Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • justJanne/helm
1 result
Show changes
Hide whitespace changes
Inline Side-by-side
Showing
with 9 additions and 520 deletions
mailu/templates/ingress-autodiscover.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "mailu-helm.fullname" . }}-autodiscover
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
component: autodiscover
annotations:
nginx.ingress.kubernetes.io/cache-enable: "true"
nginx.ingress.kubernetes.io/cache-generation: "2"
nginx.ingress.kubernetes.io/cache-whitelist-query-params: ""
nginx.ingress.kubernetes.io/configuration-snippet: |-
rewrite ^/.well-known/(carddav|caldav)$ "https://{{ .Values.webdav.host }}{{ .Values.webdav.path }}/.well-known/$1" permanent;
rewrite ^/mail/(.*) /$1 last;
{{- range $key, $value := .Values.ingress.annotations }}
{{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 4 }}
{{- end }}
spec:
rules:
{{ range .Values.config.hostnames }}
- host: {{ . }}
http:
paths:
- path: "/.well-known/carddav"
backend:
service:
name: {{ include "mailu-helm.fullname" $ }}-autodiscover
port:
name: http
pathType: Prefix
- path: "/.well-known/caldav"
backend:
service:
name: {{ include "mailu-helm.fullname" $ }}-autodiscover
port:
name: http
pathType: Prefix
- path: "/.well-known/mta-sts.txt"
backend:
service:
name: {{ include "mailu-helm.fullname" $ }}-autodiscover
port:
name: http
pathType: Prefix
- host: "mta-sts.{{ . }}"
http:
paths:
- path: "/.well-known/mta-sts.txt"
backend:
service:
name: {{ include "mailu-helm.fullname" $ }}-autodiscover
port:
name: http
pathType: Prefix
{{ end }}
- host: "autodiscover.{{ .Values.config.domain }}"
http:
paths:
- path: "/"
backend:
service:
name: {{ include "mailu-helm.fullname" . }}-autodiscover
port:
name: http
pathType: Prefix
- host: "autoconfig.{{ .Values.config.domain }}"
http:
paths:
- path: "/"
backend:
service:
name: {{ include "mailu-helm.fullname" . }}-autodiscover
port:
name: http
pathType: Prefix
mailu/templates/ingress-webdav.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "mailu-helm.fullname" . }}-webdav
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
component: webdav
annotations:
nginx.ingress.kubernetes.io/auth-url:
"http://{{ include "mailu-helm.fullname" . }}-admin.{{ .Release.Namespace }}.svc.{{ .Values.clusterSuffix }}/internal/auth/basic"
nginx.ingress.kubernetes.io/configuration-snippet: |-
auth_request_set $user $upstream_http_x_user;
proxy_set_header X-Remote-User $user;
proxy_set_header X-Script-Name "{{ .Values.webdav.path }}";
nginx.ingress.kubernetes.io/rewrite-target: /$2
{{- range $key, $value := .Values.ingress.annotations }}
{{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 4 }}
{{- end }}
spec:
rules:
- host: "{{ .Values.webdav.host }}"
http:
paths:
- path: "{{ .Values.webdav.path }}(/|$)(.*)"
backend:
service:
name: {{ include "mailu-helm.fullname" . }}-webdav
port:
name: http
pathType: Prefix
mailu/templates/ingress-webmail.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "mailu-helm.fullname" . }}-webmail
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
component: webmail
annotations:
nginx.ingress.kubernetes.io/auth-url:
"http://{{ include "mailu-helm.fullname" . }}-admin.{{ .Release.Namespace }}.svc.{{ .Values.clusterSuffix }}/internal/auth/user"
nginx.ingress.kubernetes.io/configuration-snippet: |-
auth_request_set $user $upstream_http_x_user;
proxy_set_header 'X-Remote-User' $user;
auth_request_set $token $upstream_http_x_user_token;
proxy_set_header 'X-Remote-User-Token' $token;
error_page 403 @login;
{{- range $key, $value := .Values.ingress.annotations }}
{{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 4 }}
{{- end }}
spec:
rules:
- host: "{{ .Values.webmail.host }}"
http:
paths:
- path: "{{ .Values.webmail.path }}"
backend:
service:
name: {{ include "mailu-helm.fullname" . }}-webmail
port:
name: http
pathType: Prefix
mailu/templates/secret-global.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: v1
kind: Secret
metadata:
name: {{ include "mailu-helm.fullname" . }}
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
stringData:
SECRET_KEY: "{{ .Values.config.secretKey }}"
DB_PW: "{{ .Values.database.password }}"
DB_USER: "{{ .Values.database.username }}"
QUOTA_STORAGE_URL: "redis://:{{ .Values.redis.password }}@{{ .Values.redis.host }}/{{ .Values.redis.databases.quota }}"
RATELIMIT_STORAGE_URL: "redis://:{{ .Values.redis.password }}@{{ .Values.redis.host }}/{{ .Values.redis.databases.ratelimit }}"
mailu/templates/service-admin.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu-helm.fullname" . }}-admin
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
component: admin
spec:
type: {{ .Values.service.type }}
ports:
- port: 80
targetPort: http
protocol: "TCP"
name: http
selector:
{{- include "mailu-helm.selectorLabels" . | nindent 4 }}
component: admin
mailu/templates/service-antispam.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu-helm.fullname" . }}-antispam
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
component: antispam
spec:
type: {{ .Values.service.type }}
ports:
- port: 11332
targetPort: antispam
protocol: "TCP"
name: antispam
- port: 11334
targetPort: antispam-http
protocol: "TCP"
name: antispam-http
selector:
{{- include "mailu-helm.selectorLabels" . | nindent 4 }}
component: antispam
mailu/templates/service-autodiscover.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu-helm.fullname" . }}-autodiscover
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
component: autodiscover
spec:
type: {{ .Values.service.type }}
ports:
- port: 80
targetPort: http
protocol: "TCP"
name: http
selector:
{{- include "mailu-helm.selectorLabels" . | nindent 4 }}
component: autodiscover
mailu/templates/service-front.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu-helm.fullname" . }}-front
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
component: front
spec:
type: {{ .Values.service.type }}
ports:
- name: pop3
port: 110
protocol: TCP
targetPort: pop3
- name: pop3s
port: 995
protocol: TCP
targetPort: pop3s
- name: imap
port: 143
protocol: TCP
targetPort: imap
- name: imaps
port: 993
protocol: TCP
targetPort: imaps
- name: smtp
port: 25
protocol: TCP
targetPort: smtp
- name: smtps
port: 465
protocol: TCP
targetPort: smtps
- name: smtpd
port: 587
protocol: TCP
targetPort: smtpd
- name: smtp-auth
port: 10025
protocol: TCP
targetPort: smtp-auth
- name: imap-auth
port: 10143
protocol: TCP
targetPort: imap-auth
selector:
{{- include "mailu-helm.selectorLabels" . | nindent 4 }}
component: front
mailu/templates/service-imap.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu-helm.fullname" . }}-imap
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
component: imap
spec:
type: {{ .Values.service.type }}
ports:
- name: imap-auth
port: 2102
protocol: "TCP"
targetPort: imap-auth
- name: imap-transport
port: 2525
protocol: "TCP"
targetPort: imap-transport
- name: pop3
port: 110
protocol: "TCP"
targetPort: pop3
- name: imap-default
port: 143
protocol: "TCP"
targetPort: imap-default
- name: sieve
port: 4190
protocol: "TCP"
targetPort: sieve
selector:
{{- include "mailu-helm.selectorLabels" . | nindent 4 }}
component: imap
mailu/templates/service-smtp.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu-helm.fullname" . }}-smtp
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
component: smtp
spec:
type: {{ .Values.service.type }}
ports:
- name: smtp
port: 25
protocol: "TCP"
targetPort: smtp
- name: smtp-ssl
port: 465
protocol: "TCP"
targetPort: smtp-ssl
- name: smtp-starttls
port: 587
protocol: "TCP"
targetPort: smtp-starttls
- name: smtp-auth
port: 10025
protocol: "TCP"
targetPort: smtp-auth
- name: smtp-proxy
port: 10024
protocol: "TCP"
targetPort: smtp-proxy
selector:
{{- include "mailu-helm.selectorLabels" . | nindent 4 }}
component: smtp
mailu/templates/service-webdav.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu-helm.fullname" . }}-webdav
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
component: webdav
spec:
type: {{ .Values.service.type }}
ports:
- name: http
port: 80
protocol: "TCP"
targetPort: http
selector:
{{- include "mailu-helm.selectorLabels" . | nindent 4 }}
component: webdav
mailu/templates/service-webmail.yaml deleted 100644 → 0
View file @ fff6b842
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu-helm.fullname" . }}-webmail
labels:
{{- include "mailu-helm.labels" . | nindent 4 }}
component: webmail
spec:
type: {{ .Values.service.type }}
ports:
- name: http
port: 80
protocol: "TCP"
targetPort: http
selector:
{{- include "mailu-helm.selectorLabels" . | nindent 4 }}
component: webmail
mailu/values.yaml deleted 100644 → 0
View file @ fff6b842
replicaCount: 1
imagePullSecrets: [ ]
nameOverride: ""
fullnameOverride: ""
clusterSuffix: "cluster.local"
image:
pullPolicy: IfNotPresent
tag: ""
config:
secretKey: "changeMe"
domain: "example.com"
hostnames:
- "example.com"
- "mail.example.com"
- "imap.example.com"
passwordScheme: "PBKDF2"
messageSizeLimit: "500000000"
realIpFrom: "0.0.0.0/0"
realIpHeader: "X-Forwarded-For"
postmaster: "postmaster"
recipientDelimiter: "+"
siteName: "Example.com Mail"
subnet: "10.42.0.0/16"
subnet_external: "1.2.3.4"
welcome:
enabled: false
subject: "Welcome to your new email account"
body: "Welcome to your new email account, if you can read this, then it is configured properly!"
dmarc:
rua: "dmarc"
ruf: "dmarc"
database:
flavor: "sqlite"
host: "external-db-hostname"
database: "mailu"
username: "mailu"
password: "chang3m3!"
redis:
host: "external-redis-hostname"
password: ""
databases:
quota: 1
ratelimit: 2
certificate:
issuer: "letsencrypt"
commonName: "example.com"
hostnames:
- "example.com"
- "imap.example.com"
- "mail.example.com"
volumes:
dkim: |-
emptyDir: {}
data: |-
emptyDir: {}
mail: |-
emptyDir: {}
filter: |-
emptyDir: {}
webdav: |-
emptyDir: {}
webmail: |-
emptyDir: {}
front:
resources:
limits:
cpu: 500m
memory: 256Mi
requests:
cpu: 10m
memory: 32Mi
admin:
enabled: true
host: "mail.example.com"
path: "/admin"
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 30m
memory: 128Mi
imap:
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 30m
memory: 64Mi
smtp:
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 30m
memory: 64Mi
antispam:
password: "chang3m3!"
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 10m
memory: 128Mi
webmail:
host: "mail.example.com"
path: "/"
tag: ""
resources:
limits:
cpu: 500m
memory: 256Mi
requests:
cpu: 10m
memory: 32Mi
webdav:
host: "mail.example.com"
path: "/webdav"
resources:
limits:
cpu: 500m
memory: 256Mi
requests:
cpu: 30m
memory: 32Mi
podAnnotations: { }
podSecurityContext: { }
# fsGroup: 2000
securityContext: { }
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
nodeSelector: { }
tolerations: [ ]
affinity: { }
ingress:
annotations: {}
postgresql/Chart.yaml
View file @ 9414a5ae
......@@ -2,5 +2,5 @@ apiVersion: v2
name: postgresql
description: Helm Chart for postgresql
type: application
version: 1.2.0
version: 1.3.0
appVersion: "15"
postgresql/templates/secret.yaml
View file @ 9414a5ae
......@@ -18,4 +18,4 @@ data:
postgres-password: {{ $secretValue | quote }}
{{ else }}
postgres-password: "{{ .Values.postgresPassword }}"
{{ end }}
\ No newline at end of file
{{ end }}
postgresql/templates/statefulset.yaml
View file @ 9414a5ae
......@@ -29,11 +29,11 @@ spec:
{{ if .Values.tls.enabled -}}
- name: certs
secret:
defaultMode: 0600
defaultMode: 0640
secretName: {{ .Values.tls.certificatesSecret }}
{{- end }}
- configMap:
defaultMode: 0600
defaultMode: 0640
name: {{ include "postgresql-helm.fullname" . }}
name: config
- name: data
......@@ -86,8 +86,12 @@ spec:
- mountPath: "/dev/shm"
name: shm
{{ if .Values.tls.enabled -}}
- mountPath: "/certs"
- mountPath: "/certs/tls.crt"
name: certs
subPath: tls.crt
- mountPath: "/certs/tls.key"
name: certs
subPath: tls.key
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
......