From d2fdf472b84033fb78ab4fdd5c3dcf2ca9418a9d Mon Sep 17 00:00:00 2001
From: Janne Mareike Koschinski <janne@kuschku.de>
Date: Sat, 30 Apr 2022 21:31:48 +0200
Subject: [PATCH] feat: add webmail functionality
---
templates/configmap-global.yaml | 1 +
templates/deploy-webmail.yaml | 79 +++++++++++++++++++++++++++++++++
templates/ingress-webmail.yaml | 31 +++++++++++++
templates/service-webmail.yaml | 17 +++++++
values.yaml | 12 ++++-
5 files changed, 139 insertions(+), 1 deletion(-)
create mode 100644 templates/deploy-webmail.yaml
create mode 100644 templates/ingress-webmail.yaml
create mode 100644 templates/service-webmail.yaml
diff --git a/templates/configmap-global.yaml b/templates/configmap-global.yaml
index b54239d..4c4803d 100644
--- a/templates/configmap-global.yaml
+++ b/templates/configmap-global.yaml
@@ -44,6 +44,7 @@ data:
HOST_ADMIN: "{{ include "mailu-helm.fullname" . }}-admin.{{.Release.Namespace}}.svc.{{.Values.clusterSuffix}}"
ADMIN_ADDRESS: "{{ include "mailu-helm.fullname" . }}-admin.{{.Release.Namespace}}.svc.{{.Values.clusterSuffix}}"
+ HOST_FRONT: "{{ include "mailu-helm.fullname" . }}-front.{{.Release.Namespace}}.svc.{{.Values.clusterSuffix}}"
FRONT_ADDRESS: "{{ include "mailu-helm.fullname" . }}-front.{{.Release.Namespace}}.svc.{{.Values.clusterSuffix}}"
HOST_ANTISPAM_MILTER: "{{ include "mailu-helm.fullname" . }}-antispam.{{.Release.Namespace}}.svc.{{.Values.clusterSuffix}}"
ANTISPAM_MILTER_ADDRESS: "{{ include "mailu-helm.fullname" . }}-antispam.{{.Release.Namespace}}.svc.{{.Values.clusterSuffix}}:11332"
diff --git a/templates/deploy-webmail.yaml b/templates/deploy-webmail.yaml
new file mode 100644
index 0000000..8971f86
--- /dev/null
+++ b/templates/deploy-webmail.yaml
@@ -0,0 +1,79 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "mailu-helm.fullname" . }}-webmail
+ labels:
+ component: webmail
+ {{- include "mailu-helm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ component: webmail
+ {{- include "mailu-helm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ component: webmail
+ {{- include "mailu-helm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ securityContext:
+ {{- toYaml .Values.podSecurityContext | nindent 8 }}
+ volumes:
+ - name: webmail
+ {{- .Values.volumes.webmail | nindent 10 }}
+ containers:
+ - name: webmail
+ securityContext:
+ {{- toYaml .Values.securityContext | nindent 12 }}
+ image: "k8r.eu/justjanne/mailu-snappymail:{{ .Values.webmail.tag | default .Chart.AppVersion }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ envFrom:
+ - configMapRef:
+ name: {{ include "mailu-helm.fullname" . }}
+ - secretRef:
+ name: {{ include "mailu-helm.fullname" . }}
+ env:
+ - name: HOST_FRONT
+ valueFrom:
+ configMapKeyRef:
+ key: FRONT_ADDRESS
+ name: {{ include "mailu-helm.fullname" . }}
+ ports:
+ - name: "http"
+ containerPort: 80
+ protocol: "TCP"
+ resources:
+ {{- toYaml .Values.webmail.resources | nindent 12 }}
+ volumeMounts:
+ - name: webmail
+ mountPath: "/data"
+ startupProbe:
+ httpGet:
+ path: /healthz
+ port: http
+ periodSeconds: 10
+ failureThreshold: 30
+ timeoutSeconds: 5
+ livenessProbe:
+ httpGet:
+ path: /healthz
+ port: http
+ periodSeconds: 10
+ failureThreshold: 3
+ timeoutSeconds: 5
+ readinessProbe:
+ httpGet:
+ path: /healthz
+ port: http
+ periodSeconds: 10
+ failureThreshold: 1
+ timeoutSeconds: 5
diff --git a/templates/ingress-webmail.yaml b/templates/ingress-webmail.yaml
new file mode 100644
index 0000000..737ba77
--- /dev/null
+++ b/templates/ingress-webmail.yaml
@@ -0,0 +1,31 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: {{ include "mailu-helm.fullname" . }}-webmail
+ labels:
+ {{- include "mailu-helm.labels" . | nindent 4 }}
+ component: webmail
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ nginx.ingress.kubernetes.io/auth-url:
+ "http://{{ include "mailu-helm.fullname" . }}-admin.{{ .Release.Namespace }}.svc.{{ .Values.clusterSuffix }}/internal/auth/user"
+ nginx.ingress.kubernetes.io/configuration-snippet: |-
+ auth_request_set $user $upstream_http_x_user;
+ proxy_set_header 'X-Remote-User' $user;
+ auth_request_set $token $upstream_http_x_user_token;
+ proxy_set_header 'X-Remote-User-Token' $token;
+ error_page 403 @login;
+ nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+ nginx.ingress.kubernetes.io/proxy-body-size: "0"
+spec:
+ rules:
+ - host: "{{ .Values.webmail.host }}"
+ http:
+ paths:
+ - path: "{{ .Values.webmail.path }}"
+ backend:
+ service:
+ name: {{ include "mailu-helm.fullname" . }}-webmail
+ port:
+ name: http
+ pathType: Prefix
diff --git a/templates/service-webmail.yaml b/templates/service-webmail.yaml
new file mode 100644
index 0000000..2c3c3db
--- /dev/null
+++ b/templates/service-webmail.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "mailu-helm.fullname" . }}-webmail
+ labels:
+ {{- include "mailu-helm.labels" . | nindent 4 }}
+ component: webmail
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: http
+ port: 80
+ protocol: "TCP"
+ targetPort: http
+ selector:
+ {{- include "mailu-helm.selectorLabels" . | nindent 4 }}
+ component: webmail
diff --git a/values.yaml b/values.yaml
index 06a9b05..9082169 100644
--- a/values.yaml
+++ b/values.yaml
@@ -60,6 +60,8 @@ volumes:
emptyDir: {}
webdav: |-
emptyDir: {}
+ webmail: |-
+ emptyDir: {}
front:
resources:
@@ -71,7 +73,7 @@ front:
memory: 100Mi
admin:
enabled: true
- hostname: "mail.example.com"
+ host: "mail.example.com"
path: "/admin"
subnet: "10.42.0.0/16"
resources:
@@ -109,6 +111,14 @@ antispam:
webmail:
host: "mail.example.com"
path: "/"
+ tag: ""
+ resources:
+ limits:
+ cpu: 1
+ memory: 1Gi
+ requests:
+ cpu: 100m
+ memory: 500Mi
webdav:
host: "mail.example.com"
path: "/webdav"
--
GitLab