {{- include "mailu-helm.selectorLabels" . | nindent 4 }}
-    component: webdav
--- a/mailu/templates/service-webmail.yaml
+++ b/mailu/templates/service-webmail.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "mailu-helm.fullname" . }}-webmail
-  labels:
-    {{- include "mailu-helm.labels" . | nindent 4 }}
-    component: webmail
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - name: http
-      port: 80
-      protocol: "TCP"
-      targetPort: http
-  selector:
-    {{- include "mailu-helm.selectorLabels" . | nindent 4 }}
-    component: webmail
--- a/mailu/values.yaml
+++ b/mailu/values.yaml
-replicaCount: 1
-
-imagePullSecrets: [ ]
-nameOverride: ""
-fullnameOverride: ""
-clusterSuffix: "cluster.local"
-
-image:
-  pullPolicy: IfNotPresent
-  tag: ""
-
-config:
-  secretKey: "changeMe"
-  domain: "example.com"
-  hostnames:
-  - "example.com"
-  - "mail.example.com"
-  - "imap.example.com"
-  passwordScheme: "PBKDF2"
-  messageSizeLimit: "500000000"
-  realIpFrom: "0.0.0.0/0"
-  realIpHeader: "X-Forwarded-For"
-  postmaster: "postmaster"
-  recipientDelimiter: "+"
-  siteName: "Example.com Mail"
-  subnet: "10.42.0.0/16"
-  subnet_external: "1.2.3.4"
-
-welcome:
-  enabled: false
-  subject: "Welcome to your new email account"
-  body: "Welcome to your new email account, if you can read this, then it is configured properly!"
-
-dmarc:
-  rua: "dmarc"
-  ruf: "dmarc"
-
-database:
-  flavor: "sqlite"
-  host: "external-db-hostname"
-  database: "mailu"
-  username: "mailu"
-  password: "chang3m3!"
-
-redis:
-  host: "external-redis-hostname"
-  password: ""
-  databases:
-    quota: 1
-    ratelimit: 2
-
-certificate:
-  issuer: "letsencrypt"
-  commonName: "example.com"
-  hostnames:
-    - "example.com"
-    - "imap.example.com"
-    - "mail.example.com"
-
-volumes:
-  dkim: |-
-    emptyDir: {}
-  data: |-
-    emptyDir: {}
-  mail: |-
-    emptyDir: {}
-  filter: |-
-    emptyDir: {}
-  webdav: |-
-    emptyDir: {}
-  webmail: |-
-    emptyDir: {}
-
-front:
-  resources:
-    limits:
-      cpu: 500m
-      memory: 256Mi
-    requests:
-      cpu: 10m
-      memory: 32Mi
-admin:
-  enabled: true
-  host: "mail.example.com"
-  path: "/admin"
-  resources:
-    limits:
-      cpu: 500m
-      memory: 1Gi
-    requests:
-      cpu: 30m
-      memory: 128Mi
-imap:
-  resources:
-    limits:
-      cpu: 500m
-      memory: 512Mi
-    requests:
-      cpu: 30m
-      memory: 64Mi
-smtp:
-  resources:
-    limits:
-      cpu: 500m
-      memory: 512Mi
-    requests:
-      cpu: 30m
-      memory: 64Mi
-antispam:
-  password: "chang3m3!"
-  resources:
-    limits:
-      cpu: 500m
-      memory: 1Gi
-    requests:
-      cpu: 10m
-      memory: 128Mi
-webmail:
-  host: "mail.example.com"
-  path: "/"
-  tag: ""
-  resources:
-    limits:
-      cpu: 500m
-      memory: 256Mi
-    requests:
-      cpu: 10m
-      memory: 32Mi
-webdav:
-  host: "mail.example.com"
-  path: "/webdav"
-  resources:
-    limits:
-      cpu: 500m
-      memory: 256Mi
-    requests:
-      cpu: 30m
-      memory: 32Mi
-
-podAnnotations: { }
-
-podSecurityContext: { }
-#  fsGroup: 2000
-
-securityContext: { }
-#  capabilities:
-#    drop:
-#      - ALL
-#  readOnlyRootFilesystem: true
-#  runAsNonRoot: true
-#  runAsUser: 1000
-
-service:
-  type: ClusterIP
-
-nodeSelector: { }
-
-tolerations: [ ]
-
-affinity: { }
-
-ingress:
-  annotations: {}