apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: {{ include "mailu-helm.fullname" . }}-front
  labels:
    component: front
    {{- include "mailu-helm.labels" . | nindent 4 }}
spec:
  selector:
    matchLabels:
      component: front
      {{- include "mailu-helm.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      {{- with .Values.podAnnotations }}
      annotations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      labels:
        component: front
        {{- include "mailu-helm.selectorLabels" . | nindent 8 }}
    spec:
      {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      # securityContext: Not supported by mailu-nginx for now
      volumes:
        - name: tls
          secret:
            secretName: {{ include "mailu-helm.fullname" . }}-tls
            items:
              - key: tls.crt
                path: cert.pem
              - key: tls.key
                path: key.pem
        - name: config
          configMap:
            name: {{ include "mailu-helm.fullname" . }}-front
      containers:
        - name: front
          # securityContext: Not supported by mailu-nginx for now
          image: "mailu/nginx:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          envFrom:
            - configMapRef:
                name: {{ include "mailu-helm.fullname" . }}
            - secretRef:
                name: {{ include "mailu-helm.fullname" . }}
          ports:
            - containerPort: 110
              hostPort: 110
              name: pop3
              protocol: "TCP"
            - containerPort: 995
              hostPort: 995
              name: pop3s
              protocol: "TCP"
            - containerPort: 143
              hostPort: 143
              name: imap
              protocol: "TCP"
            - containerPort: 993
              hostPort: 993
              name: imaps
              protocol: "TCP"
            - containerPort: 25
              hostPort: 25
              name: smtp
              protocol: "TCP"
            - containerPort: 10025
              hostPort: 10025
              name: smtp-auth
              protocol: "TCP"
            - containerPort: 10143
              hostPort: 10143
              name: imap-auth
              protocol: "TCP"
            - containerPort: 465
              hostPort: 465
              name: smtps
              protocol: "TCP"
            - containerPort: 587
              hostPort: 587
              name: smtpd
              protocol: "TCP"
            - containerPort: 8000
              hostPort: 8000
              name: auth
              protocol: "TCP"
          resources:
            {{- toYaml .Values.front.resources | nindent 12 }}
          volumeMounts:
            - name: tls
              mountPath: "/certs"
            - name: config
              mountPath: /conf/tls.conf
              subPath: tls.conf
            - name: config
              mountPath: /conf/nginx.conf
              subPath: nginx.conf
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet