From b3f1eb069fc8558126dbc7a942dce115b0761e9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= Date: Thu, 15 Aug 2024 09:37:24 +0300 Subject: [PATCH] wildduck: Cleanups --- wildduck/clamav.yaml | 8 ++--- wildduck/dns.yaml | 20 ++++++------- wildduck/loadbalancer.yaml | 18 +++++------ wildduck/rspamd.yaml | 4 +-- wildduck/sessions.yaml | 28 +++++++++++++++++ wildduck/webmail.yaml | 61 ++++++++++---------------------------- wildduck/wildduck.yaml | 28 +---------------- wildduck/wildflock.yaml | 38 ++++-------------------- 8 files changed, 75 insertions(+), 130 deletions(-) create mode 100644 wildduck/sessions.yaml diff --git a/wildduck/clamav.yaml b/wildduck/clamav.yaml index 734ce32..79fb73d 100644 --- a/wildduck/clamav.yaml +++ b/wildduck/clamav.yaml @@ -19,8 +19,8 @@ spec: image: mirror.gcr.io/clamav/clamav:1.1 imagePullPolicy: IfNotPresent ports: - - containerPort: 3310 - name: api + - containerPort: 3310 + name: api volumeMounts: - mountPath: /var/lib/clamav name: avdata @@ -41,5 +41,5 @@ spec: selector: app.kubernetes.io/name: clamav ports: - - port: 3310 - name: clamav + - port: 3310 + name: clamav diff --git a/wildduck/dns.yaml b/wildduck/dns.yaml index 220099a..d306a38 100644 --- a/wildduck/dns.yaml +++ b/wildduck/dns.yaml @@ -5,13 +5,13 @@ metadata: name: wildduck-mx spec: endpoints: - - dnsName: k-space.ee - recordTTL: 300 - recordType: MX - targets: - - "10 mail.k-space.ee" - - dnsName: k-space.ee - recordTTL: 300 - recordType: TXT - targets: - - "v=spf1 mx include:servers.mcsv.net -all" + - dnsName: k-space.ee + recordTTL: 300 + recordType: MX + targets: + - "10 mail.k-space.ee" + - dnsName: k-space.ee + recordTTL: 300 + recordType: TXT + targets: + - "v=spf1 mx include:servers.mcsv.net -all" diff --git a/wildduck/loadbalancer.yaml b/wildduck/loadbalancer.yaml index fc5123d..a5801c1 100644 --- a/wildduck/loadbalancer.yaml +++ b/wildduck/loadbalancer.yaml @@ -13,12 +13,12 @@ spec: selector: app.kubernetes.io/name: wildduck ports: - - port: 993 - name: wildduck-mda - targetPort: wildduck-mda - - port: 465 - name: zonemta-msa - targetPort: zonemta-msa - - port: 25 - name: haraka-mta - targetPort: haraka-mta + - port: 993 + name: wildduck-mda + targetPort: wildduck-mda + - port: 465 + name: zonemta-msa + targetPort: zonemta-msa + - port: 25 + name: haraka-mta + targetPort: haraka-mta diff --git a/wildduck/rspamd.yaml b/wildduck/rspamd.yaml index ece870e..86cddf0 100644 --- a/wildduck/rspamd.yaml +++ b/wildduck/rspamd.yaml @@ -75,5 +75,5 @@ spec: selector: app.kubernetes.io/name: rspamd ports: - - port: 11333 - name: rspamd + - port: 11333 + name: rspamd diff --git a/wildduck/sessions.yaml b/wildduck/sessions.yaml new file mode 100644 index 0000000..ac15378 --- /dev/null +++ b/wildduck/sessions.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: codemowers.cloud/v1beta1 +kind: SecretClaim +metadata: + name: dragonfly-auth +spec: + size: 32 + mapping: + - key: password + value: "%(plaintext)s" + - key: REDIS_WILDDUCK_URI + value: "redis://:%(plaintext)s@dragonfly/1" + - key: REDIS_WILDFLOCK_URI + value: "redis://:%(plaintext)s@dragonfly/2" +--- +apiVersion: dragonflydb.io/v1alpha1 +kind: Dragonfly +metadata: + name: dragonfly +spec: + authentication: + passwordFromSecret: + key: password + name: dragonfly-auth + replicas: 3 + resources: + limits: + memory: 1Gi diff --git a/wildduck/webmail.yaml b/wildduck/webmail.yaml index 45f1bcc..f407960 100644 --- a/wildduck/webmail.yaml +++ b/wildduck/webmail.yaml @@ -1,13 +1,3 @@ -# --- -# Commented out by argocd config drift -# -# apiVersion: codemowers.cloud/v1beta1 -# kind: RedisClaim -# metadata: -# name: webmail -# spec: -# class: ephemeral -# capacity: 100Mi --- apiVersion: codemowers.cloud/v1beta1 kind: OIDCMiddlewareClient @@ -116,9 +106,9 @@ spec: selector: app.kubernetes.io/name: webmail ports: - - protocol: TCP - port: 80 - targetPort: 3000 + - protocol: TCP + port: 80 + targetPort: 3000 --- apiVersion: networking.k8s.io/v1 kind: Ingress @@ -133,19 +123,19 @@ metadata: external-dns.alpha.kubernetes.io/target: traefik.k-space.ee spec: rules: - - host: webmail.k-space.ee - http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: webmail - port: - number: 80 + - host: webmail.k-space.ee + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: webmail + port: + number: 80 tls: - - hosts: - - "*.k-space.ee" + - hosts: + - "*.k-space.ee" --- apiVersion: traefik.io/v1alpha1 kind: Middleware @@ -156,24 +146,3 @@ spec: regex: ^https://webmail.k-space.ee/$ replacement: https://webmail.k-space.ee/webmail/ permanent: false -# --- -# apiVersion: networking.k8s.io/v1 -# kind: NetworkPolicy -# metadata: -# name: webmail -# spec: -# podSelector: -# matchLabels: -# app.kubernetes.io/name: webmail -# policyTypes: -# - Ingress -# ingress: -# - ports: -# - port: 3000 -# from: -# - namespaceSelector: -# matchLabels: -# kubernetes.io/metadata.name: traefik -# podSelector: -# matchLabels: -# app.kubernetes.io/name: traefik diff --git a/wildduck/wildduck.yaml b/wildduck/wildduck.yaml index 81b877d..a78220f 100644 --- a/wildduck/wildduck.yaml +++ b/wildduck/wildduck.yaml @@ -1,30 +1,4 @@ --- -apiVersion: codemowers.cloud/v1beta1 -kind: SecretClaim -metadata: - name: dragonfly-auth -spec: - size: 32 - mapping: - - key: password - value: "%(plaintext)s" - - key: REDIS_URI - value: "redis://:%(plaintext)s@dragonfly" ---- -apiVersion: dragonflydb.io/v1alpha1 -kind: Dragonfly -metadata: - name: dragonfly -spec: - authentication: - passwordFromSecret: - key: password - name: dragonfly-auth - replicas: 3 - resources: - limits: - memory: 5Gi ---- apiVersion: v1 kind: Service metadata: @@ -119,7 +93,7 @@ spec: valueFrom: secretKeyRef: name: dragonfly-auth - key: REDIS_URI + key: REDIS_WILDDUCK_URI volumeMounts: - mountPath: /cert name: cert diff --git a/wildduck/wildflock.yaml b/wildduck/wildflock.yaml index 9ff34b8..9967f1a 100644 --- a/wildduck/wildflock.yaml +++ b/wildduck/wildflock.yaml @@ -96,8 +96,8 @@ spec: - name: REDIS_URL valueFrom: secretKeyRef: - name: dragonfly-wildflock-auth - key: REDIS_URI + name: dragonfly-auth + key: REDIS_WILDFLOCK_URI - name: CLIENT_URL value: https://wildflock.k-space.ee - name: WILDDUCK_DOMAIN @@ -120,48 +120,22 @@ spec: valueFrom: secretKeyRef: key: OIDC_IDP_URI - name: oidc-client-wildflock-owner-secrets + name: oidc-client-wildflock-owner-secrets - name: OIDC_GATEWAY_AUTH_URI valueFrom: secretKeyRef: key: OIDC_IDP_AUTH_URI - name: oidc-client-wildflock-owner-secrets + name: oidc-client-wildflock-owner-secrets - name: OIDC_GATEWAY_TOKEN_URI valueFrom: secretKeyRef: key: OIDC_IDP_TOKEN_URI - name: oidc-client-wildflock-owner-secrets + name: oidc-client-wildflock-owner-secrets - name: OIDC_GATEWAY_USERINFO_URI valueFrom: secretKeyRef: key: OIDC_IDP_USERINFO_URI - name: oidc-client-wildflock-owner-secrets + name: oidc-client-wildflock-owner-secrets envFrom: - secretRef: name: oidc-client-wildflock-owner-secrets ---- -apiVersion: codemowers.cloud/v1beta1 -kind: SecretClaim -metadata: - name: dragonfly-wildflock-auth -spec: - size: 32 - mapping: - - key: password - value: "%(plaintext)s" - - key: REDIS_URI - value: "redis://:%(plaintext)s@dragonfly-wildflock" ---- -apiVersion: dragonflydb.io/v1alpha1 -kind: Dragonfly -metadata: - name: dragonfly-wildflock -spec: - authentication: - passwordFromSecret: - key: password - name: dragonfly-wildflock-auth - replicas: 3 - resources: - limits: - memory: 5Gi